Created
May 11, 2025 00:00
-
-
Save PlagueHO/ddadb5e24ebf3bd51402e545d42cfe8a to your computer and use it in GitHub Desktop.
Bicep file that assigns the Azure Machine Learning service principal the Reader role on an existing Azure AI Search service using the Microsoft Graph Bicep extension.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Use the Microsoft Graph Bicep extension to work with Entra ID resources | |
| extension microsoftGraphV1 | |
| // The Service Principal of the Azure Machine Learning service. | |
| resource azureMachineLearningServicePrincipal 'Microsoft.Graph/servicePrincipals@v1.0' = { | |
| appId: '0736f41a-0425-4b46-bdb5-1563eff02385' // Azure Machine Learning service principal | |
| } | |
| // The existing Azure AI Search service (can be a new or existing resource). | |
| resource azureAiSearch 'Microsoft.Search/searchServices@2025-02-01-preview' existing = { | |
| name: 'my-azure-ai-search' | |
| } | |
| // The role assignment for the Azure AI Search service to grant reader role to Azure Machine Learning. | |
| resource roleAssignment 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = { | |
| name: guid(subscription().subscriptionId, azureAiSearch.id, 'acdd72a7-3385-48ef-bd42-f606fba81ae7' ) | |
| scope: azureAiSearch | |
| properties: { | |
| principalType: 'ServicePrincipal' | |
| principalId: azureMachineLearningServicePrincipal.id | |
| roleDefinitionId: 'acdd72a7-3385-48ef-bd42-f606fba81ae7' // Role definition ID for Reader role | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment