profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/ehrnst/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Martin Ehrnst ehrnst Oslo adatum.no Microsoft Azure MVP and IT Pro

ehrnst/System-Center-Operations-Manager-API 38

Microsoft System Center Operations Manager (SCOM) Web API

MPCatalog/scom-community-catalog 23

This repository stores the MP information for the SCOM Community Management Pack Catalog

ehrnst/Azure 3

My azure stuffs

ehrnst/TextAnalytics 3

run text analytics through Microsoft cognetive services. Powershell script for Azure functions and native powershell

ehrnst/azure-infrastructure-as-code-series 2

Contains code samples for Azure Bicep and ARM templates used by Marcel Zehner and Martin Ehrnst for their Azure Infrastructure as code series

ehrnst/AzureFunctions-EventGrid-Demo 2

A demo showing how to automate a business process using azure functions powershell and event grid topic

ehrnst/OMSWeatherSolution 1

Gathering weather information and posting to Microsoft Operations Management Suite

ehrnst/2018 0

Speaker content from NIC2018

ehrnst/2020 0

Speaker content from NIC2020

issue openedAzure/bicep

Add child resource from module cross subscriptions

Is your feature request related to a problem? Please describe. Not sure if this is something that's not supported, or if it's something I do not understand.

I have one module creating SQL server, this template is shared around the organization. Depending on a boolean flag set, I am trying to set the virtualNetworkRules for the SQL server. The vnets exists in other subscriptions.

In order to maintain the "list" of vnets one can link with i have created a dedicated module for the vnets, which use the existing function (the vnets it self is maintained in a separate codebase).

What I struggle with within the vnet module is to correctly construct the reference and add the virtualNetworkRules on the sql server as a subresource to the SQL server.

adding the subnet module for reference

// a helper module calling existing vnets and linking with

@allowed([
  'foo'
  'uat'
  'prod'
])
param env string

@allowed([
  'sql'
])
param resourceType string

param resourceName string

param resourceSub string

param resourceRG string

var environmentConfig = {
  foo: {
    vceSubscription: ''
    vnets: {
      vceBlueResourceGroup: '${env}-blue-rg'
      vceGreenResourceGroup: '${env}-green-rg'
      blueVnet: '${env}-blue-vnet'
      greenVnet: '${env}-green-vnet'
    }
  }
}

resource vceblueSubnet 'Microsoft.Network/virtualNetworks/subnets@2021-02-01' existing = {
  name: '${environmentConfig[env].vnets.blueVnet}/aks-${env}-blue-net'
  scope: resourceGroup(environmentConfig[env].vceSubscription, 'ehrnstvnet-test-rg')
}

resource vcegreenSubnet 'Microsoft.Network/virtualNetworks/subnets@2021-02-01' existing = {
  name: '${environmentConfig[env].vnets.greenVnet}/aks-${env}-green-net'
  scope: resourceGroup(environmentConfig[env].vceSubscription, environmentConfig[env].vnets.vceGreenResourceGroup)
}

// this one is deployed by the SQL module
resource sqlServer 'Microsoft.Sql/servers@2021-02-01-preview' existing = if (resourceType == 'sql') {
  name: resourceName
  scope: resourceGroup(resourceSub, resourceRG)
}

resource sqltoVCEnetBlue 'Microsoft.Sql/servers/virtualNetworkRules@2021-02-01-preview' = if (resourceType == 'sql') {
  name: '${sqlServer.name}/${vceblueSubnet.name}'
  properties: {
    virtualNetworkSubnetId: vceblueSubnet.id
    ignoreMissingVnetServiceEndpoint: true
  }
  dependsOn: [
    sqlServer
  ]
}

created time in a day

issue commentAzure/bicep

Set or skip an object property based on a condition

I encountered this today when trying to conditionally add vnet rules to a storage account depending on a boolean input. ARM will not accept an empty virtualNetworkRules property.

majastrz

comment created time in 9 days

push eventehrnst/azure-infrastructure-as-code-series

Martin Ehrnst

commit sha ea4b86340fbf96e769473551f0ea1cf133b73d30

..

