由于 Azure Purview 仍处于预览阶段,它是一个不断发展的工具。
下面我提供了两个 ARM 模板一个用于帐户和门户端点,一个用于摄取端点(我在这里粘贴了两个 ARM 模板和参数化文件)
注意:- 门户、帐户和摄取端点应该在同一个 vnet 和子网中
门户和帐户端点的 1-ARM 模板
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "String"
},
"privateEndpointName-account": {
"type": "String"
},
"privateEndpointName-portal": {
"type": "String"
},
"purview_account_externalid": {
"type": "String"
},
"targetSubResource-account": {
"type": "Array"
},
"targetSubResource-portal": {
"type": "Array"
},
"subnet": {
"type": "String"
},
"virtualNetworkName": {
"type": "String"
},
"privateDnsDeploymentName": {
"type": "String"
},
"virtualNetworkLinkName": {
"type": "String"
},
"privateDNS": {
"type": "String"
}
},
"resources": [
{
"type": "Microsoft.Network/privateEndpoints",
"apiVersion": "2020-03-01",
"name": "[parameters('privateEndpointName-account')]",
"location": "[parameters('location')]",
"tags": {
},
"properties": {
"subnet": {
"id": "[concat(resourceGroup().id, '/providers/Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'), '/subnets/', parameters('subnet'))]"
},
"privateLinkServiceConnections": [
{
"name": "[parameters('privateEndpointName-account')]",
"properties": {
"privateLinkServiceId": "[parameters('purview_account_externalid')]",
"groupIds": "[parameters('targetSubResource-account')]"
}
}
]
}
},
{
"type": "Microsoft.Network/privateEndpoints",
"apiVersion": "2020-03-01",
"name": "[parameters('privateEndpointName-portal')]",
"location": "[parameters('location')]",
"tags": {
},
"properties": {
"subnet": {
"id": "[concat(resourceGroup().id, '/providers/Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'), '/subnets/', parameters('subnet'))]"
},
"privateLinkServiceConnections": [
{
"name": "[parameters('privateEndpointName-portal')]",
"properties": {
"privateLinkServiceId": "[parameters('purview_account_externalid')]",
"groupIds": "[parameters('targetSubResource-portal')]"
}
}
]
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2017-05-10",
"name": "[parameters('privateDnsDeploymentName')]",
"dependsOn": [
"[parameters('privateEndpointName-portal')]",
"[parameters('privateEndpointName-account')]"
],
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"apiVersion": "2017-05-10",
"name": "[concat(parameters('privateDnsDeploymentName'), '-zone')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/privateDnsZones",
"apiVersion": "2018-09-01",
"name": "[parameters('privateDNS')]",
"location": "global",
"tags": {
},
"properties": {
}
}
]
}
}
}
]
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2017-05-10",
"name": "[parameters('virtualNetworkLinkName')]",
"dependsOn": [
"[parameters('privateDnsDeploymentName')]"
],
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"apiVersion": "2017-05-10",
"name": "[concat(parameters('virtualNetworkLinkName'), '-link')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks",
"apiVersion": "2018-09-01",
"name": "[concat(parameters('privateDNS'), '/', uniqueString(parameters('virtualNetworkName')))]",
"location": "global",
"properties": {
"virtualNetwork": {
"id": "[concat(resourceGroup().id, '/providers/Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'))]"
},
"registrationEnabled": false
}
}
]
}
}
}
]
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2017-05-10",
"name": "[concat(parameters('privateEndpointName-account'), '-', 'default')]",
"dependsOn": [
"[parameters('privateEndpointName-account')]",
"[parameters('privateDnsDeploymentName')]"
],
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
"apiVersion": "2020-03-01",
"name": "[concat(parameters('privateEndpointName-account'), '/', 'default')]",
"location": "[parameters('location')]",
"properties": {
"privateDnsZoneConfigs": [
{
"name": "[parameters('privateDNS')]",
"properties": {
"privateDnsZoneId": "[concat(resourceGroup().id, '/providers/Microsoft.Network/privateDnsZones/', parameters('privateDNS'))]"
}
}
]
}
}
]
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2017-05-10",
"name": "[concat(parameters('privateEndpointName-portal'), '-', 'default')]",
"dependsOn": [
"[parameters('privateEndpointName-portal')]",
"[parameters('privateDnsDeploymentName')]"
],
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
"apiVersion": "2020-03-01",
"name": "[concat(parameters('privateEndpointName-portal'), '/', 'default')]",
"location": "[parameters('location')]",
"properties": {
"privateDnsZoneConfigs": [
{
"name": "[parameters('privateDNS')]",
"properties": {
"privateDnsZoneId": "[concat(resourceGroup().id, '/providers/Microsoft.Network/privateDnsZones/', parameters('privateDNS'))]"
}
}
]
}
}
]
}
}
}
]}
2- 帐户和门户端点的参数化文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"value": "Type the location of endpoint here"
},
"privateEndpointName-account": {
"value": "Type the name of Account endpoint here"
},
"privateEndpointName-portal": {
"value": "Type the name of Portal Endpoint here"
},
"purview_account_externalid": {
"value": "Go to azure portal > Purview >Properties >Resource Id,This is resource ID of the Purview "
},
"targetSubResource-account": {
"value": [
"account"
]
},
"targetSubResource-portal": {
"value": [
"portal"
]
},
"subnet": {
"value": "Type the name subnet here "
},
"virtualNetworkName": {
"value": "Type the name of the virtual network here "
},
"privateDnsDeploymentName": {
"value": "privatelink.purview.azure.com"
},
"virtualNetworkLinkName": {
"value": ""
},
"privateDNS": {
"value": "privatelink.purview.azure.com"
}
}}
摄取端点的 3-ARM 模板
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"ingestionEndpointName": {
"type": "String"
},
"purviewManagedRGId": {
"type": "String"
},
"virtualNetworksName": {
"type": "String"
},
"purviewManagedRGEventHubsNamespaceId": {
"type": "String"
},
"managedStorageAccountName": {
"type": "string"
},
"resourceGroupId": {
"type": "string"
},
"subnet": {
"type": "String"
},
"privateDnsZonesLinkBlob": {
"defaultValue": "privatelink.blob.core.windows.net",
"type": "String"
},
"privateDnsZonesLinkServicebus": {
"defaultValue": "privatelink.servicebus.windows.net",
"type": "String"
},
"privateDnsZonesLinkQueue": {
"defaultValue": "privatelink.queue.core.windows.net",
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Network/privateEndpoints",
"apiVersion": "2020-11-01",
"name": "[concat(parameters('ingestionEndpointName'),'-blob')]",
"location": "eastus",
"tags": {
"ContactEmail": "<not defined, please set>",
"ContactName": "<not defined, please set>",
"Department": "<not defined, please set>",
"Environment": "SANDBOX",
"OwnerName": "<not defined, please set>",
"Project": "<not defined, please set>"
},
"properties": {
"privateLinkServiceConnections": [
{
"name": "[concat(parameters('ingestionEndpointName'),'-blob')]",
"properties": {
"privateLinkServiceId": "[concat(parameters('purviewManagedRGId'),'/providers/Microsoft.Storage/storageAccounts/',parameters('managedStorageAccountName'))]",
"groupIds": [
"blob"
],
"privateLinkServiceConnectionState": {
"status": "Approved",
"description": "Auto-Approved",
"actionsRequired": "None"
}
}
}
],
"manualPrivateLinkServiceConnections": [],
"subnet": {
"id": "[concat(parameters('resourceGroupId'),'/providers/Microsoft.Network/virtualNetworks/',parameters('virtualNetworksName'), '/subnets/',parameters('subnet'))]"
},
"customDnsConfigs": []
}
},
{
"type": "Microsoft.Network/privateEndpoints",
"apiVersion": "2020-11-01",
"name": "[concat(parameters('ingestionEndpointName'),'-namespace')]",
"location": "eastus",
"tags": {
"ContactEmail": "<not defined, please set>",
"ContactName": "<not defined, please set>",
"Department": "<not defined, please set>",
"Environment": "SANDBOX",
"OwnerName": "<not defined, please set>",
"Project": "<not defined, please set>"
},
"properties": {
"privateLinkServiceConnections": [
{
"name": "[concat(parameters('ingestionEndpointName'),'-namespace')]",
"properties": {
"privateLinkServiceId": "[parameters('purviewManagedRGEventHubsNamespaceId')]",
"groupIds": [
"namespace"
],
"privateLinkServiceConnectionState": {
