Azure-Samples · wviriya · May 30, 2022 · Feb 14, 2022 · Mar 28, 2022 · May 27, 2022
diff --git a/bicep/main.bicep b/bicep/main.bicep
diff --git a/bicep/main.json b/bicep/main.json
diff --git a/bicep/modules/apim.bicep b/bicep/modules/apim.bicep
@@ -1,7 +1,13 @@
 @description('API Management DB account name')
 param apimName string
+
+@description('The name of the Application insights workspace to send APIM logs to.')
 param appInsightsName string
+
+@description('The Application insights instrumentation key to authenticate APIM logs.')
 param appInsightsInstrumentationKey string
+
+@description('The resource tags that will be applied to the APIM instance.')
 param resourceTags object
 
 @allowed([
@@ -18,7 +24,9 @@ param sku string = 'Developer'
 @minValue(1)
 param skuCount int = 1
 
-var location = resourceGroup().location
+@description('The location of this API Management service')
+param location string
+
 var publisherEmail = '[email protected]'
 var publisherName = 'Company Name'
 

diff --git a/bicep/modules/apimAPI.bicep b/bicep/modules/apimAPI.bicep
@@ -1,7 +1,16 @@
+@description('The name of the APIM instance that the APIs will be deployed to.')
 param apimName string
+
+@description('The resource group that the APIM is deployed to.')
 param currentResourceGroup string
+
+@description('The name of the Backend API in APIM.')
 param backendApiName string
+
+@description('The name of the API.')
 param apiName string
+
+@description('The origin URL used for the backend policy.')
 param originUrl string
 
 var functionAppKeyName = '${backendApiName}-key'

diff --git a/bicep/modules/appServicePlan.bicep b/bicep/modules/appServicePlan.bicep
@@ -0,0 +1,18 @@
+@description('The name of the App Service Plan that will be deployed.')
+param appServicePlanName string
+
+@description('The location that the App Service Plan will be deployed to. Default value is the location of the resource group.')
+param location string = resourceGroup().location
+
+resource plan 'Microsoft.Web/serverFarms@2020-06-01' = {
+  name: appServicePlanName
+  location: location
+  kind: 'functionapp'
+  sku: {
+    name: 'Y1'
+    tier: 'Dynamic'
+  }
+  properties: {}
+}
+
+output appServicePlanId string = plan.id
diff --git a/bicep/modules/applicationInsights.bicep b/bicep/modules/applicationInsights.bicep
@@ -1,5 +1,10 @@
+@description('The name of the Application insights workspace that will be deployed.')
 param applicationInsightsName string
+
+@description('The location that the Application insights workspace that will be deployed to.')
 param location string
+
+@description('The resource tags that will be applied to this Application insights workspace.')
 param resourceTags object
 
 resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = {

diff --git a/bicep/modules/cosmosdb.bicep b/bicep/modules/cosmosdb.bicep
@@ -1,4 +1,3 @@
-
 @description('Cosmos DB account name')
 param accountName string
 
@@ -7,15 +6,25 @@ param location string = resourceGroup().location
 
 @description('The name for the Core (SQL) database')
 param databaseName string
+
+@description('The resource tags that will be applied to the Cosmos DB account.')
 param resourceTags object
 
+@description('Name of the Key Vault to store secrets in.')
+param keyVaultName string
+
+@description('The amount of Request Units that will be provisioned to the database. Default value is 400 RUs.')
 param throughput int = 400
 
 var containerNames = [
   'main'
   'archiver'
 ]
 
+var cosmosDbConnectionStringSecretName = 'CosmosDbConnectionString'
+var cosmosDbPrimaryKeySecretName = 'CosmosDbPrimaryKey'
+var cosmosDbEndpointSecretName = 'CosmosDbEndpoint'
+
 resource cosmosAccount 'Microsoft.DocumentDB/databaseAccounts@2021-06-15' = {
   name: toLower(accountName)
   kind: 'GlobalDocumentDB'
@@ -56,13 +65,13 @@ resource cosmosDB 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2021-06-15
   }
 }
 
-resource containers 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers@2021-06-15' = [for cotainerName in containerNames :{
-  name: cotainerName
+resource containers 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers@2021-06-15' = [for containerName in containerNames :{
+  name: containerName
   parent: cosmosDB
   tags: resourceTags
   properties: {
     resource: {
-      id: cotainerName
+      id: containerName
       partitionKey: {
         paths: [
           '/code'
@@ -72,4 +81,35 @@ resource containers 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containe
   }
 }]
 
+resource keyVault 'Microsoft.KeyVault/vaults@2021-11-01-preview' existing = {
+  name: keyVaultName
+}
+
+resource cosmosKeySecret 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
+  name: cosmosDbPrimaryKeySecretName
+  parent: keyVault
+  properties: {
+    value: cosmosAccount.listKeys().primaryMasterKey
+  }
+}
+
+resource cosmosConnectionSecret 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
+  name: cosmosDbConnectionStringSecretName
+  parent: keyVault
+  properties: {
+    value: cosmosAccount.listConnectionStrings().connectionStrings[0].connectionString
+  }
+}
+
+resource cosmosEndpointSecret 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
+  name: cosmosDbEndpointSecretName
+  parent: keyVault
+  properties: {
+    value: cosmosAccount.properties.documentEndpoint
+  }
+}
+
 output cosmosDBAccountName string = cosmosAccount.name
+output cosmosDBDatabaseName string = cosmosDB.name
+output cosmosDBRideMainCollectionName string = containerNames[0]
+output cosmosDBThroughput int = throughput
diff --git a/bicep/modules/eventgrid.bicep b/bicep/modules/eventgrid.bicep
@@ -1,7 +1,17 @@
+@description('Name of the Event Grid Topic')
 param eventGridTopicName string
+
+@description('The location that the Event Grid Topic will be deployed to')
 param location string
+
+@description('The resource tags that will be applied to the Event Grid resource.')
 param resourceTags object
 
+@description('Name of the Key Vault to store secrets in.')
+param keyVaultName string
+
+var eventGridTopicApiKeySecretName = 'TripExternalizationsEventGridTopicApiKey'
+
 resource eventGrid 'Microsoft.EventGrid/topics@2020-06-01' = {
   name: eventGridTopicName
   location: location
@@ -12,4 +22,16 @@ resource eventGrid 'Microsoft.EventGrid/topics@2020-06-01' = {
   }
 }
 
+resource keyVault 'Microsoft.KeyVault/vaults@2021-11-01-preview' existing = {
+  name: keyVaultName
+}
+
+resource eventGridTopicApiKey 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
+  name: eventGridTopicApiKeySecretName
+  parent: keyVault
+  properties: {
+    value: eventGrid.listKeys().key1
+  }
+}
+
 output eventGripEndpoint string = eventGrid.properties.endpoint
diff --git a/bicep/modules/functions.bicep b/bicep/modules/functions.bicep
diff --git a/bicep/modules/keyvault.bicep b/bicep/modules/keyvault.bicep
@@ -1,20 +1,33 @@
+@description('The name of the Key Vault resource that will be deployed.')
 param keyVaultName string
+
+@description('The prefix for the function apps.')
 param functionAppPrefix string
+
+@description('The list of function apps that will have access to this Key Vault.')
 param functionApps array
+
+@description('The resource tags that will be applied to this Key Vault.')
 param resourceTags object
 
+@description('The location that this Key Vault will be deployed to.')
+param location string
+
 resource functions 'Microsoft.Web/sites@2021-01-15' existing = [for functionApp in functionApps :{
   name: '${functionAppPrefix}${functionApp}'
 }]
 
 resource keyVault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = {
   name: keyVaultName
-  location: resourceGroup().location
+  location: location
   properties: {
     sku: {
       name: 'standard'
       family: 'A'
     }
+    enableSoftDelete: true
+    softDeleteRetentionInDays: 7
+    enabledForTemplateDeployment: true
     tenantId: subscription().tenantId
     accessPolicies: [for i in range(0, length(functionApps)) : {
       tenantId: functions[i].identity.tenantId
@@ -28,4 +41,3 @@ resource keyVault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = {
   }
   tags: resourceTags
 }
-
diff --git a/bicep/modules/signalr.bicep b/bicep/modules/signalr.bicep
@@ -1,7 +1,17 @@
+@description('The name of the SignalR service that will be deployed.')
 param signalRName string
+
+@description('The location that the SignalR service will be deployed to.')
 param location string
+
+@description('The resource tags that will be applied to the SignalR resource.')
 param resourceTags object
 
+@description('Name of the Key Vault to store secrets in.')
+param keyVaultName string
+
+var signalRConnectionStringSecretName = 'AzureSignalRConnectionString'
+
 resource signalR 'Microsoft.SignalRService/SignalR@2018-10-01' = {
   name: signalRName
   location: location
@@ -16,3 +26,15 @@ resource signalR 'Microsoft.SignalRService/SignalR@2018-10-01' = {
     hostNamePrefix: null
   }
 }
+
+resource keyVault 'Microsoft.KeyVault/vaults@2021-11-01-preview' existing = {
+  name: keyVaultName
+}
+
+resource signalRConnectionString 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
+  name: signalRConnectionStringSecretName
+  parent: keyVault
+  properties: {
+    value: signalR.listKeys().primaryConnectionString
+  }
+}