使用 Azure Resource Manager 模板为命名空间和队列创建服务总线授权规则Create a Service Bus authorization rule for namespace and queue using an Azure Resource Manager template

本文介绍如何使用为服务总线命名空间和队列创建授权规则的 Azure Resource Manager 模板。This article shows how to use an Azure Resource Manager template that creates an authorization rule for a Service Bus namespace and queue. 本文介绍如何指定要部署的资源以及如何定义执行部署时指定的参数。The article explains how to specify which resources are deployed and how to define parameters that are specified when the deployment is executed. 可将此模板用于自己的部署,或自定义此模板以满足要求。You can use this template for your own deployments, or customize it to meet your requirements.

有关创建模板的详细信息,请参阅 创作 Azure Resource Manager 模板For more information about creating templates, please see Authoring Azure Resource Manager templates.

有关完整的模板,请参阅 GitHub 上的服务总线授权规则模板For the complete template, see the Service Bus authorization rule template on GitHub.

Note

以下 Azure Resource Manager 模板可供下载和部署。The following Azure Resource Manager templates are available for download and deployment.

若要检查最新模板,请访问 Azure 快速启动模板库并搜索“服务总线” 。To check for the latest templates, visit the Azure Quickstart Templates gallery and search for Service Bus.

Note

本文进行了更新,以便使用新的 Azure PowerShell Az 模块。This article has been updated to use the new Azure PowerShell Az module. 你仍然可以使用 AzureRM 模块,至少在 2020 年 12 月之前,它将继续接收 bug 修补程序。You can still use the AzureRM module, which will continue to receive bug fixes until at least December 2020. 若要详细了解新的 Az 模块和 AzureRM 兼容性,请参阅新 Azure Powershell Az 模块简介To learn more about the new Az module and AzureRM compatibility, see Introducing the new Azure PowerShell Az module. 有关 Az 模块安装说明,请参阅安装 Azure PowerShellFor Az module installation instructions, see Install Azure PowerShell.

将部署什么内容?What will you deploy?

利用此模板,将为命名空间和消息传送实体(在此示例中为队列)部署服务总线授权规则。With this template, you deploy a Service Bus authorization rule for a namespace and messaging entity (in this case, a queue).

此模板使用共享访问签名 (SAS) 进行身份验证。This template uses Shared Access Signature (SAS) for authentication. SAS 使应用程序能够使用在命名空间或在关联了特定权限的消息传送实体(队列或主题)上配置的访问密钥向服务总线进行身份验证。SAS enables applications to authenticate to Service Bus using an access key configured on the namespace, or on the messaging entity (queue or topic) with which specific rights are associated. 然后可以使用此密钥生成 SAS 令牌,客户端反过来可用它向服务总线进行身份验证。You can then use this key to generate a SAS token that clients can in turn use to authenticate to Service Bus.

若要自动运行部署,请单击以下按钮:To run the deployment automatically, click the following button:

部署到 AzureDeploy to Azure

parametersParameters

使用 Azure 资源管理器,可以定义在部署模板时想要指定的值的参数。With Azure Resource Manager, you define parameters for values you want to specify when the template is deployed. 该模板具有一个名为 Parameters 的部分,其中包含所有参数值。The template includes a section called Parameters that contains all of the parameter values. 应该为随着要部署的项目或要部署到的环境而变化的值定义参数。You should define a parameter for those values that will vary based on the project you are deploying or based on the environment you are deploying to. 不要为永远保持不变的值定义参数。Do not define parameters for values that will always stay the same. 每个参数值可在模板中用来定义所部署的资源。Each parameter value is used in the template to define the resources that are deployed.

模板定义以下参数。The template defines the following parameters.

serviceBusNamespaceNameserviceBusNamespaceName

要创建的服务总线命名空间的名称。The name of the Service Bus namespace to create.

"serviceBusNamespaceName": {
"type": "string"
}

namespaceAuthorizationRuleNamenamespaceAuthorizationRuleName

命名空间的授权规则的名称。The name of the authorization rule for the namespace.

"namespaceAuthorizationRuleName ": {
"type": "string"
}

serviceBusQueueNameserviceBusQueueName

服务总线命名空间中的队列的名称。The name of the queue in the Service Bus namespace.

"serviceBusQueueName": {
"type": "string"
}

serviceBusApiVersionserviceBusApiVersion

模板的服务总线 API 版本。The Service Bus API version of the template.

"serviceBusApiVersion": { 
       "type": "string", 
       "defaultValue": "2017-04-01", 
       "metadata": { 
           "description": "Service Bus ApiVersion used by the template" 
       }

要部署的资源Resources to deploy

创建 消息传送类型的标准服务总线命名空间,以及命名空间和实体的服务总线授权规则。Creates a standard Service Bus namespace of type Messaging, and a Service Bus authorization rule for namespace and entity.

"resources": [
        {
            "apiVersion": "[variables('sbVersion')]",
            "name": "[parameters('serviceBusNamespaceName')]",
            "type": "Microsoft.ServiceBus/namespaces",
            "location": "[variables('location')]",
            "kind": "Messaging",
            "sku": {
                "name": "Standard",
            },
            "resources": [
                {
                    "apiVersion": "[variables('sbVersion')]",
                    "name": "[parameters('serviceBusQueueName')]",
                    "type": "Queues",
                    "dependsOn": [
                        "[concat('Microsoft.ServiceBus/namespaces/', parameters('serviceBusNamespaceName'))]"
                    ],
                    "properties": {
                        "path": "[parameters('serviceBusQueueName')]"
                    },
                    "resources": [
                        {
                            "apiVersion": "[variables('sbVersion')]",
                            "name": "[parameters('queueAuthorizationRuleName')]",
                            "type": "authorizationRules",
                            "dependsOn": [
                                "[parameters('serviceBusQueueName')]"
                            ],
                            "properties": {
                                "Rights": ["Listen"]
                            }
                        }
                    ]
                }
            ]
        }, {
            "apiVersion": "[variables('sbVersion')]",
            "name": "[variables('namespaceAuthRuleName')]",
            "type": "Microsoft.ServiceBus/namespaces/authorizationRules",
            "dependsOn": ["[concat('Microsoft.ServiceBus/namespaces/', parameters('serviceBusNamespaceName'))]"],
            "location": "[resourceGroup().location]",
            "properties": {
                "Rights": ["Send"]
            }
        }
    ]

运行部署的命令Commands to run deployment

要将资源部署到 Azure,必须登录到 Azure 帐户,并且必须使用 Azure 资源管理器模块。To deploy the resources to Azure, you must be signed in to your Azure account and you must use the Azure Resource Manager module. 若要了解配合使用 Azure Resource Manager 和 Azure PowerShell 或 Azure CLI 的相关信息,请参阅:To learn about using Azure Resource Manager with either Azure PowerShell or Azure CLI, see:

以下示例假定帐户中已具有一个指定名称的资源组。The following examples assume you already have a resource group in your account with the specified name.

PowerShellPowerShell

New-AzResourceGroupDeployment -ResourceGroupName \<resource-group-name\> -TemplateFile <https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/301-servicebus-create-authrule-namespace-and-queue/azuredeploy.json>

Azure CLIAzure CLI

azure config mode arm

azure group deployment create \<my-resource-group\> \<my-deployment-name\> --template-uri <https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/301-servicebus-create-authrule-namespace-and-queue/azuredeploy.json>

后续步骤Next steps

现在,已使用 Azure Resource Manager 创建并部署了资源,请通过查看以下文章了解如何管理这些资源:Now that you've created and deployed resources using Azure Resource Manager, learn how to manage these resources by viewing these articles: