-
-
Save ThomasPe/164290c3dbe185b3ecc7679274749d77 to your computer and use it in GitHub Desktop.
Azure Service Bus Managed Identity
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module serviceBusAssign 'service-bus-role-assignment.bicep' = { | |
| name: 'sb-assign-notifications-${envName}' | |
| params: { | |
| serviceBusName: serviceBus.outputs.name | |
| principalId: functionApp.outputs.principalId | |
| role: 'Reader' | |
| } | |
| } | |
| module serviceBusAssign 'service-bus-role-assignment.bicep' = { | |
| name: 'sb-assign-${envName}' | |
| params: { | |
| serviceBusName: serviceBus.outputs.name | |
| principalId: webappHttpApi.outputs.principalId | |
| role: 'Sender' | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param serviceBusName string | |
| param principalId string | |
| @allowed([ | |
| 'Reader' | |
| 'Sender' | |
| 'Owner' | |
| ]) | |
| param role string | |
| var readerRoleId = '4f6d3b9b-027b-4f4c-9142-0e5a2a2247e0'// Azure Service Bus Data Receiver | |
| var senderRoleId = '69a216fc-b8fb-44d8-bc22-1f3c2cd27a39'// Azure Service Bus Data Sender | |
| var ownerRoleId = '090c5cfd-751d-490a-894a-3ce6f1109419'// Azure Service Bus Data Owner | |
| var roleId = role == 'Reader' ? readerRoleId : role == 'Sender' ? senderRoleId : ownerRoleId | |
| resource servicebus 'Microsoft.ServiceBus/namespaces@2021-11-01' existing = { | |
| name: serviceBusName | |
| } | |
| resource roleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { | |
| name: guid(servicebus.id, roleId, principalId) | |
| scope: servicebus | |
| properties: { | |
| roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', roleId) | |
| principalId: principalId | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param serviceBusName string | |
| param location string | |
| resource serviceBus 'Microsoft.ServiceBus/namespaces@2021-11-01' = { | |
| name: serviceBusName | |
| location: location | |
| sku: { | |
| name: 'Standard' | |
| } | |
| } | |
| output name string = serviceBus.name |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment