Skip to content

Commit

Permalink
added role assignment
Browse files Browse the repository at this point in the history
  • Loading branch information
Martin Ligtenberg committed Feb 19, 2024
1 parent bc3cc25 commit 9ce2234
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions Deployment/api/parts/apiFunction.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,10 @@ resource StorageTableDataReaderRole 'Microsoft.Authorization/roleDefinitions@202
name: '76199698-9eea-4c19-bc75-cec21354c6b6'
}

resource StorageBlobDataContributorRole 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
name: 'ba92f5b4-2d11-453d-a403-e96b0029c9fe'
}

resource configServiceDataReaderRole 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
name: '516239f1-63e1-4d78-a4de-a74fb236a071'
}
Expand All @@ -37,6 +41,16 @@ resource storageRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-
}
}

resource storageBlobContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
name: guid(sharedStorageAccount.id, StorageBlobDataContributorRole.id, function.id)
scope: sharedStorageAccount
properties: {
roleDefinitionId: StorageBlobDataContributorRole.id
principalId: function.identity.principalId
principalType: 'ServicePrincipal'
}
}

resource configServiceRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
name: guid(functionStorageAccount.id, configServiceDataReaderRole.id)
scope: appConfigurationService
Expand Down

0 comments on commit 9ce2234

Please sign in to comment.