| title | description | services | documentationcenter | author | ms.assetid | ms.service | ms.devlang | ms.topic | ms.tgt_pltfrm | ms.workload | ms.date | ms.author |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Deploy resources with Azure CLI and template | Microsoft Docs |
Use Azure Resource Manager and Azure CLI to deploy a resources to Azure. The resources are defined in a Resource Manager template. |
azure-resource-manager |
na |
tfitzmac |
493b7932-8d1e-4499-912c-26098282ec95 |
azure-resource-manager |
azurecli |
conceptual |
na |
na |
10/24/2018 |
tomfitz |
This article explains how to use Azure CLI with Resource Manager templates to deploy your resources to Azure. If you aren't familiar with the concepts of deploying and managing your Azure solutions, see Azure Resource Manager overview.
The Resource Manager template you deploy can either be a local file on your machine, or an external file that is located in a repository like GitHub. The template you deploy in this article is available as a storage account template in GitHub.
[!INCLUDE sample-cli-install]
If you don't have Azure CLI installed, you can use the Cloud Shell.
When deploying resources to Azure, you:
- Sign in to your Azure account
- Create a resource group that serves as the container for the deployed resources. The name of the resource group can only include alphanumeric characters, periods, underscores, hyphens, and parenthesis. It can be up to 90 characters. It can't end in a period.
- Deploy to the resource group the template that defines the resources to create
A template can include parameters that enable you to customize the deployment. For example, you can provide values that are tailored for a particular environment (such as dev, test, and production). The sample template defines a parameter for the storage account SKU.
The following example creates a resource group, and deploys a template from your local machine:
az group create --name ExampleGroup --location "Central US"
az group deployment create \
--name ExampleDeployment \
--resource-group ExampleGroup \
--template-file storage.json \
--parameters storageAccountType=Standard_GRS
The deployment can take a few minutes to complete. When it finishes, you see a message that includes the result:
"provisioningState": "Succeeded",
Instead of storing Resource Manager templates on your local machine, you may prefer to store them in an external location. You can store templates in a source control repository (such as GitHub). Or, you can store them in an Azure storage account for shared access in your organization.
To deploy an external template, use the template-uri parameter. Use the URI in the example to deploy the sample template from GitHub.
az group create --name ExampleGroup --location "Central US"
az group deployment create \
--name ExampleDeployment \
--resource-group ExampleGroup \
--template-uri "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-storage-account-create/azuredeploy.json" \
--parameters storageAccountType=Standard_GRS
The preceding example requires a publicly accessible URI for the template, which works for most scenarios because your template shouldn't include sensitive data. If you need to specify sensitive data (like an admin password), pass that value as a secure parameter. However, if you don't want your template to be publicly accessible, you can protect it by storing it in a private storage container. For information about deploying a template that requires a shared access signature (SAS) token, see Deploy private template with SAS token.
[!INCLUDE resource-manager-cloud-shell-deploy.md]
In the Cloud Shell, use the following commands:
az group create --name examplegroup --location "South Central US"
az group deployment create --resource-group examplegroup \
--template-uri <copied URL> \
--parameters storageAccountType=Standard_GRS
Typically, you deploy all the resources in your template to a single resource group. However, there are scenarios where you want to deploy a set of resources together but place them in different resource groups or subscriptions. You can deploy to only five resource groups in a single deployment. For more information, see Deploy Azure resources to more than one subscription or resource group.
For deployments that fail, you can specify that an earlier deployment from your deployment history is automatically redeployed. To use this option, your deployments must have unique names so they can be identified in the history. If you don't have unique names, the current failed deployment might overwrite the previously successful deployment in the history. You can only use this option with root level deployments. Deployments from a nested template aren't available for redeployment.