"status": "Approved",
"description": "Auto-Approved",
"actionsRequired": "None"
}
}
}
],
"manualPrivateLinkServiceConnections": [],
"subnet": {
"id": "[concat(parameters('resourceGroupId'), '/providers/Microsoft.Network/virtualNetworks/',parameters('virtualNetworksName'), '/subnets/',parameters('subnet'))]"
},
"customDnsConfigs": []
}
},
{
"type": "Microsoft.Network/privateEndpoints",
"apiVersion": "2020-11-01",
"name": "[concat(parameters('ingestionEndpointName'),'-queue')]",
"location": "eastus",
"tags": {
"ContactEmail": "<not defined, please set>",
"ContactName": "<not defined, please set>",
"Department": "<not defined, please set>",
"Environment": "SANDBOX",
"OwnerName": "<not defined, please set>",
"Project": "<not defined, please set>"
},
"properties": {
"privateLinkServiceConnections": [
{
"name": "[concat(parameters('ingestionEndpointName'),'-queue')]",
"properties": {
"privateLinkServiceId": "[concat(parameters('purviewManagedRGId'),'/providers/Microsoft.Storage/storageAccounts/',parameters('managedStorageAccountName'))]",
"groupIds": [
"queue"
],
"privateLinkServiceConnectionState": {
"status": "Approved",
"description": "Auto-Approved",
"actionsRequired": "None"
}
}
}
],
"manualPrivateLinkServiceConnections": [],
"subnet": {
"id": "[concat(parameters('resourceGroupId'), '/providers/Microsoft.Network/virtualNetworks/',parameters('virtualNetworksName'), '/subnets/',parameters('subnet'))]"
},
"customDnsConfigs": []
}
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
"apiVersion": "2020-11-01",
"name": "[concat(parameters('ingestionEndpointName'),'-blob','/default')]",
"dependsOn": [
"[resourceId('Microsoft.Network/privateEndpoints', concat(parameters('ingestionEndpointName'),'-blob'))]"
],
"properties": {
"privateDnsZoneConfigs": [
{
"name": "privatelink-blob-core-windows-net",
"properties": {
"privateDnsZoneId": "[concat(parameters('resourceGroupId'),'/providers/Microsoft.Network/privateDnsZones/',parameters('privateDnsZonesLinkBlob'))]"
}
}
]
}
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
"apiVersion": "2020-11-01",
"name": "[concat(parameters('ingestionEndpointName'),'-namespace','/default')]",
"dependsOn": [
"[resourceId('Microsoft.Network/privateEndpoints', concat(parameters('ingestionEndpointName'),'-namespace'))]"
],
"properties": {
"privateDnsZoneConfigs": [
{
"name": "privatelink-servicebus-windows-net",
"properties": {
"privateDnsZoneId": "[concat(parameters('resourceGroupId'),'/providers/Microsoft.Network/privateDnsZones/',parameters('privateDnsZonesLinkServicebus'))]"
}
}
]
}
},
{
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
"apiVersion": "2020-11-01",
"name": "[concat(parameters('ingestionEndpointName'),'-queue','/default')]",
"dependsOn": [
"[resourceId('Microsoft.Network/privateEndpoints', concat(parameters('ingestionEndpointName'),'-queue'))]"
],
"properties": {
"privateDnsZoneConfigs": [
{
"name": "privatelink-queue-core-windows-net",
"properties": {
"privateDnsZoneId": "[concat(parameters('resourceGroupId'),'/providers/Microsoft.Network/privateDnsZones/',parameters('privateDnsZonesLinkQueue'))]"
}
}
]
}
}
]}
4- Ingestion Endpoint 模板的参数化文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"ingestionEndpointName": {
"value": "Type the name of Ingestion Endpoint here"
},
"purviewManagedRGId": {
"value": "Go to azure portal > Purview> ManagedResource > Properties> Resource id This is the Resources ID of purview managed resource group"
},
"virtualNetworkName": {
"value": "Give the name of the Virtual network here"
},
"purviewManagedRGEventHubsNamespaceId": {
"value": "Go to azure portal > Purview>Managed Resource > Event Hubs namespace name>properties >Resource IDThis is Purview managed Event hub name space resources Id "
},
"managedStorageAccountName": {
"value": "Go to azure portal > Purview>Managed Resource > Storage Account"
},
"resourceGroupId": {
"value": "Go to azure portal > Purview> overview >resourceGroup"
},
"subnet": {
"value": "Give the name the subnet"
}
}}