The last couple of years, infrastructure as code, has been an very important step in most enterprise level cloud solutions, and the space has not been easier to navigate with multiple vendors fighting for their place in the domain.
I have personally worked with everything from "old-school" ARM templates to tools like Terraform.
But with Microsoft's new standard 'Bicep'. I believe Bicep will be the obvious choice for many development teams that are working exclusively within the Azure cloud environment.
There's simply just to many advantages by utilizing Bicep its not worth passing on, not to mention is free to use and has day 0 support for all resources in Azure!
Lets jump into it and get started!
The first thing we need todo is ensure that we have the tools required to start working with Bicep on our local machine.
Prerequisites
- Azure CLI installed
- Visual studio Code (Visual Studio would also work, however visualization of resources' created by your bicep - script and intellisense works better in VS code)
- Bicep extension in Visual Studio code
Bicep installation Guide
Start by going into Visual studio code and open the 'View' tab and select Terminal.
Let's install Bicep
az bicep installNow we can validate if we have successfully installed Bicep by reviewing the version.
az bicep versionWe can now proceed to setup our azure connection to ensure we will work within the correct subscription.
az account listLet's see the subscription we want to use
az set --subscription 'yoursubscriptionid'Confirm that we are utilizing the correct subscription.
az account show
We are now already to do our first initial Bicep script. I'd highly recommend that you install Visual Studio Code as the support for Bicep here is way beyond what you get in Visual studio as you can visualize your resources' that will be created which will not be possible to view in Visual Studio.
Creating our first template
Lets start by adding some parameter's to work with future down, in this example we will manually create our resource group to place our resources in therefor we can utilize the az.resourceGroup() and take that in as a parameter when we run our script. Firstly start up Visual studio Code and create a new file called 'main.bicep'
param env string = 'dev'
param location string = az.resourceGroup().location
Alright let's create our first resource, in this simple blogpost we will just create an storage account and see that deployed to our resource group. Due to naming conventions we have to keep our name very simplistic but we will add our {env} paramter we defined earlier.
@description('Storage account')
resource storageAccount 'Microsoft.Storage/storageAccounts@2022-05-01' = {
name: 'mystorageaccount${env}'
location: location
sku: {
name: 'Standard_LRS'
}
kind: 'StorageV2'
properties: {
minimumTlsVersion: 'TLS1_0'
allowBlobPublicAccess: true
networkAcls: {
bypass: 'AzureServices'
virtualNetworkRules: []
ipRules: []
defaultAction: 'Allow'
}
supportsHttpsTrafficOnly: true
encryption: {
services: {
file: {
keyType: 'Account'
enabled: true
}
blob: {
keyType: 'Account'
enabled: true
}
}
keySource: 'Microsoft.Storage'
}
accessTier: 'Hot'
}
}
What's really cool in Bicep is you can see we have defined our first resource as storageAccount this means we can actually reference this later, if we want to interact with it (including intellisense support in VS code).
Let's try and add an blob storage to first Bicep resource.
@description('Blob service in Storage account')
resource storageAccountBlobService 'Microsoft.Storage/storageAccounts/blobServices@2022-05-01' = {
parent: storageAccount
name: 'default'
properties: {
cors: {
corsRules: []
}
deleteRetentionPolicy: {
allowPermanentDelete: false
enabled: false
}
}
}
Alright, that's it, lets try and deploy! Run the following command in your Terminal in VS code, before deployment you can try and visualize your Bicep file in VS Code to validate you have the 2 resource's and the blob storage is associated with the storage account.
az deployment group create --confirm-with-what-if --name biceplocaltest --resource-group biceptest-dev-rg --template-file main.bicep --parameters env=devThat's it time to go have fun! If there's any topic you would like for me to cover in my blogs, reach out on SoME and let me know!