Missing type validation / inaccuracies

[anthony-c-martin]

Please submit all type inaccuracy issues to the Bicep Types Repo here: https://aka.ms/bicep-type-issues

[anthony-c-martin]

Missing intelisense for Microsoft.Resources/deploymentScripts@2020-10-01/identity/userAssignedIdentities

Here's an example of how this should be declared: https://github.com/Azure/bicep/blob/d17ce4b88d11688da52cc679a2974fbe6a69346e/docs/examples/101/deployment-script-with-storage/main.bicep#L24-L29

It's an odd contract, but if you look at the template docs linked above, the wording The list of user-assigned managed identities associated with the resource. Key is the Azure resource Id of the managed identity. - UserAssignedIdentities object hints at this - it's not an object of type UserAssignedIdentities, it's a dictionary object with keys of type string, and values of type UserAssignedIdentities.

[anthony-c-martin]

Missing intelisense for Microsoft.Resources/deploymentScripts@2020-10-01/identity/userAssignedIdentities

@stan-sz I think the validation is showing the right error - here's an example of how this should be declared: https://github.com/Azure/bicep/blob/d17ce4b88d11688da52cc679a2974fbe6a69346e/docs/examples/101/deployment-script-with-storage/main.bicep#L24-L29

It's an odd contract, but if you look at the template docs linked above, the wording The list of user-assigned managed identities associated with the resource. Key is the Azure resource Id of the managed identity. - UserAssignedIdentities object hints at this - it's not an object of type UserAssignedIdentities, it's a dictionary object with keys of type string, and values of type UserAssignedIdentities.

[afscrome]

The property "enablePurgeProtection" expected a value of type "bool" but the provided value is of type "bool | null".

(This follows on from https://github.com/Azure/bicep/discussions/1729#discussioncomment-430333 )

This can be seen with the following:

resource keyvaultName_resource 'Microsoft.KeyVault/vaults@2019-09-01' = {
  properties:{
    enablePurgeProtection: condition ? null : true
  }
}

[anthony-c-martin]

The property "enablePurgeProtection" expected a value of type "bool" but the provided value is of type "bool | null".

(This follows on from #1729 (comment) )

We have Azure/bicep#1735 & Azure/bicep#449 to track this. The current workaround is to use any():

resource keyvaultName_resource 'Microsoft.KeyVault/vaults@2019-09-01' = {
  properties:{
    enablePurgeProtection: any(condition ? null : true)
  }
}

[derekharkin]

Resource type "Microsoft.DesktopVirtualization/hostpools/providers/diagnosticSettings@2017-05-01-preview" does not have types available.

No autocomplete for 'Microsoft.DesktopVirtualization/applicationGroups/desktops'

[anthony-c-martin]

Resource type "Microsoft.DesktopVirtualization/hostpools/providers/diagnosticSettings@2017-05-01-preview" does not have types available.

Microsoft.Insights/diagnosticSettings is an extension resource type - here's how you deploy it via Bicep:

// deploy the hostPools resource
resource hostPool 'Microsoft.DesktopVirtualization/hostPools@2020-11-02-preview' = {
  name: 'myHostPool'
  ...
}

// deploy the diagnosticSettings resource
resource diags 'Microsoft.Insights/diagnosticSettings@2017-05-01-preview' = {
  scope: hostPool
  name: 'myDiags'
  ...
}

[allanlw]

On Microsoft.Web/sites@2020-06-01:

The property "functionAppScaleLimit" is not allowed on objects of type "SiteConfig". Permissible properties include "alwaysOn", "apiDefinition", "apiManagementConfig", "appCommandLine", "autoHealEnabled", "autoHealRules", "autoSwapSlotName", "connectionStrings", "defaultDocuments", "detailedErrorLoggingEnabled", "documentRoot", "experiments", "handlerMappings", "healthCheckPath", "httpLoggingEnabled", "ipSecurityRestrictions", "javaContainer", "javaContainerVersion", "javaVersion", "limits", "linuxFxVersion", "loadBalancing", "localMySqlEnabled", "logsDirectorySizeLimit", "managedPipelineMode", "managedServiceIdentityId", "netFrameworkVersion", "nodeVersion", "numberOfWorkers", "phpVersion", "powerShellVersion", "preWarmedInstanceCount", "publishingUsername", "push", "pythonVersion", "remoteDebuggingVersion", "requestTracingEnabled", "requestTracingExpirationTime", "scmIpSecurityRestrictions", "scmIpSecurityRestrictionsUseMain", "scmMinTlsVersion", "scmType", "tracingOptions", "use32BitWorkerProcess", "virtualApplications", "vnetName", "vnetPrivatePortsCount", "vnetRouteAllEnabled", "webSocketsEnabled", "windowsFxVersion", "xManagedServiceIdentityId".

