Iterate over not existing Azure resource manager (ARM) object properties?
0
I have object with not equal number of properties (and would like to keep it like this), i.e. second object is missing property "routeTable"
"subnets": {
"value":[
{
"name": "GatewaySubnet",
"addressPrefix": "10.2.0.0/24",
"networkSecurityGroup":"NSG-AllowAll",
"routeTable":"UDR-Default"
},
{
"name":"UnTrusted",
"addressPrefix":"10.2.1.0/24",
"networkSecurityGroup":"NSG-AllowAll",
}]}
Now I don't know how to check if property exists when iterating over object. The below gives error because of missing property "id": "[resourceID('Microsoft.Network/routeTables', parameters('subnets')[copyIndex('subnets')].routeTable)]"
My conditions for nested "id" property do not seem to work i.e.
"networkSecurityGroup": {
"id": "[resourceID('Microsoft.Network/networkSecurityGroups', if(equals(parameters('subnets')[copyIndex('subnets')].networkSecurityGroup, ''), json('null'), parameters('subnets')[copyIndex('subnets')].networkSecurityGroup))]"
}
azure azure-resource-manager asked Jan 20 at 14:14
iromirom
77231739
add a comment |
0
I have object with not equal number of properties (and would like to keep it like this), i.e. second object is missing property "routeTable"
"subnets": {
"value":[
{
"name": "GatewaySubnet",
"addressPrefix": "10.2.0.0/24",
"networkSecurityGroup":"NSG-AllowAll",
"routeTable":"UDR-Default"
},
{
"name":"UnTrusted",
"addressPrefix":"10.2.1.0/24",
"networkSecurityGroup":"NSG-AllowAll",
}]}
Now I don't know how to check if property exists when iterating over object. The below gives error because of missing property "id": "[resourceID('Microsoft.Network/routeTables', parameters('subnets')[copyIndex('subnets')].routeTable)]"
My conditions for nested "id" property do not seem to work i.e.
"networkSecurityGroup": {
"id": "[resourceID('Microsoft.Network/networkSecurityGroups', if(equals(parameters('subnets')[copyIndex('subnets')].networkSecurityGroup, ''), json('null'), parameters('subnets')[copyIndex('subnets')].networkSecurityGroup))]"
}
asked Jan 20 at 14:14
iromirom
77231739
1
ok, i dont really understand, why do you show nsg condition, when routetable condition doesnt work? or this one doesnt work as well? and what is the endgoal? i think i get the idea, but i might wrong, are you trying to do a copy loop over subnets? and assign nsgudr if they exist in parent object (and you iterate over parent object)?
– 4c74356b41
Jan 20 at 14:17
The end goal is deploy subnet with NSG or UDR if they exist in params. It is possible and required that subnet is deployed with NSG only, without UDR or the other way around. Or even without any NSG or UDR. It works if I have UDR and NSG as properties for every subnet, but I don't like it as most subnet don't need at least one of them
– irom
Jan 20 at 15:01
1
i can try and figure something out, but its not going to be pretty either way. your best bet is building this outside of arm templates
– 4c74356b41
Jan 20 at 15:43
add a comment |
0
0
0
I have object with not equal number of properties (and would like to keep it like this), i.e. second object is missing property "routeTable"
"subnets": {
"value":[
{
"name": "GatewaySubnet",
"addressPrefix": "10.2.0.0/24",
"networkSecurityGroup":"NSG-AllowAll",
"routeTable":"UDR-Default"
},
{
"name":"UnTrusted",
"addressPrefix":"10.2.1.0/24",
"networkSecurityGroup":"NSG-AllowAll",
}]}
Now I don't know how to check if property exists when iterating over object. The below gives error because of missing property "id": "[resourceID('Microsoft.Network/routeTables', parameters('subnets')[copyIndex('subnets')].routeTable)]"
My conditions for nested "id" property do not seem to work i.e.
"networkSecurityGroup": {
"id": "[resourceID('Microsoft.Network/networkSecurityGroups', if(equals(parameters('subnets')[copyIndex('subnets')].networkSecurityGroup, ''), json('null'), parameters('subnets')[copyIndex('subnets')].networkSecurityGroup))]"
}
asked Jan 20 at 14:14
iromirom
77231739
I have object with not equal number of properties (and would like to keep it like this), i.e. second object is missing property "routeTable"
"subnets": {
"value":[
{
"name": "GatewaySubnet",
"addressPrefix": "10.2.0.0/24",
"networkSecurityGroup":"NSG-AllowAll",
"routeTable":"UDR-Default"
},
{
"name":"UnTrusted",
"addressPrefix":"10.2.1.0/24",
"networkSecurityGroup":"NSG-AllowAll",
}]}
Now I don't know how to check if property exists when iterating over object. The below gives error because of missing property "id": "[resourceID('Microsoft.Network/routeTables', parameters('subnets')[copyIndex('subnets')].routeTable)]"
My conditions for nested "id" property do not seem to work i.e.
"networkSecurityGroup": {
"id": "[resourceID('Microsoft.Network/networkSecurityGroups', if(equals(parameters('subnets')[copyIndex('subnets')].networkSecurityGroup, ''), json('null'), parameters('subnets')[copyIndex('subnets')].networkSecurityGroup))]"
}
asked Jan 20 at 14:14
iromirom
77231739
asked Jan 20 at 14:14
iromirom
77231739
asked Jan 20 at 14:14
iromirom
77231739
asked Jan 20 at 14:14
iromirom
77231739
asked Jan 20 at 14:14
iromirom
77231739
77231739
1
ok, i dont really understand, why do you show nsg condition, when routetable condition doesnt work? or this one doesnt work as well? and what is the endgoal? i think i get the idea, but i might wrong, are you trying to do a copy loop over subnets? and assign nsgudr if they exist in parent object (and you iterate over parent object)?
– 4c74356b41
Jan 20 at 14:17
The end goal is deploy subnet with NSG or UDR if they exist in params. It is possible and required that subnet is deployed with NSG only, without UDR or the other way around. Or even without any NSG or UDR. It works if I have UDR and NSG as properties for every subnet, but I don't like it as most subnet don't need at least one of them
– irom
Jan 20 at 15:01
1
i can try and figure something out, but its not going to be pretty either way. your best bet is building this outside of arm templates
– 4c74356b41
Jan 20 at 15:43
add a comment |
1
ok, i dont really understand, why do you show nsg condition, when routetable condition doesnt work? or this one doesnt work as well? and what is the endgoal? i think i get the idea, but i might wrong, are you trying to do a copy loop over subnets? and assign nsgudr if they exist in parent object (and you iterate over parent object)?
– 4c74356b41
Jan 20 at 14:17
The end goal is deploy subnet with NSG or UDR if they exist in params. It is possible and required that subnet is deployed with NSG only, without UDR or the other way around. Or even without any NSG or UDR. It works if I have UDR and NSG as properties for every subnet, but I don't like it as most subnet don't need at least one of them
– irom
Jan 20 at 15:01
1
i can try and figure something out, but its not going to be pretty either way. your best bet is building this outside of arm templates
– 4c74356b41
Jan 20 at 15:43
1
1
ok, i dont really understand, why do you show nsg condition, when routetable condition doesnt work? or this one doesnt work as well? and what is the endgoal? i think i get the idea, but i might wrong, are you trying to do a copy loop over subnets? and assign nsgudr if they exist in parent object (and you iterate over parent object)?
– 4c74356b41
Jan 20 at 14:17
ok, i dont really understand, why do you show nsg condition, when routetable condition doesnt work? or this one doesnt work as well? and what is the endgoal? i think i get the idea, but i might wrong, are you trying to do a copy loop over subnets? and assign nsgudr if they exist in parent object (and you iterate over parent object)?
– 4c74356b41
Jan 20 at 14:17
The end goal is deploy subnet with NSG or UDR if they exist in params. It is possible and required that subnet is deployed with NSG only, without UDR or the other way around. Or even without any NSG or UDR. It works if I have UDR and NSG as properties for every subnet, but I don't like it as most subnet don't need at least one of them
– irom
Jan 20 at 15:01
The end goal is deploy subnet with NSG or UDR if they exist in params. It is possible and required that subnet is deployed with NSG only, without UDR or the other way around. Or even without any NSG or UDR. It works if I have UDR and NSG as properties for every subnet, but I don't like it as most subnet don't need at least one of them
– irom
Jan 20 at 15:01
1
1
i can try and figure something out, but its not going to be pretty either way. your best bet is building this outside of arm templates
– 4c74356b41
Jan 20 at 15:43
i can try and figure something out, but its not going to be pretty either way. your best bet is building this outside of arm templates
– 4c74356b41
Jan 20 at 15:43
add a comment |
1 Answer
1
active
oldest
votes
1
ok, this is the best I can come up with:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentPrefix": {
"type": "string"
},
"subnets": {
"type": "array",
"defaultValue": [
{
"name": "GatewaySubnet",
"addressPrefix": "10.2.0.0/24",
"networkSecurityGroup": "NSG-AllowAll",
"routeTable": "UDR-Default"
},
{
"name": "UnTrusted",
"addressPrefix": "10.2.1.0/24",
"networkSecurityGroup": "NSG-AllowAll1"
},
{
"name": "routed",
"addressPrefix": "10.2.2.0/24",
"routeTable": "UDR-Default1"
}
]
}
},
"variables": {
"copy": [
{
"name": "subnetsBase",
"count": "[length(parameters('subnets'))]",
"input": {
"name": "[concat('subnet-', parameters('subnets')[copyIndex('subnetsBase')].name)]",
"properties": {
"addressPrefix": "[parameters('subnets')[copyIndex('subnetsBase')].addressPrefix]"
}
}
},
{
"name": "subnetsUDR",
"count": "[length(parameters('subnets'))]",
"input": {
"routeTable": {
"id": "[if(contains(parameters('subnets')[copyIndex('subnetsUDR')], 'routeTable'), resourceId('Microsoft.Network/routeTables', parameters('subnets')[copyIndex('subnetsUDR')].routeTable), 'skip')]"
}
}
},
{
"name": "subnetsNSG",
"count": "[length(parameters('subnets'))]",
"input": {
"networkSecurityGroup": {
"id": "[if(contains(parameters('subnets')[copyIndex('subnetsNSG')], 'networkSecurityGroup'), resourceId('Microsoft.Network/networkSecurityGroups', parameters('subnets')[copyIndex('subnetsNSG')].networkSecurityGroup), 'skip')]"
}
}
}
]
},
"resources": [
{
"condition": "[not(contains(variables('subnetsNSG')[copyIndex()].networkSecurityGroup.id, 'skip'))]",
"apiVersion": "2017-06-01",
"name": "[if(contains(parameters('subnets')[copyIndex()], 'networkSecurityGroup'), parameters('subnets')[copyIndex()].networkSecurityGroup, 'skip')]",
"location": "[resourceGroup().location]",
"type": "Microsoft.Network/networkSecurityGroups",
"copy": {
"name": "nsg",
"count": "[length(parameters('subnets'))]"
},
"properties": {
"securityRules":
}
},
{
"condition": "[not(contains(variables('subnetsUDR')[copyIndex()].routeTable.id, 'skip'))]",
"type": "Microsoft.Network/routeTables",
"name": "[if(contains(parameters('subnets')[copyIndex()], 'routeTable'), parameters('subnets')[copyIndex()].routeTable, 'skip')]",
"apiVersion": "2017-10-01",
"location": "[resourceGroup().location]",
"copy": {
"name": "udr",
"count": "[length(parameters('subnets'))]"
},
"properties": {
"routes":
}
},
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[concat(parameters('deploymentPrefix'), '-vNet')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"nsg",
"udr"
],
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.2.0.0/16"
]
},
"copy": [
{
"name": "subnets",
"count": "[length(parameters('subnets'))]",
"input": {
"name": "[concat('subnet-', parameters('subnets')[copyIndex('subnets')].name)]",
"properties": "[union(variables('subnetsBase')[copyIndex('subnets')].properties, if(equals(variables('subnetsUDR')[copyIndex('subnets')].routetable.id, 'skip'), variables('subnetsBase')[copyIndex('subnets')].properties, variables('subnetsUDR')[copyIndex('subnets')]), if(equals(variables('subnetsNSG')[copyIndex('subnets')].networkSecurityGroup.id, 'skip'), variables('subnetsBase')[copyIndex('subnets')].properties, variables('subnetsNSG')[copyIndex('subnets')]))]"
}
}
]
}
}
]
}
you can probably make it better with some nested loops. but this works as well.
PS. I had use different names for nsgudr as I am creating those dynamically, in your scenario if those exists it will work with identical names (this wont).
answered Jan 20 at 16:53
4c74356b414c74356b41
28.3k42053
Actually it's looking great, let me just test it and I will come back
– irom
Jan 20 at 18:55
when I add new subnet i.e. , { "name": "routed2", "addressPrefix": "10.2.3.0/24", "routeTable": "UDR-Default1" } it says Deployment template validation failed: 'The resource 'Microsoft.Network/networkSecurityGroups/skip' at line '1' and column '1576' is defined multipletimes in a template. .'.
– irom
Jan 20 at 22:01
1
yes, i've mentioned that, names have to be different, because I create udrnsg in the same template, you can easily work around that using nesteds
– 4c74356b41
Jan 21 at 5:32
Sorry, not sure what I should nest, move vnet to deployments ?