To redeploy the last successful deployment, add the --rollback-on-error parameter as a flag.
az group deployment create \
--name ExampleDeployment \
--resource-group ExampleGroup \
--template-file storage.json \
--parameters storageAccountType=Standard_GRS \
--rollback-on-error
To redeploy a specific deployment, use the --rollback-on-error parameter and provide the name of the deployment.
az group deployment create \
--name ExampleDeployment02 \
--resource-group ExampleGroup \
--template-file storage.json \
--parameters storageAccountType=Standard_GRS \
--rollback-on-error ExampleDeployment01
The specified deployment must have succeeded.
To pass parameter values, you can use either inline parameters or a parameter file. The preceding examples in this article show inline parameters.
To pass inline parameters, provide the values in parameters. For example, to pass a string and array to a template is a Bash shell, use:
az group deployment create \
--resource-group testgroup \
--template-file demotemplate.json \
--parameters exampleString='inline string' exampleArray='("value1", "value2")'
You can also get the contents of file and provide that content as an inline parameter.
az group deployment create \
--resource-group testgroup \
--template-file demotemplate.json \
--parameters [email protected] [email protected]
Getting a parameter value from a file is helpful when you need to provide configuration values. For example, you can provide cloud-init values for a Linux virtual machine.
The arrayContent.json format is:
[
"value1",
"value2"
]Rather than passing parameters as inline values in your script, you may find it easier to use a JSON file that contains the parameter values. The parameter file can be a local file or an external file with an accessible URI.
The parameter file must be in the following format:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"storageAccountType": {
"value": "Standard_GRS"
}
}
}Notice that the parameters section includes a parameter name that matches the parameter defined in your template (storageAccountType). The parameter file contains a value for the parameter. This value is automatically passed to the template during deployment. You can create more than one parameter file, and then pass in the appropriate parameter file for the scenario.
Copy the preceding example and save it as a file named storage.parameters.json.
To pass a local parameter file, use @ to specify a local file named storage.parameters.json.
az group deployment create \
--name ExampleDeployment \
--resource-group ExampleGroup \
--template-file storage.json \
--parameters @storage.parameters.json
You can use inline parameters and a local parameter file in the same deployment operation. For example, you can specify some values in the local parameter file and add other values inline during deployment. If you provide values for a parameter in both the local parameter file and inline, the inline value takes precedence.
az group deployment create \
--resource-group testgroup \
--template-file demotemplate.json \
--parameters @demotemplate.parameters.json \
--parameters [email protected]
To test your template and parameter values without actually deploying any resources, use az group deployment validate.
az group deployment validate \
--resource-group ExampleGroup \
--template-file storage.json \
--parameters @storage.parameters.json
If no errors are detected, the command returns information about the test deployment. In particular, notice that the error value is null.
{
"error": null,
"properties": {
...
If an error is detected, the command returns an error message. For example, passing an incorrect value for the storage account SKU, returns the following error:
{
"error": {
"code": "InvalidTemplate",
"details": null,
"message": "Deployment template validation failed: 'The provided value 'badSKU' for the template parameter
'storageAccountType' at line '13' and column '20' is not valid. The parameter value is not part of the allowed
value(s): 'Standard_LRS,Standard_ZRS,Standard_GRS,Standard_RAGRS,Premium_LRS'.'.",
"target": null
},
"properties": null
}
If your template has a syntax error, the command returns an error indicating it couldn't parse the template. The message indicates the line number and position of the parsing error.
{
"error": {
"code": "InvalidTemplate",
"details": null,
"message": "Deployment template parse failed: 'After parsing a value an unexpected character was encountered:
\". Path 'variables', line 31, position 3.'.",
"target": null
},
"properties": null
}
- The examples in this article deploy resources to a resource group in your default subscription. To use a different subscription, see Manage multiple Azure subscriptions.
- To specify how to handle resources that exist in the resource group but aren't defined in the template, see Azure Resource Manager deployment modes.
- To understand how to define parameters in your template, see Understand the structure and syntax of Azure Resource Manager templates.
- For tips on resolving common deployment errors, see Troubleshoot common Azure deployment errors with Azure Resource Manager.
- For information about deploying a template that requires a SAS token, see Deploy private template with SAS token.
- To safely roll out your service to more than one region, see Azure Deployment Manager.