Bicep - Deploy Azure Storage Account using Azure CLI
Azure Storage is a core foundational PaaS (Platform as a Service) offering within Microsoft Azure, providing a versatile and scalable solution for storing files, blobs (binary large objects), and other data types. Bicep is a domain-specific language (DSL) designed to enable declarative definition and management of Azure resources. In this post, I want to show you how to automate the deployment of an Azure Storage Account using Bicep.
Prerequisites #
Before you start, you’ll need the following to deploy and manage Azure Storage Accounts with Bicep:
- You need Azure CLI version 2.20.0 or later to deploy Bicep files on your local machine.
- A text editor or IDE of your choice (Visual Studio Code with Bicep extension is my recommendation)
Create the Bicep file #
The first step in deploying a Bicep template is to create the Bicep file that defines your resources. Create a new file named storageAccount.bicep. This file will contain the necessary code to define and configure your Azure Storage Account.
Different types of storage accounts are available, such as General Purpose V2, Blob Storage, and others. In this example, I will create a General Purpose V2 storage account.
@description('Name of the project or solution')
@minLength(3)
@maxLength(22)
param projectName string
@description('Deployment Location')
@allowed([
'westeurope'
'northeurope'
])
param location string
@allowed([
'Standard_LRS'
'Standard_GRS'
'Standard_RAGRS'
'Standard_ZRS'
'Premium_LRS'
'Premium_ZRS'
'Standard_GZRS'
'Standard_RAGZRS'
])
param stSKU string = 'Standard_LRS'
@description('Resource tags')
param resourceTags object = {
environment: 'jorgebernhardt.com'
}
// This function ensures that the name is stored in lowercase.
var storageAccountName = toLower('st${projectName}')
resource st 'Microsoft.Storage/storageAccounts@2022-09-01' = {
name: storageAccountName
location: location
sku: {
name: stSKU
}
kind: 'StorageV2'
properties: {
accessTier: 'Hot'
}
tags: resourceTags
}
output storageAccountId string = st.id
output storageAccountName string = st.name
Deployment scope #
You can target your deployment to a resource group, subscription, management group, or tenant. In this case, when creating the Azure storage account, an Azure resource group is needed to put all the necessary resources here. By default, when deploying a Bicep template, the scope where the resource should be deployed is a resource group.
You can use an existing Resource Group, or you can create a new Resource Group. If you want to know how to create a Resource Group using Azure CLI, check out this link.
Deploy the storage account using Azure CLI #
Now that your Bicep template and resource group are ready, you can deploy the template using the Azure CLI. To deploy the template, run the following commands.
Parameters #
Personalization is key to making your template reusable. With the parameters, you can easily tailor the template to your specific needs. You can use either inline parameters or a parameter file to pass parameter values. In my case, I will use a file to pass the parameters; here is an example.
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"projectName": {
"value": "demobicepwe"
},
"stSKU": {
"value": "Standard_LRS"
},
"location":{
"value": "westeurope"
}
}
}
Important: Please note that the parameter file stores parameter values in plain text format. If you need to include a parameter with sensitive data, it’s recommended to store the value in a secure key vault.
Preview changes #
Before deploying a Bicep file, you can preview the changes that will occur to your resources. Using what-if operations does not change existing resources; it simply shows you an output that includes color-coded results that allow you to see different changes.
az deployment group what-if \
--resource-group <resource-group-name> \
--template-file <filename>.bicep \
--parameters @<filename>.parameters.json
Deploy the storage account #
Finally, to deploy the template, run the following command.
az deployment group create \
--resource-group <resource-group-name> \
--template-file <filename>.bicep \
--parameters @<filename>.parameters.json
Validate the deployment** #
To verify that the storage account was created correctly, you can either use the Azure Portal or the Azure CLI to check the created resources and their configurations. For Azure CLI, use the following command.
az storage account show \
--name <storage-account-name> \
--resource-group <resource-group-name>
References and useful links #
Thank you for taking the time to read my post. I sincerely hope that you find it helpful.