语言服务 - 禁用公共网络访问然后添加专用端点

问题描述 投票:0回答:1

我正在使用 bicep 文件部署语言服务。我将公共网络访问设置为禁用。在下一步中,我设置一个专用端点。

我收到此错误:

无法禁用 Azure 搜索的公共访问。附加步骤是 需要设置指向 Azure 认知搜索的专用链接 服务。

我尝试在不将公共网络访问设置为禁用的情况下进行部署,并且它有效。这将创建语言服务和专用端点。 然后我将公共网络访问权限更改为禁用并再次解除聚合,这有效。

我认为它不允许我在没有专用端点的情况下禁用公共网络访问。

我该如何解决这个问题? 我没有找到一种方法可以在不复制另一个块中的所有资源设置的情况下禁用公共网络访问。太乱了。

有没有办法更新单个设置?我不想通过省略它来改变任何其他内容。

azure azure-cognitive-services azure-language-understanding azure-bicep
1个回答
0
投票

刚刚尝试过,没有错误:

param location string = resourceGroup().location
param vnetName string = 'vnet-thomas-test-001'
param languageServiceName string = 'language-ai-thomas-test-001'

var subnetName = 'private-endpoints'

// Create basic vnet
resource vnet 'Microsoft.Network/virtualNetworks@2024-01-01' = {
  name: vnetName
  location: location
  properties: {
    addressSpace: {
      addressPrefixes: [
        '10.0.0.0/16'
      ]
    }
    subnets: [
      {
        name: 'default'
        properties: {
          addressPrefix: '10.0.0.0/24'
        }
      }
      {
        name: subnetName
        properties: {
          addressPrefix: '10.0.1.0/24'
        }
      }
    ]
  }
}

// Create a private dns zone
resource privateDnsZone 'Microsoft.Network/privateDnsZones@2024-06-01' = {
  name: 'privatelink.cognitiveservices.azure.com'
  location: 'global'
}

// Create a link to the vnet
resource privateDnsZoneVnetLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2024-06-01' = {
  name: vnet.name
  parent: privateDnsZone
  location: 'global'
  properties: {
    registrationEnabled: false
    virtualNetwork:{
      id: vnet.id
    }
  }
}

// Create basic language service
resource languageService 'Microsoft.CognitiveServices/accounts@2024-06-01-preview' = {
  name: languageServiceName
  location: location  
  kind: 'TextAnalytics'
  identity: {
    type: 'SystemAssigned'
  }
  sku: {
    name: 'S'
  }
  properties: {
    customSubDomainName: toLower(languageServiceName)    
    publicNetworkAccess: 'disabled'    
  }
}

// Create the private endpoint
resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-05-01' = {
  name: 'pe-${languageService.name}'
  location: location
  properties: {
    subnet: {
      id: resourceId('Microsoft.Network/virtualNetworks/subnets', vnet.name, subnetName)
    }
    customNetworkInterfaceName: 'pe-${languageService.name}-nic'
    privateLinkServiceConnections: [
      {
        name: 'plsc-${languageService.name}'
        properties: {
          privateLinkServiceId: languageService.id
          groupIds: [ 'account' ]
        }
      }
    ]
  }
}

// Associate private link to private dns zone
resource privateDnsZoneGroup 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2023-05-01' = {
  name: 'default'
  parent: privateEndpoint
  properties: {
    privateDnsZoneConfigs: [
      {
        name: replace(privateDnsZone.name, '.', '-')
        properties: {
          privateDnsZoneId: privateDnsZone.id
        }
      }
    ]
  }
}
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.