GrillPhil · July 24, 2023 12:09
diff --git a/rbac-keyvault.bicep b/rbac-keyvault.bicep
 param keyVaultName string
 param principalId string 
 param roleId string = '4633458b-17de-408a-b874-0445c86b69e6' // Key Vault Secrets User

 resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
  name: keyVaultName
 }

 resource keyVaultAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
  name: guid(subscription().subscriptionId, keyVaultName, roleId, principalId)
  scope: keyVault
  properties: {
    roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', roleId)
    principalId: principalId
    principalType: 'ServicePrincipal'
  }
 }
	param keyVaultName string
	param principalId string
	param roleId string = '4633458b-17de-408a-b874-0445c86b69e6' // Key Vault Secrets User

	resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
	name: keyVaultName
	}

	resource keyVaultAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
	name: guid(subscription().subscriptionId, keyVaultName, roleId, principalId)
	scope: keyVault
	properties: {
	roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', roleId)
	principalId: principalId
	principalType: 'ServicePrincipal'
	}
	}