Skip to content

Instantly share code, notes, and snippets.

@FrankDeGroot

FrankDeGroot/snapshot_main.bicep

Last active October 11, 2025 13:42
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save FrankDeGroot/d036f31ceacffc4afe8b10401c73eafe to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save FrankDeGroot/d036f31ceacffc4afe8b10401c73eafe to your computer and use it in GitHub Desktop.
Download ZIP
Raw
snapshot_main.bicep
param location string = resourceGroup().location
param webAppName string
param keyVaultName string
param dateTime string = utcNow()
module appInsights '../applicationInsights.bicep' = {
name: 'appInsights-${dateTime}'
params: {
location: location
webAppName: webAppName
}
}
resource keyVault 'Microsoft.KeyVault/vaults@2023-07-01' = {
name: keyVaultName
location: location
properties: {
tenantId: subscription().tenantId
sku: {
family: 'A'
name: 'standard'
}
enableRbacAuthorization: true
accessPolicies: []
}
}
module appService 'appService.bicep' = {
name: 'appService-${dateTime}'
params: {
location: location
webAppName: webAppName
applicationInsightsConnectionString: appInsights.outputs.connectionString
keyVaultName: keyVaultName
}
}
resource secretsUserRoleDefinition 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
scope: subscription()
name: '4633458b-17de-408a-b874-0445c86b69e6' // Key Vault Secrets User
}
resource readerRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
name: guid(resourceGroup().id, appService.name, secretsUserRoleDefinition.id)
properties: {
principalId: appService.outputs.webAppIdentity
principalType: 'ServicePrincipal'
roleDefinitionId: secretsUserRoleDefinition.id
}
}
output webAppUrl string = appService.outputs.webAppUrl
output vaultUri string = keyVault.properties.vaultUri
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment