bicep multiple parameter files
I'm trying to find a workable way to use multiple parameter files in Bicep. I have a need to be able to specify a separate parameter file for each module on my main.bicep. The only way I can kind of make it work is by creating json files as surrogate parameter files and then use json(loadTextContent) to extract each parameter. Example below Where you see I load the first paramter of teh keyvault module from a json.:
#storageaccount params
param st_storageAccountName string
param st_location string
param st_tags object
param st_skuName string
param st_kind string
param st_identityType string
param st_accessTier string
param st_allowBlobPublicAccess bool
param st_allowCrossTenantReplication bool
param st_allowedCopyScope string
param st_allowSharedKeyAccess bool
param st_azureFilesIdentityBasedAuthentication object
param st_customDomain object
param st_defaultToOAuthAuthentication bool
param st_dnsEndpointType string
param st_encryption object
param st_immutableStorageWithVersioning object
param st_isHnsEnabled bool
param st_isLocalUserEnabled bool
param st_isNfsV3Enabled bool
param st_isSftpEnabled bool
param st_keyPolicy object
param st_largeFileSharesState string
param st_minimumTlsVersion string
param st_networkAcls object
param st_publicNetworkAccess string
param st_routingPreference object
param st_sasPolicy object
param st_supportsHttpsTrafficOnly bool
module teststorage 'br:hidden.azurecr.io/bicep/modules/storage:v1' = {
name:st_storageAccountName
params:{
st_accessTier: st_accessTier
st_allowBlobPublicAccess: st_allowBlobPublicAccess
st_allowCrossTenantReplication: st_allowCrossTenantReplication
st_allowedCopyScope: st_allowedCopyScope
st_allowSharedKeyAccess: st_allowSharedKeyAccess
st_azureFilesIdentityBasedAuthentication: st_azureFilesIdentityBasedAuthentication
st_customDomain: st_customDomain
st_defaultToOAuthAuthentication: st_defaultToOAuthAuthentication
st_dnsEndpointType: st_dnsEndpointType
st_encryption: st_encryption
st_identityType: st_identityType
st_immutableStorageWithVersioning: st_immutableStorageWithVersioning
st_isHnsEnabled: st_isHnsEnabled
st_isLocalUserEnabled: st_isLocalUserEnabled
st_isNfsV3Enabled: st_isNfsV3Enabled
st_isSftpEnabled: st_isSftpEnabled
st_keyPolicy: st_keyPolicy
st_kind: st_kind
st_largeFileSharesState: st_largeFileSharesState
st_location: st_location
st_minimumTlsVersion: st_minimumTlsVersion
st_networkAcls: st_networkAcls
st_publicNetworkAccess: st_publicNetworkAccess
st_routingPreference: st_routingPreference
st_sasPolicy: st_sasPolicy
st_skuName: st_skuName
st_storageAccountName: st_storageAccountName
st_supportsHttpsTrafficOnly: st_supportsHttpsTrafficOnly
st_tags: st_tags
}
}
module testkeyvault 'br:hidden.azurecr.io/modules/keyvault:v1' = {
name:kv_name
params:{
kv_createMode: json(loadTextContent('./keyvault.json')).parameters.kv_createMode.value
kv_enabledForDeployment: kv_enabledForDeployment
kv_enabledForDiskEncryption: kv_enabledForDiskEncryption
kv_enabledForTemplateDeployment: kv_enabledForTemplateDeployment
kv_enablePurgeProtection: kv_enablePurgeProtection
kv_enableRbacAuthorization: kv_enableRbacAuthorization
kv_enableSoftDelete: kv_enableSoftDelete
kv_location: kv_location
kv_name: kv_name
kv_networkAcls: kv_networkAcls
kv_provisioningState: kv_provisioningState
kv_publicNetworkAccess: kv_publicNetworkAccess
kv_sku: kv_sku
kv_softDeleteRetentionInDays: kv_softDeleteRetentionInDays
kv_tags: kv_tags
kv_tenantId: kv_tenantId
kv_vaultUri: kv_vaultUri
}
}
I would have to extract each parameter separately from the json and repeat for each module. I have tried formatting the source file so that I can just load it as one string but for some reason the loadtextcontent literally loads the returns as \n. Anyone has a good way to use multiple parameter files in bicep?
Solution
bicep multiple parameter files approach
To specify a separate parameter file for each module on my main.bicep while using mutiple parameter files approach was mentioned below
main.bicep
@description('KeyVault parameters file')
param keyvaultParams object = json(loadTextContent('./parameters/keyvault.json')).parameters
@description('Storage Account parameters file')
param storageAccountParams object = json(loadTextContent('./parameters/storageaccount.json')).parameters
module keyvaultModule './modules/keyvault.bicep' = {
name: keyvaultParams.kv_name.value
params: {
kv_name: keyvaultParams.kv_name.value
kv_location: keyvaultParams.kv_location.value
kv_sku: keyvaultParams.kv_sku.value
kv_enableSoftDelete: keyvaultParams.kv_enableSoftDelete.value
kv_tenantId: keyvaultParams.kv_tenantId.value
kv_tags: keyvaultParams.kv_tags.value
}
}
module storageAccountModule './modules/storageaccount.bicep' = {
name: storageAccountParams.st_storageAccountName.value
params: {
st_storageAccountName: storageAccountParams.st_storageAccountName.value
st_location: storageAccountParams.st_location.value
st_skuName: storageAccountParams.st_skuName.value
st_kind: storageAccountParams.st_kind.value
st_tags: storageAccountParams.st_tags.value
}
}
modules/keyvault.bicep:
@description('Name of the Key Vault')
param kv_name string
@description('Location of the Key Vault')
param kv_location string
@description('SKU of the Key Vault')
param kv_sku object
@description('Enable soft delete for the Key Vault')
param kv_enableSoftDelete bool
@description('Azure AD Tenant ID for the Key Vault')
param kv_tenantId string
@description('Access policies for the Key Vault')
param kv_accessPolicies array = []
@description('Tags for the Key Vault')
param kv_tags object
resource keyVault 'Microsoft.KeyVault/vaults@2021-10-01' = {
name: kv_name
location: kv_location
properties: {
tenantId: kv_tenantId
sku: kv_sku
enableSoftDelete: kv_enableSoftDelete
accessPolicies: kv_accessPolicies
}
tags: kv_tags
}
modules/storageaccount.bicep:
@description('Name of the Storage Account')
param st_storageAccountName string
@description('Location of the Storage Account')
param st_location string
@description('SKU Name for the Storage Account')
param st_skuName string
@description('Kind of the Storage Account')
param st_kind string
@description('Tags for the Storage Account')
param st_tags object
resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = {
name: st_storageAccountName
location: st_location
sku: {
name: st_skuName
}
kind: st_kind
tags: st_tags
}
/parameter/keyvault.json:
{
"parameters": {
"kv_name": { "value": "testvkssbKeyVault" },
"kv_location": { "value": "East US" },
"kv_sku": { "value": { "family": "A", "name": "standard" } },
"kv_enableSoftDelete": { "value": true },
"kv_tenantId": { "value": "tenantId" },
"kv_accessPolicies": {
"value": [
{
"objectId": "objectId",
"permissions": {
"keys": ["get", "list", "create", "delete", "recover"],
"secrets": ["get", "list", "set", "delete", "recover"]
},
"tenantId": "tenantId"
}
]
},
"kv_tags": { "value": { "environment": "production" } }
}
}
/parameter/storageaccount.json:
{
"parameters": {
"st_storageAccountName": { "value": "vksbbssstorageacc" },
"st_location": { "value": "East US" },
"st_skuName": { "value": "Standard_LRS" },
"st_kind": { "value": "StorageV2" },
"st_tags": { "value": { "department": "IT", "environment": "production" } }
}
}
depolyement:
az deployment group create --resource-group vkdb-rg --template-file ./main.bicep
refer:
https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/parameter-files?tabs=Bicep
https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/best-practices#parameters
https://www.iamachs.com/p/azure-bicep/part-4-master-modules-guide/
- "Schema" property not found in Postgres Connector
- Downloading file from Azure blob storage via Memory Stream
- Reading env variable from template.yaml
- HTTP Error 500.30 - ASP.NET Core app failed to start - Azure
- Azure DevOps Pipelines: TerraformTaskV4: init with different subscription and Workflow Identity Federation
- Enabling HTTPS for a Azure blob static website
- How to search across many Azure Devops Git project and find all files which contain specific text AND which filename contains "Resource"
- Hosting SPA with Static Website option on Azure Blob Storage (clean URLs and Deep links)
- Using Managed Identity to Access Azure OpenAI Service
- Azure data factory not loading
- Transfer encrypted dataprotection keys from a windows vm to azure keyvault
- Refresh powerBI data with additional column
- Azure Application Insights AKS - How to Create 1 custom alert rule which will trigger multiple alerts, but with different names (per pod name)?
- gRPC and REST side by side in Azure App Service, Linux Container
- Connecting to a SignalR WSS stream but not getting the response i am looking for
- SignalR prevent user from opening multiple sessions in different tabs
- Application Insights -_logger.LogInformation
- CosmosDB is not allowing serverless capabalities to NoSQL, it says I must use CapacityMode
- Azure Webapp / Website Swap : HTTP Ping Error
- Microsoft Graph API - Update phoneMethods is no longer working
- Use Azure Key Vault secret in Header section of Web Activity
- Azure Storage blob getting the io.netty.channel.StacklessClosedChannelException while generating /downloading the from SasUrl
- How do I save and later load Azure AnalyzeResult object in python?
- Office 365 Exchange Online permission is not visible for registered application in azure active directory
- Azure ADF - HTTP : Table from list
- Self hosted azure devops build agent not getting tool from $PATH
- Azure devops pipeline stages template nesting
- Azure APIM is returning the incorrect HTTP response error when call is missing mandatory querystring parameter
- Azure DevOps build pipeline logid for a specific task - dynamically
- PS script to fetch the list non-compliance resource list with respect to policy from multiple subscriptions