我正在使用 bicep 文件部署语言服务。我将公共网络访问设置为禁用。在下一步中,我设置一个专用端点。
我收到此错误:
无法禁用 Azure 搜索的公共访问。附加步骤是 需要设置指向 Azure 认知搜索的专用链接 服务。
我尝试在不将公共网络访问设置为禁用的情况下进行部署,并且它有效。这将创建语言服务和专用端点。 然后我将公共网络访问权限更改为禁用并再次解除聚合,这有效。
我认为它不允许我在没有专用端点的情况下禁用公共网络访问。
我该如何解决这个问题? 我没有找到一种方法可以在不复制另一个块中的所有资源设置的情况下禁用公共网络访问。太乱了。
有没有办法更新单个设置?我不想通过省略它来改变任何其他内容。
刚刚尝试过,没有错误:
param location string = resourceGroup().location
param vnetName string = 'vnet-thomas-test-001'
param languageServiceName string = 'language-ai-thomas-test-001'
var subnetName = 'private-endpoints'
// Create basic vnet
resource vnet 'Microsoft.Network/virtualNetworks@2024-01-01' = {
name: vnetName
location: location
properties: {
addressSpace: {
addressPrefixes: [
'10.0.0.0/16'
]
}
subnets: [
{
name: 'default'
properties: {
addressPrefix: '10.0.0.0/24'
}
}
{
name: subnetName
properties: {
addressPrefix: '10.0.1.0/24'
}
}
]
}
}
// Create a private dns zone
resource privateDnsZone 'Microsoft.Network/privateDnsZones@2024-06-01' = {
name: 'privatelink.cognitiveservices.azure.com'
location: 'global'
}
// Create a link to the vnet
resource privateDnsZoneVnetLink 'Microsoft.Network/privateDnsZones/virtualNetworkLinks@2024-06-01' = {
name: vnet.name
parent: privateDnsZone
location: 'global'
properties: {
registrationEnabled: false
virtualNetwork:{
id: vnet.id
}
}
}
// Create basic language service
resource languageService 'Microsoft.CognitiveServices/accounts@2024-06-01-preview' = {
name: languageServiceName
location: location
kind: 'TextAnalytics'
identity: {
type: 'SystemAssigned'
}
sku: {
name: 'S'
}
properties: {
customSubDomainName: toLower(languageServiceName)
publicNetworkAccess: 'disabled'
}
}
// Create the private endpoint
resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-05-01' = {
name: 'pe-${languageService.name}'
location: location
properties: {
subnet: {
id: resourceId('Microsoft.Network/virtualNetworks/subnets', vnet.name, subnetName)
}
customNetworkInterfaceName: 'pe-${languageService.name}-nic'
privateLinkServiceConnections: [
{
name: 'plsc-${languageService.name}'
properties: {
privateLinkServiceId: languageService.id
groupIds: [ 'account' ]
}
}
]
}
}
// Associate private link to private dns zone
resource privateDnsZoneGroup 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2023-05-01' = {
name: 'default'
parent: privateEndpoint
properties: {
privateDnsZoneConfigs: [
{
name: replace(privateDnsZone.name, '.', '-')
properties: {
privateDnsZoneId: privateDnsZone.id
}
}
]
}
}