See also: https://github.com/Azure/azure-functions-host/issues/6718

Also got bit by the above mentioned issue for "password" on Microsoft.Web/certificates tracked here and noted here. Interestingly, with "password" as a required entry in "properties", if NO properties key is provided (contrast with one is provided but no properties are set), bicep will produce no warnings/errors.

Edit: Round 2

Resource Microsoft.Consumption/budgets@2019-10-01 has some data validation issues.

• filter.dimensions.name -- this is clearly an enum although I can't find a comprehensive list of the possible values.
• filter.dimensions.operator -- this should be an enum, and apparently the only valid value is 'In'.
• category -- this should also be an enum. Apparently the only valid values are 'Cost' and 'Usage'. (rest api doc says this can only be 'Cost' but arm template doc says it could be 'Cost' or 'Usage' although doesn't explain the difference)
• notifications.*.contactEmails is listed as required, but this is not true. The REST API doc clarifies:

Email addresses to send the budget notification to when the threshold is exceeded. Must have at least one contact email or contact group specified at the Subscription or Resource Group scopes. All other scopes must have at least one contact email specified.

The actual error you get though if it's empty though is "Notification cannot have all of Contact Emails, Contact Roles and Contact Groups empty." so I suspect that's wrong too.

[SenthuranSivananthan]

Unable to create Key Vault Access policies per https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/vaults/accesspolicies?tabs=json

resource akvAccessForDataFactory 'Microsoft.KeyVault/vaults/accessPolicies@2020-04-01-preview' = {
  name: '${akvName}/add'
  properties: {
    accessPolicies: [
      {
        tenantId: subscription().tenantId
        objectId: adf.outputs.identityPrincipalId
        permissions: {
          secrets: [
            'get'
            'list'
          ]
        }
      }
    ]
  }
}

Error

Error BCP036: The property "name" expected a value of type "'add' | 'remove' | 'replace'" but the provided value is of type "string".

Example using ARM template: https://github.com/Azure/azure-quickstart-templates/blob/master/101-keyvault-add-access-policy/azuredeploy.json

[miqm]

@SenthuranSivananthan - KV access polices as resources are tricky, you can use them only if you do not deploy KV in this same template. If you deploy a KV, it requires providing accessPolicies parameter.

Moreover, if you try to use this resource type multiple times (for granting access to different objects) in same module, the deployment will fail, as you cannot deploy a resource with this same name (add) multiple times.

This particular API is mostly dedicated for CLI or portal interaction. I encourage you to not use it in ARM/bicep.

[SenthuranSivananthan]

@SenthuranSivananthan - KV access polices as resources are tricky, you can use them only if you do not deploy KV in this same template. If you deploy a KV, it requires providing accessPolicies parameter.

Moreover, if you try to use this resource type multiple times (for granting access to different objects) in same module, the deployment will fail, as you cannot deploy a resource with this same name (add) multiple times.

This particular API is mostly dedicated for CLI or portal interaction. I encourage you to not use it in ARM/bicep.

Thanks for the advice. I switched to using RBAC instead of access policies and that seems to work better for my use case.

[allanlw]

properties.roleName in Microsoft.Authorization/roleDefinitions@2018-01-01-preview should be Required.

[MarcJenningsUK]

'Microsoft.Portal/dashboards@2015-08-01-preview' has little or no intellisense available

[allanlw]

'Microsoft.OperationalInsights/workspaces@2020-10-01' properties.provisioningState should not autocomplete.

[MarcJenningsUK]

Connection KeyVault to a log analytics workspace

Warning BCP081: Resource type "Microsoft.KeyVault/vaults/providers/diagnosticSettings@2017-05-01-preview" does not have types available

[anthony-c-martin]

Connection KeyVault to a log analytics workspace

Warning BCP081: Resource type "Microsoft.KeyVault/vaults/providers/diagnosticSettings@2017-05-01-preview" does not have types available

You can use the scope property to set the parent resource scope to your keyvault reference, and declare the Microsoft.Insights/diagnosticSettings resource similar to this example. This will give you proper type validation:

https://github.com/Azure/bicep/blob/9461100f08b22d543419f8d39e767f374deb3d97/docs/examples/101/azure-automation-account/main.bicep#L31-L43

Some more information on this here: https://github.com/Azure/bicep/blob/main/docs/spec/resource-scopes.md#resource-scope-property

[Kris-Turk]

• Warning BCP081: Resource type "Microsoft.Network/privateEndpoints@2020-08-01" does not have types available.

Hopefully this helps anyone seeing the BCP081 Resource type does not have types available error on deployment. I have had this issue but I was able to deploy the template using the same resource with a different Api.

Also I was able to deploy the template using Azure CLI without issue.

https://gitch.solutions/2021/03/25/azure-bicep-cannot-retrieve-the-dynamic-parameters-for-the-cmdlet/

@anthony-c-martin

[alex-frankel]

@kris-turk - we are tracking the issue here: https://github.com/Azure/azure-powershell/issues/14651

Hopefully will have a fix out soon. cc @BethanyZhou

[MarcJenningsUK]

Warning BCP081: Resource type "Microsoft.Storage/storageAccounts/managementPolicies@2021-01-01" does not have types available. Warning BCP081: Resource type "Microsoft.Storage/storageAccounts/tableServices@2021-01-01" does not have types available. Warning BCP081: Resource type "Microsoft.Storage/storageAccounts/tableServices/tables@2021-01-01" does not have types available.

resource storageAcct 'Microsoft.Storage/storageAccounts@2019-06-01' = {
  name: 'teststorage2803'
  location: resourceGroup().location
  sku: {
    name:'Standard_LRS'
    tier:'Standard'
  }
  tags: union(resourceGroup().tags, {
    itemPurpose: 'general blob and table storage'
  })
  kind: 'StorageV2'
  properties: {
    supportsHttpsTrafficOnly: true
    encryption: {
      services: {
        file: {
          keyType: 'Account'
          enabled: true
        }
        blob: {
          keyType: 'Account'
          enabled: true
        }
      }
      keySource: 'Microsoft.Storage'
    }
    accessTier: 'Hot'
    allowBlobPublicAccess: false
  }
}

resource blobServices 'Microsoft.Storage/storageAccounts/blobServices@2019-06-01' = {
  name: '${storageAcct.name}/default'
  properties: {
    cors: {
      corsRules: []
    }
    deleteRetentionPolicy: {
      enabled: true
      days: 7
    }
  }
}

resource nodeRedContainer 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = {
  name: '${blobServices.name}/nodered'
  properties: {
    publicAccess:'None'
    defaultEncryptionScope: '$account-encryption-key'
    denyEncryptionScopeOverride: false
  }
}

resource lifecyclePolicy 'Microsoft.Storage/storageAccounts/managementPolicies@2021-01-01' = {
  name: '${storageAcct.name}/Default'
  properties: {
    policy: {
      rules:[
        {
          enabled: true
          name: 'retire-at-90-days'
          type: 'Lifecycle'
          definition:{
            filters: {
              blobTypes: [
                'blockBlob'
              ]
              prefixMatch: [
                '${nodeRedContainer.name}'
              ]  
            }
            actions: {
              version: {
                delete: {
                  daysAfterCreationGreaterThan: 90
                }
              }
              baseBlob:{
                delete:{
                  daysAfterModificationGreaterThan: 90
                }
              }
            }            
          }
        }
      ]
    }
  }
}

resource tableStorage 'Microsoft.Storage/storageAccounts/tableServices@2021-01-01' = {
  name: '${storageAcct.name}/default'
}

resource linksTable 'Microsoft.Storage/storageAccounts/tableServices/tables@2021-01-01' = {
  name: '${tableStorage.name}/links'
}

[anthony-c-martin]

Warning BCP081: Resource type "Microsoft.Storage/storageAccounts/managementPolicies@2021-01-01" does not have types available. Warning BCP081: Resource type "Microsoft.Storage/storageAccounts/tableServices@2021-01-01" does not have types available. Warning BCP081: Resource type "Microsoft.Storage/storageAccounts/tableServices/tables@2021-01-01" does not have types available.

@MarcJenningsUK which version of Bicep are you using here? I'm unable to repro this with 0.3.126. Note that at present, type definitions are bundled with the build, so to get the latest types, you will need to upgrade your Bicep install.

[MarcJenningsUK]

@MarcJenningsUK which version of Bicep are you using here? I'm unable to repro this with 0.3.126. Note that at present, type definitions are bundled with the build, so to get the latest types, you will need to upgrade your Bicep install.

Um. Turns out this machine still had 0.3.1 installed. Upgraded to 0.3.126 and it was fine. My bad.

[Kris-Turk]

Resource type "Microsoft.Web/sites/config@2020-09-01" does not have types available.

[anthony-c-martin]

Resource type "Microsoft.Web/sites/config@2020-09-01" does not have types available.

This has been fixed in the nightly build, and will be included in the next release (ETA some time this week).

[Kris-Turk]

Resource type "Microsoft.Web/sites/config@2020-09-01" does not have types available.

This has been fixed in the nightly build, and will be included in the next release (ETA some time this week).

Thanks... Lightning Response :)

[johnmeilleur]

Bicep version 0.2.14

Describe the bug The resource type @ version Microsoft.Web/connections@2016-06-01 is not available (BCP081)

To Reproduce resource connection 'Microsoft.Web/connections@2016-06-01' = { .. }

This one is holding me up.

Still active as of bicep version 0.3.126.

Please include it.

[anthony-c-martin]

This one is holding me up.

Still active as of bicep version 0.3.126.

Please include it.

@johnmeilleur thanks for raising this. I've created https://github.com/Azure/azure-rest-api-specs/issues/13844 to track the configuration fix needed to unblock type generation.

[anthony-c-martin]

Missing types for Microsoft.Sql version 2020-11-01-preview (originally raised under Azure/bicep#2187). I've raised https://github.com/Azure/azure-rest-api-specs/issues/13845 to track the configuration fix.

[joelverhagen]

I am attempting to use the ZipDeploy extension for websites. This works with ARM but not Bicep.

resource website 'Microsoft.Web/sites@2020-09-01' = {
  name: 'ExplorePackages-${stackName}'
  location: resourceGroup().location
  identity: {
    type: 'SystemAssigned'
  }
  properties: {
    serverFarmId: websitePlanId
  }

  resource deploy 'extensions' = {
    name: 'ZipDeploy'
    properties: {
      packageUri: websiteZipUrl
    }
  }
}

VS Code error (which matches the command line error with bicep build)

{
    "resource": "/c:/z/Git/joelverhagen/ExplorePackages/deploy/main.bicep",
    "owner": "_generated_diagnostic_collection_name_#0",
    "code": "BCP088",
    "severity": 8,
    "message": "The property \"name\" expected a value of type \"'MSDeploy'\" but the provided value is of type \"'ZipDeploy'\". Did you mean \"'MSDeploy'\"?",
    "source": "bicep",
    "startLineNumber": 135,
    "startColumn": 11,
    "endLineNumber": 135,
    "endColumn": 22
}

PS /home/joel/ExplorePackages> bicep --version
Bicep CLI version 0.3.258 (187d4d2047)

This can be worked around by doing "MSDeploy" in the bicep file then string replace "MSDeploy" with "ZipDeploy" on the JSON ARM file.

Docs: https://github.com/projectkudu/kudu/wiki/MSDeploy-VS.-ZipDeploy

[miqm]

@joelverhagen you can try use any function in the name to avoid the error message. (https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-functions-any)

[napope]

Warning BCP081: Resource type "Microsoft.Network/networkInterfaces@2020-11-01" does not have types available Warning BCP081: Resource type "Microsoft.Network/privateEndpoints@2020-11-01" does not have types available.

I was able to roll back to 2020-08-01 version to make it work.

[alex-frankel]

Warning BCP081: Resource type "Microsoft.Network/networkInterfaces@2020-11-01" does not have types available Warning BCP081: Resource type "Microsoft.Network/privateEndpoints@2020-11-01" does not have types available.

@napope - those should be fixed with v0.3.255

[johndowns]

microsoft.insights/diagnosticSettings@2020-01-01-preview is not allowing me to set the scope property, but the 2017-05-01-preview API version does.

If I try to use 2020-01-01-preview I get these errors from Bicep:

C:\temp\storage.bicep(21,3) : Error BCP038: The property "scope" is not allowed on objects of type "microsoft.insights/diagnosticSettings". Permissible properties include "dependsOn", "location".
C:\temp\storage.bicep(21,10) : Error BCP135: Scope "resource" is not valid for this resource type. Permitted scopes: "managementGroup".

[anthony-c-martin]

microsoft.insights/diagnosticSettings@2020-01-01-preview is not allowing me to set the scope property, but the 2017-05-01-preview API version does.

Thanks for bringing this up. Looks like the swagger specs for 2020-01-01-preview indeed only list management group as a valid scope: https://github.com/Azure/azure-rest-api-specs/tree/master/specification/monitor/resource-manager/Microsoft.Insights/preview/2020-01-01-preview

I've raised Azure/bicep#2327 to cover the lack of discoverability in the VSCode extension.

[jamalikake]

@johndowns Even for me shows the same message.... i guess the latest api version is not available it seems.

Bicep CLI version 0.3.255 (589f0375df)

Warning BCP081: Resource type "Microsoft.Network/frontdoors/frontendEndpoints/customHttpsConfiguration@2020-07-01" does not have types available.

[alex-frankel]

@jamalikake - do you have any docs/reference about that resource type? Or possibly this type being used in an ARM Template? I am not able to find anything

[johndowns]

@alex-frankel @jamalikake It's used in this sample. I also use it frequently. I haven't found any specific docs about it. I know the right person in the product group to raise this with - want me to check if they can add it to the swagger specs?

[alex-frankel]

I know the right person in the product group to raise this with - want me to check if they can add it to the swagger specs?

That would be great!

[jamalikake]

@alex-frankel @johndowns thank you guys, i see the warning is only while converting the ARM in to Bicep... but when i tried to deploy the bicep it works perfectly........ so please ignore my comments........

[matthiasguentert]

When trying to create a Microsoft.KeyVault/vaults@2019-09-01 resource, the Visual Studio Code extension version 0.3.255 doesn't complain about a missing accessPolicies property. For example the following resource is considered to be okay.

resource kv 'Microsoft.KeyVault/vaults@2019-09-01' = {
  location: 'westeurope'
  name: 'kv-somevault-poc1'
  properties: {
    sku: {
      name: 'standard'
      family: 'A'
    }
    tenantId: subscription().tenantId
  }
}

This seems to be inline with the documentation, which says an accessPolicy property is not required. However, when trying to deploy this template it will fail with the following

Deployment failed. Correlation ID: 02c3be09-xxxx-48cf-8df9-xxxxxx. {
  "error": {
    "code": "BadRequest",
    "message": "The parameter accessPolicies is not specified."
  }
}

[miqm]

@matthiasguentert since that API version in KeyVault you can use enableRbacAuthorization property which disables Access Policies. Therefore accessPolicies property cannot be marked as required anymore.

I think API-Specs is unable to define xor-required properties and therefore bicep is unable to detect it on compile time...

[cbellee]

I'm trying to perform a nested deployment (peering a vnet in a different resource group) & am receiving the error below (az CLI Bicep version 0.3.255 (589f0375df)).

Error BCP038: The property "resourceGroup" is not allowed on objects of type "Microsoft.Resources/deployments@2021-01-01". Permissible properties include "dependsOn", "eTag", "extendedLocation", "identity", "kind", "managedBy", "managedByExtended", "plan", "scale", "scope", "sku", "tags", "zones".

resource vnetPeeringDeployment 'Microsoft.Resources/deployments@2021-01-01' = {
  location: resourceGroup().location
  resourceGroup: remoteVnetResourceGroup
  name: 'nestedDeployment'
  properties: {
    mode: 'Incremental'
    template: {
      '$schema': 'https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#'
      contentVersion: '1.0.0.0'
      resources: [
        {
          name: 'peering'
          type: 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings'
          apiVersion: '2020-08-01'
          properties: {
            allowForwardedTraffic: true
            allowGatewayTransit: true
            allowVirtualNetworkAccess: true
            useRemoteGateways: false
            remoteVirtualNetwork: {
              id: remoteVnetId
            }
          }
        }
      ]
    }
  }
}

[alex-frankel]

@cbellee - can you check the version of the Bicep VS Code extension? I am not able to repro this. That being said, we'd recommend handling this with modules instead of a nested deployment. I think you may also have an issue with the current name of the peering resource since it does not include the parent name. Here's how I would try to handle this:

main.bicep

module vnetPeer 'vnetPeer.bicep' = {
  name: 'vnetPeerDeploy'
  scope: resourceGroup(remoteVnetResourceGroup)
  params: {
    remoteVnetName: remoteVnetName
  }
}

vnetPeer.bicep:

param parentVnetName string
param remoteVnetId string

resource parentVnet 'Microsoft.Network/virtualNetworks@2020-08-01' existing = {
  name: parentVnetName
}

resource vnetPeer 'Microsoft.Network/virtualNetworks/virtualNetworkPeerings@2020-08-01' = {
  parent: remoteVnet

  name: 'peering'
  properties: {
    allowForwardedTraffic: true
    allowGatewayTransit: true
    allowVirtualNetworkAccess: true
    useRemoteGateways: false
    remoteVirtualNetwork: {
      id: remoteVnetId
    }
  }
}

Notice I got a reference to the parent vnet with the existing keyword.

