-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.bicep
35 lines (28 loc) · 998 Bytes
/
main.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
targetScope = 'subscription'
@description('Name of the resourceGroup to create')
param rgName string
@description('Location for the resourceGroup')
param rgLocation string
@description('principalId of the user that will be given contributor access to the resourceGroup')
param principalId string
@description('roleDefinition to apply to the resourceGroup - default is contributor')
param roleDefinitionId string = 'b24988ac-6180-42a0-ab88-20f7382dd24c'
@description('Unique name for the roleAssignment in the format of a guid')
param roleAssignmentName string = guid(principalId, roleDefinitionId, rgName)
resource newRg 'Microsoft.Resources/resourceGroups@2019-10-01' = {
name: rgName
location: rgLocation
tags: {
Note: 'subscription level deployment'
}
properties: {}
}
module applyLock './applylock.bicep' = {
scope: newRg
name: 'applyLock'
params: {
principalId: principalId
roleDefinitionId: roleDefinitionId
roleAssignmentName: roleAssignmentName
}
}