view details

Martin Ehrnst

commit sha 7adf148c3bf7e59f17a2adf3a38f2da7c19b7698

..

view details

Martin Ehrnst

commit sha c36cdac14fe1d416f9b169222b4e3cf8555ab3d9

added day2 demo

view details

Martin Ehrnst

commit sha 14d0f4159592514195ffc1b8c0ffe95c54763323

Merge branch 'feature/bicep-series'

view details

push time in 11 days

push eventehrnst/azure-infrastructure-as-code-series

Martin Ehrnst

commit sha c36cdac14fe1d416f9b169222b4e3cf8555ab3d9

added day2 demo

view details

push time in 11 days

push eventehrnst/azure-infrastructure-as-code-series

Martin Ehrnst

commit sha 7adf148c3bf7e59f17a2adf3a38f2da7c19b7698

..

view details

push time in 25 days

push eventehrnst/azure-infrastructure-as-code-series

Martin Ehrnst

commit sha ea4b86340fbf96e769473551f0ea1cf133b73d30

..

view details

push time in 25 days

push eventehrnst/azure-infrastructure-as-code-series

Martin Ehrnst

commit sha ca4ac752b9afa5d2d860161acab82084e156ea1e

restructure. first two demos

view details

Martin Ehrnst

commit sha 965ee15733e0543d85c6d0a93ce13f08a64717fa

restructure

view details

Martin Ehrnst

commit sha 4947b8823ead6c22e8562857d6f85355b83d6172

Merge pull request #15 from ehrnst/feature/bicep-series Feature/bicep series

view details

push time in 25 days

push eventehrnst/azure-infrastructure-as-code-series

Martin Ehrnst

commit sha ca4ac752b9afa5d2d860161acab82084e156ea1e

restructure. first two demos

view details

Martin Ehrnst

commit sha 965ee15733e0543d85c6d0a93ce13f08a64717fa

restructure

view details

push time in 25 days

push eventehrnst/azure-infrastructure-as-code-series

Martin Ehrnst

commit sha 2db9893ac1bb03387fccfe066545f49e5140e3b8

restructure

view details

Martin Ehrnst

commit sha 09d12d6d947f049b75d04b5d35991eb2cc5a3e8a

Merge pull request #14 from ehrnst/feature/bicep-series Feature/bicep series

view details

push time in a month

push eventehrnst/azure-infrastructure-as-code-series

Martin Ehrnst

commit sha 546e62c9ab35a49602d1c0004392e193c910c513

restructure and added demo for session 1 and two

view details

Martin Ehrnst

commit sha e7f0ae559d3782f3b86cf21f8ead9961baab2b97

add

view details

Martin Ehrnst

commit sha 09d12d6d947f049b75d04b5d35991eb2cc5a3e8a

Merge pull request #14 from ehrnst/feature/bicep-series Feature/bicep series

view details

push time in a month

push eventehrnst/azure-infrastructure-as-code-series

Martin Ehrnst

commit sha e7f0ae559d3782f3b86cf21f8ead9961baab2b97

add

view details

push time in a month

push eventehrnst/azure-infrastructure-as-code-series

Martin Ehrnst

commit sha 2db9893ac1bb03387fccfe066545f49e5140e3b8

restructure

view details

push time in a month

issue commentAzure/bicep

Using information from existing resources - requires a value that can be calculated at the start of the deployment

Unfortunately we have a runtime limitation that requires any top level properties (name, zones, etc.) to be known at "compile-time" and so it can't be a runtime reference to an existing resource. My understanding is that this only needs to be restricted for name since we need to construct the resource ID with that name. For the others like sku and zones we should be able to relax the restriction.

In the meantime, you may be able to work around this with modules. If you pass in pipPrefix.zones as a param to a module which creates the publicIPAddress, I think you avoid the check.

Thanks, i will try that!

ehrnst

comment created time in a month

issue openedAzure/bicep

Using information from existing resources - requires a value that can be calculated at the start of the deployment

Bicep version Bicep CLI version 0.4.451

Describe the bug I'm trying to provision a public ip from an existing prefix. And I want to use information about sku and zones from that prefix. However these values cannot be evaluated, and hence i get an error in bicep. I have tried to set dependsOn without any effect.