– irom
Jan 21 at 13:07
1
not that i think about it, maybe its not that easy to achieve that, but you certainly can. but this is really out of scope of the question. the question is how to use "jagged" objects to iterate over them. if you need help with your new question - please raise another one ;)
– 4c74356b41
Jan 21 at 13:12
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54277322%2fiterate-over-not-existing-azure-resource-manager-arm-object-properties%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
1
ok, this is the best I can come up with:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentPrefix": {
"type": "string"
},
"subnets": {
"type": "array",
"defaultValue": [
{
"name": "GatewaySubnet",
"addressPrefix": "10.2.0.0/24",
"networkSecurityGroup": "NSG-AllowAll",
"routeTable": "UDR-Default"
},
{
"name": "UnTrusted",
"addressPrefix": "10.2.1.0/24",
"networkSecurityGroup": "NSG-AllowAll1"
},
{
"name": "routed",
"addressPrefix": "10.2.2.0/24",
"routeTable": "UDR-Default1"
}
]
}
},
"variables": {
"copy": [
{
"name": "subnetsBase",
"count": "[length(parameters('subnets'))]",
"input": {
"name": "[concat('subnet-', parameters('subnets')[copyIndex('subnetsBase')].name)]",
"properties": {
"addressPrefix": "[parameters('subnets')[copyIndex('subnetsBase')].addressPrefix]"
}
}
},
{
"name": "subnetsUDR",
"count": "[length(parameters('subnets'))]",
"input": {
"routeTable": {
"id": "[if(contains(parameters('subnets')[copyIndex('subnetsUDR')], 'routeTable'), resourceId('Microsoft.Network/routeTables', parameters('subnets')[copyIndex('subnetsUDR')].routeTable), 'skip')]"
}
}
},
{
"name": "subnetsNSG",
"count": "[length(parameters('subnets'))]",
"input": {
"networkSecurityGroup": {
"id": "[if(contains(parameters('subnets')[copyIndex('subnetsNSG')], 'networkSecurityGroup'), resourceId('Microsoft.Network/networkSecurityGroups', parameters('subnets')[copyIndex('subnetsNSG')].networkSecurityGroup), 'skip')]"
}
}
}
]
},
"resources": [
{
"condition": "[not(contains(variables('subnetsNSG')[copyIndex()].networkSecurityGroup.id, 'skip'))]",
"apiVersion": "2017-06-01",
"name": "[if(contains(parameters('subnets')[copyIndex()], 'networkSecurityGroup'), parameters('subnets')[copyIndex()].networkSecurityGroup, 'skip')]",
"location": "[resourceGroup().location]",
"type": "Microsoft.Network/networkSecurityGroups",
"copy": {
"name": "nsg",
"count": "[length(parameters('subnets'))]"
},
"properties": {
"securityRules":
}
},
{
"condition": "[not(contains(variables('subnetsUDR')[copyIndex()].routeTable.id, 'skip'))]",
"type": "Microsoft.Network/routeTables",
"name": "[if(contains(parameters('subnets')[copyIndex()], 'routeTable'), parameters('subnets')[copyIndex()].routeTable, 'skip')]",
"apiVersion": "2017-10-01",
"location": "[resourceGroup().location]",
"copy": {
"name": "udr",
"count": "[length(parameters('subnets'))]"
},
"properties": {
"routes":
}
},
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[concat(parameters('deploymentPrefix'), '-vNet')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"nsg",
"udr"
],
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.2.0.0/16"
]
},
"copy": [
{
"name": "subnets",
"count": "[length(parameters('subnets'))]",
"input": {
"name": "[concat('subnet-', parameters('subnets')[copyIndex('subnets')].name)]",
"properties": "[union(variables('subnetsBase')[copyIndex('subnets')].properties, if(equals(variables('subnetsUDR')[copyIndex('subnets')].routetable.id, 'skip'), variables('subnetsBase')[copyIndex('subnets')].properties, variables('subnetsUDR')[copyIndex('subnets')]), if(equals(variables('subnetsNSG')[copyIndex('subnets')].networkSecurityGroup.id, 'skip'), variables('subnetsBase')[copyIndex('subnets')].properties, variables('subnetsNSG')[copyIndex('subnets')]))]"
}
}
]
}
}
]
}
you can probably make it better with some nested loops. but this works as well.
PS. I had use different names for nsgudr as I am creating those dynamically, in your scenario if those exists it will work with identical names (this wont).
answered Jan 20 at 16:53
4c74356b414c74356b41
28.3k42053
Actually it's looking great, let me just test it and I will come back
– irom
Jan 20 at 18:55
when I add new subnet i.e. , { "name": "routed2", "addressPrefix": "10.2.3.0/24", "routeTable": "UDR-Default1" } it says Deployment template validation failed: 'The resource 'Microsoft.Network/networkSecurityGroups/skip' at line '1' and column '1576' is defined multipletimes in a template. .'.
– irom
Jan 20 at 22:01
1
yes, i've mentioned that, names have to be different, because I create udrnsg in the same template, you can easily work around that using nesteds
– 4c74356b41
Jan 21 at 5:32
Sorry, not sure what I should nest, move vnet to deployments ?
