-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathaksManagedIdentity.bicep
41 lines (32 loc) · 1.31 KB
/
aksManagedIdentity.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
// Parameters
@description('Specifies the name of the user-defined managed identity.')
param managedIdentityName string
@description('Specifies the name of the existing virtual network.')
param virtualNetworkName string
@description('Specifies the location of the user-defined managed identity.')
param location string = resourceGroup().location
@description('Specifies the resource tags.')
param tags object
// Variables
var networkContributorRoleDefinitionId = resourceId('Microsoft.Authorization/roleDefinitions', '4d97b98b-1d4f-4787-a291-c67834d212e7')
// Resources
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-07-31-preview' = {
name: managedIdentityName
location: location
tags: tags
}
resource virtualNetwork 'Microsoft.Network/virtualNetworks@2024-01-01' existing = {
name: virtualNetworkName
}
resource virtualNetworkContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
name: guid(managedIdentity.id, virtualNetwork.id, networkContributorRoleDefinitionId)
scope: virtualNetwork
properties: {
roleDefinitionId: networkContributorRoleDefinitionId
principalId: managedIdentity.properties.principalId
principalType: 'ServicePrincipal'
}
}
// Outputs
output id string = managedIdentity.id
output name string = managedIdentity.name