param rg_la_dev_eastus_name string = 'rg-la-dev-eastus-001'
param rg_la_prod_eastus_name string = 'rg-la-prod-eastus-001'
targetScope = 'subscription'
resource rgLaDev 'Microsoft.Resources/resourceGroups@2020-06-01' = {
name: rg_la_dev_eastus_name
location: 'eastus'
}
resource rgLaProd 'Microsoft.Resources/resourceGroups@2020-06-01' = {
name: rg_la_prod_eastus_name
location: 'eastus'
}
I can create a resource group, but I want to assign a role from here. I don´t want to do it graphicaly every time.
Use this script to assign the RBAC role using Bicep:
resource symbolicname 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = {
name: 'string'
scope: 'string'
properties: {
roleDefinitionId: 'string'
principalId: 'string'
principalType: 'string'
canDelegate: bool
description: 'string'
condition: 'string'
conditionVersion: 'string'
}
}
Reference here.