To Reproduce

  name: '${env}-pip-prefix'
  scope: resourceGroup('test-${env}-rg')
}

resource aksEgressIp 'Microsoft.Network/publicIPAddresses@2021-02-01' = {
  name: '${aksSettings.clusterName}-egress-pip'
  location: resourceGroup().location
  sku: {
    name: 'Standard'
    tier: 'Regional'
  }
  zones: pipPrefix.zones
  properties:{
    publicIPAllocationMethod: 'Static'
    publicIPPrefix: {
      id: pipPrefix.id
    }
  }
}```

created time in a month

create barnchehrnst/Azure-Bicep

branch : main

created branch time in 3 months

created repositoryehrnst/Azure-Bicep

Azure Bicep examples

created time in 3 months

issue commentAzure/bicep

Reference/scope in a 3-level bicep structure

This was solved by @fberson on Twitter. Slight change to how reference is done in the environment file.

targetScope = 'subscription'

// parameters
param tags object
param location string

// variables
var resourceGroups = [
  'test-uat-rg'
  'test-uat-blue-rg'
  'test-uat-green-rg'
]

// base resource group deployment
resource rgs 'Microsoft.Resources/resourceGroups@2021-04-01' = [for rgname in resourceGroups: {
  name: rgname
  location: location
  tags: tags
}]

module storage 'storage.bicep' = {
  name: 'str'
  scope: resourceGroup(resourceGroups[0])
  params: {
    environment: 'uat'
  }
  dependsOn: [
    rgs[0]
  ]
}

Is there any documentation for references in this type of scenario?

ehrnst

comment created time in 3 months

issue openedAzure/bicep

Reference/scope in a 3-level bicep structure

Bicep version Bicep CLI version 0.4.63 (7ebed03284)

Describe the bug Not sure if this is a bug or something I do not understand.

I have a setup where three different environments should have all the same resources, but with different properties. Since the number of resources and properties is quite high I thought to structure my project into environment modules and resource modules. Calling the environment files from the main file.

main.bicep > ask for environment environment.bicep > create resource groups and call resource modules (subscription scope)

What happens is that I get a reference error from the resource module The template function 'RESOURCEGROUP' is not expected at this location.

To Reproduce I have three files to replicate

// main

// parameters
@allowed([
  'prod'
  'uat'
  'mt'
])
@description('What environment are you deploying')
param environment string

var location = 'westeurope'
var tags = {
  'owner': 'demo'
  'environment': environment
}

module vceuat 'uat.bicep' = if (environment == 'uat') {
  name: 'uat'
  scope: subscription()
  params: {
    location: location
    tags: tags
  }
}
//uat
targetScope = 'subscription'

// parameters
param tags object
param location string

// variables
var resourceGroups = [
  'test-uat-rg'
  'test-uat-blue-rg'
  'test-uat-green-rg'
]

// base resource group deployment
resource rgs 'Microsoft.Resources/resourceGroups@2021-04-01' = [for rgname in resourceGroups: {
  name: rgname
  location: location
  tags: tags
}]

module storage 'storage.bicep' = {
  name: 'str'
  scope: resourceGroup(rgs[0].id)
  params: {
    environment: 'uat'
  }
}
//storage.bicep
targetScope = 'resourceGroup'
param environment string

var environmentSettings = {
  prod: {
    storageAccountName: 'stovceprodtest'
    storageAccountSKU: 'Standard_ZRS'
  }
  uat: {
    storageAccountName: 'stovceuattest'
    storageAccountSKU: 'Standard_GRS'
  }
  mt: {
    storageAccountName: 'stovcemttest'
    storageAccountSKU: 'Standard_GRS'
  }
}

var location = resourceGroup().location
resource vcestr 'Microsoft.Storage/storageAccounts@2021-04-01' = {
  name: '${environmentSettings[environment].storageAccountName}'
  kind: 'StorageV2'
  location: location
  sku: {
    name: '${environmentSettings[environment].storageAccountSKU}'
  }
}

output straccount object = vcestr

Additional context any help greatly appreciated, if this is a design that will not work, just let me know :)

created time in 3 months