Open
Description
var infra = new Infrastructure();
var identity = new UserAssignedIdentity("managedIdentity")
{
};
infra.Add(identity);
var account = new StorageAccount("sa2")
{
Sku = new() { Name = StorageSkuName.StandardLrs },
Kind = StorageKind.StorageV2
};
infra.Add(account);
infra.Add(account.CreateRoleAssignment(StorageBuiltInRole.StorageBlobDataContributor, identity));
var plan = infra.Build();
var compiledBicep = plan.Compile().First();
File.WriteAllText($"{infrastructure.BicepName}.bicep", compiledBicep.Value);This creates invalid bicep:
resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
name: take('managedIdentity-${uniqueString(resourceGroup().id)}', 128)
location: location
tags: tags
}
resource sa2 'Microsoft.Storage/storageAccounts@2024-01-01' = {
name: take('sa2${uniqueString(resourceGroup().id)}', 24)
kind: 'StorageV2'
location: location
sku: {
name: 'Standard_LRS'
}
}
resource sa2_managedIdentity_StorageBlobDataContributor 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
name: guid(sa2.id, managedIdentity.properties.principalId, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe'))
properties: {
principalId: managedIdentity.properties.principalId
roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe')
principalType: 'ServicePrincipal'
}
scope: sa2
}
Which results in the following error:
This expression is being used in an assignment to the "name" property of the "Microsoft.Authorization/roleAssignments" type, which requires a value that can be calculated at the start of the deployment. Properties of managedIdentity which can be calculated at the start include "apiVersion", "id", "name", "type".bicep[BCP120](https://aka.ms/bicep/core-diagnostics#BCP120)