├── Amazon.png ├── LICENSE.md ├── README.md ├── Samples ├── Basic-Storage-Account-with-extension.bicep ├── Basic-Storage-Account-with-extension.json ├── Basic-Storage-Account-with-param.bicep ├── Basic-Storage-Account-with-param.json ├── README.md ├── Real World Example │ ├── 6. main.bicep │ ├── 6. main.json │ ├── 6.1 avd-backplane-module.bicep │ ├── 6.2 avd-network-module.bicep │ ├── 6.2.1 avd-template-vm.bicep │ ├── 6.2.2 avd-peering-from-adds.bicep │ ├── 6.3 avd-LogAnalytics.bicep │ ├── 6.3 avd-LogAnalytics.json │ ├── 6.3 avd-monitor-diag.bicep │ ├── 6.3.1 avd-monitor-diag-hostpool.bicep │ ├── 6.3.2 avd-monitor-diag-workspace.bicep │ ├── 6.4 avd-shared-image-gallery.bicep │ ├── 6.4.1 avd-Image-definitions.bicep │ ├── 6.4.1.1 avd-Image-Template.bicep │ ├── 6.5 avd-fileservices-module.bicep │ ├── 6.6 avd-KeyVault.bicep │ └── 7. avd-template-spec.bicep ├── azure-Container-Registry.bicep ├── basic-Storage-Account-with-container-2-loop-types.bicep ├── basic-Storage-Account-with-container-2-loop-types.json ├── basic-Storage-Account-with-container-conditional-2.bicep ├── basic-Storage-Account-with-container-conditional.bicep ├── basic-Storage-Account-with-container-existing-keyword.bicep ├── basic-Storage-Account-with-container-existing-keyword.json ├── basic-Storage-Account-with-container-loop-range.bicep ├── basic-Storage-Account-with-container-loop.bicep ├── basic-Storage-Account-with-container-loop.json ├── basic-Storage-Account-with-container.bicep ├── basic-Storage-Account-with-container.json ├── basic-Storage-Account-with-expressions.bicep ├── basic-Storage-Account-with-expressions.json ├── basic-Storage-Account-with-ouputs.bicep ├── basic-Storage-Account-with-ouputs.json ├── basic-Storage-Account-with-param-and-tags.bicep ├── basic-Storage-Account-with-param-and-variables.bicep ├── basic-Storage-Account-with-param-and-variables.json ├── basic-Storage-Account-with-unique-name.bicep ├── basic-storage-account.bicep ├── basic-storage-account.json ├── basic-storage-account.parameters.json ├── bicepconfig.json ├── container-with-secret.bicep ├── container.bicep ├── install-Bicep-CLI.ps1 ├── install-Bicep-VSCode-Extension.ps1 ├── main-acr.bicep ├── main-mcr.bicep ├── main-mcr.json ├── main-ts.bicep ├── main-with-getsecret-function.bicep ├── main-with-secret.bicep ├── main-with-secret.json ├── main.bicep ├── main.json ├── referenceExistingResource.bicep ├── resource-Group-With-Targetscope.bicep ├── resource-Group-With-Targetscope.json ├── shared-prefixes.json ├── storageAccount.bicep ├── template-spec.bicep ├── vNet-with-Subnet-as-property.bicep ├── vNet-with-Subnet-as-property.json ├── vNet-with-Subnet-as-separate-nested-resource.bicep ├── vNet-with-Subnet-as-separate-nested-resource.json ├── vNet-with-Subnet-as-separate-resource.bicep ├── vNet-with-Subnet-as-separate-resource.json └── vm-with-shared-variable-file.bicep └── cover.jpg /Amazon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fberson/Getting-started-with-Bicep-Infrastructure-as-code-on-Azure/d684c29b5452a9acfae065256270b374dc1da3bc/Amazon.png -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 Freek Berson 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Getting started with Bicep - Infrastructure as code on Azure - Second Edition 2 | This repository contains source codes and samples discussed in the book Getting started with Bicep - Infrastructure as code on Azure. This book is your guide to mastering Bicep! It contains a lot of practical solutions and examples to help you jump start your journey towards infrastructure as code for Azure! 3 | 4 | The book Getting started with Bicep: Infrastructure as code on Azure is available as Kindle, paperback and hard cover! 5 | Direct link to Amazon : https://www.amazon.com/Getting-started-Bicep-Infrastructure-Azure-ebook-dp-B0984MQY2N/dp/B0984MQY2N 6 | 7 | 8 | 9 | ## Book Description 10 | Infrastructure as Code is crucial to becoming successful in the Azure Cloud. Azure Resource Manager allows you to create resources in Azure in a declarative way. For many years we have been using ARM Templates to declare resources in a JSON format. Although ARM Templates are very powerful, the implementation of the JSON language is hard to read, maintain and debug. Bicep, a Domain Specific Language, overcomes these issues by providing a transparent abstraction layer on top of ARM and ARM Templates. This significantly improves the authoring experience. Bicep is easy to understand at a glance and straightforward to learn regardless of your experience with other programming languages. 11 | 12 | After an introduction by Mark Russinovich, Azure CTO and Technical Fellow at Microsoft and Alex Frankel, Program Manager at Microsoft, the book starts with some history and background in Infrastructure as Code and ARM Templates. It continues by explaining Bicep and providing guidance on how to get started. 13 | 14 | After the introduction, you will start your journey by understanding the syntax of Bicep. You will start by learning the basics first and you will gradually dive deeper in the more advanced scenarios. 15 | 16 | The book also contains a dedicated chapter on a big real-world example which provides you with great insights on how to leverage Bicep for production usage. 17 | 18 | Part of this book is also the Bicep playground, visualizer and a PowerShell module for Bicep provided by the community. Sample code used in this book is available on a dedicated GitHub repository. 19 | 20 | ## What you will learn 21 | - How to get started with the Bicep CLI and VSCode Extension 22 | - Deploying Bicep files to Azure, including template specs 23 | - Understanding the Bicep file structure 24 | - How to use the basic concepts of variables, parameters, tags, decorators, expressions, and symbolic names 25 | - Getting familiar with more advanced topics like dependencies, loops, conditions, target scopes, modules, nesting, module registries, pass resources between modules and shared variable files 26 | - Leverage the latest Bicep features like snippets, scaffolding, and linter 27 | - Use the Bicep Visualizer and Bicep playground to support the authoring of Templates 28 | - Deploy Templates using Template Specs 29 | - Use the Bicep PowerShell module as an extension to the Bicep CLI 30 | 31 | ## Who this book is intended for 32 | DevOps engineers, Developers, consultants, and Azure architects with or without experience in ARM Templates and infrastructure as code who want to get started with Bicep. 33 | 34 | ## Table of Contents 35 | 1. Why this book 36 | 2. What is project bicep 37 | 3. Getting started 38 | 4. Bicep file structure explained 39 | 5. Deploying bicep files to azure 40 | 6. Bicep syntax 41 | 7. Bicep playground and example code 42 | 8. Bicep visualizer 43 | 9. Template Specs 44 | 10. Guest Chapter: Bicep PowerShell module 45 | 11. A real-world example 46 | 12. Alternatives to Bicep 47 | 13. Closing Notes 48 | 14. About the author 49 | -------------------------------------------------------------------------------- /Samples/Basic-Storage-Account-with-extension.bicep: -------------------------------------------------------------------------------- 1 | param storageAccountName string = 'mysabicepdemo' 2 | param location string 3 | @allowed([ 4 | 'Hot' 5 | 'Cool' 6 | ]) 7 | param accessTier string 8 | param roleNameGuid string = newGuid() 9 | param principalId string 10 | 11 | var role = '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c' 12 | 13 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 14 | name: storageAccountName 15 | location: location 16 | kind: 'StorageV2' 17 | sku: { 18 | name: 'Standard_LRS' 19 | } 20 | properties: { 21 | accessTier: accessTier 22 | allowBlobPublicAccess: true 23 | } 24 | } 25 | 26 | resource roleAssignStorage 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = { 27 | name: roleNameGuid 28 | properties: { 29 | roleDefinitionId: role 30 | principalId: principalId 31 | } 32 | scope: stg 33 | } 34 | -------------------------------------------------------------------------------- /Samples/Basic-Storage-Account-with-extension.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.63.48766", 8 | "templateHash": "5450573708205357780" 9 | } 10 | }, 11 | "parameters": { 12 | "storageAccountName": { 13 | "type": "string", 14 | "defaultValue": "mysabicepdemo" 15 | }, 16 | "location": { 17 | "type": "string" 18 | }, 19 | "accessTier": { 20 | "type": "string", 21 | "allowedValues": [ 22 | "Hot", 23 | "Cool" 24 | ] 25 | }, 26 | "roleNameGuid": { 27 | "type": "string", 28 | "defaultValue": "[newGuid()]" 29 | }, 30 | "principalId": { 31 | "type": "string" 32 | } 33 | }, 34 | "functions": [], 35 | "variables": { 36 | "role": "[format('/subscriptions/{0}/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c', subscription().subscriptionId)]" 37 | }, 38 | "resources": [ 39 | { 40 | "type": "Microsoft.Storage/storageAccounts", 41 | "apiVersion": "2021-02-01", 42 | "name": "[parameters('storageAccountName')]", 43 | "location": "[parameters('location')]", 44 | "kind": "StorageV2", 45 | "sku": { 46 | "name": "Standard_LRS", 47 | "tier": "Standard" 48 | }, 49 | "properties": { 50 | "accessTier": "[parameters('accessTier')]", 51 | "allowBlobPublicAccess": true 52 | } 53 | }, 54 | { 55 | "type": "Microsoft.Authorization/roleAssignments", 56 | "apiVersion": "2020-04-01-preview", 57 | "scope": "[format('Microsoft.Storage/storageAccounts/{0}', parameters('storageAccountName'))]", 58 | "name": "[parameters('roleNameGuid')]", 59 | "properties": { 60 | "roleDefinitionId": "[variables('role')]", 61 | "principalId": "[parameters('principalId')]" 62 | }, 63 | "dependsOn": [ 64 | "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]" 65 | ] 66 | } 67 | ] 68 | } -------------------------------------------------------------------------------- /Samples/Basic-Storage-Account-with-param.bicep: -------------------------------------------------------------------------------- 1 | param storageAccountName string = 'mysabicepdemo' 2 | param location string 3 | @description('The Access Tier only allows Hot or Cool') 4 | @allowed([ 5 | 'Hot' 6 | 'Cool' 7 | ]) 8 | param accessTier string 9 | 10 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 11 | name: storageAccountName 12 | location: location 13 | kind: 'StorageV2' 14 | sku: { 15 | name: 'Standard_LRS' 16 | } 17 | properties: { 18 | accessTier: accessTier 19 | allowBlobPublicAccess: true 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /Samples/Basic-Storage-Account-with-param.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.63.48766", 8 | "templateHash": "16149567062724621211" 9 | } 10 | }, 11 | "parameters": { 12 | "storageAccountName": { 13 | "type": "string", 14 | "defaultValue": "mysabicepdemo" 15 | }, 16 | "location": { 17 | "type": "string" 18 | }, 19 | "accessTier": { 20 | "type": "string", 21 | "allowedValues": [ 22 | "Hot", 23 | "Cool" 24 | ], 25 | "metadata": { 26 | "description": "The Access Tier only allows Hot or Cool" 27 | } 28 | } 29 | }, 30 | "functions": [], 31 | "resources": [ 32 | { 33 | "type": "Microsoft.Storage/storageAccounts", 34 | "apiVersion": "2021-02-01", 35 | "name": "[parameters('storageAccountName')]", 36 | "location": "[parameters('location')]", 37 | "kind": "StorageV2", 38 | "sku": { 39 | "name": "Standard_LRS", 40 | "tier": "Standard" 41 | }, 42 | "properties": { 43 | "accessTier": "[parameters('accessTier')]", 44 | "allowBlobPublicAccess": true 45 | } 46 | } 47 | ] 48 | } -------------------------------------------------------------------------------- /Samples/README.md: -------------------------------------------------------------------------------- 1 | # Getting started with Bicep - Infrastructure as code on Azure 2 | This folder contains source codes and samples as provided in the book Getting started with Bicep - Infrastructure as code on Azure. This book is your guide to mastering Bicep! It contains a lot of practical solutions and examples to help you jump start your journey towards infrastructure as code for Azure! 3 | -------------------------------------------------------------------------------- /Samples/Real World Example/6. main.bicep: -------------------------------------------------------------------------------- 1 | targetScope = 'subscription' 2 | 3 | @secure() 4 | param azureSubscriptionID string 5 | 6 | @secure() 7 | param azureADTenantID string 8 | 9 | @secure() 10 | param adminObjectID string 11 | 12 | @secure() 13 | param principalID string 14 | 15 | //Define AVD deployment parameters 16 | param resourceGroupProdPrefix string = 'BICEP-AVD-DEMO-P-' 17 | param resourceGroupAccPrefix string = 'BICEP-AVD-DEMO-A-' 18 | param resourceGroupPostfix string = '-RG' 19 | param AVDbackplanelocation string = 'westeurope' 20 | param hostPoolType string = 'pooled' 21 | param loadBalancerType string = 'BreadthFirst' 22 | param logAnalyticsWorkspaceName string = 'BICEP-AVD-DEMO-3' 23 | param logAnalyticsWorkspaceSku string = 'pergb2018' 24 | param hostpoolFriendlyName string = 'Hostpool with AVD Ninja Applications' 25 | param appgroupDesktopFriendlyName string = 'AppGroup with AVD Ninja Desktop' 26 | param appgroupRemoteAppFriendlyName string = 'AppGroup with AVD Ninja Applications' 27 | param workspaceProdFriendlyName string = 'AVD Ninja Production' 28 | param workspaceAccFriendlyName string = 'AVD Ninja Acceptance' 29 | 30 | //Define Production parameters 31 | param hostpoolNameProd string = 'BICEP-P-AVD-HP' 32 | param appgroupNameProd string = 'BICEP-P-AVD-HP-AG' 33 | param workspaceNameProd string = 'BICEP-P-AVD-HP-WS' 34 | param preferredAppGroupTypeProd string = 'Desktop' 35 | 36 | //Define Acceptance parameters 37 | param hostpoolNameAcc string = 'BICEP-A-AVD-HP' 38 | param appgroupNameAcc string = 'BICEP-A-AVD-HP-AG' 39 | param workspaceNameAcc string = 'BICEP-A-AVD-HP-WS' 40 | param preferredAppGroupTypeAcc string = 'Desktop' 41 | 42 | //Define Networking deployment parameters 43 | param vnetName string = 'BICEP-AVD-VNET' 44 | param vnetaddressPrefix string = '10.80.0.0/16' 45 | param subnet1Prefix string = '10.80.10.0/24' 46 | param subnet1Name string = 'BICEP-AVD-SUBNET-PROD' 47 | param subnet2Prefix string = '10.80.20.0/24' 48 | param subnet2Name string = 'BICEP-AVD-SUBNET-ACC' 49 | param dnsServer string = '10.50.1.4' 50 | 51 | //define optional peering parameters 52 | param createPeering bool = true 53 | param remoteVnetName string = 'NINJA-WE-P-VNET-10-50-0-0-16' 54 | param remoteVnetRg string = 'NINJA-WE-P-RG-NETWORK' 55 | 56 | //Define Template VM & Packaging deployment parameters 57 | param vmProdPrefix string = 'BICEP-AVD-VM-TEMPLATE-' 58 | param adminUserName string = 'localadmin' 59 | 60 | @secure() 61 | param adminPassword string 62 | 63 | param vmHostname1 string 64 | var vnName1 = '${vmProdPrefix}${vmHostname1}' 65 | param vmSize1 string = 'Standard_D4s_v3' 66 | 67 | //Define SIG parameters 68 | param sigName string = 'BICEP_AVD_AIB' 69 | 70 | //Define Image Definition Parameteres 71 | param imagePublisher string = 'AVDNinja' 72 | param imageDefinitionName string = 'BICEP-AVD-ID' 73 | param imageOffer string = 'Windows10-AVD' 74 | param imageSKU string = '20h2-evd' 75 | 76 | //Define Template Image parameters 77 | param vmOffer string = 'windows-10' 78 | param vmOSDiskSize int = 127 79 | param vmSku string = '20h2-evd' 80 | param vmVersion string = 'latest' 81 | param vmPublisher string = 'MicrosoftWindowsDesktop' 82 | param userAssignedIdentity string = 'BICEP-WVD-DEMO-IDENTITY' 83 | var userAssignedIdentityID = '/subscriptions/${azureSubscriptionID}/resourcegroups/${rgti.name}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${userAssignedIdentity}' 84 | param roleNameNetwork string = 'VvetReader' 85 | param roleNameGalleryImage string = 'GalleryReadWrite' 86 | param vmSizeAIB string = 'Standard_D16s_v3' 87 | 88 | //Define Storage Account parameters AIB 89 | param storageaccountlocation1 string = 'westeurope' 90 | param storageaccountName1 string = 'bicepavdsaaib' 91 | param storageaccountkind1 string = 'StorageV2' 92 | param storgeaccountglobalRedundancy1 string = 'Standard_LRS' 93 | param storageaccountlocation2 string = 'westeurope' 94 | param storageaccountName2 string = 'bicepavdsaprof' 95 | param storageaccountkind2 string = 'FileStorage' 96 | param storgeaccountglobalRedundancy2 string = 'Premium_LRS' 97 | param fileshareFolderName1 string = 'aibsoftware' 98 | param fileshareFolderName2 string = 'aibscripts' 99 | param fileshareFolderName3 string = 'profilecontainers' 100 | var subnetID = '/subscriptions/${azureSubscriptionID}/resourcegroups/${resourceGroupProdPrefix}NETWORK${resourceGroupPostfix}/providers/Microsoft.Network/virtualNetworks/${vnetName}/subnets/${subnet2Name}' 101 | 102 | //Define Keyvault Parameters 103 | param keyVaultName string = 'kv-${utcNow()}' 104 | param keyVaultLocation string = 'westeurope' 105 | param secretNameDomainJoin string = 'AVD-domain-join' 106 | 107 | @secure() 108 | param secretValueDomainJoin string 109 | param secretNameLocalAdminPassword string 110 | 111 | @secure() 112 | param secretValueLocalAdminPassword string 113 | 114 | //Define Template Spec Parameters 115 | param templateSpecName string = 'add-AVD-hosts-to-hostpool' 116 | param templateDescription string = 'ARM Template to add hosts to an exsisting AVD Hostpool' 117 | param templateDisplayName string = 'Add AVD hosts to hostpool' 118 | 119 | //Create Resource Groups 120 | resource rgnw 'Microsoft.Resources/resourceGroups@2020-06-01' = { 121 | name: '${resourceGroupProdPrefix}NETWORK${resourceGroupPostfix}' 122 | location: 'westeurope' 123 | } 124 | resource rgti 'Microsoft.Resources/resourceGroups@2020-06-01' = { 125 | name: 'BICEP-WVD-DEMO-P-TEMPLATE-IMAGE${resourceGroupPostfix}' 126 | location: 'westeurope' 127 | } 128 | resource rgtvm 'Microsoft.Resources/resourceGroups@2020-06-01' = { 129 | name: '${resourceGroupProdPrefix}TEMPLATE-VM${resourceGroupPostfix}' 130 | location: 'westeurope' 131 | } 132 | resource rgAVDp 'Microsoft.Resources/resourceGroups@2020-06-01' = { 133 | name: '${resourceGroupProdPrefix}BACKPLANE${resourceGroupPostfix}' 134 | location: 'westeurope' 135 | } 136 | resource rgAVDa 'Microsoft.Resources/resourceGroups@2020-06-01' = { 137 | name: '${resourceGroupAccPrefix}BACKPLANE${resourceGroupPostfix}' 138 | location: 'westeurope' 139 | } 140 | resource rgAVDphost 'Microsoft.Resources/resourceGroups@2020-06-01' = { 141 | name: '${resourceGroupProdPrefix}AVD-HOSTS${resourceGroupPostfix}' 142 | location: 'westeurope' 143 | } 144 | resource rgAVDahost 'Microsoft.Resources/resourceGroups@2020-06-01' = { 145 | name: '${resourceGroupAccPrefix}AVD-HOSTS${resourceGroupPostfix}' 146 | location: 'westeurope' 147 | } 148 | resource rgmon 'Microsoft.Resources/resourceGroups@2020-06-01' = { 149 | name: '${resourceGroupProdPrefix}MONITORING${resourceGroupPostfix}' 150 | location: 'westeurope' 151 | } 152 | resource rgfs 'Microsoft.Resources/resourceGroups@2020-06-01' = { 153 | name: '${resourceGroupProdPrefix}FILESERVICES${resourceGroupPostfix}' 154 | location: 'westeurope' 155 | } 156 | resource rgkv 'Microsoft.Resources/resourceGroups@2020-06-01' = { 157 | name: '${resourceGroupProdPrefix}KEYVAULT${resourceGroupPostfix}' 158 | location: 'westeurope' 159 | } 160 | resource rgts 'Microsoft.Resources/resourceGroups@2020-06-01' = { 161 | name: '${resourceGroupProdPrefix}TEMPLATESPECS${resourceGroupPostfix}' 162 | location: 'westeurope' 163 | } 164 | 165 | //Create Role Definition for Network Resource Group access 166 | resource vnetdef 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' = { 167 | name: guid(roleNameNetwork) 168 | properties: { 169 | roleName: roleNameNetwork 170 | description: 'Custom role for network read' 171 | permissions: [ 172 | { 173 | actions: [ 174 | 'Microsoft.Network/virtualNetworks/read' 175 | 'Microsoft.Network/virtualNetworks/subnets/join/action' 176 | ] 177 | } 178 | ] 179 | assignableScopes: [ 180 | subscription().id 181 | ] 182 | } 183 | } 184 | 185 | resource vnetass 'Microsoft.Authorization/roleAssignments@2018-09-01-preview' = { 186 | name: guid(rgnw.id) 187 | properties: { 188 | roleDefinitionId: vnetdef.id 189 | principalId: principalID 190 | } 191 | } 192 | 193 | var AVDbackplanes = [ 194 | { 195 | hostpoolName: hostpoolNameProd 196 | hostpoolFriendlyName: hostpoolFriendlyName 197 | appgroupName: appgroupNameProd 198 | appgroupDesktopFriendlyName: appgroupDesktopFriendlyName 199 | appgroupRemoteAppFriendlyName: appgroupRemoteAppFriendlyName 200 | workspaceName: workspaceNameProd 201 | workspaceNameFriendlyName: workspaceProdFriendlyName 202 | preferredAppGroupType: preferredAppGroupTypeProd 203 | AVDbackplanelocation: AVDbackplanelocation 204 | hostPoolType: hostPoolType 205 | enableValiatioMode: false 206 | loadBalancerType: loadBalancerType 207 | createRemoteAppHostpool: true 208 | } 209 | { 210 | hostpoolName: hostpoolNameAcc 211 | hostpoolFriendlyName: hostpoolFriendlyName 212 | appgroupName: appgroupNameAcc 213 | appgroupDesktopFriendlyName: appgroupDesktopFriendlyName 214 | appgroupRemoteAppFriendlyName: appgroupRemoteAppFriendlyName 215 | workspaceName: workspaceNameAcc 216 | workspaceNameFriendlyName: workspaceAccFriendlyName 217 | preferredAppGroupType: preferredAppGroupTypeAcc 218 | AVDbackplanelocation: AVDbackplanelocation 219 | hostPoolType: hostPoolType 220 | enableValiatioMode: true 221 | loadBalancerType: loadBalancerType 222 | createRemoteAppHostpool: true 223 | } 224 | ] 225 | 226 | //Create AVD Prod backplane objects and configure Log Analytics Diagnostics Settings 227 | module AVDbackplaneprod './6.1 AVD-backplane-module.bicep' = [for AVDbackplane in AVDbackplanes: { 228 | name: '${AVDbackplane.hostpoolName}-deploy' 229 | scope: rgAVDp 230 | params: { 231 | hostpoolName: AVDbackplane.hostpoolName 232 | hostpoolFriendlyName: AVDbackplane.hostpoolFriendlyName 233 | appgroupName: AVDbackplane.appgroupName 234 | appgroupDesktopFriendlyName: AVDbackplane.appgroupDesktopFriendlyName 235 | appgroupRemoteAppFriendlyName: AVDbackplane.appgroupRemoteAppFriendlyName 236 | workspaceName: AVDbackplane.workspaceName 237 | workspaceNameFriendlyName: AVDbackplane.workspaceNameFriendlyName 238 | preferredAppGroupType: AVDbackplane.preferredAppGroupType 239 | AVDbackplanelocation: AVDbackplane.AVDbackplanelocation 240 | hostPoolType: AVDbackplane.HostPoolType 241 | enableValiatioMode: AVDbackplane.enableValiatioMode 242 | loadBalancerType: AVDbackplane.loadBalancerType 243 | createRemoteAppHostpool: AVDbackplane.createRemoteAppHostpool 244 | } 245 | }] 246 | 247 | //Create AVD Netwerk, Subnet and template image VM 248 | module AVDnetwork './6.2 AVD-network-module.bicep' = { 249 | name: 'AVDnetwork' 250 | scope: rgnw 251 | params: { 252 | templateVMResourceGroup: rgtvm.name 253 | vnetLocation: rgnw.location 254 | vnetName: vnetName 255 | vnetaddressPrefix: vnetaddressPrefix 256 | dnsServer: dnsServer 257 | subnet1Prefix: subnet1Prefix 258 | subnet1Name: subnet1Name 259 | subnet2Prefix: subnet2Prefix 260 | subnet2Name: subnet2Name 261 | vmname: vnName1 262 | vmHostname: vmHostname1 263 | vmSize: vmSize1 264 | adminUserName: adminUserName 265 | adminPassword: adminPassword 266 | vmLocation: rgtvm.location 267 | createPeering: createPeering 268 | remoteVnetName: remoteVnetName 269 | remoteVnetRg: remoteVnetRg 270 | vNetVMResourceGroup: rgnw.name 271 | } 272 | } 273 | 274 | //Create Azure Log Analytics Workspace 275 | module AVDmonitor './6.3 AVD-LogAnalytics.bicep' = { 276 | name: 'LAWorkspace' 277 | scope: rgmon 278 | params: { 279 | logAnalyticsWorkspaceName: logAnalyticsWorkspaceName 280 | logAnalyticslocation: rgmon.location 281 | logAnalyticsWorkspaceSku: logAnalyticsWorkspaceSku 282 | } 283 | } 284 | 285 | //Create Shared Image Gallery & Image Offers 286 | module AVDsig './6.4 AVD-shared-image-gallery.bicep' = { 287 | name: 'AVDsig' 288 | scope: rgti 289 | params: { 290 | sigLocation: rgti.location 291 | sigName: sigName 292 | sigReourceGroup: rgti.name 293 | imageDefinitionName: imageDefinitionName 294 | imageOffer: imageOffer 295 | imagePublisher: imagePublisher 296 | imageSKU: imageSKU 297 | userIdentity: userAssignedIdentityID 298 | vmOffer: vmOffer 299 | vmOSDiskSize: vmOSDiskSize 300 | vmPublisher: vmPublisher 301 | vmSizeAIB: vmSizeAIB 302 | vmSku: vmSku 303 | vmVersion: vmVersion 304 | azureSubscriptionID: azureSubscriptionID 305 | subnetID: subnetID 306 | principalID: principalID 307 | roleNameGalleryImage: roleNameGalleryImage 308 | templateImageResourceGroup: rgti.name 309 | } 310 | } 311 | 312 | module AVDsa '6.5 AVD-fileservices-module.bicep' = { 313 | name: 'AVDsa' 314 | scope: rgfs 315 | params: { 316 | storageaccountlocation1: storageaccountlocation1 317 | storageaccountName1: storageaccountName1 318 | storageaccountkind1: storageaccountkind1 319 | storgeaccountglobalRedundancy1: storgeaccountglobalRedundancy1 320 | storageaccountlocation2: storageaccountlocation2 321 | storageaccountName2: storageaccountName2 322 | storageaccountkind2: storageaccountkind2 323 | storgeaccountglobalRedundancy2: storgeaccountglobalRedundancy2 324 | fileshareFolderName1: fileshareFolderName1 325 | fileshareFolderName2: fileshareFolderName2 326 | fileshareFolderName3: fileshareFolderName3 327 | } 328 | } 329 | 330 | //Create Azure KeyVault 331 | module AVDkeyvault './6.6 AVD-KeyVault.bicep' = { 332 | name: 'AVDkeyvault' 333 | scope: rgkv 334 | params: { 335 | keyVaultName: keyVaultName 336 | keyVaultLocation: keyVaultLocation 337 | azureADTenantID: azureADTenantID 338 | adminObjectID: adminObjectID 339 | secretNameDomainJoin: secretNameDomainJoin 340 | secretValueDomainJoin: secretValueDomainJoin 341 | secretNameLocalAdminPassword: secretNameLocalAdminPassword 342 | secretValueLocalAdminPassword: secretValueLocalAdminPassword 343 | } 344 | } 345 | 346 | //Create template spec & template spec version 347 | module AVDtemplatespec '7. AVD-template-spec.bicep' = { 348 | name: 'AVDtemplatespec' 349 | scope: rgts 350 | params: { 351 | templateSpecName: templateSpecName 352 | templateDescription: templateDescription 353 | templateDisplayName: templateDisplayName 354 | } 355 | } 356 | -------------------------------------------------------------------------------- /Samples/Real World Example/6. main.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.1272.37030", 8 | "templateHash": "4818970993537491499" 9 | } 10 | }, 11 | "parameters": { 12 | "azureSubscriptionID": { 13 | "type": "secureString" 14 | }, 15 | "azureADTenantID": { 16 | "type": "secureString" 17 | }, 18 | "adminObjectID": { 19 | "type": "secureString" 20 | }, 21 | "principalID": { 22 | "type": "secureString" 23 | }, 24 | "resourceGroupProdPrefix": { 25 | "type": "string", 26 | "defaultValue": "BICEP-AVD-DEMO-P-" 27 | }, 28 | "resourceGroupAccPrefix": { 29 | "type": "string", 30 | "defaultValue": "BICEP-AVD-DEMO-A-" 31 | }, 32 | "resourceGroupPostfix": { 33 | "type": "string", 34 | "defaultValue": "-RG" 35 | }, 36 | "AVDbackplanelocation": { 37 | "type": "string", 38 | "defaultValue": "westeurope" 39 | }, 40 | "hostPoolType": { 41 | "type": "string", 42 | "defaultValue": "pooled" 43 | }, 44 | "loadBalancerType": { 45 | "type": "string", 46 | "defaultValue": "BreadthFirst" 47 | }, 48 | "logAnalyticsWorkspaceName": { 49 | "type": "string", 50 | "defaultValue": "BICEP-AVD-DEMO-3" 51 | }, 52 | "logAnalyticsWorkspaceSku": { 53 | "type": "string", 54 | "defaultValue": "pergb2018" 55 | }, 56 | "hostpoolFriendlyName": { 57 | "type": "string", 58 | "defaultValue": "Hostpool with AVD Ninja Applications" 59 | }, 60 | "appgroupDesktopFriendlyName": { 61 | "type": "string", 62 | "defaultValue": "AppGroup with AVD Ninja Desktop" 63 | }, 64 | "appgroupRemoteAppFriendlyName": { 65 | "type": "string", 66 | "defaultValue": "AppGroup with AVD Ninja Applications" 67 | }, 68 | "workspaceProdFriendlyName": { 69 | "type": "string", 70 | "defaultValue": "AVD Ninja Production" 71 | }, 72 | "workspaceAccFriendlyName": { 73 | "type": "string", 74 | "defaultValue": "AVD Ninja Acceptance" 75 | }, 76 | "hostpoolNameProd": { 77 | "type": "string", 78 | "defaultValue": "BICEP-P-AVD-HP" 79 | }, 80 | "appgroupNameProd": { 81 | "type": "string", 82 | "defaultValue": "BICEP-P-AVD-HP-AG" 83 | }, 84 | "workspaceNameProd": { 85 | "type": "string", 86 | "defaultValue": "BICEP-P-AVD-HP-WS" 87 | }, 88 | "preferredAppGroupTypeProd": { 89 | "type": "string", 90 | "defaultValue": "Desktop" 91 | }, 92 | "hostpoolNameAcc": { 93 | "type": "string", 94 | "defaultValue": "BICEP-A-AVD-HP" 95 | }, 96 | "appgroupNameAcc": { 97 | "type": "string", 98 | "defaultValue": "BICEP-A-AVD-HP-AG" 99 | }, 100 | "workspaceNameAcc": { 101 | "type": "string", 102 | "defaultValue": "BICEP-A-AVD-HP-WS" 103 | }, 104 | "preferredAppGroupTypeAcc": { 105 | "type": "string", 106 | "defaultValue": "Desktop" 107 | }, 108 | "vnetName": { 109 | "type": "string", 110 | "defaultValue": "BICEP-AVD-VNET" 111 | }, 112 | "vnetaddressPrefix": { 113 | "type": "string", 114 | "defaultValue": "10.80.0.0/16" 115 | }, 116 | "subnet1Prefix": { 117 | "type": "string", 118 | "defaultValue": "10.80.10.0/24" 119 | }, 120 | "subnet1Name": { 121 | "type": "string", 122 | "defaultValue": "BICEP-AVD-SUBNET-PROD" 123 | }, 124 | "subnet2Prefix": { 125 | "type": "string", 126 | "defaultValue": "10.80.20.0/24" 127 | }, 128 | "subnet2Name": { 129 | "type": "string", 130 | "defaultValue": "BICEP-AVD-SUBNET-ACC" 131 | }, 132 | "dnsServer": { 133 | "type": "string", 134 | "defaultValue": "10.50.1.4" 135 | }, 136 | "createPeering": { 137 | "type": "bool", 138 | "defaultValue": true 139 | }, 140 | "remoteVnetName": { 141 | "type": "string", 142 | "defaultValue": "NINJA-WE-P-VNET-10-50-0-0-16" 143 | }, 144 | "remoteVnetRg": { 145 | "type": "string", 146 | "defaultValue": "NINJA-WE-P-RG-NETWORK" 147 | }, 148 | "vmProdPrefix": { 149 | "type": "string", 150 | "defaultValue": "BICEP-AVD-VM-TEMPLATE-" 151 | }, 152 | "adminUserName": { 153 | "type": "string", 154 | "defaultValue": "localadmin" 155 | }, 156 | "adminPassword": { 157 | "type": "secureString" 158 | }, 159 | "vmHostname1": { 160 | "type": "string" 161 | }, 162 | "vmSize1": { 163 | "type": "string", 164 | "defaultValue": "Standard_D4s_v3" 165 | }, 166 | "sigName": { 167 | "type": "string", 168 | "defaultValue": "BICEP_AVD_AIB" 169 | }, 170 | "imagePublisher": { 171 | "type": "string", 172 | "defaultValue": "AVDNinja" 173 | }, 174 | "imageDefinitionName": { 175 | "type": "string", 176 | "defaultValue": "BICEP-AVD-ID" 177 | }, 178 | "imageOffer": { 179 | "type": "string", 180 | "defaultValue": "Windows10-AVD" 181 | }, 182 | "imageSKU": { 183 | "type": "string", 184 | "defaultValue": "20h2-evd" 185 | }, 186 | "vmOffer": { 187 | "type": "string", 188 | "defaultValue": "windows-10" 189 | }, 190 | "vmOSDiskSize": { 191 | "type": "int", 192 | "defaultValue": 127 193 | }, 194 | "vmSku": { 195 | "type": "string", 196 | "defaultValue": "20h2-evd" 197 | }, 198 | "vmVersion": { 199 | "type": "string", 200 | "defaultValue": "latest" 201 | }, 202 | "vmPublisher": { 203 | "type": "string", 204 | "defaultValue": "MicrosoftWindowsDesktop" 205 | }, 206 | "userAssignedIdentity": { 207 | "type": "string", 208 | "defaultValue": "BICEP-WVD-DEMO-IDENTITY" 209 | }, 210 | "roleNameNetwork": { 211 | "type": "string", 212 | "defaultValue": "VvetReader" 213 | }, 214 | "roleNameGalleryImage": { 215 | "type": "string", 216 | "defaultValue": "GalleryReadWrite" 217 | }, 218 | "vmSizeAIB": { 219 | "type": "string", 220 | "defaultValue": "Standard_D16s_v3" 221 | }, 222 | "storageaccountlocation1": { 223 | "type": "string", 224 | "defaultValue": "westeurope" 225 | }, 226 | "storageaccountName1": { 227 | "type": "string", 228 | "defaultValue": "bicepavdsaaib" 229 | }, 230 | "storageaccountkind1": { 231 | "type": "string", 232 | "defaultValue": "StorageV2" 233 | }, 234 | "storgeaccountglobalRedundancy1": { 235 | "type": "string", 236 | "defaultValue": "Standard_LRS" 237 | }, 238 | "storageaccountlocation2": { 239 | "type": "string", 240 | "defaultValue": "westeurope" 241 | }, 242 | "storageaccountName2": { 243 | "type": "string", 244 | "defaultValue": "bicepavdsaprof" 245 | }, 246 | "storageaccountkind2": { 247 | "type": "string", 248 | "defaultValue": "FileStorage" 249 | }, 250 | "storgeaccountglobalRedundancy2": { 251 | "type": "string", 252 | "defaultValue": "Premium_LRS" 253 | }, 254 | "fileshareFolderName1": { 255 | "type": "string", 256 | "defaultValue": "aibsoftware" 257 | }, 258 | "fileshareFolderName2": { 259 | "type": "string", 260 | "defaultValue": "aibscripts" 261 | }, 262 | "fileshareFolderName3": { 263 | "type": "string", 264 | "defaultValue": "profilecontainers" 265 | }, 266 | "keyVaultName": { 267 | "type": "string", 268 | "defaultValue": "[format('kv-{0}', utcNow())]" 269 | }, 270 | "keyVaultLocation": { 271 | "type": "string", 272 | "defaultValue": "westeurope" 273 | }, 274 | "secretNameDomainJoin": { 275 | "type": "string", 276 | "defaultValue": "AVD-domain-join" 277 | }, 278 | "secretValueDomainJoin": { 279 | "type": "secureString" 280 | }, 281 | "secretNameLocalAdminPassword": { 282 | "type": "string" 283 | }, 284 | "secretValueLocalAdminPassword": { 285 | "type": "secureString" 286 | }, 287 | "templateSpecName": { 288 | "type": "string", 289 | "defaultValue": "add-AVD-hosts-to-hostpool" 290 | }, 291 | "templateDescription": { 292 | "type": "string", 293 | "defaultValue": "ARM Template to add hosts to an exsisting AVD Hostpool" 294 | }, 295 | "templateDisplayName": { 296 | "type": "string", 297 | "defaultValue": "Add AVD hosts to hostpool" 298 | } 299 | }, 300 | "variables": { 301 | "vnName1": "[format('{0}{1}', parameters('vmProdPrefix'), parameters('vmHostname1'))]", 302 | "userAssignedIdentityID": "[format('/subscriptions/{0}/resourcegroups/{1}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{2}', parameters('azureSubscriptionID'), format('BICEP-WVD-DEMO-P-TEMPLATE-IMAGE{0}', parameters('resourceGroupPostfix')), parameters('userAssignedIdentity'))]", 303 | "subnetID": "[format('/subscriptions/{0}/resourcegroups/{1}NETWORK{2}/providers/Microsoft.Network/virtualNetworks/{3}/subnets/{4}', parameters('azureSubscriptionID'), parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'), parameters('vnetName'), parameters('subnet2Name'))]", 304 | "AVDbackplanes": [ 305 | { 306 | "hostpoolName": "[parameters('hostpoolNameProd')]", 307 | "hostpoolFriendlyName": "[parameters('hostpoolFriendlyName')]", 308 | "appgroupName": "[parameters('appgroupNameProd')]", 309 | "appgroupDesktopFriendlyName": "[parameters('appgroupDesktopFriendlyName')]", 310 | "appgroupRemoteAppFriendlyName": "[parameters('appgroupRemoteAppFriendlyName')]", 311 | "workspaceName": "[parameters('workspaceNameProd')]", 312 | "workspaceNameFriendlyName": "[parameters('workspaceProdFriendlyName')]", 313 | "preferredAppGroupType": "[parameters('preferredAppGroupTypeProd')]", 314 | "AVDbackplanelocation": "[parameters('AVDbackplanelocation')]", 315 | "hostPoolType": "[parameters('hostPoolType')]", 316 | "enableValiatioMode": false, 317 | "loadBalancerType": "[parameters('loadBalancerType')]", 318 | "createRemoteAppHostpool": true 319 | }, 320 | { 321 | "hostpoolName": "[parameters('hostpoolNameAcc')]", 322 | "hostpoolFriendlyName": "[parameters('hostpoolFriendlyName')]", 323 | "appgroupName": "[parameters('appgroupNameAcc')]", 324 | "appgroupDesktopFriendlyName": "[parameters('appgroupDesktopFriendlyName')]", 325 | "appgroupRemoteAppFriendlyName": "[parameters('appgroupRemoteAppFriendlyName')]", 326 | "workspaceName": "[parameters('workspaceNameAcc')]", 327 | "workspaceNameFriendlyName": "[parameters('workspaceAccFriendlyName')]", 328 | "preferredAppGroupType": "[parameters('preferredAppGroupTypeAcc')]", 329 | "AVDbackplanelocation": "[parameters('AVDbackplanelocation')]", 330 | "hostPoolType": "[parameters('hostPoolType')]", 331 | "enableValiatioMode": true, 332 | "loadBalancerType": "[parameters('loadBalancerType')]", 333 | "createRemoteAppHostpool": true 334 | } 335 | ] 336 | }, 337 | "resources": [ 338 | { 339 | "type": "Microsoft.Resources/resourceGroups", 340 | "apiVersion": "2020-06-01", 341 | "name": "[format('{0}NETWORK{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 342 | "location": "westeurope" 343 | }, 344 | { 345 | "type": "Microsoft.Resources/resourceGroups", 346 | "apiVersion": "2020-06-01", 347 | "name": "[format('BICEP-WVD-DEMO-P-TEMPLATE-IMAGE{0}', parameters('resourceGroupPostfix'))]", 348 | "location": "westeurope" 349 | }, 350 | { 351 | "type": "Microsoft.Resources/resourceGroups", 352 | "apiVersion": "2020-06-01", 353 | "name": "[format('{0}TEMPLATE-VM{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 354 | "location": "westeurope" 355 | }, 356 | { 357 | "type": "Microsoft.Resources/resourceGroups", 358 | "apiVersion": "2020-06-01", 359 | "name": "[format('{0}BACKPLANE{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 360 | "location": "westeurope" 361 | }, 362 | { 363 | "type": "Microsoft.Resources/resourceGroups", 364 | "apiVersion": "2020-06-01", 365 | "name": "[format('{0}BACKPLANE{1}', parameters('resourceGroupAccPrefix'), parameters('resourceGroupPostfix'))]", 366 | "location": "westeurope" 367 | }, 368 | { 369 | "type": "Microsoft.Resources/resourceGroups", 370 | "apiVersion": "2020-06-01", 371 | "name": "[format('{0}AVD-HOSTS{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 372 | "location": "westeurope" 373 | }, 374 | { 375 | "type": "Microsoft.Resources/resourceGroups", 376 | "apiVersion": "2020-06-01", 377 | "name": "[format('{0}AVD-HOSTS{1}', parameters('resourceGroupAccPrefix'), parameters('resourceGroupPostfix'))]", 378 | "location": "westeurope" 379 | }, 380 | { 381 | "type": "Microsoft.Resources/resourceGroups", 382 | "apiVersion": "2020-06-01", 383 | "name": "[format('{0}MONITORING{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 384 | "location": "westeurope" 385 | }, 386 | { 387 | "type": "Microsoft.Resources/resourceGroups", 388 | "apiVersion": "2020-06-01", 389 | "name": "[format('{0}FILESERVICES{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 390 | "location": "westeurope" 391 | }, 392 | { 393 | "type": "Microsoft.Resources/resourceGroups", 394 | "apiVersion": "2020-06-01", 395 | "name": "[format('{0}KEYVAULT{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 396 | "location": "westeurope" 397 | }, 398 | { 399 | "type": "Microsoft.Resources/resourceGroups", 400 | "apiVersion": "2020-06-01", 401 | "name": "[format('{0}TEMPLATESPECS{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 402 | "location": "westeurope" 403 | }, 404 | { 405 | "type": "Microsoft.Authorization/roleDefinitions", 406 | "apiVersion": "2018-01-01-preview", 407 | "name": "[guid(parameters('roleNameNetwork'))]", 408 | "properties": { 409 | "roleName": "[parameters('roleNameNetwork')]", 410 | "description": "Custom role for network read", 411 | "permissions": [ 412 | { 413 | "actions": [ 414 | "Microsoft.Network/virtualNetworks/read", 415 | "Microsoft.Network/virtualNetworks/subnets/join/action" 416 | ] 417 | } 418 | ], 419 | "assignableScopes": [ 420 | "[subscription().id]" 421 | ] 422 | } 423 | }, 424 | { 425 | "type": "Microsoft.Authorization/roleAssignments", 426 | "apiVersion": "2018-09-01-preview", 427 | "name": "[guid(subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}NETWORK{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))))]", 428 | "properties": { 429 | "roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', guid(parameters('roleNameNetwork')))]", 430 | "principalId": "[parameters('principalID')]" 431 | }, 432 | "dependsOn": [ 433 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}NETWORK{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix')))]", 434 | "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', guid(parameters('roleNameNetwork')))]" 435 | ] 436 | }, 437 | { 438 | "copy": { 439 | "name": "AVDbackplaneprod", 440 | "count": "[length(variables('AVDbackplanes'))]" 441 | }, 442 | "type": "Microsoft.Resources/deployments", 443 | "apiVersion": "2020-10-01", 444 | "name": "[format('{0}-deploy', variables('AVDbackplanes')[copyIndex()].hostpoolName)]", 445 | "resourceGroup": "[format('{0}BACKPLANE{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 446 | "properties": { 447 | "expressionEvaluationOptions": { 448 | "scope": "inner" 449 | }, 450 | "mode": "Incremental", 451 | "parameters": { 452 | "hostpoolName": { 453 | "value": "[variables('AVDbackplanes')[copyIndex()].hostpoolName]" 454 | }, 455 | "hostpoolFriendlyName": { 456 | "value": "[variables('AVDbackplanes')[copyIndex()].hostpoolFriendlyName]" 457 | }, 458 | "appgroupName": { 459 | "value": "[variables('AVDbackplanes')[copyIndex()].appgroupName]" 460 | }, 461 | "appgroupDesktopFriendlyName": { 462 | "value": "[variables('AVDbackplanes')[copyIndex()].appgroupDesktopFriendlyName]" 463 | }, 464 | "appgroupRemoteAppFriendlyName": { 465 | "value": "[variables('AVDbackplanes')[copyIndex()].appgroupRemoteAppFriendlyName]" 466 | }, 467 | "workspaceName": { 468 | "value": "[variables('AVDbackplanes')[copyIndex()].workspaceName]" 469 | }, 470 | "workspaceNameFriendlyName": { 471 | "value": "[variables('AVDbackplanes')[copyIndex()].workspaceNameFriendlyName]" 472 | }, 473 | "preferredAppGroupType": { 474 | "value": "[variables('AVDbackplanes')[copyIndex()].preferredAppGroupType]" 475 | }, 476 | "AVDbackplanelocation": { 477 | "value": "[variables('AVDbackplanes')[copyIndex()].AVDbackplanelocation]" 478 | }, 479 | "hostPoolType": { 480 | "value": "[variables('AVDbackplanes')[copyIndex()].HostPoolType]" 481 | }, 482 | "enableValiatioMode": { 483 | "value": "[variables('AVDbackplanes')[copyIndex()].enableValiatioMode]" 484 | }, 485 | "loadBalancerType": { 486 | "value": "[variables('AVDbackplanes')[copyIndex()].loadBalancerType]" 487 | }, 488 | "createRemoteAppHostpool": { 489 | "value": "[variables('AVDbackplanes')[copyIndex()].createRemoteAppHostpool]" 490 | } 491 | }, 492 | "template": { 493 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 494 | "contentVersion": "1.0.0.0", 495 | "metadata": { 496 | "_generator": { 497 | "name": "bicep", 498 | "version": "0.4.1272.37030", 499 | "templateHash": "15181367534415276358" 500 | } 501 | }, 502 | "parameters": { 503 | "hostpoolName": { 504 | "type": "string" 505 | }, 506 | "hostpoolFriendlyName": { 507 | "type": "string" 508 | }, 509 | "appgroupName": { 510 | "type": "string" 511 | }, 512 | "appgroupDesktopFriendlyName": { 513 | "type": "string" 514 | }, 515 | "appgroupRemoteAppFriendlyName": { 516 | "type": "string" 517 | }, 518 | "workspaceName": { 519 | "type": "string" 520 | }, 521 | "workspaceNameFriendlyName": { 522 | "type": "string" 523 | }, 524 | "preferredAppGroupType": { 525 | "type": "string", 526 | "defaultValue": "Desktop" 527 | }, 528 | "AVDbackplanelocation": { 529 | "type": "string", 530 | "defaultValue": "eastus" 531 | }, 532 | "hostPoolType": { 533 | "type": "string", 534 | "defaultValue": "pooled" 535 | }, 536 | "loadBalancerType": { 537 | "type": "string", 538 | "defaultValue": "BreadthFirst" 539 | }, 540 | "enableValiatioMode": { 541 | "type": "bool" 542 | }, 543 | "createRemoteAppHostpool": { 544 | "type": "bool" 545 | } 546 | }, 547 | "resources": [ 548 | { 549 | "type": "Microsoft.DesktopVirtualization/hostPools", 550 | "apiVersion": "2019-12-10-preview", 551 | "name": "[parameters('hostpoolName')]", 552 | "location": "[parameters('AVDbackplanelocation')]", 553 | "properties": { 554 | "friendlyName": "[parameters('hostpoolFriendlyName')]", 555 | "hostPoolType": "[parameters('hostPoolType')]", 556 | "loadBalancerType": "[parameters('loadBalancerType')]", 557 | "preferredAppGroupType": "[parameters('preferredAppGroupType')]", 558 | "validationEnvironment": "[parameters('enableValiatioMode')]" 559 | } 560 | }, 561 | { 562 | "type": "Microsoft.DesktopVirtualization/applicationGroups", 563 | "apiVersion": "2019-12-10-preview", 564 | "name": "[parameters('appgroupName')]", 565 | "location": "[parameters('AVDbackplanelocation')]", 566 | "properties": { 567 | "friendlyName": "[parameters('appgroupDesktopFriendlyName')]", 568 | "applicationGroupType": "Desktop", 569 | "hostPoolArmPath": "[resourceId('Microsoft.DesktopVirtualization/hostPools', parameters('hostpoolName'))]" 570 | }, 571 | "dependsOn": [ 572 | "[resourceId('Microsoft.DesktopVirtualization/hostPools', parameters('hostpoolName'))]" 573 | ] 574 | }, 575 | { 576 | "condition": "[parameters('createRemoteAppHostpool')]", 577 | "type": "Microsoft.DesktopVirtualization/hostPools", 578 | "apiVersion": "2019-12-10-preview", 579 | "name": "[format('{0}-REMOTEAPP', parameters('hostpoolName'))]", 580 | "location": "[parameters('AVDbackplanelocation')]", 581 | "properties": { 582 | "friendlyName": "[parameters('hostpoolFriendlyName')]", 583 | "hostPoolType": "[parameters('hostPoolType')]", 584 | "loadBalancerType": "[parameters('loadBalancerType')]", 585 | "preferredAppGroupType": "RailApplications", 586 | "validationEnvironment": "[parameters('enableValiatioMode')]" 587 | } 588 | }, 589 | { 590 | "condition": "[parameters('createRemoteAppHostpool')]", 591 | "type": "Microsoft.DesktopVirtualization/applicationGroups", 592 | "apiVersion": "2019-12-10-preview", 593 | "name": "[format('{0}-REMOTEAPP', parameters('appgroupName'))]", 594 | "location": "[parameters('AVDbackplanelocation')]", 595 | "properties": { 596 | "friendlyName": "[parameters('appgroupRemoteAppFriendlyName')]", 597 | "applicationGroupType": "RemoteApp", 598 | "hostPoolArmPath": "[resourceId('Microsoft.DesktopVirtualization/hostPools', format('{0}-REMOTEAPP', parameters('hostpoolName')))]" 599 | }, 600 | "dependsOn": [ 601 | "[resourceId('Microsoft.DesktopVirtualization/hostPools', format('{0}-REMOTEAPP', parameters('hostpoolName')))]" 602 | ] 603 | }, 604 | { 605 | "type": "Microsoft.DesktopVirtualization/workspaces", 606 | "apiVersion": "2019-12-10-preview", 607 | "name": "[parameters('workspaceName')]", 608 | "location": "[parameters('AVDbackplanelocation')]", 609 | "properties": { 610 | "friendlyName": "[parameters('workspaceNameFriendlyName')]", 611 | "applicationGroupReferences": [ 612 | "[resourceId('Microsoft.DesktopVirtualization/applicationGroups', parameters('appgroupName'))]", 613 | "[if(parameters('createRemoteAppHostpool'), resourceId('Microsoft.DesktopVirtualization/applicationGroups', format('{0}-REMOTEAPP', parameters('appgroupName'))), '')]" 614 | ] 615 | }, 616 | "dependsOn": [ 617 | "[resourceId('Microsoft.DesktopVirtualization/applicationGroups', parameters('appgroupName'))]", 618 | "[resourceId('Microsoft.DesktopVirtualization/applicationGroups', format('{0}-REMOTEAPP', parameters('appgroupName')))]" 619 | ] 620 | } 621 | ] 622 | } 623 | }, 624 | "dependsOn": [ 625 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}BACKPLANE{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix')))]" 626 | ] 627 | }, 628 | { 629 | "type": "Microsoft.Resources/deployments", 630 | "apiVersion": "2020-10-01", 631 | "name": "AVDnetwork", 632 | "resourceGroup": "[format('{0}NETWORK{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 633 | "properties": { 634 | "expressionEvaluationOptions": { 635 | "scope": "inner" 636 | }, 637 | "mode": "Incremental", 638 | "parameters": { 639 | "templateVMResourceGroup": { 640 | "value": "[format('{0}TEMPLATE-VM{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]" 641 | }, 642 | "vnetLocation": { 643 | "value": "[reference(subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}NETWORK{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))), '2020-06-01', 'full').location]" 644 | }, 645 | "vnetName": { 646 | "value": "[parameters('vnetName')]" 647 | }, 648 | "vnetaddressPrefix": { 649 | "value": "[parameters('vnetaddressPrefix')]" 650 | }, 651 | "dnsServer": { 652 | "value": "[parameters('dnsServer')]" 653 | }, 654 | "subnet1Prefix": { 655 | "value": "[parameters('subnet1Prefix')]" 656 | }, 657 | "subnet1Name": { 658 | "value": "[parameters('subnet1Name')]" 659 | }, 660 | "subnet2Prefix": { 661 | "value": "[parameters('subnet2Prefix')]" 662 | }, 663 | "subnet2Name": { 664 | "value": "[parameters('subnet2Name')]" 665 | }, 666 | "vmname": { 667 | "value": "[variables('vnName1')]" 668 | }, 669 | "vmHostname": { 670 | "value": "[parameters('vmHostname1')]" 671 | }, 672 | "vmSize": { 673 | "value": "[parameters('vmSize1')]" 674 | }, 675 | "adminUserName": { 676 | "value": "[parameters('adminUserName')]" 677 | }, 678 | "adminPassword": { 679 | "value": "[parameters('adminPassword')]" 680 | }, 681 | "vmLocation": { 682 | "value": "[reference(subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}TEMPLATE-VM{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))), '2020-06-01', 'full').location]" 683 | }, 684 | "createPeering": { 685 | "value": "[parameters('createPeering')]" 686 | }, 687 | "remoteVnetName": { 688 | "value": "[parameters('remoteVnetName')]" 689 | }, 690 | "remoteVnetRg": { 691 | "value": "[parameters('remoteVnetRg')]" 692 | }, 693 | "vNetVMResourceGroup": { 694 | "value": "[format('{0}NETWORK{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]" 695 | } 696 | }, 697 | "template": { 698 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 699 | "contentVersion": "1.0.0.0", 700 | "metadata": { 701 | "_generator": { 702 | "name": "bicep", 703 | "version": "0.4.1272.37030", 704 | "templateHash": "2060171881500745945" 705 | } 706 | }, 707 | "parameters": { 708 | "vnetLocation": { 709 | "type": "string" 710 | }, 711 | "vnetName": { 712 | "type": "string" 713 | }, 714 | "vnetaddressPrefix": { 715 | "type": "string" 716 | }, 717 | "subnet1Prefix": { 718 | "type": "string" 719 | }, 720 | "subnet1Name": { 721 | "type": "string" 722 | }, 723 | "subnet2Prefix": { 724 | "type": "string" 725 | }, 726 | "subnet2Name": { 727 | "type": "string" 728 | }, 729 | "dnsServer": { 730 | "type": "string" 731 | }, 732 | "vmname": { 733 | "type": "string" 734 | }, 735 | "vmHostname": { 736 | "type": "string" 737 | }, 738 | "vmSize": { 739 | "type": "string" 740 | }, 741 | "vmLocation": { 742 | "type": "string" 743 | }, 744 | "templateVMResourceGroup": { 745 | "type": "string" 746 | }, 747 | "adminUserName": { 748 | "type": "string" 749 | }, 750 | "adminPassword": { 751 | "type": "string" 752 | }, 753 | "createPeering": { 754 | "type": "bool" 755 | }, 756 | "remoteVnetRg": { 757 | "type": "string" 758 | }, 759 | "remoteVnetName": { 760 | "type": "string" 761 | }, 762 | "vNetVMResourceGroup": { 763 | "type": "string" 764 | } 765 | }, 766 | "resources": [ 767 | { 768 | "type": "Microsoft.Network/virtualNetworks", 769 | "apiVersion": "2020-06-01", 770 | "name": "[parameters('vnetName')]", 771 | "location": "[parameters('vnetLocation')]", 772 | "properties": { 773 | "addressSpace": { 774 | "addressPrefixes": [ 775 | "[parameters('vnetaddressPrefix')]" 776 | ] 777 | }, 778 | "dhcpOptions": { 779 | "dnsServers": [ 780 | "[parameters('dnsServer')]" 781 | ] 782 | }, 783 | "subnets": [ 784 | { 785 | "name": "[parameters('subnet1Name')]", 786 | "properties": { 787 | "addressPrefix": "[parameters('subnet1Prefix')]" 788 | } 789 | }, 790 | { 791 | "name": "[parameters('subnet2Name')]", 792 | "properties": { 793 | "addressPrefix": "[parameters('subnet2Prefix')]", 794 | "privateLinkServiceNetworkPolicies": "Disabled" 795 | } 796 | } 797 | ] 798 | } 799 | }, 800 | { 801 | "condition": "[parameters('createPeering')]", 802 | "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings", 803 | "apiVersion": "2020-05-01", 804 | "name": "[format('{0}/peering-to-adds-vnet', parameters('vnetName'))]", 805 | "properties": { 806 | "allowVirtualNetworkAccess": true, 807 | "allowForwardedTraffic": false, 808 | "allowGatewayTransit": false, 809 | "useRemoteGateways": false, 810 | "remoteVirtualNetwork": { 811 | "id": "[resourceId(parameters('remoteVnetRg'), 'Microsoft.Network/virtualNetworks', parameters('remoteVnetName'))]" 812 | } 813 | }, 814 | "dependsOn": [ 815 | "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName'))]" 816 | ] 817 | }, 818 | { 819 | "condition": "[parameters('createPeering')]", 820 | "type": "Microsoft.Resources/deployments", 821 | "apiVersion": "2020-10-01", 822 | "name": "peering", 823 | "resourceGroup": "[parameters('remoteVnetRg')]", 824 | "properties": { 825 | "expressionEvaluationOptions": { 826 | "scope": "inner" 827 | }, 828 | "mode": "Incremental", 829 | "parameters": { 830 | "remoteVnetName": { 831 | "value": "[parameters('remoteVnetName')]" 832 | }, 833 | "vnetName": { 834 | "value": "[parameters('vnetName')]" 835 | }, 836 | "vnetNameResourceGroup": { 837 | "value": "[parameters('vNetVMResourceGroup')]" 838 | } 839 | }, 840 | "template": { 841 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 842 | "contentVersion": "1.0.0.0", 843 | "metadata": { 844 | "_generator": { 845 | "name": "bicep", 846 | "version": "0.4.1272.37030", 847 | "templateHash": "15834347694759806751" 848 | } 849 | }, 850 | "parameters": { 851 | "vnetName": { 852 | "type": "string" 853 | }, 854 | "remoteVnetName": { 855 | "type": "string" 856 | }, 857 | "vnetNameResourceGroup": { 858 | "type": "string" 859 | } 860 | }, 861 | "resources": [ 862 | { 863 | "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings", 864 | "apiVersion": "2020-05-01", 865 | "name": "[format('{0}/peering-from-adds-vnet', parameters('remoteVnetName'))]", 866 | "properties": { 867 | "allowVirtualNetworkAccess": true, 868 | "allowForwardedTraffic": false, 869 | "allowGatewayTransit": false, 870 | "useRemoteGateways": false, 871 | "remoteVirtualNetwork": { 872 | "id": "[resourceId(parameters('vnetNameResourceGroup'), 'Microsoft.Network/virtualNetworks', parameters('vnetName'))]" 873 | } 874 | } 875 | } 876 | ] 877 | } 878 | }, 879 | "dependsOn": [ 880 | "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName'))]" 881 | ] 882 | }, 883 | { 884 | "type": "Microsoft.Resources/deployments", 885 | "apiVersion": "2020-10-01", 886 | "name": "tvmbim", 887 | "resourceGroup": "[parameters('templateVMResourceGroup')]", 888 | "properties": { 889 | "expressionEvaluationOptions": { 890 | "scope": "inner" 891 | }, 892 | "mode": "Incremental", 893 | "parameters": { 894 | "vmname": { 895 | "value": "[parameters('vmname')]" 896 | }, 897 | "vmHostname": { 898 | "value": "[parameters('vmHostname')]" 899 | }, 900 | "adminUserName": { 901 | "value": "[parameters('adminUserName')]" 902 | }, 903 | "adminPassword": { 904 | "value": "[parameters('adminPassword')]" 905 | }, 906 | "vmLocation": { 907 | "value": "[parameters('vmLocation')]" 908 | }, 909 | "vmSize": { 910 | "value": "[parameters('vmSize')]" 911 | }, 912 | "subnetName": { 913 | "value": "[parameters('subnet2Name')]" 914 | }, 915 | "vnetid": { 916 | "value": "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName'))]" 917 | } 918 | }, 919 | "template": { 920 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 921 | "contentVersion": "1.0.0.0", 922 | "metadata": { 923 | "_generator": { 924 | "name": "bicep", 925 | "version": "0.4.1272.37030", 926 | "templateHash": "3491089743067547708" 927 | } 928 | }, 929 | "parameters": { 930 | "vmname": { 931 | "type": "string" 932 | }, 933 | "vmHostname": { 934 | "type": "string" 935 | }, 936 | "vmLocation": { 937 | "type": "string", 938 | "defaultValue": "westeurope" 939 | }, 940 | "vmSize": { 941 | "type": "string" 942 | }, 943 | "adminUserName": { 944 | "type": "string" 945 | }, 946 | "adminPassword": { 947 | "type": "string" 948 | }, 949 | "vnetid": { 950 | "type": "string" 951 | }, 952 | "subnetName": { 953 | "type": "string" 954 | } 955 | }, 956 | "variables": { 957 | "nicName": "[format('{0}-nic', parameters('vmname'))]", 958 | "subnetRef": "[format('{0}/subnets/{1}', parameters('vnetid'), parameters('subnetName'))]" 959 | }, 960 | "resources": [ 961 | { 962 | "type": "Microsoft.Network/networkInterfaces", 963 | "apiVersion": "2020-06-01", 964 | "name": "[variables('nicName')]", 965 | "location": "[parameters('vmLocation')]", 966 | "properties": { 967 | "ipConfigurations": [ 968 | { 969 | "name": "ipconfig1", 970 | "properties": { 971 | "privateIPAllocationMethod": "Dynamic", 972 | "subnet": { 973 | "id": "[variables('subnetRef')]" 974 | } 975 | } 976 | } 977 | ] 978 | } 979 | }, 980 | { 981 | "type": "Microsoft.Compute/virtualMachines", 982 | "apiVersion": "2020-06-01", 983 | "name": "[parameters('vmname')]", 984 | "location": "[parameters('vmLocation')]", 985 | "properties": { 986 | "hardwareProfile": { 987 | "vmSize": "[parameters('vmSize')]" 988 | }, 989 | "osProfile": { 990 | "computerName": "[parameters('vmHostname')]", 991 | "adminUsername": "[parameters('adminUserName')]", 992 | "adminPassword": "[parameters('adminPassword')]" 993 | }, 994 | "storageProfile": { 995 | "imageReference": { 996 | "publisher": "microsoftwindowsdesktop", 997 | "offer": "Windows-10", 998 | "sku": "20h1-evd", 999 | "version": "latest" 1000 | }, 1001 | "osDisk": { 1002 | "createOption": "FromImage", 1003 | "name": "[format('{0}-osdisk', parameters('vmname'))]" 1004 | } 1005 | }, 1006 | "networkProfile": { 1007 | "networkInterfaces": [ 1008 | { 1009 | "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]" 1010 | } 1011 | ] 1012 | } 1013 | }, 1014 | "dependsOn": [ 1015 | "[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]" 1016 | ] 1017 | } 1018 | ] 1019 | } 1020 | }, 1021 | "dependsOn": [ 1022 | "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName'))]" 1023 | ] 1024 | } 1025 | ] 1026 | } 1027 | }, 1028 | "dependsOn": [ 1029 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}NETWORK{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix')))]", 1030 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}TEMPLATE-VM{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix')))]" 1031 | ] 1032 | }, 1033 | { 1034 | "type": "Microsoft.Resources/deployments", 1035 | "apiVersion": "2020-10-01", 1036 | "name": "LAWorkspace", 1037 | "resourceGroup": "[format('{0}MONITORING{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 1038 | "properties": { 1039 | "expressionEvaluationOptions": { 1040 | "scope": "inner" 1041 | }, 1042 | "mode": "Incremental", 1043 | "parameters": { 1044 | "logAnalyticsWorkspaceName": { 1045 | "value": "[parameters('logAnalyticsWorkspaceName')]" 1046 | }, 1047 | "logAnalyticslocation": { 1048 | "value": "[reference(subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}MONITORING{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))), '2020-06-01', 'full').location]" 1049 | }, 1050 | "logAnalyticsWorkspaceSku": { 1051 | "value": "[parameters('logAnalyticsWorkspaceSku')]" 1052 | } 1053 | }, 1054 | "template": { 1055 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 1056 | "contentVersion": "1.0.0.0", 1057 | "metadata": { 1058 | "_generator": { 1059 | "name": "bicep", 1060 | "version": "0.4.1272.37030", 1061 | "templateHash": "15267933244495709989" 1062 | } 1063 | }, 1064 | "parameters": { 1065 | "logAnalyticsWorkspaceName": { 1066 | "type": "string" 1067 | }, 1068 | "logAnalyticslocation": { 1069 | "type": "string", 1070 | "defaultValue": "westeurope" 1071 | }, 1072 | "logAnalyticsWorkspaceSku": { 1073 | "type": "string" 1074 | } 1075 | }, 1076 | "resources": [ 1077 | { 1078 | "type": "Microsoft.OperationalInsights/workspaces", 1079 | "apiVersion": "2020-08-01", 1080 | "name": "[parameters('logAnalyticsWorkspaceName')]", 1081 | "location": "[parameters('logAnalyticslocation')]", 1082 | "properties": { 1083 | "sku": { 1084 | "name": "[parameters('logAnalyticsWorkspaceSku')]" 1085 | } 1086 | } 1087 | } 1088 | ], 1089 | "outputs": { 1090 | "logAnalyticsWorkspaceID": { 1091 | "type": "string", 1092 | "value": "[resourceId('Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))]" 1093 | } 1094 | } 1095 | } 1096 | }, 1097 | "dependsOn": [ 1098 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}MONITORING{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix')))]" 1099 | ] 1100 | }, 1101 | { 1102 | "type": "Microsoft.Resources/deployments", 1103 | "apiVersion": "2020-10-01", 1104 | "name": "AVDsig", 1105 | "resourceGroup": "[format('BICEP-WVD-DEMO-P-TEMPLATE-IMAGE{0}', parameters('resourceGroupPostfix'))]", 1106 | "properties": { 1107 | "expressionEvaluationOptions": { 1108 | "scope": "inner" 1109 | }, 1110 | "mode": "Incremental", 1111 | "parameters": { 1112 | "sigLocation": { 1113 | "value": "[reference(subscriptionResourceId('Microsoft.Resources/resourceGroups', format('BICEP-WVD-DEMO-P-TEMPLATE-IMAGE{0}', parameters('resourceGroupPostfix'))), '2020-06-01', 'full').location]" 1114 | }, 1115 | "sigName": { 1116 | "value": "[parameters('sigName')]" 1117 | }, 1118 | "sigReourceGroup": { 1119 | "value": "[format('BICEP-WVD-DEMO-P-TEMPLATE-IMAGE{0}', parameters('resourceGroupPostfix'))]" 1120 | }, 1121 | "imageDefinitionName": { 1122 | "value": "[parameters('imageDefinitionName')]" 1123 | }, 1124 | "imageOffer": { 1125 | "value": "[parameters('imageOffer')]" 1126 | }, 1127 | "imagePublisher": { 1128 | "value": "[parameters('imagePublisher')]" 1129 | }, 1130 | "imageSKU": { 1131 | "value": "[parameters('imageSKU')]" 1132 | }, 1133 | "userIdentity": { 1134 | "value": "[variables('userAssignedIdentityID')]" 1135 | }, 1136 | "vmOffer": { 1137 | "value": "[parameters('vmOffer')]" 1138 | }, 1139 | "vmOSDiskSize": { 1140 | "value": "[parameters('vmOSDiskSize')]" 1141 | }, 1142 | "vmPublisher": { 1143 | "value": "[parameters('vmPublisher')]" 1144 | }, 1145 | "vmSizeAIB": { 1146 | "value": "[parameters('vmSizeAIB')]" 1147 | }, 1148 | "vmSku": { 1149 | "value": "[parameters('vmSku')]" 1150 | }, 1151 | "vmVersion": { 1152 | "value": "[parameters('vmVersion')]" 1153 | }, 1154 | "azureSubscriptionID": { 1155 | "value": "[parameters('azureSubscriptionID')]" 1156 | }, 1157 | "subnetID": { 1158 | "value": "[variables('subnetID')]" 1159 | }, 1160 | "principalID": { 1161 | "value": "[parameters('principalID')]" 1162 | }, 1163 | "roleNameGalleryImage": { 1164 | "value": "[parameters('roleNameGalleryImage')]" 1165 | }, 1166 | "templateImageResourceGroup": { 1167 | "value": "[format('BICEP-WVD-DEMO-P-TEMPLATE-IMAGE{0}', parameters('resourceGroupPostfix'))]" 1168 | } 1169 | }, 1170 | "template": { 1171 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 1172 | "contentVersion": "1.0.0.0", 1173 | "metadata": { 1174 | "_generator": { 1175 | "name": "bicep", 1176 | "version": "0.4.1272.37030", 1177 | "templateHash": "16533198599848982128" 1178 | } 1179 | }, 1180 | "parameters": { 1181 | "azureSubscriptionID": { 1182 | "type": "string" 1183 | }, 1184 | "sigName": { 1185 | "type": "string" 1186 | }, 1187 | "sigLocation": { 1188 | "type": "string" 1189 | }, 1190 | "sigReourceGroup": { 1191 | "type": "string" 1192 | }, 1193 | "imagePublisher": { 1194 | "type": "string" 1195 | }, 1196 | "imageDefinitionName": { 1197 | "type": "string" 1198 | }, 1199 | "imageOffer": { 1200 | "type": "string" 1201 | }, 1202 | "imageSKU": { 1203 | "type": "string" 1204 | }, 1205 | "userIdentity": { 1206 | "type": "string" 1207 | }, 1208 | "vmOffer": { 1209 | "type": "string" 1210 | }, 1211 | "vmOSDiskSize": { 1212 | "type": "int" 1213 | }, 1214 | "vmSku": { 1215 | "type": "string" 1216 | }, 1217 | "vmVersion": { 1218 | "type": "string" 1219 | }, 1220 | "vmPublisher": { 1221 | "type": "string" 1222 | }, 1223 | "vmSizeAIB": { 1224 | "type": "string" 1225 | }, 1226 | "subnetID": { 1227 | "type": "string" 1228 | }, 1229 | "roleNameGalleryImage": { 1230 | "type": "string" 1231 | }, 1232 | "principalID": { 1233 | "type": "string" 1234 | }, 1235 | "templateImageResourceGroup": { 1236 | "type": "string" 1237 | } 1238 | }, 1239 | "variables": { 1240 | "assignableScopes": "[format('/subscriptions/{0}/resourcegroups/{1}', parameters('azureSubscriptionID'), parameters('templateImageResourceGroup'))]" 1241 | }, 1242 | "resources": [ 1243 | { 1244 | "type": "Microsoft.Compute/galleries", 1245 | "apiVersion": "2020-09-30", 1246 | "name": "[parameters('sigName')]", 1247 | "location": "[parameters('sigLocation')]" 1248 | }, 1249 | { 1250 | "type": "Microsoft.Authorization/roleDefinitions", 1251 | "apiVersion": "2018-01-01-preview", 1252 | "name": "[guid(parameters('roleNameGalleryImage'))]", 1253 | "properties": { 1254 | "roleName": "[parameters('roleNameGalleryImage')]", 1255 | "description": "Custom role for network read", 1256 | "permissions": [ 1257 | { 1258 | "actions": [ 1259 | "Microsoft.Compute/galleries/read", 1260 | "Microsoft.Compute/galleries/images/read", 1261 | "Microsoft.Compute/galleries/images/versions/read", 1262 | "Microsoft.Compute/galleries/images/versions/write", 1263 | "Microsoft.Compute/images/write", 1264 | "Microsoft.Compute/images/read", 1265 | "Microsoft.Compute/images/delete" 1266 | ] 1267 | } 1268 | ], 1269 | "assignableScopes": [ 1270 | "[variables('assignableScopes')]" 1271 | ] 1272 | }, 1273 | "dependsOn": [ 1274 | "[resourceId('Microsoft.Compute/galleries', parameters('sigName'))]" 1275 | ] 1276 | }, 1277 | { 1278 | "type": "Microsoft.Authorization/roleAssignments", 1279 | "apiVersion": "2020-04-01-preview", 1280 | "name": "[guid(resourceGroup().id)]", 1281 | "properties": { 1282 | "roleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', guid(parameters('roleNameGalleryImage')))]", 1283 | "principalId": "[parameters('principalID')]" 1284 | }, 1285 | "dependsOn": [ 1286 | "[resourceId('Microsoft.Compute/galleries', parameters('sigName'))]", 1287 | "[resourceId('Microsoft.Authorization/roleDefinitions', guid(parameters('roleNameGalleryImage')))]" 1288 | ] 1289 | }, 1290 | { 1291 | "type": "Microsoft.Resources/deployments", 1292 | "apiVersion": "2020-10-01", 1293 | "name": "AVDid", 1294 | "resourceGroup": "[parameters('sigReourceGroup')]", 1295 | "properties": { 1296 | "expressionEvaluationOptions": { 1297 | "scope": "inner" 1298 | }, 1299 | "mode": "Incremental", 1300 | "parameters": { 1301 | "imageGalleryName": { 1302 | "value": "[parameters('sigName')]" 1303 | }, 1304 | "imageLocation": { 1305 | "value": "[parameters('sigLocation')]" 1306 | }, 1307 | "imageDefinitionName": { 1308 | "value": "[parameters('imageDefinitionName')]" 1309 | }, 1310 | "imageOffer": { 1311 | "value": "[parameters('imageOffer')]" 1312 | }, 1313 | "imagePublisher": { 1314 | "value": "[parameters('imagePublisher')]" 1315 | }, 1316 | "imageSKU": { 1317 | "value": "[parameters('imageSKU')]" 1318 | }, 1319 | "templateImageResourceGroup": { 1320 | "value": "[parameters('sigReourceGroup')]" 1321 | }, 1322 | "imageTemplateName": { 1323 | "value": "[parameters('imageDefinitionName')]" 1324 | }, 1325 | "userIdentity": { 1326 | "value": "[parameters('userIdentity')]" 1327 | }, 1328 | "vmOffer": { 1329 | "value": "[parameters('vmOffer')]" 1330 | }, 1331 | "vmOSDiskSize": { 1332 | "value": "[parameters('vmOSDiskSize')]" 1333 | }, 1334 | "vmPublisher": { 1335 | "value": "[parameters('vmPublisher')]" 1336 | }, 1337 | "vmSize": { 1338 | "value": "[parameters('vmSizeAIB')]" 1339 | }, 1340 | "vmSku": { 1341 | "value": "[parameters('vmSku')]" 1342 | }, 1343 | "vmVersion": { 1344 | "value": "[parameters('vmVersion')]" 1345 | }, 1346 | "azureSubscriptionID": { 1347 | "value": "[parameters('azureSubscriptionID')]" 1348 | }, 1349 | "subnetID": { 1350 | "value": "[parameters('subnetID')]" 1351 | } 1352 | }, 1353 | "template": { 1354 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 1355 | "contentVersion": "1.0.0.0", 1356 | "metadata": { 1357 | "_generator": { 1358 | "name": "bicep", 1359 | "version": "0.4.1272.37030", 1360 | "templateHash": "14948041819451107608" 1361 | } 1362 | }, 1363 | "parameters": { 1364 | "azureSubscriptionID": { 1365 | "type": "string" 1366 | }, 1367 | "imageGalleryName": { 1368 | "type": "string" 1369 | }, 1370 | "imageDefinitionName": { 1371 | "type": "string" 1372 | }, 1373 | "imageLocation": { 1374 | "type": "string" 1375 | }, 1376 | "imagePublisher": { 1377 | "type": "string" 1378 | }, 1379 | "imageOffer": { 1380 | "type": "string" 1381 | }, 1382 | "imageSKU": { 1383 | "type": "string" 1384 | }, 1385 | "templateImageResourceGroup": { 1386 | "type": "string" 1387 | }, 1388 | "imageTemplateName": { 1389 | "type": "string" 1390 | }, 1391 | "userIdentity": { 1392 | "type": "string" 1393 | }, 1394 | "vmOffer": { 1395 | "type": "string" 1396 | }, 1397 | "vmSize": { 1398 | "type": "string" 1399 | }, 1400 | "vmOSDiskSize": { 1401 | "type": "int" 1402 | }, 1403 | "vmPublisher": { 1404 | "type": "string" 1405 | }, 1406 | "vmSku": { 1407 | "type": "string" 1408 | }, 1409 | "vmVersion": { 1410 | "type": "string" 1411 | }, 1412 | "subnetID": { 1413 | "type": "string" 1414 | } 1415 | }, 1416 | "variables": { 1417 | "imageDefinitionFullName": "[format('{0}/{1}', parameters('imageGalleryName'), parameters('imageDefinitionName'))]" 1418 | }, 1419 | "resources": [ 1420 | { 1421 | "type": "Microsoft.Compute/galleries/images", 1422 | "apiVersion": "2020-09-30", 1423 | "name": "[variables('imageDefinitionFullName')]", 1424 | "location": "[parameters('imageLocation')]", 1425 | "properties": { 1426 | "osState": "Generalized", 1427 | "osType": "Windows", 1428 | "identifier": { 1429 | "publisher": "[parameters('imagePublisher')]", 1430 | "offer": "[parameters('imageOffer')]", 1431 | "sku": "[parameters('imageSKU')]" 1432 | } 1433 | } 1434 | }, 1435 | { 1436 | "type": "Microsoft.Resources/deployments", 1437 | "apiVersion": "2020-10-01", 1438 | "name": "[parameters('imageTemplateName')]", 1439 | "resourceGroup": "[parameters('templateImageResourceGroup')]", 1440 | "properties": { 1441 | "expressionEvaluationOptions": { 1442 | "scope": "inner" 1443 | }, 1444 | "mode": "Incremental", 1445 | "parameters": { 1446 | "azureSubscriptinID": { 1447 | "value": "[parameters('azureSubscriptionID')]" 1448 | }, 1449 | "imageGalleryName": { 1450 | "value": "[parameters('imageGalleryName')]" 1451 | }, 1452 | "imageGalleryRecourceGroupName": { 1453 | "value": "[parameters('templateImageResourceGroup')]" 1454 | }, 1455 | "imageTemplateLocation": { 1456 | "value": "[parameters('imageLocation')]" 1457 | }, 1458 | "imageTemplateName": { 1459 | "value": "[parameters('imageTemplateName')]" 1460 | }, 1461 | "userIdentity": { 1462 | "value": "[parameters('userIdentity')]" 1463 | }, 1464 | "vmOffer": { 1465 | "value": "[parameters('vmOffer')]" 1466 | }, 1467 | "vmOSDiskSize": { 1468 | "value": "[parameters('vmOSDiskSize')]" 1469 | }, 1470 | "vmPublisher": { 1471 | "value": "[parameters('vmPublisher')]" 1472 | }, 1473 | "vmSize": { 1474 | "value": "[parameters('vmSize')]" 1475 | }, 1476 | "vmSku": { 1477 | "value": "[parameters('vmSku')]" 1478 | }, 1479 | "vmVersion": { 1480 | "value": "[parameters('vmVersion')]" 1481 | }, 1482 | "subnetID": { 1483 | "value": "[parameters('subnetID')]" 1484 | } 1485 | }, 1486 | "template": { 1487 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 1488 | "contentVersion": "1.0.0.0", 1489 | "metadata": { 1490 | "_generator": { 1491 | "name": "bicep", 1492 | "version": "0.4.1272.37030", 1493 | "templateHash": "17841613618897484941" 1494 | } 1495 | }, 1496 | "parameters": { 1497 | "azureSubscriptinID": { 1498 | "type": "string" 1499 | }, 1500 | "imageGalleryName": { 1501 | "type": "string" 1502 | }, 1503 | "imageGalleryRecourceGroupName": { 1504 | "type": "string" 1505 | }, 1506 | "imageTemplateName": { 1507 | "type": "string" 1508 | }, 1509 | "imageTemplateLocation": { 1510 | "type": "string" 1511 | }, 1512 | "vmSize": { 1513 | "type": "string" 1514 | }, 1515 | "vmOSDiskSize": { 1516 | "type": "int" 1517 | }, 1518 | "vmPublisher": { 1519 | "type": "string" 1520 | }, 1521 | "vmOffer": { 1522 | "type": "string" 1523 | }, 1524 | "vmSku": { 1525 | "type": "string" 1526 | }, 1527 | "vmVersion": { 1528 | "type": "string" 1529 | }, 1530 | "userIdentity": { 1531 | "type": "string" 1532 | }, 1533 | "subnetID": { 1534 | "type": "string" 1535 | } 1536 | }, 1537 | "variables": { 1538 | "galleryImageId": "[format('/subscriptions/{0}/resourceGroups/{1}/providers/Microsoft.Compute/galleries/{2}/images/{3}', parameters('azureSubscriptinID'), parameters('imageGalleryRecourceGroupName'), parameters('imageGalleryName'), parameters('imageTemplateName'))]" 1539 | }, 1540 | "resources": [ 1541 | { 1542 | "type": "Microsoft.VirtualMachineImages/imageTemplates", 1543 | "apiVersion": "2020-02-14", 1544 | "name": "[parameters('imageTemplateName')]", 1545 | "identity": { 1546 | "type": "UserAssigned", 1547 | "userAssignedIdentities": { 1548 | "[format('{0}', parameters('userIdentity'))]": {} 1549 | } 1550 | }, 1551 | "location": "[parameters('imageTemplateLocation')]", 1552 | "properties": { 1553 | "buildTimeoutInMinutes": 100, 1554 | "vmProfile": { 1555 | "vmSize": "[parameters('vmSize')]", 1556 | "osDiskSizeGB": "[parameters('vmOSDiskSize')]" 1557 | }, 1558 | "source": { 1559 | "type": "PlatformImage", 1560 | "publisher": "[parameters('vmPublisher')]", 1561 | "offer": "[parameters('vmOffer')]", 1562 | "sku": "[parameters('vmSku')]", 1563 | "version": "[parameters('vmVersion')]" 1564 | }, 1565 | "customize": [ 1566 | { 1567 | "type": "PowerShell", 1568 | "name": "GetAzCopy", 1569 | "inline": [ 1570 | "New-Item -type Directory -Path C:\\ -Name temp", 1571 | "Invoke-WebRequest -Uri https://aka.ms/downloadazcopy-v10-windows -OutFile c:\\temp\\azcopy.zip", 1572 | "Expand-Archive C:\\temp\\azcopy.zip c:\\temp", 1573 | "Copy-Item C:\\temp\\azcopy_windows_amd64_*\\azcopy.exe\\ -Destination C:\\temp" 1574 | ] 1575 | }, 1576 | { 1577 | "type": "PowerShell", 1578 | "name": "GetCustomizeScriptAndApps", 1579 | "inline": [ 1580 | "C:\\temp\\azcopy.exe copy \"https://ninjawvdprofiles.blob.core.windows.net/liquit/avd-liquit-aib-demo.msi?sp=r&st=2021-09-13T12:15:54Z&se=2022-10-06T20:15:54Z&spr=https&sv=2020-08-04&sr=b&sig=1esX6FXbDM9reIHS8%2BEaywhVFLl342qMrhooi%2BKAOlY%3D\" C:\\temp\\avd-liquit-aib-demo.msi", 1581 | "C:\\temp\\azcopy.exe copy \"https://ninjawvdprofiles.blob.core.windows.net/liquit/avd-ninja-aib-deploy.ps1?sp=r&st=2021-09-13T12:16:13Z&se=2022-11-17T21:16:13Z&spr=https&sv=2020-08-04&sr=b&sig=DlNnL54AlrApHJvZxVaKLvbH3odr9S8oH8TfVd8wjEc%3D\" C:\\temp\\avd-ninja-aib-deploy.ps1", 1582 | "C:\\temp\\azcopy.exe copy \"https://ninjawvdprofiles.blob.core.windows.net/liquit/run-ShellAPI.ps1?sp=r&st=2021-09-19T08:24:10Z&se=2023-01-19T17:24:10Z&spr=https&sv=2020-08-04&sr=b&sig=d%2Fz1wjFHGKBEvZHCMg4NQssJ4wp8qsuwL2hvQwiX%2FyM%3D\" C:\\temp\\run-ShellAPI.ps1", 1583 | "Set-ExecutionPolicy Bypass -Force", 1584 | "C:\\temp\\avd-ninja-aib-deploy.ps1" 1585 | ], 1586 | "runElevated": true 1587 | } 1588 | ], 1589 | "distribute": [ 1590 | { 1591 | "type": "SharedImage", 1592 | "galleryImageId": "[variables('galleryImageId')]", 1593 | "runOutputName": "[parameters('imageTemplateName')]", 1594 | "replicationRegions": [ 1595 | "North Europe" 1596 | ] 1597 | } 1598 | ] 1599 | } 1600 | } 1601 | ] 1602 | } 1603 | } 1604 | } 1605 | ] 1606 | } 1607 | }, 1608 | "dependsOn": [ 1609 | "[resourceId('Microsoft.Compute/galleries', parameters('sigName'))]" 1610 | ] 1611 | } 1612 | ] 1613 | } 1614 | }, 1615 | "dependsOn": [ 1616 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', format('BICEP-WVD-DEMO-P-TEMPLATE-IMAGE{0}', parameters('resourceGroupPostfix')))]" 1617 | ] 1618 | }, 1619 | { 1620 | "type": "Microsoft.Resources/deployments", 1621 | "apiVersion": "2020-10-01", 1622 | "name": "AVDsa", 1623 | "resourceGroup": "[format('{0}FILESERVICES{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 1624 | "properties": { 1625 | "expressionEvaluationOptions": { 1626 | "scope": "inner" 1627 | }, 1628 | "mode": "Incremental", 1629 | "parameters": { 1630 | "storageaccountlocation1": { 1631 | "value": "[parameters('storageaccountlocation1')]" 1632 | }, 1633 | "storageaccountName1": { 1634 | "value": "[parameters('storageaccountName1')]" 1635 | }, 1636 | "storageaccountkind1": { 1637 | "value": "[parameters('storageaccountkind1')]" 1638 | }, 1639 | "storgeaccountglobalRedundancy1": { 1640 | "value": "[parameters('storgeaccountglobalRedundancy1')]" 1641 | }, 1642 | "storageaccountlocation2": { 1643 | "value": "[parameters('storageaccountlocation2')]" 1644 | }, 1645 | "storageaccountName2": { 1646 | "value": "[parameters('storageaccountName2')]" 1647 | }, 1648 | "storageaccountkind2": { 1649 | "value": "[parameters('storageaccountkind2')]" 1650 | }, 1651 | "storgeaccountglobalRedundancy2": { 1652 | "value": "[parameters('storgeaccountglobalRedundancy2')]" 1653 | }, 1654 | "fileshareFolderName1": { 1655 | "value": "[parameters('fileshareFolderName1')]" 1656 | }, 1657 | "fileshareFolderName2": { 1658 | "value": "[parameters('fileshareFolderName2')]" 1659 | }, 1660 | "fileshareFolderName3": { 1661 | "value": "[parameters('fileshareFolderName3')]" 1662 | } 1663 | }, 1664 | "template": { 1665 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 1666 | "contentVersion": "1.0.0.0", 1667 | "metadata": { 1668 | "_generator": { 1669 | "name": "bicep", 1670 | "version": "0.4.1272.37030", 1671 | "templateHash": "7059582965079867662" 1672 | } 1673 | }, 1674 | "parameters": { 1675 | "storageaccountlocation1": { 1676 | "type": "string" 1677 | }, 1678 | "storageaccountName1": { 1679 | "type": "string" 1680 | }, 1681 | "storageaccountkind1": { 1682 | "type": "string" 1683 | }, 1684 | "storgeaccountglobalRedundancy1": { 1685 | "type": "string" 1686 | }, 1687 | "storageaccountlocation2": { 1688 | "type": "string" 1689 | }, 1690 | "storageaccountName2": { 1691 | "type": "string" 1692 | }, 1693 | "storageaccountkind2": { 1694 | "type": "string" 1695 | }, 1696 | "storgeaccountglobalRedundancy2": { 1697 | "type": "string" 1698 | }, 1699 | "fileshareFolderName1": { 1700 | "type": "string" 1701 | }, 1702 | "fileshareFolderName2": { 1703 | "type": "string" 1704 | }, 1705 | "fileshareFolderName3": { 1706 | "type": "string" 1707 | } 1708 | }, 1709 | "variables": { 1710 | "filesharelocation1": "[format('{0}/default/{1}', parameters('storageaccountName1'), parameters('fileshareFolderName1'))]", 1711 | "filesharelocation2": "[format('{0}/default/{1}', parameters('storageaccountName1'), parameters('fileshareFolderName2'))]", 1712 | "filesharelocation3": "[format('{0}/default/{1}', parameters('storageaccountName2'), parameters('fileshareFolderName3'))]" 1713 | }, 1714 | "resources": [ 1715 | { 1716 | "type": "Microsoft.Storage/storageAccounts", 1717 | "apiVersion": "2020-08-01-preview", 1718 | "name": "[parameters('storageaccountName1')]", 1719 | "location": "[parameters('storageaccountlocation1')]", 1720 | "kind": "[parameters('storageaccountkind1')]", 1721 | "sku": { 1722 | "name": "[parameters('storgeaccountglobalRedundancy1')]" 1723 | } 1724 | }, 1725 | { 1726 | "type": "Microsoft.Storage/storageAccounts/blobServices/containers", 1727 | "apiVersion": "2020-08-01-preview", 1728 | "name": "[variables('filesharelocation1')]", 1729 | "dependsOn": [ 1730 | "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageaccountName1'))]" 1731 | ] 1732 | }, 1733 | { 1734 | "type": "Microsoft.Storage/storageAccounts/blobServices/containers", 1735 | "apiVersion": "2020-08-01-preview", 1736 | "name": "[variables('filesharelocation2')]", 1737 | "dependsOn": [ 1738 | "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageaccountName1'))]" 1739 | ] 1740 | }, 1741 | { 1742 | "type": "Microsoft.Storage/storageAccounts", 1743 | "apiVersion": "2020-08-01-preview", 1744 | "name": "[parameters('storageaccountName2')]", 1745 | "location": "[parameters('storageaccountlocation2')]", 1746 | "kind": "[parameters('storageaccountkind2')]", 1747 | "sku": { 1748 | "name": "[parameters('storgeaccountglobalRedundancy2')]" 1749 | } 1750 | }, 1751 | { 1752 | "type": "Microsoft.Storage/storageAccounts/fileServices/shares", 1753 | "apiVersion": "2020-08-01-preview", 1754 | "name": "[variables('filesharelocation3')]", 1755 | "properties": { 1756 | "shareQuota": 1000 1757 | }, 1758 | "dependsOn": [ 1759 | "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageaccountName2'))]" 1760 | ] 1761 | } 1762 | ] 1763 | } 1764 | }, 1765 | "dependsOn": [ 1766 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}FILESERVICES{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix')))]" 1767 | ] 1768 | }, 1769 | { 1770 | "type": "Microsoft.Resources/deployments", 1771 | "apiVersion": "2020-10-01", 1772 | "name": "AVDkeyvault", 1773 | "resourceGroup": "[format('{0}KEYVAULT{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 1774 | "properties": { 1775 | "expressionEvaluationOptions": { 1776 | "scope": "inner" 1777 | }, 1778 | "mode": "Incremental", 1779 | "parameters": { 1780 | "keyVaultName": { 1781 | "value": "[parameters('keyVaultName')]" 1782 | }, 1783 | "keyVaultLocation": { 1784 | "value": "[parameters('keyVaultLocation')]" 1785 | }, 1786 | "azureADTenantID": { 1787 | "value": "[parameters('azureADTenantID')]" 1788 | }, 1789 | "adminObjectID": { 1790 | "value": "[parameters('adminObjectID')]" 1791 | }, 1792 | "secretNameDomainJoin": { 1793 | "value": "[parameters('secretNameDomainJoin')]" 1794 | }, 1795 | "secretValueDomainJoin": { 1796 | "value": "[parameters('secretValueDomainJoin')]" 1797 | }, 1798 | "secretNameLocalAdminPassword": { 1799 | "value": "[parameters('secretNameLocalAdminPassword')]" 1800 | }, 1801 | "secretValueLocalAdminPassword": { 1802 | "value": "[parameters('secretValueLocalAdminPassword')]" 1803 | } 1804 | }, 1805 | "template": { 1806 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 1807 | "contentVersion": "1.0.0.0", 1808 | "metadata": { 1809 | "_generator": { 1810 | "name": "bicep", 1811 | "version": "0.4.1272.37030", 1812 | "templateHash": "16013653142139389713" 1813 | } 1814 | }, 1815 | "parameters": { 1816 | "keyVaultName": { 1817 | "type": "string" 1818 | }, 1819 | "keyVaultLocation": { 1820 | "type": "string" 1821 | }, 1822 | "azureADTenantID": { 1823 | "type": "string" 1824 | }, 1825 | "adminObjectID": { 1826 | "type": "string" 1827 | }, 1828 | "sku": { 1829 | "type": "string", 1830 | "defaultValue": "Standard" 1831 | }, 1832 | "enabledForDeployment": { 1833 | "type": "bool", 1834 | "defaultValue": true 1835 | }, 1836 | "enabledForTemplateDeployment": { 1837 | "type": "bool", 1838 | "defaultValue": true 1839 | }, 1840 | "enabledForDiskEncryption": { 1841 | "type": "bool", 1842 | "defaultValue": true 1843 | }, 1844 | "enableRbacAuthorization": { 1845 | "type": "bool", 1846 | "defaultValue": false 1847 | }, 1848 | "softDeleteRetentionInDays": { 1849 | "type": "int", 1850 | "defaultValue": 90 1851 | }, 1852 | "secretNameDomainJoin": { 1853 | "type": "string" 1854 | }, 1855 | "secretValueDomainJoin": { 1856 | "type": "string" 1857 | }, 1858 | "secretNameLocalAdminPassword": { 1859 | "type": "string" 1860 | }, 1861 | "secretValueLocalAdminPassword": { 1862 | "type": "string" 1863 | }, 1864 | "accessPolicies": { 1865 | "type": "array", 1866 | "defaultValue": [ 1867 | { 1868 | "tenantId": "[parameters('azureADTenantID')]", 1869 | "objectId": "[parameters('adminObjectID')]", 1870 | "permissions": { 1871 | "keys": [ 1872 | "Get", 1873 | "List", 1874 | "Update", 1875 | "Create", 1876 | "Import", 1877 | "Delete", 1878 | "Recover", 1879 | "Backup", 1880 | "Restore" 1881 | ], 1882 | "secrets": [ 1883 | "Get", 1884 | "List", 1885 | "Set", 1886 | "Delete", 1887 | "Recover", 1888 | "Backup", 1889 | "Restore" 1890 | ], 1891 | "certificates": [ 1892 | "Get", 1893 | "List", 1894 | "Update", 1895 | "Create", 1896 | "Import", 1897 | "Delete", 1898 | "Recover", 1899 | "Backup", 1900 | "Restore", 1901 | "ManageContacts", 1902 | "ManageIssuers", 1903 | "GetIssuers", 1904 | "ListIssuers", 1905 | "SetIssuers", 1906 | "DeleteIssuers" 1907 | ] 1908 | } 1909 | } 1910 | ] 1911 | }, 1912 | "networkAcls": { 1913 | "type": "object", 1914 | "defaultValue": { 1915 | "ipRules": [], 1916 | "virtualNetworkRules": [] 1917 | } 1918 | } 1919 | }, 1920 | "resources": [ 1921 | { 1922 | "type": "Microsoft.KeyVault/vaults", 1923 | "apiVersion": "2019-09-01", 1924 | "name": "[parameters('keyVaultName')]", 1925 | "location": "[parameters('keyVaultLocation')]", 1926 | "properties": { 1927 | "tenantId": "[parameters('azureADTenantID')]", 1928 | "sku": { 1929 | "family": "A", 1930 | "name": "[parameters('sku')]" 1931 | }, 1932 | "accessPolicies": "[parameters('accessPolicies')]", 1933 | "enabledForDeployment": "[parameters('enabledForDeployment')]", 1934 | "enabledForDiskEncryption": "[parameters('enabledForDiskEncryption')]", 1935 | "enabledForTemplateDeployment": "[parameters('enabledForTemplateDeployment')]", 1936 | "softDeleteRetentionInDays": "[parameters('softDeleteRetentionInDays')]", 1937 | "enableRbacAuthorization": "[parameters('enableRbacAuthorization')]", 1938 | "networkAcls": "[parameters('networkAcls')]" 1939 | } 1940 | }, 1941 | { 1942 | "type": "Microsoft.KeyVault/vaults/secrets", 1943 | "apiVersion": "2018-02-14", 1944 | "name": "[format('{0}/{1}', parameters('keyVaultName'), parameters('secretNameDomainJoin'))]", 1945 | "properties": { 1946 | "value": "[parameters('secretValueDomainJoin')]" 1947 | }, 1948 | "dependsOn": [ 1949 | "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" 1950 | ] 1951 | }, 1952 | { 1953 | "type": "Microsoft.KeyVault/vaults/secrets", 1954 | "apiVersion": "2018-02-14", 1955 | "name": "[format('{0}/{1}', parameters('keyVaultName'), parameters('secretNameLocalAdminPassword'))]", 1956 | "properties": { 1957 | "value": "[parameters('secretValueLocalAdminPassword')]" 1958 | }, 1959 | "dependsOn": [ 1960 | "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" 1961 | ] 1962 | } 1963 | ] 1964 | } 1965 | }, 1966 | "dependsOn": [ 1967 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}KEYVAULT{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix')))]" 1968 | ] 1969 | }, 1970 | { 1971 | "type": "Microsoft.Resources/deployments", 1972 | "apiVersion": "2020-10-01", 1973 | "name": "AVDtemplatespec", 1974 | "resourceGroup": "[format('{0}TEMPLATESPECS{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix'))]", 1975 | "properties": { 1976 | "expressionEvaluationOptions": { 1977 | "scope": "inner" 1978 | }, 1979 | "mode": "Incremental", 1980 | "parameters": { 1981 | "templateSpecName": { 1982 | "value": "[parameters('templateSpecName')]" 1983 | }, 1984 | "templateDescription": { 1985 | "value": "[parameters('templateDescription')]" 1986 | }, 1987 | "templateDisplayName": { 1988 | "value": "[parameters('templateDisplayName')]" 1989 | } 1990 | }, 1991 | "template": { 1992 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 1993 | "contentVersion": "1.0.0.0", 1994 | "metadata": { 1995 | "_generator": { 1996 | "name": "bicep", 1997 | "version": "0.4.1272.37030", 1998 | "templateHash": "16739286281486521743" 1999 | } 2000 | }, 2001 | "parameters": { 2002 | "templateSpecName": { 2003 | "type": "string", 2004 | "defaultValue": "add-wvd-hosts-to-hostpool" 2005 | }, 2006 | "templateDescription": { 2007 | "type": "string", 2008 | "defaultValue": "ARM Template to add hosts to an existing WVD Hostpool" 2009 | }, 2010 | "templateDisplayName": { 2011 | "type": "string", 2012 | "defaultValue": "Add WVD hosts to hostpool" 2013 | } 2014 | }, 2015 | "resources": [ 2016 | { 2017 | "type": "Microsoft.Resources/templateSpecs", 2018 | "apiVersion": "2019-06-01-preview", 2019 | "name": "[parameters('templateSpecName')]", 2020 | "location": "[resourceGroup().location]", 2021 | "properties": { 2022 | "description": "[parameters('templateDescription')]", 2023 | "displayName": "[parameters('templateDisplayName')]" 2024 | } 2025 | } 2026 | ] 2027 | } 2028 | }, 2029 | "dependsOn": [ 2030 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}TEMPLATESPECS{1}', parameters('resourceGroupProdPrefix'), parameters('resourceGroupPostfix')))]" 2031 | ] 2032 | } 2033 | ] 2034 | } -------------------------------------------------------------------------------- /Samples/Real World Example/6.1 avd-backplane-module.bicep: -------------------------------------------------------------------------------- 1 | //Define AVD deployment parameters 2 | param hostpoolName string 3 | param hostpoolFriendlyName string 4 | param appgroupName string 5 | param appgroupDesktopFriendlyName string 6 | param appgroupRemoteAppFriendlyName string 7 | param workspaceName string 8 | param workspaceNameFriendlyName string 9 | param preferredAppGroupType string = 'Desktop' 10 | param AVDbackplanelocation string = 'eastus' 11 | param hostPoolType string = 'pooled' 12 | param loadBalancerType string = 'BreadthFirst' 13 | param enableValiatioMode bool 14 | param createRemoteAppHostpool bool 15 | 16 | //Create AVD Hostpool 17 | resource hp 'Microsoft.DesktopVirtualization/hostpools@2019-12-10-preview' = { 18 | name: hostpoolName 19 | location: AVDbackplanelocation 20 | properties: { 21 | friendlyName: hostpoolFriendlyName 22 | hostPoolType: hostPoolType 23 | loadBalancerType: loadBalancerType 24 | preferredAppGroupType: preferredAppGroupType 25 | validationEnvironment: enableValiatioMode 26 | } 27 | } 28 | 29 | //Create AVD Desktop AppGroup 30 | resource agd 'Microsoft.DesktopVirtualization/applicationgroups@2019-12-10-preview' = { 31 | name: appgroupName 32 | location: AVDbackplanelocation 33 | properties: { 34 | friendlyName: appgroupDesktopFriendlyName 35 | applicationGroupType: 'Desktop' 36 | hostPoolArmPath: hp.id 37 | } 38 | } 39 | 40 | //Create AVD RemoteApp Hostpool 41 | resource hpra 'Microsoft.DesktopVirtualization/hostpools@2019-12-10-preview' = if (createRemoteAppHostpool){ 42 | name: '${hostpoolName}-REMOTEAPP' 43 | location: AVDbackplanelocation 44 | properties: { 45 | friendlyName: hostpoolFriendlyName 46 | hostPoolType: hostPoolType 47 | loadBalancerType: loadBalancerType 48 | preferredAppGroupType: 'RailApplications' 49 | validationEnvironment: enableValiatioMode 50 | } 51 | } 52 | 53 | 54 | //Create AVD RemoteApp AppGroup 55 | resource agra 'Microsoft.DesktopVirtualization/applicationgroups@2019-12-10-preview' = if (createRemoteAppHostpool){ 56 | name: '${appgroupName}-REMOTEAPP' 57 | location: AVDbackplanelocation 58 | properties: { 59 | friendlyName: appgroupRemoteAppFriendlyName 60 | applicationGroupType: 'RemoteApp' 61 | hostPoolArmPath: hpra.id 62 | } 63 | } 64 | 65 | //Create AVD Workspace in case createRemoteAppHostpool = false 66 | resource ws 'Microsoft.DesktopVirtualization/workspaces@2019-12-10-preview' = { 67 | name: workspaceName 68 | location: AVDbackplanelocation 69 | properties: { 70 | friendlyName: workspaceNameFriendlyName 71 | applicationGroupReferences: [ 72 | agd.id 73 | createRemoteAppHostpool ? agra.id : '' 74 | ] 75 | } 76 | } 77 | 78 | 79 | 80 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.2 avd-network-module.bicep: -------------------------------------------------------------------------------- 1 | // Define Networking parameters 2 | param vnetLocation string 3 | param vnetName string 4 | param vnetaddressPrefix string 5 | param subnet1Prefix string 6 | param subnet1Name string 7 | param subnet2Prefix string 8 | param subnet2Name string 9 | param dnsServer string 10 | 11 | //Define AVD Template Image deployment parameters 12 | param vmname string 13 | param vmHostname string 14 | param vmSize string 15 | param vmLocation string 16 | param templateVMResourceGroup string 17 | param adminUserName string 18 | param adminPassword string 19 | 20 | //define peering parameters 21 | param createPeering bool 22 | param remoteVnetRg string 23 | param remoteVnetName string 24 | 25 | //define user identity 26 | param vNetVMResourceGroup string 27 | 28 | //Create Vnet and Subnet 29 | resource vnet 'Microsoft.Network/virtualnetworks@2020-06-01' = { 30 | name: vnetName 31 | location: vnetLocation 32 | properties: { 33 | addressSpace: { 34 | addressPrefixes: [ 35 | vnetaddressPrefix 36 | ] 37 | } 38 | dhcpOptions: { 39 | dnsServers: [ 40 | dnsServer 41 | ] 42 | } 43 | subnets: [ 44 | { 45 | name: subnet1Name 46 | properties: { 47 | addressPrefix: subnet1Prefix 48 | } 49 | } 50 | { 51 | name: subnet2Name 52 | properties: { 53 | addressPrefix: subnet2Prefix 54 | privateLinkServiceNetworkPolicies: 'Disabled' 55 | } 56 | } 57 | ] 58 | } 59 | } 60 | 61 | 62 | 63 | //Optionally create vnet peering to an ADDS vnet 64 | resource peertoadds 'microsoft.network/virtualNetworks/virtualNetworkPeerings@2020-05-01' = if (createPeering) { 65 | name: '${vnet.name}/peering-to-adds-vnet' 66 | properties: { 67 | allowVirtualNetworkAccess: true 68 | allowForwardedTraffic: false 69 | allowGatewayTransit: false 70 | useRemoteGateways: false 71 | remoteVirtualNetwork: { 72 | id: resourceId(remoteVnetRg, 'Microsoft.Network/virtualNetworks', remoteVnetName) 73 | } 74 | } 75 | } 76 | 77 | //Optionally create vnet peering from an ADDS vnet 78 | module peerfromadds './6.2.2 AVD-peering-from-adds.bicep' = if (createPeering){ 79 | name: 'peering' 80 | scope: resourceGroup(remoteVnetRg) 81 | params: { 82 | remoteVnetName: remoteVnetName 83 | vnetName: vnet.name 84 | vnetNameResourceGroup: vNetVMResourceGroup 85 | } 86 | } 87 | 88 | //Create AVD Template VM 89 | module tvm './6.2.1 AVD-template-vm.bicep' = { 90 | name: 'tvmbim' 91 | scope: resourceGroup(templateVMResourceGroup) 92 | params: { 93 | vmname: vmname 94 | vmHostname: vmHostname 95 | adminUserName: adminUserName 96 | adminPassword: adminPassword 97 | vmLocation: vmLocation 98 | vmSize: vmSize 99 | subnetName: subnet2Name 100 | vnetid: vnet.id 101 | } 102 | } 103 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.2.1 avd-template-vm.bicep: -------------------------------------------------------------------------------- 1 | //Define AVD Template Image deployment parameters 2 | param vmname string 3 | param vmHostname string 4 | param vmLocation string = 'westeurope' 5 | param vmSize string 6 | param adminUserName string 7 | param adminPassword string 8 | param vnetid string 9 | param subnetName string 10 | var nicName = '${vmname}-nic' 11 | var subnetRef = '${vnetid}/subnets/${subnetName}' 12 | 13 | resource nic 'Microsoft.Network/networkInterfaces@2020-06-01' = { 14 | name: nicName 15 | location: vmLocation 16 | 17 | properties: { 18 | ipConfigurations: [ 19 | { 20 | name: 'ipconfig1' 21 | properties: { 22 | privateIPAllocationMethod: 'Dynamic' 23 | subnet: { 24 | id: subnetRef 25 | } 26 | } 27 | } 28 | ] 29 | } 30 | } 31 | 32 | //Create AVD Template Image VM 33 | resource vm 'Microsoft.Compute/virtualMachines@2020-06-01' = { 34 | name: vmname 35 | location: vmLocation 36 | properties: { 37 | hardwareProfile: { 38 | vmSize: vmSize 39 | } 40 | osProfile: { 41 | computerName: vmHostname 42 | adminUsername: adminUserName 43 | adminPassword: adminPassword 44 | } 45 | storageProfile: { 46 | imageReference: { 47 | publisher: 'microsoftwindowsdesktop' 48 | offer: 'Windows-10' 49 | sku: '20h1-evd' 50 | version: 'latest' 51 | } 52 | osDisk: { 53 | createOption: 'FromImage' 54 | name: '${vmname}-osdisk' 55 | } 56 | } 57 | networkProfile: { 58 | networkInterfaces: [ 59 | { 60 | id: nic.id 61 | } 62 | ] 63 | } 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.2.2 avd-peering-from-adds.bicep: -------------------------------------------------------------------------------- 1 | param vnetName string 2 | param remoteVnetName string 3 | param vnetNameResourceGroup string 4 | 5 | //Create peering from adds to Bicep vnet 6 | resource peertfromadds 'microsoft.network/virtualNetworks/virtualNetworkPeerings@2020-05-01' = { 7 | name: '${remoteVnetName}/peering-from-adds-vnet' 8 | properties: { 9 | allowVirtualNetworkAccess: true 10 | allowForwardedTraffic: false 11 | allowGatewayTransit: false 12 | useRemoteGateways: false 13 | remoteVirtualNetwork: { 14 | id: resourceId(vnetNameResourceGroup, 'Microsoft.Network/virtualNetworks', vnetName) 15 | } 16 | } 17 | } -------------------------------------------------------------------------------- /Samples/Real World Example/6.3 avd-LogAnalytics.bicep: -------------------------------------------------------------------------------- 1 | //Define Log Analytics parameters 2 | param logAnalyticsWorkspaceName string 3 | param logAnalyticslocation string = 'westeurope' 4 | param logAnalyticsWorkspaceSku string 5 | 6 | //Create Log Analytics Workspace 7 | resource AVDla 'Microsoft.OperationalInsights/workspaces@2020-08-01' = { 8 | name: logAnalyticsWorkspaceName 9 | location: logAnalyticslocation 10 | properties: { 11 | sku: { 12 | name: logAnalyticsWorkspaceSku 13 | } 14 | } 15 | } 16 | 17 | output logAnalyticsWorkspaceID string = AVDla.id 18 | 19 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.3 avd-LogAnalytics.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.1272.37030", 8 | "templateHash": "15267933244495709989" 9 | } 10 | }, 11 | "parameters": { 12 | "logAnalyticsWorkspaceName": { 13 | "type": "string" 14 | }, 15 | "logAnalyticslocation": { 16 | "type": "string", 17 | "defaultValue": "westeurope" 18 | }, 19 | "logAnalyticsWorkspaceSku": { 20 | "type": "string" 21 | } 22 | }, 23 | "resources": [ 24 | { 25 | "type": "Microsoft.OperationalInsights/workspaces", 26 | "apiVersion": "2020-08-01", 27 | "name": "[parameters('logAnalyticsWorkspaceName')]", 28 | "location": "[parameters('logAnalyticslocation')]", 29 | "properties": { 30 | "sku": { 31 | "name": "[parameters('logAnalyticsWorkspaceSku')]" 32 | } 33 | } 34 | } 35 | ], 36 | "outputs": { 37 | "logAnalyticsWorkspaceID": { 38 | "type": "string", 39 | "value": "[resourceId('Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))]" 40 | } 41 | } 42 | } -------------------------------------------------------------------------------- /Samples/Real World Example/6.3 avd-monitor-diag.bicep: -------------------------------------------------------------------------------- 1 | targetScope = 'subscription' 2 | 3 | //Define diagnostic setting parameters 4 | param resourceGroupProdPrefix string 5 | param resourceGroupAccPrefix string 6 | param resourceGroupPostfix string = '-001' 7 | param logAnalyticsWorkspaceID string 8 | param logAnalyticslocation string = 'westeurope' 9 | param AVDBackplaneProdResourceGroup string = '${resourceGroupProdPrefix}BACKPLANE${resourceGroupPostfix}' 10 | param AVDBackplaneAccResourceGroup string = '${resourceGroupAccPrefix}BACKPLANE${resourceGroupPostfix}' 11 | param hostpoolName1 string 12 | param workspaceName1 string 13 | param hostpoolName2 string 14 | param workspaceName2 string 15 | 16 | module AVDhostpooldiag1 './6.3.1 AVD-monitor-diag-hostpool.bicep' = { 17 | name: 'AVDhostpooldiag1' 18 | scope: resourceGroup(AVDBackplaneProdResourceGroup) 19 | params: { 20 | hostpoolName : hostpoolName1 21 | logAnalyticsWorkspaceID : logAnalyticsWorkspaceID 22 | } 23 | } 24 | 25 | module AVDWorkspacediag1 './6.3.2 AVD-monitor-diag-workspace.bicep' = { 26 | name: 'AVDWorkspacediag1' 27 | scope: resourceGroup(AVDBackplaneProdResourceGroup) 28 | params: { 29 | workspaceName : workspaceName1 30 | logAnalyticslocation : logAnalyticslocation 31 | logAnalyticsWorkspaceID : logAnalyticsWorkspaceID 32 | } 33 | } 34 | 35 | module AVDhostpooldiag2 './6.3.1 AVD-monitor-diag-hostpool.bicep' = { 36 | name: 'AVDhostpooldiag2' 37 | scope: resourceGroup(AVDBackplaneAccResourceGroup) 38 | params: { 39 | hostpoolName : hostpoolName2 40 | logAnalyticsWorkspaceID : logAnalyticsWorkspaceID 41 | } 42 | } 43 | 44 | module AVDWorkspacediag2 './6.3.2 AVD-monitor-diag-workspace.bicep' = { 45 | name: 'AVDWorkspacediag2' 46 | scope: resourceGroup(AVDBackplaneAccResourceGroup) 47 | params: { 48 | workspaceName : workspaceName2 49 | logAnalyticslocation : logAnalyticslocation 50 | logAnalyticsWorkspaceID : logAnalyticsWorkspaceID 51 | } 52 | } 53 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.3.1 avd-monitor-diag-hostpool.bicep: -------------------------------------------------------------------------------- 1 | //Define diagnostic setting parameters 2 | param hostpoolName string 3 | param logAnalyticsWorkspaceID string 4 | 5 | resource hostPool 'Microsoft.DesktopVirtualization/hostPools@2020-11-02-preview' existing = { 6 | name: hostpoolName 7 | } 8 | 9 | //Create diagnostic settings for AVD Objects 10 | resource AVDwsds 'Microsoft.Insights/diagnosticSettings@2017-05-01-preview' = { 11 | name: '${hostPool}-diag' 12 | scope: hostPool 13 | properties: { 14 | workspaceId: logAnalyticsWorkspaceID 15 | logs: [ 16 | { 17 | category: 'Checkpoint' 18 | enabled: true 19 | } 20 | { 21 | category: 'Error' 22 | enabled: true 23 | } 24 | { 25 | category: 'Management' 26 | enabled: true 27 | } 28 | { 29 | category: 'Connection' 30 | enabled: true 31 | } 32 | { 33 | category: 'HostRegistration' 34 | enabled: true 35 | } 36 | ] 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.3.2 avd-monitor-diag-workspace.bicep: -------------------------------------------------------------------------------- 1 | //Define diagnostic setting parameters 2 | param workspaceName string 3 | param logAnalyticslocation string = 'westeurope' 4 | param logAnalyticsWorkspaceID string 5 | 6 | //Concat diagnostic setting names 7 | var workspaceDiagName = '${workspaceName}/Microsoft.Insights/hostpool-diag' 8 | 9 | //Create diagnostic settings for AVD Objects 10 | resource AVDwsds 'Microsoft.DesktopVirtualization/workspaces/providers/diagnosticSettings@2017-05-01-preview' = { 11 | name: workspaceDiagName 12 | location: logAnalyticslocation 13 | properties: { 14 | workspaceId: logAnalyticsWorkspaceID 15 | logs: [ 16 | { 17 | category: 'Checkpoint' 18 | enabled: true 19 | } 20 | { 21 | category: 'Error' 22 | enabled: true 23 | } 24 | { 25 | category: 'Management' 26 | enabled: true 27 | } 28 | { 29 | category: 'Feed' 30 | enabled: true 31 | } 32 | ] 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.4 avd-shared-image-gallery.bicep: -------------------------------------------------------------------------------- 1 | param azureSubscriptionID string 2 | 3 | //Define SIG parameters 4 | param sigName string 5 | param sigLocation string 6 | param sigReourceGroup string 7 | 8 | //Define Image Definition parameters 9 | param imagePublisher string 10 | param imageDefinitionName string 11 | param imageOffer string 12 | param imageSKU string 13 | 14 | //Define Template Image parameters 15 | param userIdentity string 16 | param vmOffer string 17 | param vmOSDiskSize int 18 | param vmSku string 19 | param vmVersion string 20 | param vmPublisher string 21 | param vmSizeAIB string 22 | param subnetID string 23 | 24 | //define user identity 25 | param roleNameGalleryImage string 26 | param principalID string 27 | param templateImageResourceGroup string 28 | 29 | //Define Azure Subscriptin ID params 30 | var assignableScopes = '/subscriptions/${azureSubscriptionID}/resourcegroups/${templateImageResourceGroup}' 31 | 32 | //Create Image Gallery 33 | resource AVDsig 'Microsoft.Compute/galleries@2020-09-30' = { 34 | name: sigName 35 | location: sigLocation 36 | } 37 | 38 | //create role definition 39 | resource gallerydef 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' = { 40 | name: guid(roleNameGalleryImage) 41 | properties: { 42 | roleName: roleNameGalleryImage 43 | description: 'Custom role for network read' 44 | permissions: [ 45 | { 46 | actions: [ 47 | 'Microsoft.Compute/galleries/read' 48 | 'Microsoft.Compute/galleries/images/read' 49 | 'Microsoft.Compute/galleries/images/versions/read' 50 | 'Microsoft.Compute/galleries/images/versions/write' 51 | 'Microsoft.Compute/images/write' 52 | 'Microsoft.Compute/images/read' 53 | 'Microsoft.Compute/images/delete' 54 | ] 55 | } 56 | ] 57 | assignableScopes: [ 58 | assignableScopes 59 | ] 60 | } 61 | dependsOn:[ 62 | AVDsig 63 | ] 64 | } 65 | 66 | //create role assignment 67 | resource galleryass 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = { 68 | name: guid(resourceGroup().id) 69 | properties: { 70 | roleDefinitionId: gallerydef.id 71 | principalId: principalID 72 | } 73 | dependsOn:[ 74 | AVDsig 75 | ] 76 | } 77 | 78 | //Create Image Definition 79 | module AVDid './6.4.1 AVD-Image-definitions.bicep' = { 80 | name: 'AVDid' 81 | scope: resourceGroup(sigReourceGroup) 82 | params: { 83 | imageGalleryName: sigName 84 | imageLocation: sigLocation 85 | imageDefinitionName: imageDefinitionName 86 | imageOffer: imageOffer 87 | imagePublisher: imagePublisher 88 | imageSKU: imageSKU 89 | templateImageResourceGroup: sigReourceGroup 90 | imageTemplateName: imageDefinitionName 91 | userIdentity: userIdentity 92 | vmOffer: vmOffer 93 | vmOSDiskSize: vmOSDiskSize 94 | vmPublisher: vmPublisher 95 | vmSize: vmSizeAIB 96 | vmSku: vmSku 97 | vmVersion: vmVersion 98 | azureSubscriptionID: azureSubscriptionID 99 | subnetID: subnetID 100 | } 101 | dependsOn:[ 102 | AVDsig 103 | ] 104 | } 105 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.4.1 avd-Image-definitions.bicep: -------------------------------------------------------------------------------- 1 | //Define Image Definition parameters 2 | param azureSubscriptionID string 3 | param imageGalleryName string 4 | param imageDefinitionName string 5 | param imageLocation string 6 | param imagePublisher string 7 | param imageOffer string 8 | param imageSKU string 9 | param templateImageResourceGroup string 10 | param imageTemplateName string 11 | param userIdentity string 12 | param vmOffer string 13 | param vmSize string 14 | param vmOSDiskSize int 15 | param vmPublisher string 16 | param vmSku string 17 | param vmVersion string 18 | param subnetID string 19 | 20 | var imageDefinitionFullName = '${imageGalleryName}/${imageDefinitionName}' 21 | 22 | //Create Image definitation 23 | resource AVDid 'Microsoft.Compute/galleries/images@2020-09-30' = { 24 | name: imageDefinitionFullName 25 | location: imageLocation 26 | properties: { 27 | osState: 'Generalized' 28 | osType: 'Windows' 29 | identifier: { 30 | publisher: imagePublisher 31 | offer: imageOffer 32 | sku: imageSKU 33 | } 34 | } 35 | } 36 | 37 | module AVDti './6.4.1.1 AVD-image-template.bicep' = { 38 | name: imageTemplateName 39 | scope: resourceGroup(templateImageResourceGroup) 40 | params: { 41 | azureSubscriptinID: azureSubscriptionID 42 | imageGalleryName: imageGalleryName 43 | imageGalleryRecourceGroupName: templateImageResourceGroup 44 | imageTemplateLocation: imageLocation 45 | imageTemplateName: imageTemplateName 46 | userIdentity: userIdentity 47 | vmOffer: vmOffer 48 | vmOSDiskSize: vmOSDiskSize 49 | vmPublisher: vmPublisher 50 | vmSize: vmSize 51 | vmSku: vmSku 52 | vmVersion: vmVersion 53 | subnetID: subnetID 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.4.1.1 avd-Image-Template.bicep: -------------------------------------------------------------------------------- 1 | //Define Log Analytics parameters 2 | param azureSubscriptinID string 3 | param imageGalleryName string 4 | param imageGalleryRecourceGroupName string 5 | param imageTemplateName string 6 | param imageTemplateLocation string 7 | param vmSize string 8 | param vmOSDiskSize int 9 | param vmPublisher string 10 | param vmOffer string 11 | param vmSku string 12 | param vmVersion string 13 | param userIdentity string 14 | param subnetID string 15 | 16 | var galleryImageId = '/subscriptions/${azureSubscriptinID}/resourceGroups/${imageGalleryRecourceGroupName}/providers/Microsoft.Compute/galleries/${imageGalleryName}/images/${imageTemplateName}' 17 | 18 | //Create template image 19 | resource AVDit 'Microsoft.VirtualMachineImages/imageTemplates@2020-02-14' = { 20 | name: imageTemplateName 21 | identity: { 22 | type: 'UserAssigned' 23 | userAssignedIdentities :{ 24 | '${userIdentity}': {} 25 | } 26 | } 27 | location: imageTemplateLocation 28 | properties: { 29 | buildTimeoutInMinutes: 100 30 | vmProfile: { 31 | vmSize: vmSize 32 | osDiskSizeGB: vmOSDiskSize 33 | } 34 | source : { 35 | type: 'PlatformImage' 36 | publisher: vmPublisher 37 | offer: vmOffer 38 | sku: vmSku 39 | version: vmVersion 40 | } 41 | customize: [ 42 | { 43 | type: 'PowerShell' 44 | name: 'GetAzCopy' 45 | inline:[ 46 | 'New-Item -type Directory -Path C:\\ -Name temp' 47 | 'Invoke-WebRequest -Uri https://aka.ms/downloadazcopy-v10-windows -OutFile c:\\temp\\azcopy.zip' 48 | 'Expand-Archive C:\\temp\\azcopy.zip c:\\temp' 49 | 'Copy-Item C:\\temp\\azcopy_windows_amd64_*\\azcopy.exe\\ -Destination C:\\temp' 50 | ] 51 | } 52 | { 53 | type: 'PowerShell' 54 | name: 'GetCustomizeScriptAndApps' 55 | inline:[ 56 | 'C:\\temp\\azcopy.exe copy "https://ninjawvdprofiles.blob.core.windows.net/liquit/avd-liquit-aib-demo.msi?sp=r&st=2021-09-13T12:15:54Z&se=2022-10-06T20:15:54Z&spr=https&sv=2020-08-04&sr=b&sig=1esX6FXbDM9reIHS8%2BEaywhVFLl342qMrhooi%2BKAOlY%3D" C:\\temp\\avd-liquit-aib-demo.msi' 57 | 'C:\\temp\\azcopy.exe copy "https://ninjawvdprofiles.blob.core.windows.net/liquit/avd-ninja-aib-deploy.ps1?sp=r&st=2021-09-13T12:16:13Z&se=2022-11-17T21:16:13Z&spr=https&sv=2020-08-04&sr=b&sig=DlNnL54AlrApHJvZxVaKLvbH3odr9S8oH8TfVd8wjEc%3D" C:\\temp\\avd-ninja-aib-deploy.ps1' 58 | 'C:\\temp\\azcopy.exe copy "https://ninjawvdprofiles.blob.core.windows.net/liquit/run-ShellAPI.ps1?sp=r&st=2021-09-19T08:24:10Z&se=2023-01-19T17:24:10Z&spr=https&sv=2020-08-04&sr=b&sig=d%2Fz1wjFHGKBEvZHCMg4NQssJ4wp8qsuwL2hvQwiX%2FyM%3D" C:\\temp\\run-ShellAPI.ps1' 59 | 60 | 61 | 62 | 'Set-ExecutionPolicy Bypass -Force' 63 | 'C:\\temp\\avd-ninja-aib-deploy.ps1' 64 | ] 65 | runElevated : true 66 | } 67 | ] 68 | distribute: [ 69 | { 70 | type: 'SharedImage' 71 | galleryImageId: galleryImageId 72 | runOutputName: imageTemplateName 73 | replicationRegions: [ 74 | 'North Europe' 75 | ] 76 | } 77 | ] 78 | } 79 | } 80 | 81 | 82 | 83 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.5 avd-fileservices-module.bicep: -------------------------------------------------------------------------------- 1 | //Define Azure Files parmeters 2 | param storageaccountlocation1 string 3 | param storageaccountName1 string 4 | param storageaccountkind1 string 5 | param storgeaccountglobalRedundancy1 string 6 | param storageaccountlocation2 string 7 | param storageaccountName2 string 8 | param storageaccountkind2 string 9 | param storgeaccountglobalRedundancy2 string 10 | param fileshareFolderName1 string 11 | param fileshareFolderName2 string 12 | param fileshareFolderName3 string 13 | 14 | //Concat FileShare 15 | var filesharelocation1 = '${saaib.name}/default/${fileshareFolderName1}' 16 | var filesharelocation2 = '${saaib.name}/default/${fileshareFolderName2}' 17 | var filesharelocation3 = '${saprof.name}/default/${fileshareFolderName3}' 18 | 19 | 20 | //Create Storage account 1 21 | resource saaib 'Microsoft.Storage/storageAccounts@2020-08-01-preview' = { 22 | name: storageaccountName1 23 | location: storageaccountlocation1 24 | kind: storageaccountkind1 25 | sku: { 26 | name: storgeaccountglobalRedundancy1 27 | } 28 | } 29 | //Create blob services 30 | resource fssofwtare 'Microsoft.Storage/storageAccounts/blobServices/containers@2020-08-01-preview' = { 31 | name: filesharelocation1 32 | } 33 | resource fsscripts 'Microsoft.Storage/storageAccounts/blobServices/containers@2020-08-01-preview' = { 34 | name: filesharelocation2 35 | } 36 | 37 | //Create Storage account 2 38 | resource saprof 'Microsoft.Storage/storageAccounts@2020-08-01-preview' = { 39 | name: storageaccountName2 40 | location: storageaccountlocation2 41 | kind: storageaccountkind2 42 | sku: { 43 | name: storgeaccountglobalRedundancy2 44 | } 45 | } 46 | //Create file services 47 | resource fsprofiles 'Microsoft.Storage/storageAccounts/fileServices/shares@2020-08-01-preview' ={ 48 | name: filesharelocation3 49 | properties: { 50 | shareQuota: 1000 51 | } 52 | } 53 | 54 | -------------------------------------------------------------------------------- /Samples/Real World Example/6.6 avd-KeyVault.bicep: -------------------------------------------------------------------------------- 1 | //Define Log Analytics parameters 2 | param keyVaultName string 3 | param keyVaultLocation string 4 | param azureADTenantID string 5 | param adminObjectID string 6 | param sku string = 'Standard' 7 | param enabledForDeployment bool = true 8 | param enabledForTemplateDeployment bool = true 9 | param enabledForDiskEncryption bool = true 10 | param enableRbacAuthorization bool = false 11 | param softDeleteRetentionInDays int = 90 12 | param secretNameDomainJoin string 13 | param secretValueDomainJoin string 14 | param secretNameLocalAdminPassword string 15 | param secretValueLocalAdminPassword string 16 | param accessPolicies array = [ 17 | { 18 | tenantId: azureADTenantID 19 | objectId: adminObjectID 20 | permissions: { 21 | keys: [ 22 | 'Get' 23 | 'List' 24 | 'Update' 25 | 'Create' 26 | 'Import' 27 | 'Delete' 28 | 'Recover' 29 | 'Backup' 30 | 'Restore' 31 | ] 32 | secrets: [ 33 | 'Get' 34 | 'List' 35 | 'Set' 36 | 'Delete' 37 | 'Recover' 38 | 'Backup' 39 | 'Restore' 40 | ] 41 | certificates: [ 42 | 'Get' 43 | 'List' 44 | 'Update' 45 | 'Create' 46 | 'Import' 47 | 'Delete' 48 | 'Recover' 49 | 'Backup' 50 | 'Restore' 51 | 'ManageContacts' 52 | 'ManageIssuers' 53 | 'GetIssuers' 54 | 'ListIssuers' 55 | 'SetIssuers' 56 | 'DeleteIssuers' 57 | ] 58 | } 59 | } 60 | ] 61 | param networkAcls object = { 62 | ipRules: [] 63 | virtualNetworkRules: [] 64 | } 65 | 66 | //Create Keyvault 67 | resource keyvault 'Microsoft.KeyVault/vaults@2019-09-01' = { 68 | name: keyVaultName 69 | location: keyVaultLocation 70 | properties: { 71 | tenantId: azureADTenantID 72 | sku: { 73 | family: 'A' 74 | name: sku 75 | } 76 | accessPolicies: accessPolicies 77 | enabledForDeployment: enabledForDeployment 78 | enabledForDiskEncryption: enabledForDiskEncryption 79 | enabledForTemplateDeployment: enabledForTemplateDeployment 80 | softDeleteRetentionInDays: softDeleteRetentionInDays 81 | enableRbacAuthorization: enableRbacAuthorization 82 | networkAcls: networkAcls 83 | } 84 | } 85 | 86 | // create secrets 87 | resource secretdj 'Microsoft.KeyVault/vaults/secrets@2018-02-14' = { 88 | name: '${keyvault.name}/${secretNameDomainJoin}' 89 | properties: { 90 | value: secretValueDomainJoin 91 | } 92 | } 93 | resource secretla 'Microsoft.KeyVault/vaults/secrets@2018-02-14' = { 94 | name: '${keyvault.name}/${secretNameLocalAdminPassword}' 95 | properties: { 96 | value: secretValueLocalAdminPassword 97 | } 98 | } 99 | 100 | 101 | -------------------------------------------------------------------------------- /Samples/Real World Example/7. avd-template-spec.bicep: -------------------------------------------------------------------------------- 1 | param templateSpecName string = 'add-wvd-hosts-to-hostpool' 2 | param templateDescription string = 'ARM Template to add hosts to an existing WVD Hostpool' 3 | param templateDisplayName string = 'Add WVD hosts to hostpool' 4 | 5 | resource ts 'Microsoft.Resources/templateSpecs@2019-06-01-preview' = { 6 | name: templateSpecName 7 | location: resourceGroup().location 8 | properties: { 9 | description: templateDescription 10 | displayName: templateDisplayName 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /Samples/azure-Container-Registry.bicep: -------------------------------------------------------------------------------- 1 | @minLength(5) 2 | @maxLength(50) 3 | @description('Provide a globally unique name of your Azure Container Registry') 4 | param acrName string = 'acr${uniqueString(resourceGroup().id)}' 5 | 6 | @description('Provide a location for the registry.') 7 | param location string = resourceGroup().location 8 | 9 | @description('Provide a tier of your Azure Container Registry.') 10 | param acrSku string = 'Basic' 11 | 12 | @description('Resource declaration of a new ACR') 13 | resource acrResource 'Microsoft.ContainerRegistry/registries@2021-06-01-preview' = { 14 | name: acrName 15 | location: location 16 | sku: { 17 | name: acrSku 18 | } 19 | properties: { 20 | adminUserEnabled: false 21 | } 22 | } 23 | 24 | @description('The login server property we can later use to reference Bicep Modules in this registry.') 25 | output loginServer string = acrResource.properties.loginServer 26 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container-2-loop-types.bicep: -------------------------------------------------------------------------------- 1 | param namePrefix string = 'stg' 2 | param location string = 'westeurope' 3 | 4 | param blobContainers array = [ 5 | { 6 | Name: 'bicep' 7 | publicAccess: 'blob' 8 | } 9 | { 10 | Name: 'simply' 11 | publicAccess: 'container' 12 | } 13 | { 14 | Name: 'rules' 15 | publicAccess: 'none' 16 | } 17 | ] 18 | 19 | var storageAccountName = '${namePrefix}${uniqueString(resourceGroup().id)}' 20 | 21 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 22 | name: storageAccountName 23 | location: location 24 | kind: 'StorageV2' 25 | sku: { 26 | name: 'Standard_LRS' 27 | } 28 | properties: { 29 | accessTier: 'Hot' 30 | } 31 | } 32 | 33 | resource blob 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = [for (container, i) in blobContainers: { 34 | name: '${stg.name}/default/${i}-${container.name}' 35 | properties: { 36 | publicAccess: container.publicAccess 37 | } 38 | }] 39 | 40 | output stg string = stg.name 41 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container-2-loop-types.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "parameters": { 5 | "namePrefix": { 6 | "type": "string", 7 | "defaultValue": "stg" 8 | }, 9 | "location": { 10 | "type": "string", 11 | "defaultValue": "westeurope" 12 | }, 13 | "blobContainers": { 14 | "type": "array", 15 | "defaultValue": [ 16 | { 17 | "Name": "bicep", 18 | "publicAccess": "blob" 19 | }, 20 | { 21 | "Name": "simply", 22 | "publicAccess": "container" 23 | }, 24 | { 25 | "Name": "rules", 26 | "publicAccess": "none" 27 | } 28 | ] 29 | } 30 | }, 31 | "functions": [], 32 | "variables": { 33 | "storageAccountName": "[format('{0}{1}', parameters('namePrefix'), uniqueString(resourceGroup().id))]" 34 | }, 35 | "resources": [ 36 | { 37 | "type": "Microsoft.Storage/storageAccounts", 38 | "apiVersion": "2021-02-01", 39 | "name": "[variables('storageAccountName')]", 40 | "location": "[parameters('location')]", 41 | "kind": "StorageV2", 42 | "sku": { 43 | "name": "Standard_LRS", 44 | "tier": "Standard" 45 | }, 46 | "properties": { 47 | "accessTier": "Hot" 48 | } 49 | }, 50 | { 51 | "copy": { 52 | "name": "blob", 53 | "count": "[length(parameters('blobContainers'))]" 54 | }, 55 | "type": "Microsoft.Storage/storageAccounts/blobServices/containers", 56 | "apiVersion": "2019-06-01", 57 | "name": "[format('{0}/default/{1}-{2}', variables('storageAccountName'), copyIndex(), parameters('blobContainers')[copyIndex()].name)]", 58 | "properties": { 59 | "publicAccess": "[parameters('blobContainers')[copyIndex()].publicAccess]" 60 | }, 61 | "dependsOn": [ 62 | "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]" 63 | ] 64 | } 65 | ], 66 | "outputs": { 67 | "stg": { 68 | "type": "string", 69 | "value": "[variables('storageAccountName')]" 70 | } 71 | } 72 | } 73 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container-conditional-2.bicep: -------------------------------------------------------------------------------- 1 | param namePrefix string = 'stg' 2 | param location string = 'westeurope' 3 | param createContainer string = utcNow('MM') 4 | 5 | var storageAccountName = '${namePrefix}${uniqueString(resourceGroup().id)}' 6 | 7 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 8 | name: storageAccountName 9 | location: location 10 | kind: 'StorageV2' 11 | sku: { 12 | name: 'Standard_LRS' 13 | } 14 | properties: { 15 | accessTier: 'Hot' 16 | } 17 | } 18 | 19 | resource blobMay 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = if (createContainer == '05') { 20 | name: '${stg.name}/default/may' 21 | } 22 | 23 | resource blobJune 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = if (createContainer == '06') { 24 | name: '${stg.name}/default/june' 25 | } 26 | 27 | output stg string = stg.name 28 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container-conditional.bicep: -------------------------------------------------------------------------------- 1 | param namePrefix string = 'stg' 2 | param location string = 'westeurope' 3 | param createContainer bool = true 4 | 5 | var storageAccountName = '${namePrefix}${uniqueString(resourceGroup().id)}' 6 | 7 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 8 | name: storageAccountName 9 | location: location 10 | kind: 'StorageV2' 11 | sku: { 12 | name: 'Standard_LRS' 13 | } 14 | properties: { 15 | accessTier: 'Hot' 16 | } 17 | } 18 | 19 | resource blob 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = if (createContainer == true) { 20 | name: '${stg.name}/default/myblob' 21 | } 22 | 23 | output stg string = stg.name 24 | 25 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container-existing-keyword.bicep: -------------------------------------------------------------------------------- 1 | param storageAccountName string = 'stgiywdzdqmmr2ke' 2 | 3 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' existing = { 4 | name: storageAccountName 5 | } 6 | 7 | resource blob 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = { 8 | name: '${stg.name}/default/myblob' 9 | } 10 | 11 | output stg string = stg.name 12 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container-existing-keyword.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.1", 8 | "templateHash": "5069255956324085600" 9 | } 10 | }, 11 | "parameters": { 12 | "storageAccountName": { 13 | "type": "string", 14 | "defaultValue": "stg" 15 | } 16 | }, 17 | "functions": [], 18 | "resources": [ 19 | { 20 | "type": "Microsoft.Storage/storageAccounts/blobServices/containers", 21 | "apiVersion": "2019-06-01", 22 | "name": "[format('{0}/default/myblob', parameters('storageAccountName'))]" 23 | } 24 | ], 25 | "outputs": { 26 | "stg": { 27 | "type": "string", 28 | "value": "[parameters('storageAccountName')]" 29 | } 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container-loop-range.bicep: -------------------------------------------------------------------------------- 1 | param namePrefix string = 'stg' 2 | param location string = 'westeurope' 3 | param numberofContainers int = 5 4 | 5 | var storageAccountName = '${namePrefix}${uniqueString(resourceGroup().id)}' 6 | 7 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 8 | name: storageAccountName 9 | location: location 10 | kind: 'StorageV2' 11 | sku: { 12 | name: 'Standard_LRS' 13 | } 14 | properties: { 15 | accessTier: 'Hot' 16 | } 17 | } 18 | 19 | resource blob 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = [for i in range(1, numberofContainers): { 20 | name: '${stg.name}/default/container${i}' 21 | }] 22 | 23 | output stg string = stg.name 24 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container-loop.bicep: -------------------------------------------------------------------------------- 1 | param namePrefix string = 'stg' 2 | param location string = 'westeurope' 3 | param blobContainerNames array = [ 4 | 'bicep' 5 | 'simply' 6 | 'rules' 7 | ] 8 | var storageAccountName = '${namePrefix}${uniqueString(resourceGroup().id)}' 9 | 10 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 11 | name: storageAccountName 12 | location: location 13 | kind: 'StorageV2' 14 | sku: { 15 | name: 'Standard_LRS' 16 | } 17 | properties: { 18 | accessTier: 'Hot' 19 | } 20 | } 21 | 22 | resource blob 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = [for name in blobContainerNames: { 23 | name: '${stg.name}/default/${name}' 24 | }] 25 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container-loop.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.63.48766", 8 | "templateHash": "3100587713824005641" 9 | } 10 | }, 11 | "parameters": { 12 | "namePrefix": { 13 | "type": "string", 14 | "defaultValue": "stg" 15 | }, 16 | "location": { 17 | "type": "string", 18 | "defaultValue": "westeurope" 19 | }, 20 | "blobContainerNames": { 21 | "type": "array", 22 | "defaultValue": [ 23 | "bicep", 24 | "simply", 25 | "rules" 26 | ] 27 | } 28 | }, 29 | "functions": [], 30 | "variables": { 31 | "storageAccountName": "[format('{0}{1}', parameters('namePrefix'), uniqueString(resourceGroup().id))]" 32 | }, 33 | "resources": [ 34 | { 35 | "type": "Microsoft.Storage/storageAccounts", 36 | "apiVersion": "2021-02-01", 37 | "name": "[variables('storageAccountName')]", 38 | "location": "[parameters('location')]", 39 | "kind": "StorageV2", 40 | "sku": { 41 | "name": "Standard_LRS", 42 | "tier": "Standard" 43 | }, 44 | "properties": { 45 | "accessTier": "Hot" 46 | } 47 | }, 48 | { 49 | "copy": { 50 | "name": "blob", 51 | "count": "[length(parameters('blobContainerNames'))]" 52 | }, 53 | "type": "Microsoft.Storage/storageAccounts/blobServices/containers", 54 | "apiVersion": "2019-06-01", 55 | "name": "[format('{0}/default/{1}', variables('storageAccountName'), parameters('blobContainerNames')[copyIndex()])]", 56 | "dependsOn": [ 57 | "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]" 58 | ] 59 | } 60 | ], 61 | "outputs": { 62 | "blobs": { 63 | "type": "array", 64 | "copy": { 65 | "count": "[length(parameters('blobContainerNames'))]", 66 | "input": { 67 | "name": "[parameters('blobContainerNames')[copyIndex()][copyIndex()].name]" 68 | } 69 | } 70 | } 71 | } 72 | } -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container.bicep: -------------------------------------------------------------------------------- 1 | param namePrefix string = 'stg' 2 | param location string = 'westeurope' 3 | 4 | var storageAccountName = '${namePrefix}${uniqueString(resourceGroup().id)}' 5 | 6 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 7 | name: storageAccountName 8 | location: location 9 | kind: 'StorageV2' 10 | sku: { 11 | name: 'Standard_LRS' 12 | } 13 | properties: { 14 | accessTier: 'Hot' 15 | } 16 | } 17 | 18 | resource blob 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = { 19 | name: '${stg.name}/default/myblob' 20 | } 21 | 22 | output stg string = stg.name 23 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-container.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.1", 8 | "templateHash": "6927417283349201919" 9 | } 10 | }, 11 | "parameters": { 12 | "namePrefix": { 13 | "type": "string", 14 | "defaultValue": "stg" 15 | }, 16 | "location": { 17 | "type": "string", 18 | "defaultValue": "westeurope" 19 | } 20 | }, 21 | "functions": [], 22 | "variables": { 23 | "storageAccountName": "[format('{0}{1}', parameters('namePrefix'), uniqueString(resourceGroup().id))]" 24 | }, 25 | "resources": [ 26 | { 27 | "type": "Microsoft.Storage/storageAccounts", 28 | "apiVersion": "2021-02-01", 29 | "name": "[variables('storageAccountName')]", 30 | "location": "[parameters('location')]", 31 | "kind": "StorageV2", 32 | "sku": { 33 | "name": "Standard_LRS", 34 | "tier": "Standard" 35 | }, 36 | "properties": { 37 | "accessTier": "Hot" 38 | } 39 | }, 40 | { 41 | "type": "Microsoft.Storage/storageAccounts/blobServices/containers", 42 | "apiVersion": "2019-06-01", 43 | "name": "[format('{0}/myblob', variables('storageAccountName'))]", 44 | "dependsOn": [ 45 | "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]" 46 | ] 47 | } 48 | ], 49 | "outputs": { 50 | "stg": { 51 | "type": "string", 52 | "value": "[variables('storageAccountName')]" 53 | } 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-expressions.bicep: -------------------------------------------------------------------------------- 1 | param namePrefix string = 'stg' 2 | param location string = 'westeurope' 3 | param hotAccessTier bool = true 4 | var storageAccountName = '${namePrefix}${uniqueString(resourceGroup().id)}' 5 | 6 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 7 | name: storageAccountName 8 | location: location 9 | kind: 'StorageV2' 10 | sku: { 11 | name: 'Standard_LRS' 12 | } 13 | properties: { 14 | accessTier: hotAccessTier ? 'Hot' : 'Cool' 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-expressions.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.1", 8 | "templateHash": "4822068707527880167" 9 | } 10 | }, 11 | "parameters": { 12 | "namePrefix": { 13 | "type": "string", 14 | "defaultValue": "stg" 15 | }, 16 | "location": { 17 | "type": "string", 18 | "defaultValue": "westeurope" 19 | }, 20 | "hotAccessTier": { 21 | "type": "bool", 22 | "defaultValue": true 23 | } 24 | }, 25 | "functions": [], 26 | "variables": { 27 | "storageAccountName": "[format('{0}{1}', parameters('namePrefix'), uniqueString(resourceGroup().id))]" 28 | }, 29 | "resources": [ 30 | { 31 | "type": "Microsoft.Storage/storageAccounts", 32 | "apiVersion": "2021-02-01", 33 | "name": "[variables('storageAccountName')]", 34 | "location": "[parameters('location')]", 35 | "kind": "StorageV2", 36 | "sku": { 37 | "name": "Standard_LRS", 38 | "tier": "Standard" 39 | }, 40 | "properties": { 41 | "accessTier": "[if(parameters('hotAccessTier'), 'Hot', 'Cool')]" 42 | } 43 | } 44 | ] 45 | } 46 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-ouputs.bicep: -------------------------------------------------------------------------------- 1 | param storageAccountName string = 'mysabicepdemo' 2 | param location string = 'westeurope' 3 | 4 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 5 | name: storageAccountName 6 | location: location 7 | kind: 'StorageV2' 8 | sku: { 9 | name: 'Standard_LRS' 10 | } 11 | properties: { 12 | accessTier: 'Hot' 13 | } 14 | } 15 | 16 | output stg string = stg.properties.primaryEndpoints.blob 17 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-ouputs.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.63.48766", 8 | "templateHash": "3550091130979434653" 9 | } 10 | }, 11 | "parameters": { 12 | "storageAccountName": { 13 | "type": "string", 14 | "defaultValue": "mysabicepdemo" 15 | }, 16 | "location": { 17 | "type": "string", 18 | "defaultValue": "westeurope" 19 | } 20 | }, 21 | "functions": [], 22 | "resources": [ 23 | { 24 | "type": "Microsoft.Storage/storageAccounts", 25 | "apiVersion": "2021-02-01", 26 | "name": "[parameters('storageAccountName')]", 27 | "location": "[parameters('location')]", 28 | "kind": "StorageV2", 29 | "sku": { 30 | "name": "Standard_LRS", 31 | "tier": "Standard" 32 | }, 33 | "properties": { 34 | "accessTier": "Hot" 35 | } 36 | } 37 | ], 38 | "outputs": { 39 | "stg": { 40 | "type": "string", 41 | "value": "[reference(resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))).primaryEndpoints.blob]" 42 | } 43 | } 44 | } -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-param-and-tags.bicep: -------------------------------------------------------------------------------- 1 | param storageAccountName string = 'mysabicepdemo' 2 | param location string = 'westeurope' 3 | 4 | param resourceTags object = { 5 | Environment: 'Dev' 6 | Project: 'Mastering Bicep' 7 | } 8 | 9 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 10 | name: storageAccountName 11 | location: location 12 | tags: resourceTags 13 | kind: 'StorageV2' 14 | sku: { 15 | name: 'Standard_LRS' 16 | } 17 | properties: { 18 | accessTier: 'Hot' 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-param-and-variables.bicep: -------------------------------------------------------------------------------- 1 | param storageAccountName string = 'mysabicepdemo' 2 | param location string = 'westeurope' 3 | 4 | var storageTier = 'Standard' 5 | 6 | resource storageAccountName_resource 'Microsoft.Storage/storageAccounts@2021-02-01' = { 7 | name: storageAccountName 8 | location: location 9 | kind: 'StorageV2' 10 | sku: { 11 | name: 'Standard_LRS' 12 | tier: storageTier 13 | } 14 | properties: { 15 | accessTier: 'Hot' 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-param-and-variables.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "parameters": { 5 | "storageAccountName": { 6 | "type": "string", 7 | "defaultValue": "mysabicepdemo" 8 | }, 9 | "location": { 10 | "type": "string", 11 | "defaultValue": "westeurope" 12 | } 13 | }, 14 | "variables": { 15 | "storageTier": "Standard" 16 | }, 17 | "resources": [ 18 | { 19 | "type": "Microsoft.Storage/storageAccounts", 20 | "apiVersion": "2021-02-01", 21 | "name": "[parameters('storageAccountName')]", 22 | "location": "[parameters('location')]", 23 | "kind": "StorageV2", 24 | "sku": { 25 | "name": "Standard_LRS", 26 | "tier": "[variables('storageTier')]" 27 | }, 28 | "properties": { 29 | "accessTier": "Hot" 30 | } 31 | } 32 | ] 33 | } 34 | -------------------------------------------------------------------------------- /Samples/basic-Storage-Account-with-unique-name.bicep: -------------------------------------------------------------------------------- 1 | param namePrefix string = 'stg' 2 | param location string = 'westeurope' 3 | 4 | var storageAccountName = '${namePrefix}${uniqueString(resourceGroup().id)}' 5 | 6 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 7 | name: storageAccountName 8 | location: location 9 | kind: 'StorageV2' 10 | sku: { 11 | name: 'Standard_LRS' 12 | } 13 | properties: { 14 | accessTier: 'Hot' 15 | } 16 | } 17 | 18 | output stg string = stg.name 19 | -------------------------------------------------------------------------------- /Samples/basic-storage-account.bicep: -------------------------------------------------------------------------------- 1 | @description('This resource is a storage account deployed in West Europe.') 2 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 3 | name: 'mysabicepdemo' 4 | location: 'westeurope' 5 | kind: 'StorageV2' 6 | sku: { 7 | name: 'Standard_LRS' 8 | } 9 | properties: { 10 | accessTier: 'Hot' 11 | } 12 | } 13 | 14 | -------------------------------------------------------------------------------- /Samples/basic-storage-account.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.63.48766", 8 | "templateHash": "7962753113499280603" 9 | } 10 | }, 11 | "functions": [], 12 | "resources": [ 13 | { 14 | "type": "Microsoft.Storage/storageAccounts", 15 | "apiVersion": "2021-02-01", 16 | "name": "mysabicepdemo", 17 | "location": "westeurope", 18 | "kind": "StorageV2", 19 | "sku": { 20 | "name": "Standard_LRS", 21 | "tier": "Standard" 22 | }, 23 | "properties": { 24 | "accessTier": "Hot" 25 | } 26 | } 27 | ] 28 | } -------------------------------------------------------------------------------- /Samples/basic-storage-account.parameters.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", 3 | "contentVersion": "1.0.0.0", 4 | "parameters": { 5 | "storageAccountName": { 6 | "value": "mysabicepdemo" 7 | }, 8 | "location": { 9 | "value": "westeurope" 10 | } 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /Samples/bicepconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "analyzers": { 3 | "core": { 4 | "enabled": true, 5 | "verbose": false, 6 | "rules": { 7 | "adminusername-should-not-be-literal": { 8 | "level": "warning" 9 | }, 10 | "no-hardcoded-env-urls": { 11 | "level": "warning" 12 | }, 13 | "no-unnecessary-dependson": { 14 | "level": "warning" 15 | }, 16 | "no-unused-params": { 17 | "level": "warning" 18 | }, 19 | "no-unused-vars": { 20 | "level": "warning" 21 | }, 22 | "outputs-should-not-contain-secrets": { 23 | "level": "warning" 24 | }, 25 | "prefer-interpolation": { 26 | "level": "warning" 27 | }, 28 | "secure-parameter-default": { 29 | "level": "warning" 30 | }, 31 | "simplify-interpolation": { 32 | "level": "warning" 33 | }, 34 | "use-protectedsettings-for-commandtoexecute-secrets": { 35 | "level": "warning" 36 | }, 37 | "use-stable-vm-image": { 38 | "level": "warning" 39 | } 40 | } 41 | } 42 | }, 43 | "moduleAliases": { 44 | "br": { 45 | "CoreModules": { 46 | "registry": "acriywdzdqmmr2ke.azurecr.io", 47 | "modulePath": "bicep/modules" 48 | } 49 | }, 50 | "ts": { 51 | "CoreSpecs": { 52 | "subscription": "66869840-a086-41d1-84e9-cf66ac8a9a94", 53 | "resourceGroup": "my-rg" 54 | } 55 | } 56 | }, 57 | "cloud": { 58 | "currentProfile": "AzureCloud", 59 | "credentialPrecedence": [ 60 | "AzurePowerShell", 61 | "AzureCLI" 62 | ] 63 | } 64 | } -------------------------------------------------------------------------------- /Samples/container-with-secret.bicep: -------------------------------------------------------------------------------- 1 | param storageAccountName string 2 | param containerName string 3 | @secure() 4 | param secretMetadata string 5 | 6 | resource blob 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = { 7 | name: '${storageAccountName}/default/${containerName}' 8 | properties:{ 9 | metadata: { 10 | secret: secretMetadata 11 | } 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /Samples/container.bicep: -------------------------------------------------------------------------------- 1 | param storageAccountName string 2 | param containerName string 3 | param containerIndex int 4 | 5 | resource blob 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = { 6 | name: '${storageAccountName}/default/${containerIndex}${containerName}' 7 | } 8 | -------------------------------------------------------------------------------- /Samples/install-Bicep-CLI.ps1: -------------------------------------------------------------------------------- 1 | # Create the install folder 2 | $installPath = "$env:USERPROFILE\.bicep" 3 | $installDir = New-Item -ItemType Directory -Path $installPath -Force 4 | $installDir.Attributes += 'Hidden' 5 | # Fetch the latest Bicep CLI binary 6 | (New-Object Net.WebClient).DownloadFile("https://github.com/Azure/bicep/releases/latest/download/bicep-win-x64.exe", "$installPath\bicep.exe") 7 | # Add bicep to your PATH 8 | $currentPath = (Get-Item -path "HKCU:\Environment" ).GetValue('Path', '', 'DoNotExpandEnvironmentNames') 9 | if (-not $currentPath.Contains($installPath)) { setx PATH ($currentPath + $installPath) } 10 | if (-not $env:path.Contains($installPath)) { $env:path += ";$installPath" } 11 | # Verify you can now access the 'bicep' command. 12 | bicep --help 13 | # Done! 14 | 15 | -------------------------------------------------------------------------------- /Samples/install-Bicep-VSCode-Extension.ps1: -------------------------------------------------------------------------------- 1 | # Fetch the latest Bicep VSCode extension 2 | $vsixPath = ".\vscode-bicep.vsix" 3 | (New-Object Net.WebClient).DownloadFile("https://github.com/Azure/bicep/releases/latest/download/vscode-bicep.vsix", $vsixPath) 4 | # Install the extension 5 | code --install-extension $vsixPath 6 | # Clean up the file 7 | Remove-Item $vsixPath 8 | # Done! 9 | -------------------------------------------------------------------------------- /Samples/main-acr.bicep: -------------------------------------------------------------------------------- 1 | targetScope = 'subscription' 2 | 3 | param namePrefix string 4 | param location string 5 | param resourceGroupName string = 'my-rg' 6 | 7 | param blobContainers array = [ 8 | { 9 | Name: 'bicep' 10 | publicAccess: 'blob' 11 | } 12 | { 13 | Name: 'simply' 14 | publicAccess: 'container' 15 | } 16 | { 17 | Name: 'rules' 18 | publicAccess: 'none' 19 | } 20 | ] 21 | 22 | resource rg 'Microsoft.Resources/resourceGroups@2021-01-01' = { 23 | name: resourceGroupName 24 | location: 'westeurope' 25 | } 26 | 27 | @description('This module deploys a storage account. It requires the parameters location(string) and namePrefix(string) and outputs the storage account name.') 28 | module sa 'storageAccount.bicep' = { 29 | name: 'sa-module' 30 | scope: rg 31 | params: { 32 | location: location 33 | namePrefix: namePrefix 34 | } 35 | } 36 | 37 | module co_acr 'br/CoreModules:storage:v1' = [for (container, i) in blobContainers: { 38 | name: 'co-module-${i}' 39 | scope: rg 40 | params: { 41 | containerName: container.Name 42 | containerIndex: i 43 | storageAccountName: sa.outputs.stg 44 | } 45 | }] 46 | 47 | output saout string = sa.outputs.stg 48 | -------------------------------------------------------------------------------- /Samples/main-mcr.bicep: -------------------------------------------------------------------------------- 1 | module helloWorld 'br/public:samples/hello-world:1.0.1' = { 2 | name: 'helloWorld' 3 | params: { 4 | name: 'Freek' 5 | } 6 | } 7 | 8 | output greeting string = helloWorld.outputs.greeting 9 | 10 | module avset 'br/public:compute/availability-set:1.0.1' = { 11 | name: 'my-avset-demo' 12 | params: { 13 | name: 'avset-01' 14 | availabilitySetSku: 'aligned' 15 | availabilitySetUpdateDomain: 2 16 | availabilitySetFaultDomain: 2 17 | tags: { 18 | tag1: 'MCR demo' 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /Samples/main-mcr.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.5.6.12127", 8 | "templateHash": "16392232774952044070" 9 | } 10 | }, 11 | "resources": [ 12 | { 13 | "type": "Microsoft.Resources/deployments", 14 | "apiVersion": "2020-10-01", 15 | "name": "my-avset-demo", 16 | "properties": { 17 | "expressionEvaluationOptions": { 18 | "scope": "inner" 19 | }, 20 | "mode": "Incremental", 21 | "parameters": { 22 | "name": { 23 | "value": "avset-01" 24 | }, 25 | "availabilitySetSku": { 26 | "value": "aligned" 27 | }, 28 | "availabilitySetUpdateDomain": { 29 | "value": 2 30 | }, 31 | "availabilitySetFaultDomain": { 32 | "value": 2 33 | }, 34 | "tags": { 35 | "value": { 36 | "tag1": "MCR demo" 37 | } 38 | } 39 | }, 40 | "template": { 41 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 42 | "contentVersion": "1.0.0.0", 43 | "metadata": { 44 | "_generator": { 45 | "name": "bicep", 46 | "version": "0.4.1318.3566", 47 | "templateHash": "15567849158229106902" 48 | } 49 | }, 50 | "parameters": { 51 | "name": { 52 | "type": "string", 53 | "metadata": { 54 | "description": "Required. The name of the availability set that is being created." 55 | } 56 | }, 57 | "availabilitySetFaultDomain": { 58 | "type": "int", 59 | "defaultValue": 2, 60 | "metadata": { 61 | "description": "Optional. The number of fault domains to use." 62 | } 63 | }, 64 | "availabilitySetUpdateDomain": { 65 | "type": "int", 66 | "defaultValue": 5, 67 | "metadata": { 68 | "description": "Optional. The number of update domains to use." 69 | } 70 | }, 71 | "availabilitySetSku": { 72 | "type": "string", 73 | "defaultValue": "Aligned", 74 | "metadata": { 75 | "description": "Optional. Sku of the availability set. Use 'Aligned' for virtual machines with managed disks and 'Classic' for virtual machines with unmanaged disks." 76 | } 77 | }, 78 | "proximityPlacementGroupId": { 79 | "type": "string", 80 | "defaultValue": "", 81 | "metadata": { 82 | "description": "Optional. Resource ID of a proximity placement group." 83 | } 84 | }, 85 | "location": { 86 | "type": "string", 87 | "defaultValue": "[resourceGroup().location]", 88 | "metadata": { 89 | "description": "Optional. Resource location." 90 | } 91 | }, 92 | "lock": { 93 | "type": "string", 94 | "defaultValue": "NotSpecified", 95 | "metadata": { 96 | "description": "Optional. Specify the type of lock." 97 | }, 98 | "allowedValues": [ 99 | "CanNotDelete", 100 | "NotSpecified", 101 | "ReadOnly" 102 | ] 103 | }, 104 | "roleAssignments": { 105 | "type": "array", 106 | "defaultValue": [], 107 | "metadata": { 108 | "description": "Optional. Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'" 109 | } 110 | }, 111 | "tags": { 112 | "type": "object", 113 | "defaultValue": {}, 114 | "metadata": { 115 | "description": "Optional. Tags of the availability set resource." 116 | } 117 | } 118 | }, 119 | "resources": [ 120 | { 121 | "type": "Microsoft.Compute/availabilitySets", 122 | "apiVersion": "2021-07-01", 123 | "name": "[parameters('name')]", 124 | "location": "[parameters('location')]", 125 | "tags": "[parameters('tags')]", 126 | "properties": { 127 | "platformFaultDomainCount": "[parameters('availabilitySetFaultDomain')]", 128 | "platformUpdateDomainCount": "[parameters('availabilitySetUpdateDomain')]", 129 | "proximityPlacementGroup": "[if(not(empty(parameters('proximityPlacementGroupId'))), createObject('id', parameters('proximityPlacementGroupId')), null())]" 130 | }, 131 | "sku": { 132 | "name": "[parameters('availabilitySetSku')]" 133 | } 134 | }, 135 | { 136 | "condition": "[not(equals(parameters('lock'), 'NotSpecified'))]", 137 | "type": "Microsoft.Authorization/locks", 138 | "apiVersion": "2017-04-01", 139 | "scope": "[format('Microsoft.Compute/availabilitySets/{0}', parameters('name'))]", 140 | "name": "[format('{0}-{1}-lock', parameters('name'), parameters('lock'))]", 141 | "properties": { 142 | "level": "[parameters('lock')]", 143 | "notes": "[if(equals(parameters('lock'), 'CanNotDelete'), 'Cannot delete resource or child resources.', 'Cannot modify the resource or child resources.')]" 144 | }, 145 | "dependsOn": [ 146 | "[resourceId('Microsoft.Compute/availabilitySets', parameters('name'))]" 147 | ] 148 | }, 149 | { 150 | "copy": { 151 | "name": "availabilitySet_rbac", 152 | "count": "[length(parameters('roleAssignments'))]" 153 | }, 154 | "type": "Microsoft.Resources/deployments", 155 | "apiVersion": "2020-10-01", 156 | "name": "[format('{0}-AvSet-Rbac-{1}', uniqueString(deployment().name, parameters('location')), copyIndex())]", 157 | "properties": { 158 | "expressionEvaluationOptions": { 159 | "scope": "inner" 160 | }, 161 | "mode": "Incremental", 162 | "parameters": { 163 | "description": { 164 | "value": "[if(contains(parameters('roleAssignments')[copyIndex()], 'description'), parameters('roleAssignments')[copyIndex()].description, '')]" 165 | }, 166 | "principalIds": { 167 | "value": "[parameters('roleAssignments')[copyIndex()].principalIds]" 168 | }, 169 | "roleDefinitionIdOrName": { 170 | "value": "[parameters('roleAssignments')[copyIndex()].roleDefinitionIdOrName]" 171 | }, 172 | "principalType": { 173 | "value": "[if(contains(parameters('roleAssignments')[copyIndex()], 'principalType'), parameters('roleAssignments')[copyIndex()].principalType, '')]" 174 | }, 175 | "resourceId": { 176 | "value": "[resourceId('Microsoft.Compute/availabilitySets', parameters('name'))]" 177 | } 178 | }, 179 | "template": { 180 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 181 | "contentVersion": "1.0.0.0", 182 | "metadata": { 183 | "_generator": { 184 | "name": "bicep", 185 | "version": "0.4.1318.3566", 186 | "templateHash": "8176262699368239987" 187 | } 188 | }, 189 | "parameters": { 190 | "description": { 191 | "type": "string", 192 | "defaultValue": "" 193 | }, 194 | "principalType": { 195 | "type": "string", 196 | "defaultValue": "" 197 | }, 198 | "principalIds": { 199 | "type": "array" 200 | }, 201 | "roleDefinitionIdOrName": { 202 | "type": "string" 203 | }, 204 | "resourceId": { 205 | "type": "string" 206 | } 207 | }, 208 | "variables": { 209 | "builtInRoleNames": { 210 | "Owner": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635')]", 211 | "Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c')]", 212 | "Reader": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'acdd72a7-3385-48ef-bd42-f606fba81ae7')]", 213 | "Avere Cluster Create": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'a7b1b19a-0e83-4fe5-935c-faaefbfd18c3')]", 214 | "Avere Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '4f8fab4f-1852-4a58-a46a-8eaf358af14a')]", 215 | "Azure Service Deploy Release Management Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '21d96096-b162-414a-8302-d8354f9d91b2')]", 216 | "CAL-Custom-Role": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7b266cd7-0bba-4ae2-8423-90ede5e1e898')]", 217 | "DevTest Labs User": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '76283e04-6283-4c54-8f91-bcf1374a3c64')]", 218 | "Log Analytics Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '92aaf0da-9dab-42b6-94a3-d43ce8d16293')]", 219 | "Log Analytics Reader": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '73c42c96-874c-492b-b04d-ab87d138a893')]", 220 | "Managed Application Contributor Role": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '641177b8-a67a-45b9-a033-47bc880bb21e')]", 221 | "Managed Application Operator Role": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'c7393b34-138c-406f-901b-d8cf2b17e6ae')]", 222 | "Managed Applications Reader": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b9331d33-8a36-4f8c-b097-4f54124fdb44')]", 223 | "masterreader": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'a48d7796-14b4-4889-afef-fbb65a93e5a2')]", 224 | "Monitoring Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '749f88d5-cbae-40b8-bcfc-e573ddc772fa')]", 225 | "Monitoring Metrics Publisher": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '3913510d-42f4-4e42-8a64-420c390055eb')]", 226 | "Monitoring Reader": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '43d0d8ad-25c7-4714-9337-8ba259a9fe05')]", 227 | "Reservation Purchaser": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'f7b75c60-3036-4b75-91c3-6b41c27c1689')]", 228 | "Resource Policy Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '36243c78-bf99-498c-9df9-86d9f8d28608')]", 229 | "User Access Administrator": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9')]", 230 | "Virtual Machine Contributor": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '9980e02c-c2be-4d73-94e8-173b1dc7cf3c')]" 231 | } 232 | }, 233 | "resources": [ 234 | { 235 | "copy": { 236 | "name": "roleAssignment", 237 | "count": "[length(parameters('principalIds'))]" 238 | }, 239 | "type": "Microsoft.Authorization/roleAssignments", 240 | "apiVersion": "2021-04-01-preview", 241 | "scope": "[format('Microsoft.Compute/availabilitySets/{0}', last(split(parameters('resourceId'), '/')))]", 242 | "name": "[guid(last(split(parameters('resourceId'), '/')), parameters('principalIds')[copyIndex()], parameters('roleDefinitionIdOrName'))]", 243 | "properties": { 244 | "description": "[parameters('description')]", 245 | "roleDefinitionId": "[if(contains(variables('builtInRoleNames'), parameters('roleDefinitionIdOrName')), variables('builtInRoleNames')[parameters('roleDefinitionIdOrName')], parameters('roleDefinitionIdOrName'))]", 246 | "principalId": "[parameters('principalIds')[copyIndex()]]", 247 | "principalType": "[if(not(empty(parameters('principalType'))), parameters('principalType'), null())]" 248 | } 249 | } 250 | ] 251 | } 252 | }, 253 | "dependsOn": [ 254 | "[resourceId('Microsoft.Compute/availabilitySets', parameters('name'))]" 255 | ] 256 | } 257 | ], 258 | "outputs": { 259 | "name": { 260 | "type": "string", 261 | "value": "[parameters('name')]", 262 | "metadata": { 263 | "description": "The name of the availability set" 264 | } 265 | }, 266 | "resourceId": { 267 | "type": "string", 268 | "value": "[resourceId('Microsoft.Compute/availabilitySets', parameters('name'))]", 269 | "metadata": { 270 | "description": "The resource ID of the availability set" 271 | } 272 | }, 273 | "resourceGroupName": { 274 | "type": "string", 275 | "value": "[resourceGroup().name]", 276 | "metadata": { 277 | "description": "The resource group the availability set was deployed into" 278 | } 279 | } 280 | } 281 | } 282 | } 283 | } 284 | ] 285 | } -------------------------------------------------------------------------------- /Samples/main-ts.bicep: -------------------------------------------------------------------------------- 1 | targetScope = 'subscription' 2 | 3 | param resourceGroupName string = 'my-rg' 4 | 5 | param blobContainers array = [ 6 | { 7 | Name: 'bicep' 8 | publicAccess: 'blob' 9 | } 10 | { 11 | Name: 'simply' 12 | publicAccess: 'container' 13 | } 14 | { 15 | Name: 'rules' 16 | publicAccess: 'none' 17 | } 18 | ] 19 | 20 | resource rg 'Microsoft.Resources/resourceGroups@2021-01-01' = { 21 | name: resourceGroupName 22 | location: 'westeurope' 23 | } 24 | 25 | module co_ts 'ts/CoreSpecs:create-storageaccount:v1' = [for (container, i) in blobContainers: { 26 | name: 'co-module-${i}' 27 | scope: rg 28 | params: { 29 | accessTier: 'Hot' 30 | location: 'west europe' 31 | } 32 | }] 33 | -------------------------------------------------------------------------------- /Samples/main-with-getsecret-function.bicep: -------------------------------------------------------------------------------- 1 | targetScope = 'subscription' 2 | 3 | param resourceGroupName string = 'my-rg' 4 | param storageAccountName string 5 | param containerName string 6 | param keyVaultName string 7 | param keyVaultSubscription string 8 | param keyVaultResourceGroup string 9 | param secretName string 10 | param secretVersion string 11 | 12 | resource rg 'Microsoft.Resources/resourceGroups@2021-01-01' = { 13 | name: resourceGroupName 14 | location: 'westeurope' 15 | } 16 | 17 | resource sa 'Microsoft.Storage/storageAccounts@2021-02-01' existing = { 18 | name: storageAccountName 19 | scope: rg 20 | } 21 | 22 | resource kv 'Microsoft.KeyVault/vaults@2019-09-01' existing = { 23 | name: keyVaultName 24 | scope: resourceGroup(keyVaultSubscription, keyVaultResourceGroup) 25 | } 26 | 27 | module co 'container.bicep' = { 28 | scope: rg 29 | name: 'sa' 30 | params: { 31 | containerName: containerName 32 | storageAccountName: sa.name 33 | secretMetadata: kv.getSecret(secretName, secretVersion) 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /Samples/main-with-secret.bicep: -------------------------------------------------------------------------------- 1 | targetScope = 'subscription' 2 | 3 | param resourceGroupName string = 'my-rg' 4 | param storageAccountName string 5 | param containerName string 6 | param keyVaultName string 7 | param keyVaultResourceGroup string 8 | param secretName string 9 | param secretVersion string 10 | 11 | resource rg 'Microsoft.Resources/resourceGroups@2021-01-01' = { 12 | name: resourceGroupName 13 | location: 'westeurope' 14 | } 15 | 16 | resource sa 'Microsoft.Storage/storageAccounts@2021-02-01' existing = { 17 | name: storageAccountName 18 | scope: rg 19 | } 20 | 21 | resource kv 'Microsoft.KeyVault/vaults@2021-06-01-preview' existing = { 22 | name: keyVaultName 23 | scope: resourceGroup(keyVaultResourceGroup) 24 | } 25 | 26 | module co 'container-with-secret.bicep' = { 27 | scope: rg 28 | name: 'sa' 29 | params: { 30 | containerName: containerName 31 | storageAccountName: sa.name 32 | secretMetadata: kv.getSecret(secretName, secretVersion) 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /Samples/main-with-secret.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.5.6.12127", 8 | "templateHash": "15548398182540806593" 9 | } 10 | }, 11 | "parameters": { 12 | "resourceGroupName": { 13 | "type": "string", 14 | "defaultValue": "my-rg" 15 | }, 16 | "storageAccountName": { 17 | "type": "string" 18 | }, 19 | "containerName": { 20 | "type": "string" 21 | }, 22 | "keyVaultName": { 23 | "type": "string" 24 | }, 25 | "keyVaultResourceGroup": { 26 | "type": "string" 27 | }, 28 | "secretName": { 29 | "type": "string" 30 | }, 31 | "secretVersion": { 32 | "type": "string" 33 | } 34 | }, 35 | "resources": [ 36 | { 37 | "type": "Microsoft.Resources/resourceGroups", 38 | "apiVersion": "2021-01-01", 39 | "name": "[parameters('resourceGroupName')]", 40 | "location": "westeurope" 41 | }, 42 | { 43 | "type": "Microsoft.Resources/deployments", 44 | "apiVersion": "2020-10-01", 45 | "name": "sa", 46 | "resourceGroup": "[parameters('resourceGroupName')]", 47 | "properties": { 48 | "expressionEvaluationOptions": { 49 | "scope": "inner" 50 | }, 51 | "mode": "Incremental", 52 | "parameters": { 53 | "containerName": { 54 | "value": "[parameters('containerName')]" 55 | }, 56 | "storageAccountName": { 57 | "value": "[parameters('storageAccountName')]" 58 | }, 59 | "secretMetadata": { 60 | "reference": { 61 | "keyVault": { 62 | "id": "[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, parameters('keyVaultResourceGroup')), 'Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" 63 | }, 64 | "secretName": "[parameters('secretName')]", 65 | "secretVersion": "[parameters('secretVersion')]" 66 | } 67 | } 68 | }, 69 | "template": { 70 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 71 | "contentVersion": "1.0.0.0", 72 | "metadata": { 73 | "_generator": { 74 | "name": "bicep", 75 | "version": "0.5.6.12127", 76 | "templateHash": "10043792220895779675" 77 | } 78 | }, 79 | "parameters": { 80 | "storageAccountName": { 81 | "type": "string" 82 | }, 83 | "containerName": { 84 | "type": "string" 85 | }, 86 | "secretMetadata": { 87 | "type": "secureString" 88 | } 89 | }, 90 | "resources": [ 91 | { 92 | "type": "Microsoft.Storage/storageAccounts/blobServices/containers", 93 | "apiVersion": "2019-06-01", 94 | "name": "[format('{0}/default/{1}', parameters('storageAccountName'), parameters('containerName'))]", 95 | "properties": { 96 | "metadata": { 97 | "secret": "[parameters('secretMetadata')]" 98 | } 99 | } 100 | } 101 | ] 102 | } 103 | }, 104 | "dependsOn": [ 105 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', parameters('resourceGroupName'))]" 106 | ] 107 | } 108 | ] 109 | } -------------------------------------------------------------------------------- /Samples/main.bicep: -------------------------------------------------------------------------------- 1 | targetScope = 'subscription' 2 | 3 | param namePrefix string 4 | param location string 5 | param resourceGroupName string = 'my-rg' 6 | 7 | param blobContainers array = [ 8 | { 9 | Name: 'bicep' 10 | publicAccess: 'blob' 11 | } 12 | { 13 | Name: 'simply' 14 | publicAccess: 'container' 15 | } 16 | { 17 | Name: 'rules' 18 | publicAccess: 'none' 19 | } 20 | ] 21 | 22 | resource rg 'Microsoft.Resources/resourceGroups@2021-01-01' = { 23 | name: resourceGroupName 24 | location: 'westeurope' 25 | } 26 | 27 | @description('This module deploys a storage account. It requires the parameters location(string) and namePrefix(string) and outputs the storage account name.') 28 | module sa 'storageAccount.bicep' = { 29 | name: 'sa-module' 30 | scope: rg 31 | params: { 32 | location: location 33 | namePrefix: namePrefix 34 | } 35 | } 36 | 37 | module co 'container.bicep' = [for (container, i) in blobContainers: { 38 | name: 'co-module-${i}' 39 | scope: rg 40 | params: { 41 | containerName: container.Name 42 | containerIndex: i 43 | storageAccountName: sa.outputs.stg 44 | } 45 | }] 46 | 47 | output saout string = sa.outputs.stg 48 | -------------------------------------------------------------------------------- /Samples/main.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.675.35994", 8 | "templateHash": "4904531352665711499" 9 | } 10 | }, 11 | "parameters": { 12 | "namePrefix": { 13 | "type": "string" 14 | }, 15 | "location": { 16 | "type": "string" 17 | }, 18 | "resourceGroupName": { 19 | "type": "string", 20 | "defaultValue": "my-rg" 21 | }, 22 | "blobContainers": { 23 | "type": "array", 24 | "defaultValue": [ 25 | { 26 | "Name": "bicep", 27 | "publicAccess": "blob" 28 | }, 29 | { 30 | "Name": "simply", 31 | "publicAccess": "container" 32 | }, 33 | { 34 | "Name": "rules", 35 | "publicAccess": "none" 36 | } 37 | ] 38 | } 39 | }, 40 | "functions": [], 41 | "resources": [ 42 | { 43 | "type": "Microsoft.Resources/resourceGroups", 44 | "apiVersion": "2021-01-01", 45 | "name": "[parameters('resourceGroupName')]", 46 | "location": "westeurope" 47 | }, 48 | { 49 | "type": "Microsoft.Resources/deployments", 50 | "apiVersion": "2019-10-01", 51 | "name": "sa-module", 52 | "resourceGroup": "[parameters('resourceGroupName')]", 53 | "properties": { 54 | "expressionEvaluationOptions": { 55 | "scope": "inner" 56 | }, 57 | "mode": "Incremental", 58 | "parameters": { 59 | "location": { 60 | "value": "[parameters('location')]" 61 | }, 62 | "namePrefix": { 63 | "value": "[parameters('namePrefix')]" 64 | } 65 | }, 66 | "template": { 67 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 68 | "contentVersion": "1.0.0.0", 69 | "metadata": { 70 | "_generator": { 71 | "name": "bicep", 72 | "version": "0.4.675.35994", 73 | "templateHash": "5442983153218637006" 74 | } 75 | }, 76 | "parameters": { 77 | "namePrefix": { 78 | "type": "string", 79 | "defaultValue": "stg" 80 | }, 81 | "location": { 82 | "type": "string", 83 | "defaultValue": "westeurope" 84 | } 85 | }, 86 | "functions": [], 87 | "variables": { 88 | "storageAccountName": "[format('{0}{1}', parameters('namePrefix'), uniqueString(resourceGroup().id))]" 89 | }, 90 | "resources": [ 91 | { 92 | "type": "Microsoft.Storage/storageAccounts", 93 | "apiVersion": "2021-02-01", 94 | "name": "[variables('storageAccountName')]", 95 | "location": "[parameters('location')]", 96 | "kind": "StorageV2", 97 | "sku": { 98 | "name": "Standard_LRS" 99 | }, 100 | "properties": { 101 | "accessTier": "Hot" 102 | } 103 | } 104 | ], 105 | "outputs": { 106 | "stg": { 107 | "type": "string", 108 | "value": "[variables('storageAccountName')]" 109 | } 110 | } 111 | } 112 | }, 113 | "dependsOn": [ 114 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', parameters('resourceGroupName'))]" 115 | ] 116 | }, 117 | { 118 | "copy": { 119 | "name": "co", 120 | "count": "[length(parameters('blobContainers'))]" 121 | }, 122 | "type": "Microsoft.Resources/deployments", 123 | "apiVersion": "2019-10-01", 124 | "name": "[format('co-module-{0}', copyIndex())]", 125 | "resourceGroup": "[parameters('resourceGroupName')]", 126 | "properties": { 127 | "expressionEvaluationOptions": { 128 | "scope": "inner" 129 | }, 130 | "mode": "Incremental", 131 | "parameters": { 132 | "containerName": { 133 | "value": "[parameters('blobContainers')[copyIndex()].Name]" 134 | }, 135 | "containerIndex": { 136 | "value": "[copyIndex()]" 137 | }, 138 | "storageAccountName": { 139 | "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', 'sa-module'), '2019-10-01').outputs.stg.value]" 140 | } 141 | }, 142 | "template": { 143 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 144 | "contentVersion": "1.0.0.0", 145 | "metadata": { 146 | "_generator": { 147 | "name": "bicep", 148 | "version": "0.4.675.35994", 149 | "templateHash": "1059430776622184152" 150 | } 151 | }, 152 | "parameters": { 153 | "storageAccountName": { 154 | "type": "string" 155 | }, 156 | "containerName": { 157 | "type": "string" 158 | }, 159 | "containerIndex": { 160 | "type": "int" 161 | } 162 | }, 163 | "functions": [], 164 | "resources": [ 165 | { 166 | "type": "Microsoft.Storage/storageAccounts/blobServices/containers", 167 | "apiVersion": "2019-06-01", 168 | "name": "[format('{0}/default/{1}{2}', parameters('storageAccountName'), parameters('containerIndex'), parameters('containerName'))]" 169 | } 170 | ] 171 | } 172 | }, 173 | "dependsOn": [ 174 | "[subscriptionResourceId('Microsoft.Resources/resourceGroups', parameters('resourceGroupName'))]", 175 | "[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', 'sa-module')]" 176 | ] 177 | } 178 | ], 179 | "outputs": { 180 | "saout": { 181 | "type": "string", 182 | "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', 'sa-module'), '2019-10-01').outputs.stg.value]" 183 | } 184 | } 185 | } -------------------------------------------------------------------------------- /Samples/referenceExistingResource.bicep: -------------------------------------------------------------------------------- 1 | param vnetName string 2 | param vnetResourceGroupName string 3 | param subnetName string 4 | param subscriptionID string 5 | 6 | resource vnet 'Microsoft.Network/virtualNetworks@2020-05-01' existing = { 7 | name: vnetName 8 | scope: resourceGroup(subscriptionID,vnetResourceGroupName) 9 | } 10 | 11 | resource vmNic 'Microsoft.Network/networkInterfaces@2017-06-01' = { 12 | name: 'demo-nic' 13 | location: resourceGroup().location 14 | properties: { 15 | ipConfigurations: [ 16 | { 17 | name: 'ipconfig1' 18 | properties: { 19 | subnet: { 20 | id: '${vnet.id}/subnets/${subnetName}' 21 | } 22 | privateIPAllocationMethod: 'Dynamic' 23 | } 24 | } 25 | ] 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /Samples/resource-Group-With-Targetscope.bicep: -------------------------------------------------------------------------------- 1 | targetScope = 'subscription' 2 | 3 | param resourceGroupName string = 'my-rg' 4 | 5 | resource rg 'Microsoft.Resources/resourceGroups@2021-01-01' = { 6 | name: resourceGroupName 7 | location: 'westeurope' 8 | } 9 | -------------------------------------------------------------------------------- /Samples/resource-Group-With-Targetscope.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.1", 8 | "templateHash": "2150704691469812603" 9 | } 10 | }, 11 | "parameters": { 12 | "resourceGroupName": { 13 | "type": "string", 14 | "defaultValue": "my-rg" 15 | } 16 | }, 17 | "functions": [], 18 | "resources": [ 19 | { 20 | "type": "Microsoft.Resources/resourceGroups", 21 | "apiVersion": "2021-01-01", 22 | "name": "[parameters('resourceGroupName')]", 23 | "location": "westeurope" 24 | } 25 | ] 26 | } 27 | -------------------------------------------------------------------------------- /Samples/shared-prefixes.json: -------------------------------------------------------------------------------- 1 | { 2 | "companyResourcePrefix": "berson", 3 | "productionResourcePrefix": "p", 4 | "testResourcePrefix": "t", 5 | "globalPostFix": "001" 6 | } -------------------------------------------------------------------------------- /Samples/storageAccount.bicep: -------------------------------------------------------------------------------- 1 | param namePrefix string = 'stg' 2 | param location string = 'westeurope' 3 | 4 | var storageAccountName = '${namePrefix}${uniqueString(resourceGroup().id)}' 5 | 6 | resource stg 'Microsoft.Storage/storageAccounts@2021-02-01' = { 7 | name: storageAccountName 8 | location: location 9 | kind: 'StorageV2' 10 | sku: { 11 | name: 'Standard_LRS' 12 | } 13 | properties: { 14 | accessTier: 'Hot' 15 | } 16 | } 17 | 18 | output stg string = stg.name 19 | -------------------------------------------------------------------------------- /Samples/template-spec.bicep: -------------------------------------------------------------------------------- 1 | param templateSpecName string = 'create-storageaccount' 2 | param templateDescription string = 'Template spec to create new storage account' 3 | param templateDisplayName string = 'Create a new storage account' 4 | 5 | resource ts 'Microsoft.Resources/templateSpecs@2019-06-01-preview' = { 6 | name: templateSpecName 7 | location: resourceGroup().location 8 | properties: { 9 | description: templateDescription 10 | displayName: templateDisplayName 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /Samples/vNet-with-Subnet-as-property.bicep: -------------------------------------------------------------------------------- 1 | resource vnet1 'Microsoft.Network/virtualNetworks@2020-06-01' = { 2 | name: 'vnet-demo-1' 3 | location: resourceGroup().location 4 | properties: { 5 | addressSpace: { 6 | addressPrefixes: [ 7 | '10.10.0.0/16' 8 | ] 9 | } 10 | subnets: [ 11 | { 12 | name: 'subnet-demo-1' 13 | properties: { 14 | addressPrefix: '10.10.0.0/24' 15 | } 16 | } 17 | ] 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /Samples/vNet-with-Subnet-as-property.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.1.14562", 8 | "templateHash": "4731198198752516461" 9 | } 10 | }, 11 | "functions": [], 12 | "resources": [ 13 | { 14 | "type": "Microsoft.Network/virtualNetworks", 15 | "apiVersion": "2020-06-01", 16 | "name": "vnet-demo-1", 17 | "location": "[resourceGroup().location]", 18 | "properties": { 19 | "addressSpace": { 20 | "addressPrefixes": [ 21 | "10.10.0.0/16" 22 | ] 23 | }, 24 | "subnets": [ 25 | { 26 | "name": "subnet-demo-1", 27 | "properties": { 28 | "addressPrefix": "10.10.0.0/24" 29 | } 30 | } 31 | ] 32 | } 33 | } 34 | ] 35 | } -------------------------------------------------------------------------------- /Samples/vNet-with-Subnet-as-separate-nested-resource.bicep: -------------------------------------------------------------------------------- 1 | resource vnet1 'Microsoft.Network/virtualNetworks@2020-11-01' = { 2 | name: 'vnet-demo-3' 3 | location: resourceGroup().location 4 | properties: { 5 | addressSpace: { 6 | addressPrefixes: [ 7 | '10.0.0.0/16' 8 | ] 9 | } 10 | } 11 | 12 | resource subnet 'subnets' = { 13 | name: 'subnet-demo-3' 14 | properties: { 15 | addressPrefix: '10.0.0.0/24' 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /Samples/vNet-with-Subnet-as-separate-nested-resource.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.63.48766", 8 | "templateHash": "14526739432674947321" 9 | } 10 | }, 11 | "functions": [], 12 | "resources": [ 13 | { 14 | "type": "Microsoft.Network/virtualNetworks/subnets", 15 | "apiVersion": "2020-11-01", 16 | "name": "[format('{0}/{1}', 'vnet-demo-3', 'subnet-demo-3')]", 17 | "properties": { 18 | "addressPrefix": "10.0.0.0/24" 19 | }, 20 | "dependsOn": [ 21 | "[resourceId('Microsoft.Network/virtualNetworks', 'vnet-demo-3')]" 22 | ] 23 | }, 24 | { 25 | "type": "Microsoft.Network/virtualNetworks", 26 | "apiVersion": "2020-11-01", 27 | "name": "vnet-demo-3", 28 | "location": "[resourceGroup().location]", 29 | "properties": { 30 | "addressSpace": { 31 | "addressPrefixes": [ 32 | "10.0.0.0/16" 33 | ] 34 | } 35 | } 36 | } 37 | ] 38 | } -------------------------------------------------------------------------------- /Samples/vNet-with-Subnet-as-separate-resource.bicep: -------------------------------------------------------------------------------- 1 | resource vnet2 'Microsoft.Network/virtualNetworks@2020-11-01' = { 2 | name: 'vnet-demo-2' 3 | location: resourceGroup().location 4 | properties: { 5 | addressSpace: { 6 | addressPrefixes: [ 7 | '10.0.0.0/16' 8 | ] 9 | } 10 | } 11 | } 12 | 13 | resource subnet 'Microsoft.Network/virtualNetworks/subnets@2020-11-01' = { 14 | name: '${vnet2.name}/subnet-demo-2' 15 | properties: { 16 | addressPrefix: '10.0.0.0/24' 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /Samples/vNet-with-Subnet-as-separate-resource.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", 3 | "contentVersion": "1.0.0.0", 4 | "metadata": { 5 | "_generator": { 6 | "name": "bicep", 7 | "version": "0.4.1.14562", 8 | "templateHash": "13191252466363134810" 9 | } 10 | }, 11 | "functions": [], 12 | "resources": [ 13 | { 14 | "type": "Microsoft.Network/virtualNetworks", 15 | "apiVersion": "2020-11-01", 16 | "name": "vnet-demo-2", 17 | "location": "[resourceGroup().location]", 18 | "properties": { 19 | "addressSpace": { 20 | "addressPrefixes": [ 21 | "10.0.0.0/16" 22 | ] 23 | } 24 | } 25 | }, 26 | { 27 | "type": "Microsoft.Network/virtualNetworks/subnets", 28 | "apiVersion": "2020-11-01", 29 | "name": "[format('{0}/subnet-demo-2', 'vnet-demo-2')]", 30 | "properties": { 31 | "addressPrefix": "10.0.0.0/24" 32 | }, 33 | "dependsOn": [ 34 | "[resourceId('Microsoft.Network/virtualNetworks', 'vnet-demo-2')]" 35 | ] 36 | } 37 | ] 38 | } -------------------------------------------------------------------------------- /Samples/vm-with-shared-variable-file.bicep: -------------------------------------------------------------------------------- 1 | param localAdminName string 2 | @secure() 3 | param localAdminPassword string 4 | param vmSku string = 'Standard_D4s_v4' 5 | param vmOS string = '2019-Datacenter' 6 | param vmName string = 'demo' 7 | param vnetName string = 'vnet' 8 | param nicName string = 'demo' 9 | 10 | var vnetConfig = { 11 | vnetprefix: '10.0.0.0/16' 12 | subnet: { 13 | name: 'bicep-demo-subnet' 14 | subnetPrefix: '10.0.66.0/24' 15 | } 16 | } 17 | var defaultLocation = resourceGroup().location 18 | var privateIPAllocationMethod = 'Dynamic' 19 | 20 | var sharedNamePrefixes = json(loadTextContent('./shared-prefixes.json')) 21 | var vmFullName = '${sharedNamePrefixes.companyResourcePrefix}-${sharedNamePrefixes.productionResourcePrefix}-${vmName}-${sharedNamePrefixes.globalPostFix}' 22 | var nicFullName = '${sharedNamePrefixes.companyResourcePrefix}-${sharedNamePrefixes.productionResourcePrefix}-${nicName}-${sharedNamePrefixes.globalPostFix}' 23 | var vnetFullName = '${sharedNamePrefixes.companyResourcePrefix}-${sharedNamePrefixes.productionResourcePrefix}-${vnetName}-${sharedNamePrefixes.globalPostFix}' 24 | 25 | resource vnet 'Microsoft.Network/virtualNetworks@2020-05-01' = { 26 | name: vnetFullName 27 | location: defaultLocation 28 | properties: { 29 | addressSpace: { 30 | addressPrefixes: [ 31 | vnetConfig.vnetprefix 32 | ] 33 | } 34 | subnets: [ 35 | { 36 | name: vnetConfig.subnet.name 37 | properties: { 38 | addressPrefix: vnetConfig.subnet.subnetPrefix 39 | } 40 | } 41 | ] 42 | } 43 | } 44 | 45 | resource vmNic 'Microsoft.Network/networkInterfaces@2017-06-01' = { 46 | name: nicFullName 47 | location: defaultLocation 48 | properties: { 49 | ipConfigurations: [ 50 | { 51 | name: 'ipconfig1' 52 | properties: { 53 | subnet: { 54 | id: '${vnet.id}/subnets/${vnetConfig.subnet.name}' 55 | } 56 | privateIPAllocationMethod: privateIPAllocationMethod 57 | } 58 | } 59 | ] 60 | } 61 | } 62 | 63 | resource vm 'Microsoft.Compute/virtualMachines@2019-07-01' = { 64 | name: vmFullName 65 | location: defaultLocation 66 | properties: { 67 | osProfile: { 68 | computerName: vmFullName 69 | adminUsername: localAdminName 70 | adminPassword: localAdminPassword 71 | } 72 | hardwareProfile: { 73 | vmSize: vmSku 74 | } 75 | storageProfile: { 76 | imageReference: { 77 | publisher: 'MicrosoftWindowsServer' 78 | offer: 'WindowsServer' 79 | sku: vmOS 80 | version: 'latest' 81 | } 82 | osDisk: { 83 | createOption: 'FromImage' 84 | } 85 | } 86 | networkProfile: { 87 | networkInterfaces: [ 88 | { 89 | properties: { 90 | primary: true 91 | } 92 | id: vmNic.id 93 | } 94 | ] 95 | } 96 | } 97 | } 98 | -------------------------------------------------------------------------------- /cover.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fberson/Getting-started-with-Bicep-Infrastructure-as-code-on-Azure/d684c29b5452a9acfae065256270b374dc1da3bc/cover.jpg --------------------------------------------------------------------------------