[cbellee]

@alex-frankel - thanks for replying so quickly to this issue! I used the module approach you suggested, but still received the errors until I manually upgraded Bicep to the latest version, rather than using the az cli bundled/managed version (VSCode extension was using the latest version). So it's all working now - thanks again!

[TomHickling]

The Microsoft.DesktopVirtualization/hostpools/providers/diagnosticSettings@2017-05-01-preview is not allowing me to set the scope property: Warning BCP174: Type validation is not available for resource types declared containing a "/providers/" segment. Please instead use the "scope" property

[anthony-c-martin]

The Microsoft.DesktopVirtualization/hostpools/providers/diagnosticSettings@2017-05-01-preview is not allowing me to set the scope property:

@TomHickling here's a concrete example of how to use scope to deploy diagnosticSettings for a hostpools resource. hostPool here is the identifier for the hostpools resource:

https://github.com/Azure/bicep/blob/1743ca8321c10eed195892a8fa4c9c88c072437e/docs/examples/201/wvd-backplane-with-network-and-storage-and-monitoring/wvd-monitor-diag.bicep#L45-L69

[afscrome]

I've exported ARM templates for a couple of Application Insights resources through the portal, and received errors when decompiling to bicep

Warning BCP036: The property "Flow_Type" expected a value of type "'Bluefield'" but the provided value is of type "'Redfield'". Warning BCP036: The property "Request_Source" expected a value of type "'rest'" but the provided value is of type "'IbizaAIExtension'".

For reference, here is relevant section of the exported ARM template

        {
            "type": "microsoft.insights/components",
            "apiVersion": "2020-02-02-preview",
            "name": "Foo",
            "location": "westeurope",
            "kind": "web",
            "properties": {
                "Application_Type": "web",
                "Flow_Type": "Redfield",
                "Request_Source": "IbizaAIExtension",
                "IngestionMode": "ApplicationInsights",
                "publicNetworkAccessForIngestion": "Enabled",
                "publicNetworkAccessForQuery": "Enabled"
            }
        },

[takekazuomi]

Microsoft.SignalRService/WebPubSub is not supported.

Warning BCP081: Resource type "Microsoft.SignalRService/WebPubSub@2021-04-01-preview" does not have types available.

I was able to deploy the template below.

resource name_resource 'Microsoft.SignalRService/WebPubSub@2021-04-01-preview' = {
  name: name
  location: location
  properties: {}
  sku: {
    name: skuName
    tier: tier
    capacity: capacity
  }
  tags: tags
}

rest-api-specs exists.

https://github.com/Azure/azure-rest-api-specs/tree/master/specification/webpubsub

complete code https://github.com/takekazuomi/bicep-random-note/blob/main/src/0501/main.bicep

[joelverhagen]

The quota that you can set on Application Insights component does not seem to be recognized. Repro:

1. Go to https://docs.microsoft.com/en-us/azure/azure-monitor/app/powershell#create-the-azure-resource-manager-template
2. Save the documented template in a JSON file
3. Use the Decompile button on https://bicepdemo.z22.web.core.windows.net/

[cannehag]

Referring to https://github.com/Azure/bicep/issues/2458

pfxBlob when using Microsoft.Web/certificates@2016-03-01 should probably use a string instead of array since it it expects a base64string of the certificates content. Passing the value as a base64string using any() works as suggested by @alex-frankel in Azure/bicep#2458.

[johndowns]

For Microsoft.Subscription/aliases with API version 2020-09-01, the docs include a property called managementGroupId but this doesn't appear in the Bicep tooling.

[dkirrane]

Missing Hyperscale API: Resource type "Microsoft.DBforPostgreSQL/serverGroupsv2@2020-10-05-privatepreview" does not have types available.bicep(BCP081)

Ref: https://github.com/Azure/bicep/discussions/2532