– irom
Jan 21 at 13:07
1
not that i think about it, maybe its not that easy to achieve that, but you certainly can. but this is really out of scope of the question. the question is how to use "jagged" objects to iterate over them. if you need help with your new question - please raise another one ;)
– 4c74356b41
Jan 21 at 13:12
add a comment |
1
ok, this is the best I can come up with:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentPrefix": {
"type": "string"
},
"subnets": {
"type": "array",
"defaultValue": [
{
"name": "GatewaySubnet",
"addressPrefix": "10.2.0.0/24",
"networkSecurityGroup": "NSG-AllowAll",
"routeTable": "UDR-Default"
},
{
"name": "UnTrusted",
"addressPrefix": "10.2.1.0/24",
"networkSecurityGroup": "NSG-AllowAll1"
},
{
"name": "routed",
"addressPrefix": "10.2.2.0/24",
"routeTable": "UDR-Default1"
}
]
}
},
"variables": {
"copy": [
{
"name": "subnetsBase",
"count": "[length(parameters('subnets'))]",
"input": {
"name": "[concat('subnet-', parameters('subnets')[copyIndex('subnetsBase')].name)]",
"properties": {
"addressPrefix": "[parameters('subnets')[copyIndex('subnetsBase')].addressPrefix]"
}
}
},
{
"name": "subnetsUDR",
"count": "[length(parameters('subnets'))]",
"input": {
"routeTable": {
"id": "[if(contains(parameters('subnets')[copyIndex('subnetsUDR')], 'routeTable'), resourceId('Microsoft.Network/routeTables', parameters('subnets')[copyIndex('subnetsUDR')].routeTable), 'skip')]"
}
}
},
{
"name": "subnetsNSG",
"count": "[length(parameters('subnets'))]",
"input": {
"networkSecurityGroup": {
"id": "[if(contains(parameters('subnets')[copyIndex('subnetsNSG')], 'networkSecurityGroup'), resourceId('Microsoft.Network/networkSecurityGroups', parameters('subnets')[copyIndex('subnetsNSG')].networkSecurityGroup), 'skip')]"
}
}
}
]
},
"resources": [
{
"condition": "[not(contains(variables('subnetsNSG')[copyIndex()].networkSecurityGroup.id, 'skip'))]",
"apiVersion": "2017-06-01",
"name": "[if(contains(parameters('subnets')[copyIndex()], 'networkSecurityGroup'), parameters('subnets')[copyIndex()].networkSecurityGroup, 'skip')]",
"location": "[resourceGroup().location]",
"type": "Microsoft.Network/networkSecurityGroups",
"copy": {
"name": "nsg",
"count": "[length(parameters('subnets'))]"
},
"properties": {
"securityRules":
}
},
{
"condition": "[not(contains(variables('subnetsUDR')[copyIndex()].routeTable.id, 'skip'))]",
"type": "Microsoft.Network/routeTables",
"name": "[if(contains(parameters('subnets')[copyIndex()], 'routeTable'), parameters('subnets')[copyIndex()].routeTable, 'skip')]",
"apiVersion": "2017-10-01",
"location": "[resourceGroup().location]",
"copy": {
"name": "udr",
"count": "[length(parameters('subnets'))]"
},
"properties": {
"routes":
}
},
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[concat(parameters('deploymentPrefix'), '-vNet')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"nsg",
"udr"
],
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.2.0.0/16"
]
},
"copy": [
{
"name": "subnets",
"count": "[length(parameters('subnets'))]",
"input": {
"name": "[concat('subnet-', parameters('subnets')[copyIndex('subnets')].name)]",
"properties": "[union(variables('subnetsBase')[copyIndex('subnets')].properties, if(equals(variables('subnetsUDR')[copyIndex('subnets')].routetable.id, 'skip'), variables('subnetsBase')[copyIndex('subnets')].properties, variables('subnetsUDR')[copyIndex('subnets')]), if(equals(variables('subnetsNSG')[copyIndex('subnets')].networkSecurityGroup.id, 'skip'), variables('subnetsBase')[copyIndex('subnets')].properties, variables('subnetsNSG')[copyIndex('subnets')]))]"
}
}
]
}
}
]
}
you can probably make it better with some nested loops. but this works as well.
PS. I had use different names for nsgudr as I am creating those dynamically, in your scenario if those exists it will work with identical names (this wont).
answered Jan 20 at 16:53
4c74356b414c74356b41
28.3k42053
Actually it's looking great, let me just test it and I will come back
– irom
Jan 20 at 18:55
when I add new subnet i.e. , { "name": "routed2", "addressPrefix": "10.2.3.0/24", "routeTable": "UDR-Default1" } it says Deployment template validation failed: 'The resource 'Microsoft.Network/networkSecurityGroups/skip' at line '1' and column '1576' is defined multipletimes in a template. .'.
– irom
Jan 20 at 22:01
1
yes, i've mentioned that, names have to be different, because I create udrnsg in the same template, you can easily work around that using nesteds
– 4c74356b41
Jan 21 at 5:32
Sorry, not sure what I should nest, move vnet to deployments ?
– irom
Jan 21 at 13:07
1
not that i think about it, maybe its not that easy to achieve that, but you certainly can. but this is really out of scope of the question. the question is how to use "jagged" objects to iterate over them. if you need help with your new question - please raise another one ;)
– 4c74356b41
Jan 21 at 13:12
add a comment |
1
1
1
ok, this is the best I can come up with:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentPrefix": {
"type": "string"
},
"subnets": {
"type": "array",
"defaultValue": [
{
"name": "GatewaySubnet",
"addressPrefix": "10.2.0.0/24",
"networkSecurityGroup": "NSG-AllowAll",
"routeTable": "UDR-Default"
},
{
"name": "UnTrusted",
"addressPrefix": "10.2.1.0/24",
"networkSecurityGroup": "NSG-AllowAll1"
},
{
"name": "routed",
"addressPrefix": "10.2.2.0/24",
"routeTable": "UDR-Default1"
}
]
}
},
"variables": {
"copy": [
{
"name": "subnetsBase",
"count": "[length(parameters('subnets'))]",
"input": {
"name": "[concat('subnet-', parameters('subnets')[copyIndex('subnetsBase')].name)]",
"properties": {
"addressPrefix": "[parameters('subnets')[copyIndex('subnetsBase')].addressPrefix]"
}
}
},
{
"name": "subnetsUDR",
"count": "[length(parameters('subnets'))]",
"input": {
"routeTable": {
"id": "[if(contains(parameters('subnets')[copyIndex('subnetsUDR')], 'routeTable'), resourceId('Microsoft.Network/routeTables', parameters('subnets')[copyIndex('subnetsUDR')].routeTable), 'skip')]"
}
}
},
{
"name": "subnetsNSG",
"count": "[length(parameters('subnets'))]",
"input": {
"networkSecurityGroup": {
"id": "[if(contains(parameters('subnets')[copyIndex('subnetsNSG')], 'networkSecurityGroup'), resourceId('Microsoft.Network/networkSecurityGroups', parameters('subnets')[copyIndex('subnetsNSG')].networkSecurityGroup), 'skip')]"
}
}
}
]
},
"resources": [
{
"condition": "[not(contains(variables('subnetsNSG')[copyIndex()].networkSecurityGroup.id, 'skip'))]",
"apiVersion": "2017-06-01",
"name": "[if(contains(parameters('subnets')[copyIndex()], 'networkSecurityGroup'), parameters('subnets')[copyIndex()].networkSecurityGroup, 'skip')]",
"location": "[resourceGroup().location]",
"type": "Microsoft.Network/networkSecurityGroups",
"copy": {
"name": "nsg",
"count": "[length(parameters('subnets'))]"
},
"properties": {
"securityRules":
}
},
{
"condition": "[not(contains(variables('subnetsUDR')[copyIndex()].routeTable.id, 'skip'))]",
"type": "Microsoft.Network/routeTables",
"name": "[if(contains(parameters('subnets')[copyIndex()], 'routeTable'), parameters('subnets')[copyIndex()].routeTable, 'skip')]",
"apiVersion": "2017-10-01",
"location": "[resourceGroup().location]",
"copy": {
"name": "udr",
"count": "[length(parameters('subnets'))]"
},
"properties": {
"routes":
}
},
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[concat(parameters('deploymentPrefix'), '-vNet')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"nsg",
"udr"
],
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.2.0.0/16"
]
},
"copy": [
{
"name": "subnets",
"count": "[length(parameters('subnets'))]",
"input": {
"name": "[concat('subnet-', parameters('subnets')[copyIndex('subnets')].name)]",
"properties": "[union(variables('subnetsBase')[copyIndex('subnets')].properties, if(equals(variables('subnetsUDR')[copyIndex('subnets')].routetable.id, 'skip'), variables('subnetsBase')[copyIndex('subnets')].properties, variables('subnetsUDR')[copyIndex('subnets')]), if(equals(variables('subnetsNSG')[copyIndex('subnets')].networkSecurityGroup.id, 'skip'), variables('subnetsBase')[copyIndex('subnets')].properties, variables('subnetsNSG')[copyIndex('subnets')]))]"
}
}
]
}
}
]
}
you can probably make it better with some nested loops. but this works as well.
