我的目标是使Azure Managed Grafana能够访问Azure Monitor帐户,该帐户没有公共端点,因此应该被私下访问。我通过this文档了解到我所需要的是“托管私有端点”,我成功地在Portal中创建了一个工作配置。但是,我没有找到相应的Bicep脚本来创建所说的“托管私有端点”。
创建Grafana和私有端点的部分看起来像下面的代码(创建Microsoft.monitor/accounts的模块被省略了)
resource managedGrafana 'Microsoft.Dashboard/grafana@2022-08-01' = {
name: 'mg-global'
location: location
sku: {
name: 'Standard'
}
identity: {
type: 'SystemAssigned'
}
properties: {
apiKey: 'Disabled'
publicNetworkAccess: 'Disabled'
grafanaIntegrations: {
azureMonitorWorkspaceIntegrations: [
{
azureMonitorWorkspaceResourceId: resourceId('microsoft.monitor/accounts', monitorWorkspaceName)
}
]
}
}
}
resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-02-01' = {
name: 'pe-global-grafana'
location: location
properties: {
privateLinkServiceConnections: [
{
name: 'pe-grafana'
properties: {
privateLinkServiceId: managedGrafana.id
groupIds: [
'grafana'
]
}
}
]
subnet: {
id: subnetId
}
}
}
resource privateEndpointPrometheus 'Microsoft.Network/privateEndpoints@2022-11-01' = {
name: 'pe-global-prometheus'
location: location
properties: {
privateLinkServiceConnections: [
{
name: 'pe-prometheus'
properties: {
privateLinkServiceId: monitorWorkspaceId
groupIds: [
'prometheusMetrics'
]
}
}
]
subnet: {
id: subnetId
}
}
}字符串
1条答案
按热度按时间2w2cym1i1#
回答我自己的问题:截至目前(2023年8月),无法在Bicep创建Grafana管理的私有端点。另一种方法是直接调用ARM端点,例如:
字符串