-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.bicep
139 lines (122 loc) · 3.39 KB
/
main.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
// Simple example to deploy Azure infrastructure for app + data + managed identity + monitoring
// Region for all resources
param location string = resourceGroup().location
// Web App params
@allowed([
'F1'
'D1'
'B1'
'B2'
'B3'
'S1'
'S2'
'S3'
'P1'
'P2'
'P3'
'P4'
])
param skuName string = 'F1'
@minValue(1)
param skuCapacity int = 1
// Data params
param sqlAdministratorLogin string
@secure()
param sqlAdministratorLoginPassword string
// Managed Identity params
param managedIdentityName string
param roleDefinitionId string = 'b24988ac-6180-42a0-ab88-20f7382dd24c' //Default as contributor role
// Variables
var hostingPlanName = 'hostingplan${uniqueString(resourceGroup().id)}'
var webSiteName = 'webSite${uniqueString(resourceGroup().id)}'
var sqlserverName = 'sqlserver${uniqueString(resourceGroup().id)}'
var databaseName = 'sampledb'
// Data resources
resource sqlserver 'Microsoft.Sql/servers@2019-06-01-preview' = {
name: sqlserverName
location: location
properties: {
administratorLogin: sqlAdministratorLogin
administratorLoginPassword: sqlAdministratorLoginPassword
version: '12.0'
}
}
resource sqlserverName_databaseName 'Microsoft.Sql/servers/databases@2020-08-01-preview' = {
name: '${sqlserver.name}/${databaseName}'
location: location
sku: {
name: 'Basic'
}
properties: {
collation: 'SQL_Latin1_General_CP1_CI_AS'
maxSizeBytes: 1073741824
}
}
resource sqlserverName_AllowAllWindowsAzureIps 'Microsoft.Sql/servers/firewallRules@2014-04-01' = {
name: '${sqlserver.name}/AllowAllWindowsAzureIps'
properties: {
endIpAddress: '0.0.0.0'
startIpAddress: '0.0.0.0'
}
}
// Web App resources
resource hostingPlan 'Microsoft.Web/serverfarms@2020-06-01' = {
name: hostingPlanName
location: location
sku: {
name: skuName
capacity: skuCapacity
}
}
resource webSite 'Microsoft.Web/sites@2020-06-01' = {
name: webSiteName
location: location
tags: {
'hidden-related:${hostingPlan.id}': 'empty'
displayName: 'Website'
}
properties: {
serverFarmId: hostingPlan.id
}
identity: {
type: 'UserAssigned'
userAssignedIdentities: {
'${msi.id}': {}
}
}
}
resource webSiteConnectionStrings 'Microsoft.Web/sites/config@2020-06-01' = {
name: '${webSite.name}/connectionstrings'
properties: {
DefaultConnection: {
value: 'Data Source=tcp:${sqlserver.properties.fullyQualifiedDomainName},1433;Initial Catalog=${databaseName};User Id=${sqlAdministratorLogin}@${sqlserver.properties.fullyQualifiedDomainName};Password=${sqlAdministratorLoginPassword};'
type: 'SQLAzure'
}
}
}
// Managed Identity resources
resource msi 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
name: managedIdentityName
location: location
}
resource roleassignment 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = {
name: guid(roleDefinitionId, resourceGroup().id)
properties: {
principalType: 'ServicePrincipal'
roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', roleDefinitionId)
principalId: msi.properties.principalId
}
}
// Monitor
resource AppInsights_webSiteName 'Microsoft.Insights/components@2018-05-01-preview' = {
name: 'AppInsights${webSite.name}'
location: location
tags: {
'hidden-link:${webSite.id}': 'Resource'
displayName: 'AppInsightsComponent'
}
kind: 'web'
properties: {
Application_Type: 'web'
}
}