PS. I had use different names for nsgudr as I am creating those dynamically, in your scenario if those exists it will work with identical names (this wont).
answered Jan 20 at 16:53
4c74356b414c74356b41
28.3k42053
ok, this is the best I can come up with:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentPrefix": {
"type": "string"
},
"subnets": {
"type": "array",
"defaultValue": [
{
"name": "GatewaySubnet",
"addressPrefix": "10.2.0.0/24",
"networkSecurityGroup": "NSG-AllowAll",
"routeTable": "UDR-Default"
},
{
"name": "UnTrusted",
"addressPrefix": "10.2.1.0/24",
"networkSecurityGroup": "NSG-AllowAll1"
},
{
"name": "routed",
"addressPrefix": "10.2.2.0/24",
"routeTable": "UDR-Default1"
}
]
}
},
"variables": {
"copy": [
{
"name": "subnetsBase",
"count": "[length(parameters('subnets'))]",
"input": {
"name": "[concat('subnet-', parameters('subnets')[copyIndex('subnetsBase')].name)]",
"properties": {
"addressPrefix": "[parameters('subnets')[copyIndex('subnetsBase')].addressPrefix]"
}
}
},
{
"name": "subnetsUDR",
"count": "[length(parameters('subnets'))]",
"input": {
"routeTable": {
"id": "[if(contains(parameters('subnets')[copyIndex('subnetsUDR')], 'routeTable'), resourceId('Microsoft.Network/routeTables', parameters('subnets')[copyIndex('subnetsUDR')].routeTable), 'skip')]"
}
}
},
{
"name": "subnetsNSG",
"count": "[length(parameters('subnets'))]",
"input": {
"networkSecurityGroup": {
"id": "[if(contains(parameters('subnets')[copyIndex('subnetsNSG')], 'networkSecurityGroup'), resourceId('Microsoft.Network/networkSecurityGroups', parameters('subnets')[copyIndex('subnetsNSG')].networkSecurityGroup), 'skip')]"
}
}
}
]
},
"resources": [
{
"condition": "[not(contains(variables('subnetsNSG')[copyIndex()].networkSecurityGroup.id, 'skip'))]",
"apiVersion": "2017-06-01",
"name": "[if(contains(parameters('subnets')[copyIndex()], 'networkSecurityGroup'), parameters('subnets')[copyIndex()].networkSecurityGroup, 'skip')]",
"location": "[resourceGroup().location]",
"type": "Microsoft.Network/networkSecurityGroups",
"copy": {
"name": "nsg",
"count": "[length(parameters('subnets'))]"
},
"properties": {
"securityRules":
}
},
{
"condition": "[not(contains(variables('subnetsUDR')[copyIndex()].routeTable.id, 'skip'))]",
"type": "Microsoft.Network/routeTables",
"name": "[if(contains(parameters('subnets')[copyIndex()], 'routeTable'), parameters('subnets')[copyIndex()].routeTable, 'skip')]",
"apiVersion": "2017-10-01",
"location": "[resourceGroup().location]",
"copy": {
"name": "udr",
"count": "[length(parameters('subnets'))]"
},
"properties": {
"routes":
}
},
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[concat(parameters('deploymentPrefix'), '-vNet')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"nsg",
"udr"
],
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.2.0.0/16"
]
},
"copy": [
{
"name": "subnets",
"count": "[length(parameters('subnets'))]",
"input": {
"name": "[concat('subnet-', parameters('subnets')[copyIndex('subnets')].name)]",
"properties": "[union(variables('subnetsBase')[copyIndex('subnets')].properties, if(equals(variables('subnetsUDR')[copyIndex('subnets')].routetable.id, 'skip'), variables('subnetsBase')[copyIndex('subnets')].properties, variables('subnetsUDR')[copyIndex('subnets')]), if(equals(variables('subnetsNSG')[copyIndex('subnets')].networkSecurityGroup.id, 'skip'), variables('subnetsBase')[copyIndex('subnets')].properties, variables('subnetsNSG')[copyIndex('subnets')]))]"
}
}
]
}
}
]
}
you can probably make it better with some nested loops. but this works as well.
PS. I had use different names for nsgudr as I am creating those dynamically, in your scenario if those exists it will work with identical names (this wont).
answered Jan 20 at 16:53
4c74356b414c74356b41
28.3k42053
answered Jan 20 at 16:53
4c74356b414c74356b41
28.3k42053
answered Jan 20 at 16:53
4c74356b414c74356b41
28.3k42053
answered Jan 20 at 16:53
4c74356b414c74356b41
28.3k42053
28.3k42053
Actually it's looking great, let me just test it and I will come back
– irom
Jan 20 at 18:55
when I add new subnet i.e. , { "name": "routed2", "addressPrefix": "10.2.3.0/24", "routeTable": "UDR-Default1" } it says Deployment template validation failed: 'The resource 'Microsoft.Network/networkSecurityGroups/skip' at line '1' and column '1576' is defined multipletimes in a template. .'.
– irom
Jan 20 at 22:01
1
yes, i've mentioned that, names have to be different, because I create udrnsg in the same template, you can easily work around that using nesteds
– 4c74356b41
Jan 21 at 5:32
Sorry, not sure what I should nest, move vnet to deployments ?
– irom
Jan 21 at 13:07
1
not that i think about it, maybe its not that easy to achieve that, but you certainly can. but this is really out of scope of the question. the question is how to use "jagged" objects to iterate over them. if you need help with your new question - please raise another one ;)
– 4c74356b41
Jan 21 at 13:12
add a comment |
Actually it's looking great, let me just test it and I will come back
– irom
Jan 20 at 18:55
when I add new subnet i.e. , { "name": "routed2", "addressPrefix": "10.2.3.0/24", "routeTable": "UDR-Default1" } it says Deployment template validation failed: 'The resource 'Microsoft.Network/networkSecurityGroups/skip' at line '1' and column '1576' is defined multipletimes in a template. .'.
– irom
Jan 20 at 22:01
1
yes, i've mentioned that, names have to be different, because I create udrnsg in the same template, you can easily work around that using nesteds
– 4c74356b41
Jan 21 at 5:32
Sorry, not sure what I should nest, move vnet to deployments ?
– irom
Jan 21 at 13:07
1
not that i think about it, maybe its not that easy to achieve that, but you certainly can. but this is really out of scope of the question. the question is how to use "jagged" objects to iterate over them. if you need help with your new question - please raise another one ;)
– 4c74356b41
Jan 21 at 13:12
Actually it's looking great, let me just test it and I will come back
– irom
Jan 20 at 18:55
Actually it's looking great, let me just test it and I will come back
– irom
Jan 20 at 18:55
when I add new subnet i.e. , { "name": "routed2", "addressPrefix": "10.2.3.0/24", "routeTable": "UDR-Default1" } it says Deployment template validation failed: 'The resource 'Microsoft.Network/networkSecurityGroups/skip' at line '1' and column '1576' is defined multipletimes in a template. .'.
– irom
Jan 20 at 22:01
when I add new subnet i.e. , { "name": "routed2", "addressPrefix": "10.2.3.0/24", "routeTable": "UDR-Default1" } it says Deployment template validation failed: 'The resource 'Microsoft.Network/networkSecurityGroups/skip' at line '1' and column '1576' is defined multipletimes in a template. .'.
– irom
Jan 20 at 22:01
1
1
yes, i've mentioned that, names have to be different, because I create udrnsg in the same template, you can easily work around that using nesteds
– 4c74356b41
Jan 21 at 5:32
yes, i've mentioned that, names have to be different, because I create udrnsg in the same template, you can easily work around that using nesteds
– 4c74356b41
Jan 21 at 5:32
Sorry, not sure what I should nest, move vnet to deployments ?
– irom
Jan 21 at 13:07
Sorry, not sure what I should nest, move vnet to deployments ?
– irom
Jan 21 at 13:07
1
1
not that i think about it, maybe its not that easy to achieve that, but you certainly can. but this is really out of scope of the question. the question is how to use "jagged" objects to iterate over them. if you need help with your new question - please raise another one ;)
– 4c74356b41
Jan 21 at 13:12
not that i think about it, maybe its not that easy to achieve that, but you certainly can. but this is really out of scope of the question. the question is how to use "jagged" objects to iterate over them. if you need help with your new question - please raise another one ;)
– 4c74356b41
Jan 21 at 13:12
add a comment |
draft saved
draft discarded
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54277322%2fiterate-over-not-existing-azure-resource-manager-arm-object-properties%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
ok, i dont really understand, why do you show nsg condition, when routetable condition doesnt work? or this one doesnt work as well? and what is the endgoal? i think i get the idea, but i might wrong, are you trying to do a copy loop over subnets? and assign nsgudr if they exist in parent object (and you iterate over parent object)?
– 4c74356b41
Jan 20 at 14:17
The end goal is deploy subnet with NSG or UDR if they exist in params. It is possible and required that subnet is deployed with NSG only, without UDR or the other way around. Or even without any NSG or UDR. It works if I have UDR and NSG as properties for every subnet, but I don't like it as most subnet don't need at least one of them
– irom
Jan 20 at 15:01
1
i can try and figure something out, but its not going to be pretty either way. your best bet is building this outside of arm templates
– 4c74356b41
Jan 20 at 15:43