Search code examples
azureazure-bicep

Bicep: Creating IP groups from an array where one array item contains an array of addresses

I have the following array format:

var ipgroups_array = [
   {
     name: 'vpn-addresses'
     ipAddresses: [
       ['1.1.1.1']
       ['2.2.2.2']
       ['3.3.3.3']
       ['4.4.4.4']
     ]
   }
  {
    name: 'azure-firewall-ip-group'
    ipAddresses: '10.160.10.0/24'
  }
  {
    name: 'azure-bastion-ip-group'
    ipAddresses: '10.160.20.0/24'
  }
(etc)
 ]

I then have a function to create the IP Groups:

 resource ipgroups 'Microsoft.Network/ipGroups@2023-02-01' = [for ipgroup in ipgroups_array: {
  name: ipgroup.name
  location: location
  properties: {
    ipAddresses: ipgroup.ipAddresses
  }
}]

This gives an error of "Invalid request body. Provided request body doesn't comply with resource model."

How can I pass the array of "vpn-addresses" to the function correctly?

I've tried another for loop inside the properties: ipAddresses section but this didn't work.

Solution

  • Creating IP groups from an array where one array item contains an array of addresses

    You can use the below code to create the IP groups one array item contains an array of addresses using bicep.

    Code:

    param location string = 'eastus'

var ipgroups_array = [
  {
    name: 'vpn-addresses'
    ipAddresses: ['1.1.1.1', '2.2.2.2', '3.3.3.3', '4.4.4.4']
  }
  {
    name: 'azure-firewall-ip-group'
    ipAddresses: ['10.160.10.0/24']
  }
  {
    name: 'azure-bastion-ip-group'
    ipAddresses: ['10.160.20.0/24']
  } 
  // add more IP groups here 
]   

resource ipgroups 'Microsoft.Network/ipGroups@2023-02-01' = [for ipgroup in ipgroups_array: {
  name: ipgroup.name
  location: location
  properties: {
    ipAddresses: ipgroup.ipAddresses
  }
}]

    Deployed using the below command.

    Command:

    az deployment group create --resource-group <your-resourcegroup-name> --template-file demo.bicep

    Output:

    "outputResources": [
      {
        "id": "/subscriptions/xxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Network/ipGroups/azure-bastion-ip-group",
        "resourceGroup": "xxxxx"
      },
      {
        "id": "/subscriptions/xxx /resourceGroups/xxxxxx/providers/Microsoft.Network/ipGroups/azure-firewall-ip-group",
        "resourceGroup": "xxxx"
      },
      {
        "id": "/subscriptions/xxxxxx/resourceGroups/xxxxx/providers/Microsoft.Network/ipGroups/vpn-addresses",
        "resourceGroup": "xxxxx"
      }
    ]

    enter image description here

    enter image description here

    Portal: enter image description here

    Reference:

    Microsoft.Network/ipGroups - Bicep, ARM template & Terraform AzAPI reference | Microsoft Learn