File size: 1,788 Bytes
9595e1d |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 |
param accountName string
param databaseName string
param location string = resourceGroup().location
param tags object = {}
param containers array = []
param keyVaultName string
param principalIds array = []
module cosmos 'cosmos-sql-account.bicep' = {
name: 'cosmos-sql-account'
params: {
name: accountName
location: location
tags: tags
keyVaultName: keyVaultName
}
}
resource database 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2022-05-15' = {
name: '${accountName}/${databaseName}'
properties: {
resource: { id: databaseName }
}
resource list 'containers' = [for container in containers: {
name: container.name
properties: {
resource: {
id: container.id
partitionKey: { paths: [ container.partitionKey ] }
}
options: {}
}
}]
dependsOn: [
cosmos
]
}
module roleDefintion 'cosmos-sql-role-def.bicep' = {
name: 'cosmos-sql-role-definition'
params: {
accountName: accountName
}
dependsOn: [
cosmos
database
]
}
// We need batchSize(1) here because sql role assignments have to be done sequentially
@batchSize(1)
module userRole 'cosmos-sql-role-assign.bicep' = [for principalId in principalIds: if (!empty(principalId)) {
name: 'cosmos-sql-user-role-${uniqueString(principalId)}'
params: {
accountName: accountName
roleDefinitionId: roleDefintion.outputs.id
principalId: principalId
}
dependsOn: [
cosmos
database
]
}]
output accountId string = cosmos.outputs.id
output accountName string = cosmos.outputs.name
output connectionStringKey string = cosmos.outputs.connectionStringKey
output databaseName string = databaseName
output endpoint string = cosmos.outputs.endpoint
output roleDefinitionId string = roleDefintion.outputs.id
|