bicep multiple parameter files

Question

I'm trying to find a workable way to use multiple parameter files in Bicep. I have a need to be able to specify a separate parameter file for each module on my main.bicep. The only way I can kind of make it work is by creating json files as surrogate parameter files and then use json(loadTextContent) to extract each parameter. Example below Where you see I load the first paramter of teh keyvault module from a json.:

#storageaccount params
param st_storageAccountName string
param st_location string
param st_tags object
param st_skuName string
param st_kind string
param st_identityType string
param st_accessTier string
param st_allowBlobPublicAccess bool
param st_allowCrossTenantReplication bool
param st_allowedCopyScope string
param st_allowSharedKeyAccess bool
param st_azureFilesIdentityBasedAuthentication object
param st_customDomain object
param st_defaultToOAuthAuthentication bool
param st_dnsEndpointType string
param st_encryption object
param st_immutableStorageWithVersioning object
param st_isHnsEnabled bool
param st_isLocalUserEnabled bool
param st_isNfsV3Enabled bool
param st_isSftpEnabled bool
param st_keyPolicy object
param st_largeFileSharesState string
param st_minimumTlsVersion string
param st_networkAcls object
param st_publicNetworkAccess string
param st_routingPreference object
param st_sasPolicy object
param st_supportsHttpsTrafficOnly bool

module teststorage 'br:hidden.azurecr.io/bicep/modules/storage:v1' = {
  name:st_storageAccountName
  params:{
    st_accessTier: st_accessTier
    st_allowBlobPublicAccess: st_allowBlobPublicAccess
    st_allowCrossTenantReplication: st_allowCrossTenantReplication
    st_allowedCopyScope: st_allowedCopyScope
    st_allowSharedKeyAccess: st_allowSharedKeyAccess
    st_azureFilesIdentityBasedAuthentication: st_azureFilesIdentityBasedAuthentication
    st_customDomain: st_customDomain
    st_defaultToOAuthAuthentication: st_defaultToOAuthAuthentication
    st_dnsEndpointType: st_dnsEndpointType
    st_encryption: st_encryption
    st_identityType: st_identityType
    st_immutableStorageWithVersioning: st_immutableStorageWithVersioning
    st_isHnsEnabled: st_isHnsEnabled
    st_isLocalUserEnabled: st_isLocalUserEnabled
    st_isNfsV3Enabled: st_isNfsV3Enabled
    st_isSftpEnabled: st_isSftpEnabled
    st_keyPolicy: st_keyPolicy
    st_kind: st_kind
    st_largeFileSharesState: st_largeFileSharesState
    st_location: st_location
    st_minimumTlsVersion: st_minimumTlsVersion
    st_networkAcls: st_networkAcls
    st_publicNetworkAccess: st_publicNetworkAccess
    st_routingPreference: st_routingPreference
    st_sasPolicy: st_sasPolicy
    st_skuName: st_skuName
    st_storageAccountName: st_storageAccountName
    st_supportsHttpsTrafficOnly: st_supportsHttpsTrafficOnly
    st_tags: st_tags
  }
  
}

module testkeyvault 'br:hidden.azurecr.io/modules/keyvault:v1' = {
  name:kv_name
  params:{
    kv_createMode: json(loadTextContent('./keyvault.json')).parameters.kv_createMode.value
    kv_enabledForDeployment: kv_enabledForDeployment
    kv_enabledForDiskEncryption: kv_enabledForDiskEncryption
    kv_enabledForTemplateDeployment: kv_enabledForTemplateDeployment
    kv_enablePurgeProtection: kv_enablePurgeProtection
    kv_enableRbacAuthorization: kv_enableRbacAuthorization
    kv_enableSoftDelete: kv_enableSoftDelete
    kv_location: kv_location
    kv_name: kv_name
    kv_networkAcls: kv_networkAcls
    kv_provisioningState: kv_provisioningState
    kv_publicNetworkAccess: kv_publicNetworkAccess
    kv_sku: kv_sku
    kv_softDeleteRetentionInDays: kv_softDeleteRetentionInDays
    kv_tags: kv_tags
    kv_tenantId: kv_tenantId
    kv_vaultUri: kv_vaultUri
  }
}

I would have to extract each parameter separately from the json and repeat for each module. I have tried formatting the source file so that I can just load it as one string but for some reason the loadtextcontent literally loads the returns as \n. Anyone has a good way to use multiple parameter files in bicep?

