search

Azure / bicep

Bicep is a declarative language for describing and deploying Azure resources
MIT License
3.17k stars 730 forks source link

How to create blueprints from bicep? #3287

Closed jonlanceley closed 3 years ago

jonlanceley commented 3 years ago

Hi is there any guidance on creating Blueprints as code from Bicep?

As i cant see any examples, is this something we should be able to do in Bicep?

alex-frankel commented 3 years ago

It's not something we would recommend, but it can be done. Here is the template reference for it: https://docs.microsoft.com/azure/templates/microsoft.blueprint/blueprints?tabs=bicep

We'd instead recommend taking the bicep code that deploys your resources and turning it into a template spec. John Savill has a good video on this topic: https://www.youtube.com/watch?v=i4dEN0o1PHo

If you specifically need the blueprint locking functionality, there is no equivalent for that yet in template (and template spec) based deployments. For this and other lifecycle management functionality, we will be releasing something called deployment stacks next month.

jonlanceley commented 3 years ago

Thanks @alex-frankel thats interesting, i had originally created template specs from bicep and then had problems with read only locks on the resource group not being removed quick enough when doing a pipleline release. The New-AzDeployment command pretty consistently thought the lock was still there. Then found other issues with locks preventing web app auto scaling.

So turned to blueprints purely for the Rbac deny assignment way of locking. Since you dont recommend bicep creating blueprints sounds like deployment stacks is the way to go.

Am i right in thinking stacks does locking the rbac way like blueprints?

It sounds like bicep -> specs and stacks is going to be the recommended way forward for infrastructure as code?

When stacks is released next month do you know if thats as a public preview or GA?

Thanks Jon

alex-frankel commented 3 years ago

Am i right in thinking stacks does locking the rbac way like blueprints?

Right

It sounds like bicep -> specs and stacks is going to be the recommended way forward for infrastructure as code?

Right

When stacks is released next month do you know if thats as a public preview or GA?

The first release next month will be a private preview. Goal is to be GA by end of CY21.