-
Notifications
You must be signed in to change notification settings - Fork 456
The library Module usage
This section provides a guideline on how to use the CARML Bicep modules.
This section shows you how to deploy a Bicep template.
This sub-section gives you an example on how to deploy a template from your local drive (file) or a publicly available remote location (URI).
Resource Group scope
To be used if the targeted scope in the first line of the template is:
-
Bicep:
targetScope = 'resourceGroup'or empty (as default) -
ARM:
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#"
Using parameter file
New-AzResourceGroup -Name 'ExampleGroup' -Location "Central US"
$inputObject = @{
DeploymentName = 'ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])
ResourceGroupName = 'ExampleGroup'
TemplateParameterFile = 'parameters.json'
# Using a local reference
TemplateFile = "$home\ResourceModules\modules\Microsoft.KeyVault\vault\deploy.bicep"
# Using a remote reference
# TemplateUri = 'https://raw.githubusercontent.com/Azure/ResourceModules/main/modules/Microsoft.KeyVault/vaults/deploy.bicep'
}
New-AzResourceGroupDeployment @inputObjectFor more information, please refer to the official Microsoft docs.
Subscription scope
To be used if the targeted scope in the first line of the template is:
-
Bicep:
targetScope = 'subscription' -
ARM:
"$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#"
$inputObject = @{
DeploymentName = 'ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])
TemplateParameterFile = 'parameters.json'
Location = 'EastUS2'
# Using a local reference
TemplateFile = "$home\ResourceModules\modules\Microsoft.Resources\resourceGroups\deploy.bicep"
# Using a remote reference
# TemplateUri = 'https://raw.githubusercontent.com/Azure/ResourceModules/main/modules/Microsoft.Resources/resourceGroups/deploy.bicep'
}
New-AzDeployment @inputObjectFor more information, please refer to the official Microsoft docs.
Management group scope
To be used if the targeted scope in the first line of the template is:
-
Bicep:
targetScope = 'managementGroup' -
ARM:
"$schema": "https://schema.management.azure.com/schemas/2018-05-01/managementGroupDeploymentTemplate.json#"
$inputObject = @{
DeploymentName = 'ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])
ManagementGroupId = 'myManagementGroup'
Location = 'EastUS2'
TemplateParameterFile = 'parameters.json'
# Using a local reference
TemplateFile = "$home\ResourceModules\modules\Microsoft.Authorization\policyAssignments\managementGroup\deploy.bicep"
# Using a remote reference
# TemplateUri = 'https://raw.githubusercontent.com/Azure/ResourceModules/main/modules/Microsoft.Authorization/policyAssignments/managementGroup/deploy.bicep'
}
New-AzManagementGroupDeployment @inputObjectFor more information, please refer to the official Microsoft docs.
Tenant scope
To be used if the targeted scope in the first line of the template is:
-
Bicep:
targetScope = 'tenant' -
ARM:
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/tenantDeploymentTemplate.json#",
$inputObject = @{
DeploymentName = 'ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])
TemplateParameterFile = 'parameters.json'
Location = 'EastUS2'
# Using a local reference
TemplateFile = "$home\ResourceModules\modules\Microsoft.Subscription\aliases\deploy.bicep"
# Using a remote reference
# TemplateUri = 'https://raw.githubusercontent.com/Azure/ResourceModules/main/modules/Microsoft.Subscription/aliases/deploy.bicep'
}
New-AzTenantDeployment @inputObjectFor more information, please refer to the official Microsoft docs.
Resource Group scope
To be used if the targeted scope in the first line of the template is:
-
Bicep:
targetScope = 'resourceGroup'or empty (as default) -
ARM:
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#"
az group create --name 'ExampleGroup' --location "Central US"
$inputObject = @(
'--name', ('ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])),
'--resource-group', 'ExampleGroup',
'--parameters', '@parameters.json',
# Using a local reference
'--template-file', "$home\ResourceModules\modules\Microsoft.Storage\storageAccounts\deploy.bicep",
# Using a remote reference
# '--template-uri', 'https://raw.githubusercontent.com/Azure/ResourceModules/main/modules/Microsoft.Storage/storageAccounts/deploy.bicep'
)
az deployment group create @inputObjectFor more information, please refer to the official Microsoft docs.
Subscription scope
To be used if the targeted scope in the first line of the template is:
-
Bicep:
targetScope = 'subscription' -
ARM:
"$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#"
$inputObject = @(
'--name', ('ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])),
'--parameters', '@parameters.json',
'--location', 'EastUS2',
# Using a local reference
'--template-file', "$home\ResourceModules\modules\Microsoft.Resources\resourceGroups\deploy.bicep"
# Using a remote reference
# '--template-uri', 'https://raw.githubusercontent.com/Azure/ResourceModules/main/modules/Microsoft.Resources/resourceGroups/deploy.bicep'
)
az deployment sub create @inputObjectFor more information, please refer to the official Microsoft docs.
Management group scope
To be used if the targeted scope in the first line of the template is:
-
Bicep:
targetScope = 'managementGroup' -
ARM:
"$schema": "https://schema.management.azure.com/schemas/2018-05-01/managementGroupDeploymentTemplate.json#"
$inputObject = @(
'--name', ('ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])),
'--parameters', '@parameters.json',
'--location', 'EastUS2',
'--management-group-id', 'myManagementGroup',
# Using a local reference
'--template-file', "$home\ResourceModules\modules\Microsoft.Authorization\policyAssignments\managementGroup\deploy.bicep"
# Using a remote reference
# '--template-uri', 'https://raw.githubusercontent.com/Azure/ResourceModules/main/modules/Microsoft.Authorization/policyAssignments/managementGroup/deploy.bicep'
)
az deployment mg create @inputObjectFor more information, please refer to the official Microsoft docs.
Tenant scope
To be used if the targeted scope in the first line of the template is:
-
Bicep:
targetScope = 'tenant' -
ARM:
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/tenantDeploymentTemplate.json#",
$inputObject = @(
'--name', ('ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])),
'--parameters', '@parameters.json',
'--location', 'EastUS2',
# Using a local reference
'--template-file', "$home\ResourceModules\modules\Microsoft.Subscription\aliases\deploy.bicep"
# Using a remote reference
# '--template-uri', 'https://raw.githubusercontent.com/Azure/ResourceModules/main/modules/Microsoft.Subscription/aliases/deploy.bicep'
)
az deployment tenant create @inputObjectFor more information, please refer to the official Microsoft docs.
You can also reference modules in another template using the below syntax. To deploy this 'orchestration template' you can again use the commands described above. You can also find further information in the 'Template Orchestration' section of Solution Creation site.
// Using local reference
module testDeployment 'ResourceModules/modules/Microsoft.KeyVaults/vaults/deploy.bicep' = {
scope: resourceGroup
name: '${uniqueString(deployment().name)}-example'
params: { ... }
}
// Using Template-Specs reference (with configuration file)
module testDeployment 'ts/modules:microsoft.keyvaults.vaults:1.0.0' = {
scope: resourceGroup
name: '${uniqueString(deployment().name)}-example'
params: { ... }
}
// Using Bicep reference
module testDeployment 'br:<registry-name>.azurecr.io/bicep/modules/microsoft.keyvaults.vaults:1.0.0' = {
scope: resourceGroup
name: '${uniqueString(deployment().name)}-example'
params: { ... }
}If you're interested on how to build a solution from the modules, please refer to the corresponding 'Solution creation' section.