What’s new in Azure Bicep
Azure Bicep is an Infrastructure As Code (IaC) tool which helps to quick provisioning of Azure Resources using optimized Azure ARM templates. The Azure Bicep profile consists of features of quick infrastructure provisioning using the ‘modules’, ‘resource’, ‘param’ & ‘var’ building blocks.
If there are any existing ARM templates (JSON blocks) for resources, the same could be decompiled to Azure Bicep code.
Let's take a quick look at how to provision Azure resources with Bicep building blocks.
Bicep for VS Code
Bicep CLI (optional)
Provisioning of Azure Storage Account using Bicep
resource myAZStorage ‘Microsoft.Storage/storageAccounts@2019–04–01’ = {
name: ‘${storageAccountName}’
location: ‘${storageAccountLocation}’
sku: {
name: ‘Standard_LRS’
}
properties: {
allowBlobPublicAccess: true
accessTier: ‘Hot’
supportsHttpsTrafficOnly:true
}
kind: ‘StorageV2’
}
output storageId string = myAZStorage.id
Here in this bicep code described above, it consists of resource which is used to declare the resource block.
Any of the ‘resource’ blocks in Azure Bicep contains some of the general properties like “name”, “location”, “identity” (if applicable) & “properties”, “dependsOn” (for explicit dependency management cases).
Similarly, the ‘module’ may also be applicable for consuming modules in a resource group of Azure resources.
Managing Explicit Dependency in Azure Resource Building blocks
In many cases, it’s required to manage the explicit dependency of Azure resources, like for e.g. for provisioning Azure Synapse Analytics workspace, the resources like Azure SQL Server, SQL db & Data lake storage account is the pre-requisites, hence they’re required to be defined as explicit resource dependency in Bicep code.
// Create Synapse Analytics workspace
resource myazSQLserv ‘Microsoft.Sql/servers@2020–02–02-preview’ = {
name: ‘{azSQLServerName}’
location: ‘{azSQLServerLocation}’
identity: {
type: ‘SystemAssigned’
}
properties: {
administratorLogin: ‘{sqlServerAdmin}’
administratorLoginPassword: ‘{sqlServerPassword}’
publicNetworkAccess: ‘Enabled’
}
tags: {
name: ‘SQLServer’
resourceType: ‘sqlserverdb’
}
}
resource myazsqldb ‘Microsoft.Sql/servers/databases@2019–06–01-preview’ = {
name: ‘{nameofSQLDb/}’
location: ‘{azSQLdbLocation}’
properties: {
licenseType: ‘BasePrice’
zoneRedundant: false
}
dependsOn: [
myazSQLserv
]
}
resource mySynapseDataLakeStore ‘Microsoft.DataLakeStore/accounts@2016–11–01’ = {
name: ‘{azDataLakeStoreName}’
location: ‘{azDataLakeStoreLocation}’
identity: {
type: ‘SystemAssigned’
}
properties: {
firewallAllowAzureIps:’Disabled’
encryptionState:’Enabled’
firewallState:’Disabled’
}
}
resource mySynapse ‘Microsoft.Synapse/workspaces@2021–05–01’ = {
name: ‘{synapseDemo}’
location: ‘{azSynapseWorkspaceLocation}’
identity: {
type: ‘SystemAssigned’
}
properties: {
sqlAdministratorLogin: myazSQLserv.properties.administratorLogin
sqlAdministratorLoginPassword:myazSQLserv.properties.administratorLoginPassword
publicNetworkAccess:’Enabled’
defaultDataLakeStorage: mySynapseDataLakeStore
/* managedVirtualNetworkSettings: {
preventDataExfiltration:true
} */
}
dependsOn: [
myazSQLserv
mySynapseDataLakeStore
]
}
Similarly, while implementing such resources, you can visualize the resource dependencies through Bicep Visualization graph tool available as part of VS code Bicep tool.
The sample Bicep code repository for Azure Resources Infrastructure provisioning is shared in the following Github repo
