The Bicep uniqueString as well as the ARM uniqueString function:
Creates a deterministic hash string based on the values provided as parameters
The actual function implementation is not documented, but is (almost certainly) a variant of the Murmur hash algorithm that maps the provided string parameters to a 64 bit hash and returns a 13 character Base32-like encoding of this hash.
The function:
-
You can create a Mermaid Gantt Chart in order to visualize the sequence and duration of Azure deployment operations. The output is similar to the following:
gantt
dateFormat %YYYY-%m-%dT%H:%M:%S.%L%Z
axisFormat %H:%M:%S.%L
title Deployment 'mydeployment'
> : milestone, 2024-12-09T14:00:14.1519943Z, 0ms
x : milestone, 2024-12-09T14:00:23.5689337Z, 0ms
section mydeployment
Did you know you can call REST APIs from your Bicep deployment templates using just a function call?
var getResponse = httpClient.listHttpRequest(httpClient.apiVersion, {
method: 'GET'
uri: 'https://mallow.fi/'
})
var postResponse = httpClient.listHttpRequest(httpClient.apiVersion, {
method: 'POST'
You can use WeTTY to create a web based interactive terminal for a shell running in the context of your GitHub Actions workflow, and combine that with Microsoft dev tunnels to open a secure and authenticated connection into that shell. The default dev tunnels security model secures access by requiring authentication with the same account used to host the tunnel (in the below example a GitHub account).
You can use this to investigate issues with your workflow scripts in the context of the actual runner. Here is an example of htop running on a GitHub hosted agent.
The below workflow step:
Key Vault secrets can be set through:
There is a notable difference between these methods with regards to adhering to the Key Vault network security and access model configurations.
Azure has an upcoming capability to export resource templates from the Azure Portal in Bicep format. This capability is actually already added to a new version of the Export Template REST API operation. You can test this by setting the appropriate outputFormat parameter which takes a value of either Json or Bicep from the Azure.Deployments.Core.Entities.ExportTemplateOutputFormat enumeration. Below is a PowerShell script to export a resource group as a Bicep template without local ARM decompilation.
$resourcegroup = 'MyResourceGroupName'
$groupid = az group show --name $resourcegroup --query id -o tsv
$token = az account get-access-token --query accessToken -o tsv|convertto-securestring -force -asplaintext
irm -method post -authentication bearer -token $token -uri "https://management.azure.com${groupid}/exportTemplate?api-version=2024-06-01-preview" -contenttype 'application/json' -body (@{resources=@('*')
Microsoft documents recommended abbreviations for Azure resource types as well as resource type specific naming rules and restrictions. Microsoft also publishes the Azure Naming Tool which happens to contain a structured repository of Azure resource type abbreviations and naming rules.
You can get a quick searchable grid of this data using PowerShell. If you prefer you can replace the Windows-only Out-GridView with the cross platform [Out-ConsoleGridView](https://github.com/PowerShell/ConsoleGuiTools/blob/main/docs/Microsoft.PowerShell.ConsoleGuiTools/Out-Console
Azure Change Analysis enhances the visibility of changes made to Azure resources. It does this by tracking these changes at the subscription level and recording them in the Azure Resource Graph's resourceschanges table.
As of March 2024, change tracking now also includes detailed information about the principal that initiated the change, the client type (e.g. Azure Portal, Azure CLI, ARM template), and the operation which resulted in the change (e.g. Microsoft.Web/sites/write). This enhancement means you no longer need to consult Azure activity logs separately to understand who initiated a change and what action they performed. Everything is conveniently available within th