Невозможно создать виртуальную сеть, используя JSON

Question

У меня есть скрипт ниже, который является частью скрипта, который я использую для развертывания виртуальной сети. Однако не удается создать виртуальную сеть, есть идеи, где я могу пойти не так?

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "client": {
      "type": "string",
      "maxLength": 3,
      "metadata": {
        "description": "Client name - max 3 chars"
      }
    },
    "environment": {
      "type": "string",
      "maxLength": 3,
      "metadata": {
        "description": "Environment name - max 3 chars"
      }
    },
    "businessUnit": {
      "type": "string",
      "maxLength": 3,
      "metadata": {
        "description": "Business Unit name - max 3 chars"
      }
    },
    "appName": {
      "type": "string",
      "maxLength": 3,
      "metadata": {
        "description": "App name - max 3 chars"
      }
    },
    "addressPrefix": {
      "type": "string",
      "metadata": {
        "description": "The address space in CIDR notation for the new virtual network."
      }
    },
    "subnetName1": {
      "type": "string",
      "metadata": {
        "description": "The name of the first subnet in the new virtual network."
      }
    },
    "subnetName2": {
      "type": "string",
      "metadata": {
        "description": "The name of the first subnet in the new virtual network."
      }
    },
    "gatewaySubnet": {
      "type": "string",
      "defaultValue": "GatewaySubnet",
      "allowedValues": [
        "GatewaySubnet"
      ],
      "metadata": {
        "description": "The name of the subnet where Gateway is to be deployed. This must always be named GatewaySubnet."
      }
    },
    "subnetPrefix1": {
      "type": "string",
      "metadata": {
        "description": "The address range in CIDR notation for the first subnet."
      }
    },
    "subnetPrefix2": {
      "type": "string",
      "metadata": {
        "description": "The address range in CIDR notation for the first subnet."
      }
    },
    "gatewaySubnetPrefix": {
      "type": "string",
      "metadata": {
        "description": "The address range in CIDR notation for the Gateway subnet. For ExpressRoute enabled Gateways, this must be minimum of /28."
      }
    },
    "dnsServerAddress": {
      "type": "array",
      "metadata": {
        "Description": "The DNS address(es) of the DNS Server(s) used by the VNET"
      }
    },
    "dnsServerAddressUpdateDns": {
      "type": "array",
      "metadata": {
        "Description": "The DNS address(es) of the DNS Server(s) used by the VNET"
      }
    },
    "vpnClientAddressPoolPrefix": {
      "type": "string",
      "metadata": {
        "description": "The IP address range from which VPN clients will receive an IP address when connected. Range specified must not overlap with on-premise network."
      }
    },
    "vmMfaName1privateIPAddress": {
      "type": "string",
      "metadata": {
        "description": "The IP address of the MFA server."
      }
    },
    "vmMfaName2privateIPAddress": {
      "type": "string",
      "metadata": {
        "description": "The IP address of the MFA server."
      }
    },
    "vmMfaLbIpAddress1": {
      "type": "string",
      "metadata": {
        "description": "The IP address of the RADIUS server."
      }
    },
    "radiusServerSecret": {
      "type": "string",
      "metadata": {
        "description": "The secret of the RADIUS server."
      }
    },
    "omsWorkSpaceResourceGroup": {
      "type": "string",
      "defaultValue": "",
      "metadata": {
        "description": "Workspace Resource Group"
      }
    },
    "omsWorkSpaceName": {
      "type": "string",
      "defaultValue": "",
      "metadata": {
        "description": "Workspace Resource Name"
      }
    },
    "omsWorkspaceStorageAccount": {
      "type": "string",
      "defaultValue": "",
      "metadata": {
        "description": "Storage Account of OMS Workspace"
      }
    }
  },
  "variables": {
    "apiVersion": "2015-06-15",
    "vnetApiVersion": "2017-10-01",
    "virtualNetworkPeeringApiVersion": "2017-10-01",
    "routeTableApiVersion": "2017-10-01",
    "locksApiVersion": "2017-04-01",