Answer 1

bicep multiple parameter files approach

To specify a separate parameter file for each module on my main.bicep while using mutiple parameter files approach was mentioned below

main.bicep

@description('KeyVault parameters file')
param keyvaultParams object = json(loadTextContent('./parameters/keyvault.json')).parameters

@description('Storage Account parameters file')
param storageAccountParams object = json(loadTextContent('./parameters/storageaccount.json')).parameters

module keyvaultModule './modules/keyvault.bicep' = {
  name: keyvaultParams.kv_name.value
  params: {
    kv_name: keyvaultParams.kv_name.value
    kv_location: keyvaultParams.kv_location.value
    kv_sku: keyvaultParams.kv_sku.value
    kv_enableSoftDelete: keyvaultParams.kv_enableSoftDelete.value
    kv_tenantId: keyvaultParams.kv_tenantId.value
    kv_tags: keyvaultParams.kv_tags.value
  }
}

module storageAccountModule './modules/storageaccount.bicep' = {
  name: storageAccountParams.st_storageAccountName.value
  params: {
    st_storageAccountName: storageAccountParams.st_storageAccountName.value
    st_location: storageAccountParams.st_location.value
    st_skuName: storageAccountParams.st_skuName.value
    st_kind: storageAccountParams.st_kind.value
    st_tags: storageAccountParams.st_tags.value
  }
}

modules/keyvault.bicep:

@description('Name of the Key Vault')
param kv_name string

@description('Location of the Key Vault')
param kv_location string

@description('SKU of the Key Vault')
param kv_sku object

@description('Enable soft delete for the Key Vault')
param kv_enableSoftDelete bool

@description('Azure AD Tenant ID for the Key Vault')
param kv_tenantId string

@description('Access policies for the Key Vault')
param kv_accessPolicies array = []  

@description('Tags for the Key Vault')
param kv_tags object

resource keyVault 'Microsoft.KeyVault/vaults@2021-10-01' = {
  name: kv_name
  location: kv_location
  properties: {
    tenantId: kv_tenantId
    sku: kv_sku
    enableSoftDelete: kv_enableSoftDelete
    accessPolicies: kv_accessPolicies
  }
  tags: kv_tags
}

modules/storageaccount.bicep:

@description('Name of the Storage Account')
param st_storageAccountName string

@description('Location of the Storage Account')
param st_location string

@description('SKU Name for the Storage Account')
param st_skuName string

@description('Kind of the Storage Account')
param st_kind string

@description('Tags for the Storage Account')
param st_tags object

resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' = {
  name: st_storageAccountName
  location: st_location
  sku: {
    name: st_skuName
  }
  kind: st_kind
  tags: st_tags
}

/parameter/keyvault.json:

{
    "parameters": {
      "kv_name": { "value": "testvkssbKeyVault" },
      "kv_location": { "value": "East US" },
      "kv_sku": { "value": { "family": "A", "name": "standard" } },
      "kv_enableSoftDelete": { "value": true },
      "kv_tenantId": { "value": "tenantId" },
      "kv_accessPolicies": {
        "value": [
          {
            "objectId": "objectId",
            "permissions": {
              "keys": ["get", "list", "create", "delete", "recover"],
              "secrets": ["get", "list", "set", "delete", "recover"]
            },
            "tenantId": "tenantId"
          }
        ]
      },
      "kv_tags": { "value": { "environment": "production" } }
   }
 }

/parameter/storageaccount.json:

{
  "parameters": {
    "st_storageAccountName": { "value": "vksbbssstorageacc" },
    "st_location": { "value": "East US" },
    "st_skuName": { "value": "Standard_LRS" },
    "st_kind": { "value": "StorageV2" },
    "st_tags": { "value": { "department": "IT", "environment": "production" } }
  }
}

depolyement:

az deployment group create --resource-group vkdb-rg --template-file ./main.bicep

refer:

https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/parameter-files?tabs=Bicep

https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/best-practices#parameters

https://www.iamachs.com/p/azure-bicep/part-4-master-modules-guide/