ThomasPe/infra.bicep Secret

## infra.bicep
param location string
param appServicePlanName string
param appServicePlanSku string
param webAppName string
param storageAccountName string

resource appServicePlan 'Microsoft.Web/serverfarms@2020-06-01' = {
  name: appServicePlanName
  location: location
  kind: 'linux'
  properties: {
    reserved: true
  }
  sku: {
    name: appServicePlanSku
  }
}

resource webApp 'Microsoft.Web/sites@2022-09-01' = {
  name: webAppName
  location: location
  properties: {
    serverFarmId: appServicePlan.id
    siteConfig: {
      linuxFxVersion: 'DOTNETCORE|6.0'
      alwaysOn: true
    }
    httpsOnly: true
    clientAffinityEnabled: false
  }
  identity: {
    type: 'SystemAssigned'
  }
}

resource storageAccount 'Microsoft.Storage/storageAccounts@2022-05-01' = {
  name: storageAccountName
  location: location
  sku: {
    name: 'Standard_LRS'
  }
  kind: 'StorageV2'
  properties: {
    accessTier: 'Hot'
    allowBlobPublicAccess: true
    supportsHttpsTrafficOnly: true
    minimumTlsVersion: 'TLS1_2'
  }
}

resource storageTableDataContributorRoleDefinition 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
  scope: subscription()
  name: '17d1049b-9a84-46fb-8f53-869881c3d3ab'
}

resource tableRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
  name: guid(resourceGroup().id, webApp.id, storageTableDataContributorRoleDefinition.id)
  scope: storageAccount
  properties: {
    roleDefinitionId: storageTableDataContributorRoleDefinition.id
    principalId: webApp.identity.principalId
  }
}

resource storageBlobDataContributorRoleDefinition 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
  scope: subscription()
  name: 'ba92f5b4-2d11-453d-a403-e96b0029c9fe'
}

resource blobRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
  name: guid(resourceGroup().id, webApp.id, storageBlobDataContributorRoleDefinition.id)
  scope: storageAccount
  properties: {
    roleDefinitionId: storageBlobDataContributorRoleDefinition.id
    principalId: webApp.identity.principalId
  }
}
	param location string
	param appServicePlanName string
	param appServicePlanSku string
	param webAppName string
	param storageAccountName string

	resource appServicePlan 'Microsoft.Web/serverfarms@2020-06-01' = {
	name: appServicePlanName
	location: location
	kind: 'linux'
	properties: {
	reserved: true
	}
	sku: {
	name: appServicePlanSku
	}
	}

	resource webApp 'Microsoft.Web/sites@2022-09-01' = {
	name: webAppName
	location: location
	properties: {
	serverFarmId: appServicePlan.id
	siteConfig: {
	linuxFxVersion: 'DOTNETCORE\|6.0'
	alwaysOn: true
	}
	httpsOnly: true
	clientAffinityEnabled: false
	}
	identity: {
	type: 'SystemAssigned'
	}
	}

	resource storageAccount 'Microsoft.Storage/storageAccounts@2022-05-01' = {
	name: storageAccountName
	location: location
	sku: {
	name: 'Standard_LRS'
	}
	kind: 'StorageV2'
	properties: {
	accessTier: 'Hot'
	allowBlobPublicAccess: true
	supportsHttpsTrafficOnly: true
	minimumTlsVersion: 'TLS1_2'
	}
	}

	resource storageTableDataContributorRoleDefinition 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
	scope: subscription()
	name: '17d1049b-9a84-46fb-8f53-869881c3d3ab'
	}

	resource tableRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
	name: guid(resourceGroup().id, webApp.id, storageTableDataContributorRoleDefinition.id)
	scope: storageAccount
	properties: {
	roleDefinitionId: storageTableDataContributorRoleDefinition.id
	principalId: webApp.identity.principalId
	}
	}

	resource storageBlobDataContributorRoleDefinition 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
	scope: subscription()
	name: 'ba92f5b4-2d11-453d-a403-e96b0029c9fe'
	}

	resource blobRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
	name: guid(resourceGroup().id, webApp.id, storageBlobDataContributorRoleDefinition.id)
	scope: storageAccount
	properties: {
	roleDefinitionId: storageBlobDataContributorRoleDefinition.id
	principalId: webApp.identity.principalId
	}
	}