    "virtualNetworkName": "[tolower(concat('vnet-', parameters('client'), '-', parameters('environment'), '-', parameters('businessUnit'), '-', parameters('appName')))]",
    "vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]",
    "gatewaySubnetRef": "[concat(variables('vnetID'),'/subnets/',parameters('gatewaySubnet'))]",
    "virtualNetworkGatewayName": "[tolower(concat('vng-', parameters('client'), '-', parameters('environment'), '-', parameters('businessUnit'), '-', parameters('appName')))]",
    "gatewaySku": "vpngw1",
    "gatewayPublicIPName": "[tolower(concat('pip-', parameters('client'), '-', parameters('environment'), '-', parameters('businessUnit'), '-', parameters('appName')))]",
    "vpnClientProtocols": "IkeV2",
    "subnetName1": "[tolower(concat('sub-', parameters('client'), '-', parameters('environment'), '-', parameters('businessUnit'), '-', parameters('appName'), '-', parameters('subnetName1')))]",
    "routeTable1": "[tolower(concat('udr-', variables('subnetName1')))]",
    "networkSecurityGroup1": "[tolower(concat('nsg-', variables('subnetName1')))]",
    "subnetName2": "[tolower(concat('sub-', parameters('client'), '-', parameters('environment'), '-', parameters('businessUnit'), '-', parameters('appName'), '-', parameters('subnetName2')))]",
    "routeTable2": "[tolower(concat('udr-', variables('subnetName2')))]",
    "networkSecurityGroup2": "[tolower(concat('nsg-', variables('subnetName2')))]"
  },
  "resources": [
    {
      "name": "[variables('routeTable1')]",
      "type": "Microsoft.Network/routeTables",
      "apiVersion": "[variables('routeTableApiVersion')]",
      "location": "[resourceGroup().location]",
      "properties": {
        "routes": [
        ],
        "disableBgpRoutePropagation": false
      }
    },
    {
      "name": "[variables('routeTable2')]",
      "type": "Microsoft.Network/routeTables",
      "apiVersion": "[variables('routeTableApiVersion')]",
      "location": "[resourceGroup().location]",
      "properties": {
        "routes": [
        ],
        "disableBgpRoutePropagation": false
      }
    },
    {
      "name": "[variables('networkSecurityGroup1')]",
      "apiVersion": "[variables('apiVersion')]",
      "type": "Microsoft.Network/networkSecurityGroups",
      "location": "[resourceGroup().location]",
      "dependsOn": [
        "[concat('Microsoft.Network/routeTables/', variables('routeTable1'))]"
      ],
      "properties": {
        "securityRules": [
          {
            "name": "AllowInboundAnyAddressSpace",
            "properties": {
              "priority": 100,
              "protocol": "*",
              "access": "Allow",
              "direction": "Inbound",
              "sourceAddressPrefix": "[parameters('addressPrefix')]",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "*",
              "destinationPortRange": "*"
            }
          },
          {
            "name": "AllowInboundHttpsMfaServer1",
            "properties": {
              "priority": 101,
              "protocol": "Tcp",
              "access": "Allow",
              "direction": "Inbound",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "[parameters('vmMfaName1privateIPAddress')]",
              "destinationPortRange": "443"
            }
          },
          {
            "name": "AllowInboundHttpsMfaServer2",
            "properties": {
              "priority": 102,
              "protocol": "Tcp",
              "access": "Allow",
              "direction": "Inbound",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "[parameters('vmMfaName2privateIPAddress')]",
              "destinationPortRange": "443"
            }
          },
          {
            "name": "AllowOutboundAnyAddressSpace",
            "properties": {
              "priority": 100,
              "protocol": "*",
              "access": "Allow",
              "direction": "Outbound",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "[parameters('addressPrefix')]",
              "destinationPortRange": "*"
            }
          }
        ]
      }
    },
    {
      "type": "microsoft.network/networksecuritygroups/providers/diagnosticSettings",
      "name": "[concat(variables('networkSecurityGroup1'), '/Microsoft.Insights/service')]",
      "dependsOn": [
        "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup1'))]"
      ],
      "apiVersion": "2017-05-01-preview",
      "properties": {
        "name": "service",
        "storageAccountId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('omsWorkSpaceResourceGroup'), '/providers/Microsoft.Storage/storageAccounts/', parameters('omsWorkspaceStorageAccount'))]",
        "workspaceId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('omsWorkSpaceResourceGroup'), '/providers/Microsoft.OperationalInsights/workspaces/', parameters('omsWorkSpaceName'))]",
        "logs": [
          {
            "category": "NetworkSecurityGroupEvent",
            "enabled": true,
            "retentionPolicy": {
              "days": 365,
              "enabled": true
            }
          },
          {
            "category": "NetworkSecurityGroupRuleCounter",
            "enabled": true,
            "retentionPolicy": {
              "days": 365,
              "enabled": true
            }
          }
        ]
      }
    },
    {
      "name": "[variables('networkSecurityGroup2')]",
      "apiVersion": "[variables('apiVersion')]",
      "type": "Microsoft.Network/networkSecurityGroups",
      "location": "[resourceGroup().location]",
      "dependsOn": [
        "[concat('Microsoft.Network/routeTables/', variables('routeTable2'))]"
      ],
      "properties": {
        "securityRules": [
          {
            "name": "AllowInboundAnyAddressSpace",
            "properties": {
              "priority": 100,
              "protocol": "*",
              "access": "Allow",
              "direction": "Inbound",
              "sourceAddressPrefix": "[parameters('addressPrefix')]",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "*",
              "destinationPortRange": "*"
            }
          },
          {
            "name": "AllowOutboundAnyAddressSpace",
            "properties": {
              "priority": 100,
              "protocol": "*",
              "access": "Allow",
              "direction": "Outbound",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "[parameters('addressPrefix')]",
              "destinationPortRange": "*"
            }
          }
        ]
      }
    },
    {
      "type": "microsoft.network/networksecuritygroups/providers/diagnosticSettings",
      "name": "[concat(variables('networkSecurityGroup2'), '/Microsoft.Insights/service')]",
      "dependsOn": [
        "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup2'))]"
      ],
      "apiVersion": "2017-05-01-preview",
      "properties": {
        "name": "service",
        "storageAccountId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('omsWorkSpaceResourceGroup'), '/providers/Microsoft.Storage/storageAccounts/', parameters('omsWorkspaceStorageAccount'))]",
        "workspaceId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('omsWorkSpaceResourceGroup'), '/providers/Microsoft.OperationalInsights/workspaces/', parameters('omsWorkSpaceName'))]",
        "logs": [
          {
            "category": "NetworkSecurityGroupEvent",
            "enabled": true,
            "retentionPolicy": {
              "days": 365,
              "enabled": true
            }
          },
          {
            "category": "NetworkSecurityGroupRuleCounter",
            "enabled": true,
            "retentionPolicy": {
              "days": 365,
              "enabled": true
            }
          }
        ]
      }
    },
    {
      "name": "[variables('virtualNetworkName')]",
      "apiVersion": "[variables('vnetApiVersion')]",
      "type": "Microsoft.Network/virtualNetworks",
      "location": "[resourceGroup().location]",
      "dependsOn": [
        "[concat('Microsoft.Network/routeTables/', variables('routeTable1'))]",
        "[concat('Microsoft.Network/routeTables/', variables('routeTable2'))]",
        "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup1'))]",
        "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup2'))]"
      ],
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "[parameters('addressPrefix')]"
          ]
        },
        "dhcpOptions": {
          "dnsServers": "[parameters('dnsServerAddress')]"
        },
        "subnets": [
          {
            "name": "[variables('subnetName1')]",
            "properties": {
              "addressPrefix": "[parameters('subnetPrefix1')]",
              "networkSecurityGroup": {
                "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroup1'))]"
              },
              "routeTable": {
                "id": "[resourceId('Microsoft.Network/routeTables', variables('routeTable1'))]"
              },
              "serviceEndpoints": [
                {
                  "service": "Microsoft.Storage",
                  "locations": [
                    "[resourceGroup().location]"
                  ]
                },
                {
                  "service": "Microsoft.Sql",
                  "locations": [
                    "[resourceGroup().location]"
                  ]
                }
              ]
            }
          },
          {
            "name": "[variables('subnetName2')]",
            "properties": {
              "addressPrefix": "[parameters('subnetPrefix2')]",
              "networkSecurityGroup": {
                "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroup2'))]"
              },
              "routeTable": {
                "id": "[resourceId('Microsoft.Network/routeTables', variables('routeTable2'))]"
              },
              "serviceEndpoints": [
                {
                  "service": "Microsoft.Storage",
                  "locations": [
                    "[resourceGroup().location]"
                  ]
                },
                {
                  "service": "Microsoft.Sql",
                  "locations": [
                    "[resourceGroup().location]"
                  ]
                }
              ]
            }
          },
          {
            "name": "[parameters('gatewaySubnet')]",
            "properties": {
              "addressPrefix": "[parameters('gatewaySubnetPrefix')]"
            }
          }
        ]
      },
      "resources": [
        {
          "name": "[concat(variables('virtualNetworkName'), '/Microsoft.Authorization/', variables('virtualNetworkName'), '-LockDoNotDelete')]",
          "type": "Microsoft.Network/virtualNetworks/providers/locks",
          "apiVersion": "[variables('locksApiVersion')]",
          "dependsOn": [
            "[variables('virtualNetworkName')]"
          ],
          "properties": {
            "level": "CanNotDelete",
            "notes": "Resource Lock - Do Not Delete!",
            "owners": [
            ]
          }
        }
      ]
    },
    {
      "apiVersion": "2015-06-15",
      "type": "Microsoft.Network/publicIPAddresses",
      "name": "[variables('gatewayPublicIPName')]",
      "location": "[resourceGroup().location]",
      "properties": {
        "publicIPAllocationMethod": "Dynamic"
      }
    },
    {
      "apiVersion": "2015-06-15",
      "type": "Microsoft.Network/virtualNetworkGateways",
      "name": "[variables('virtualNetworkGatewayName')]",
      "location": "[resourceGroup().location]",
      "dependsOn": [
        "[concat('Microsoft.Network/publicIPAddresses/', variables('gatewayPublicIPName'))]",
        "[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]"
      ],
      "properties": {
        "ipConfigurations": [
          {
            "properties": {
              "privateIPAllocationMethod": "Dynamic",
              "subnet": {
                "id": "[variables('gatewaySubnetRef')]"
              },
              "publicIPAddress": {
                "id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('gatewayPublicIPName'))]"
              }
            },
            "name": "vnetGatewayConfig"
          }
        ],
        "sku": {
          "name": "[variables('gatewaySku')]",
          "tier": "[variables('gatewaySku')]"
        },
        "gatewayType": "Vpn",
        "vpnType": "RouteBased",
        "enableBgp": "false",
        "vpnClientConfiguration": {
          "vpnClientAddressPool": {
            "addressPrefixes": [
              "[parameters('vpnClientAddressPoolPrefix')]"
            ]
          },
          "vpnClientProtocols": [
            "[variables('vpnClientProtocols')]"
          ],
          "radiusServerAddress": "[parameters('vmMfaLbIpAddress1')]",
          "radiusServerSecret": "[parameters('radiusServerSecret')]"
        }
      }
    }
  ]
}

Используется для создания виртуальной сети и подсетей перед развертыванием виртуальных машин в ней.

Я не вижу, где я иду не так, я сбит с толку .. Любая помощь будет признательна Спасибо

Answer 1

Я видел, что вопрос был помечен как "отвеченный" этим утром, поэтому я опубликовал свои вчерашние результаты, но, поскольку у вас все еще есть проблема, я опубликую их.

Да, шаблон не самый лучший, кажется, он был составлен путем копирования кусочков из разных шаблонов.

С учетом сказанного я сосредоточился на разделе "Сеть", с которым вы упомянули, что у вас есть проблемы. Извлеките сетевой раздел, немного подправьте, чтобы компенсировать отсутствующие параметры и переменные, и попытайтесь развернуть его. Замечено 2 вопроса

Вопросы

• Параметры dnsserveraddress и dnsserveraddressupdatedns имели тип в виде массива, который на самом деле не принимал допустимых входных данных.

• Также получена ошибка, что введенная вами адресная запись CIDR 10.10.2.0/22 ​​является недопустимой нотацией CIDR.

Разрешение

Как только я исправил оба, я смог без проблем развернуть сетевой раздел

твик JSON, который я использовал только для развертывания VNet.

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "addressPrefix": {
            "type": "String",
            "metadata": {
                "description": "The address space in CIDR notation for the new virtual network."
            }
        },
        "subnetName1": {
            "type": "String",
            "metadata": {
                "description": "The name of the first subnet in the new virtual network."
            }
        },
        "subnetName2": {
            "type": "String",
            "metadata": {
                "description": "The name of the first subnet in the new virtual network."
            }
        },
        "gatewaySubnet": {
            "defaultValue": "GatewaySubnet",
            "allowedValues": [
                "GatewaySubnet"
            ],
            "type": "String",
            "metadata": {
                "description": "The name of the subnet where Gateway is to be deployed. This must always be named GatewaySubnet."
            }
        },
        "subnetPrefix1": {
            "type": "String",
            "metadata": {
                "description": "The address range in CIDR notation for the first subnet."
            }
        },
        "subnetPrefix2": {
            "type": "String",
            "metadata": {
                "description": "The address range in CIDR notation for the first subnet."
            }
        },
        "gatewaySubnetPrefix": {
            "type": "String",
            "metadata": {
                "description": "The address range in CIDR notation for the Gateway subnet. For ExpressRoute enabled Gateways, this must be minimum of /28."
            }
        },
        "dnsServerAddress": {
            "type": "String",
            "metadata": {
                "Description": "The DNS address(es) of the DNS Server(s) used by the VNET"
            }
        },
        "dnsServerAddressUpdateDns": {
            "type": "String",
            "metadata": {
                "Description": "The DNS address(es) of the DNS Server(s) used by the VNET"
            }
        }
    },
    "variables": {
        "apiVersion": "2015-06-15",
        "vnetApiVersion": "2017-10-01",
        "virtualNetworkPeeringApiVersion": "2017-10-01",
        "routeTableApiVersion": "2017-10-01",
        "locksApiVersion": "2017-04-01",
        "virtualNetworkName": "[tolower(concat('vnet-Test'))]",
        "vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]",
        "gatewaySubnetRef": "[concat(variables('vnetID'),'/subnets/',parameters('gatewaySubnet'))]",
        "subnetName1": "[tolower(concat('sub-', parameters('subnetName1')))]",
        "routeTable1": "[tolower(concat('udr-', variables('subnetName1')))]",
        "networkSecurityGroup1": "[tolower(concat('nsg-', variables('subnetName1')))]",
        "subnetName2": "[tolower(concat('sub-', parameters('subnetName2')))]",
        "routeTable2": "[tolower(concat('udr-', variables('subnetName2')))]",
        "networkSecurityGroup2": "[tolower(concat('nsg-', variables('subnetName2')))]"
    },
    "resources": [
        {
            "type": "Microsoft.Network/routeTables",
            "name": "[variables('routeTable1')]",
            "apiVersion": "[variables('routeTableApiVersion')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "routes": [],
                "disableBgpRoutePropagation": false
            }
        },
        {
            "type": "Microsoft.Network/routeTables",
            "name": "[variables('routeTable2')]",
            "apiVersion": "[variables('routeTableApiVersion')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "routes": [],
                "disableBgpRoutePropagation": false
            }
        },
        {
            "type": "Microsoft.Network/networkSecurityGroups",
            "name": "[variables('networkSecurityGroup1')]",
            "apiVersion": "[variables('apiVersion')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "securityRules": [
                    {
                        "name": "AllowInboundAnyAddressSpace",
                        "properties": {
                            "priority": 100,
                            "protocol": "*",
                            "access": "Allow",
                            "direction": "Inbound",
                            "sourceAddressPrefix": "[parameters('addressPrefix')]",
                            "sourcePortRange": "*",
                            "destinationAddressPrefix": "*",
                            "destinationPortRange": "*"
                        }
                    },
                    {
                        "name": "AllowOutboundAnyAddressSpace",
                        "properties": {
                            "priority": 100,
                            "protocol": "*",
                            "access": "Allow",
                            "direction": "Outbound",
                            "sourceAddressPrefix": "*",
                            "sourcePortRange": "*",
                            "destinationAddressPrefix": "[parameters('addressPrefix')]",
                            "destinationPortRange": "*"
                        }
                    }
                ]
            },
            "dependsOn": [
                "[concat('Microsoft.Network/routeTables/', variables('routeTable1'))]"
            ]
        },
        {
            "type": "Microsoft.Network/networkSecurityGroups",
            "name": "[variables('networkSecurityGroup2')]",
            "apiVersion": "[variables('apiVersion')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "securityRules": [
                    {
                        "name": "AllowInboundAnyAddressSpace",
                        "properties": {
                            "priority": 100,
                            "protocol": "*",
                            "access": "Allow",
                            "direction": "Inbound",
                            "sourceAddressPrefix": "[parameters('addressPrefix')]",
                            "sourcePortRange": "*",
                            "destinationAddressPrefix": "*",
                            "destinationPortRange": "*"
                        }
                    },
                    {
                        "name": "AllowOutboundAnyAddressSpace",
                        "properties": {
                            "priority": 100,
                            "protocol": "*",
                            "access": "Allow",
                            "direction": "Outbound",
                            "sourceAddressPrefix": "*",
                            "sourcePortRange": "*",
                            "destinationAddressPrefix": "[parameters('addressPrefix')]",
                            "destinationPortRange": "*"
                        }
                    }
                ]
            },
            "dependsOn": [
                "[concat('Microsoft.Network/routeTables/', variables('routeTable2'))]"
            ]
        },
        {
            "type": "Microsoft.Network/virtualNetworks",
            "name": "[variables('virtualNetworkName')]",
            "apiVersion": "[variables('vnetApiVersion')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "addressSpace": {
                    "addressPrefixes": [
                        "[parameters('addressPrefix')]"
                    ]
                },
                "dhcpOptions": {
                    "dnsServers": "[parameters('dnsServerAddress')]"
                },
                "subnets": [
                    {
                        "name": "[variables('subnetName1')]",
                        "properties": {
                            "addressPrefix": "[parameters('subnetPrefix1')]",
                            "networkSecurityGroup": {
                                "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroup1'))]"
                            },
                            "routeTable": {
                                "id": "[resourceId('Microsoft.Network/routeTables', variables('routeTable1'))]"
                            },
                            "serviceEndpoints": [
                                {
                                    "service": "Microsoft.Storage",
                                    "locations": [
                                        "[resourceGroup().location]"
                                    ]
                                },
                                {
                                    "service": "Microsoft.Sql",
                                    "locations": [
                                        "[resourceGroup().location]"
                                    ]
                                }
                            ]
                        }
                    },
                    {
                        "name": "[variables('subnetName2')]",
                        "properties": {
                            "addressPrefix": "[parameters('subnetPrefix2')]",
                            "networkSecurityGroup": {
                                "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroup2'))]"
                            },
                            "routeTable": {
                                "id": "[resourceId('Microsoft.Network/routeTables', variables('routeTable2'))]"
                            },
                            "serviceEndpoints": [
                                {
                                    "service": "Microsoft.Storage",
                                    "locations": [
                                        "[resourceGroup().location]"
                                    ]
                                },
                                {
                                    "service": "Microsoft.Sql",
                                    "locations": [
                                        "[resourceGroup().location]"
                                    ]
                                }
                            ]
                        }
                    },
                    {
                        "name": "[parameters('gatewaySubnet')]",
                        "properties": {
                            "addressPrefix": "[parameters('gatewaySubnetPrefix')]"
                        }
                    }
                ]
            },
            "resources": [
                {
                    "type": "Microsoft.Network/virtualNetworks/providers/locks",
                    "name": "[concat(variables('virtualNetworkName'), '/Microsoft.Authorization/', variables('virtualNetworkName'), '-LockDoNotDelete')]",
                    "apiVersion": "[variables('locksApiVersion')]",
                    "properties": {
                        "level": "CanNotDelete",
                        "notes": "Resource Lock - Do Not Delete!",
                        "owners": []
                    },
                    "dependsOn": [
                        "[variables('virtualNetworkName')]"
                    ]
                }
            ],
            "dependsOn": [
                "[concat('Microsoft.Network/routeTables/', variables('routeTable1'))]",
                "[concat('Microsoft.Network/routeTables/', variables('routeTable2'))]",
                "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup1'))]",
                "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup2'))]"
            ]
        }
    ]
}

Надеюсь, это поможет.

Answer 2

Итак, без точного отображения текста ошибки довольно сложно сказать, что именно идет не так, я должен признать, что качество шаблона посредственное. Самая распространенная ошибка - это неправильная зависимость от свойства. Ваш типичный dependsOn:

"[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup1'))]"

Правильно dependsOn:

"[resourceId('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup1'))]"

У вас также есть много мест, которые можно улучшить, например, почему у вас есть параметр для имени подсети шлюза? Это всегда gatewaysubnet. Вы не можете изменить это. вы используете префиксы для типов ресурсов вместо суффиксов, вы создаете имена ресурсов в разделе переменных и различные другие вещи, которые используются только один раз (по большей части) в шаблоне (так что это просто пустая трата места). используя concat() вместо resourceId() во многих местах:

"storageAccountId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('omsWorkSpaceResourceGroup'), '/providers/Microsoft.Storage/storageAccounts/', parameters('omsWorkspaceStorageAccount'))]",
"storageAccountId": "[resourceId(parameters('omsWorkSpaceResourceGroup'), 'Microsoft.Storage/storageAccounts', parameters('omsWorkspaceStorageAccount'))]",

второй вариант почти в 2 раза короче ...