Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Azure Bicep Brings Easier Infrastructure as Code to Azure Resource Management

Azure Project Bicep, or just Bicep as Microsoft sometimes refers to it, is a new domain-specific language (DSL) for deploying cloud resources using infrastructure as code. If this sounds like Azure Resource Manager (ARM) templates, then you’d be right. ARM templates can now be authored in Bicep or JSON.

Infrastructure as code and ARM templates

ARM templates allow you to deploy resources in Azure using infrastructure as code. Instead of explicitly telling Azure how to deploy a resource, like you might do with Azure CLI or PowerShell, infrastructure as code lets you define a deployment in a declarative syntax. You describe each resource in a deployment but without instructions about how to deploy the resources.

Using infrastructure as code has several benefits. ARM templates are idempotent, meaning that if you redeploy a template, you get the same result, and any existing resources aren’t duplicated. ARM can deploy resources in parallel, without you having to manage the orchestration in your code.

And there are a host of other benefits, like the ability to preview the results using a ‘what-if’ tool, testing templates before deployment, and continuous integration/continuous development (CI/CD) integration with Azure DevOps and GitHub.

The problem with JSON

JSON is difficult to read. So, Bicep was developed as an alternative to JSON for creating ARM templates. And to be honest, JSON ARM templates have put some people off using infrastructure as code in Azure, looking to third-party solutions instead like the Terraform Azure provider. Terraform also has the advantage of working across different cloud platforms.

Azure Bicep offers a clearer syntax than JSON along with better support for modularity and code reuse. And just in case you were wondering, Bicep is open source. And it works transparently with ARM, so you don’t need to update anything or change your settings in Azure.

Getting started with Azure Bicep

To get started with Bicep, you’ll need to have Visual Studio Code installed on your development PC. And you should install the Azure Bicep extension for Visual Studio Code. You’ll also need either the latest versions of Azure CLI or Azure PowerShell installed locally.

Here is what a storage account resource looks like defined using Bicep in an ARM template. In the first line of code, we give the resource a symbolic name (storageAccount), which is never displayed in Azure. And then the resource type and API version are declared: Microsoft.Storage/storageAccounts@2019-06-01. And Microsoft.Storage/storageAccounts defines the resource type.

resource storageAccount 'Microsoft.Storage/storageAccounts@2019-06-01' = {
  name: 'petristorage'
  location: 'eastus'
  sku: {
    name: 'Standard_LRS'
  }
  kind: 'StorageV2'
  properties: {
    accessTier: 'Hot'
  }
}

When you are laying out your Bicep template, the extension for Visual Studio Code understands the resources you are deploying and lists the available properties and values that are possible to use. Once you’ve finished creating the template, you can deploy it using PowerShell or Azure CLI.

Azure Bicep Playground

The Azure Bicep Playground, lets you decompile your existing ARM JSON templates to Bicep. In the image below, you can see a Bicep template in the left pane and the equivalent JSON code in the right pane.

Bicep addresses DevOps issues with ARM JSON templates

Because Bicep is a domain-specific language, I think we can assume that it’s not designed to be extended to other platforms, like AWS. At least for now, Bicep looks like it’s just for Azure deployments. But who knows, Microsoft might extend it in the future. But regardless of the Azure-only limitation, Bicep looks like it addresses many of the issues that DevOps had with JSON templates.

Table of contents

by Russell Smith
Dec 17, 2021

Editorial Director at Petri IT Knowledgebase. Russell has more than 20 years' experience working in IT. From small business to large government IT infrastructure projects. Russell started his writing career for Windows IT Pro magazine in the early...

Top Azure Cloud Security Controls to Understand

Oct 31, 2023
Jan 08, 2024
Making Microsoft Azure Penetration Testing Work to Combat Threats

Nov 21, 2023
Azure VMware Solution – Maximizing Security and Control with Customer-Managed Keys

Oct 3, 2023
Oct 10, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.