Bicep Module Documentation
← Back to Overview
Module dev-center
devCenter
| Property | Value | Description |
|---|---|---|
| general (required) | general | |
| identity | identity | Identity object |
| installAzureMonitorAgentEnableStatus | 'Disabled' 'Enabled' |
Whether project catalogs associated with projects in this dev center can be configured to sync catalog items (default: Enabled). |
| microsoftHostedNetworkEnableStatus | 'Disabled' 'Enabled' |
Indicates whether pools in this Dev Center can use Microsoft Hosted Networks (default: Enabled). |
| catalogItemSyncEnableStatus | 'Disabled' 'Enabled' |
Whether project catalogs associated with projects in this dev center can be configured to sync catalog items (default: Enabled). |
| encryption | encryption | Encryption settings to be used for server-side encryption for proprietary content (such as catalogs, logs, customizations). |
| projects | devCenterProject[] |
identity
| Property | Value | Description |
|---|---|---|
| type | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' |
The types of identities associated with this resource. (default: None) |
| userAssignedIdentities | string[] | The set resource IDs of the user assigned identities associated with the resource. |
keyEncryptionKeyIdentity
| Property | Value | Description |
|---|---|---|
| delegatedIdentityClientId (required) | string | |
| identityType (required) | 'systemAssignedIdentity' 'userAssignedIdentity' |
|
| userAssignedIdentityResourceId (required) | string |
customerManagedKeyEncryption
| Property | Value | Description |
|---|---|---|
| keyEncryptionKeyIdentity (required) | keyEncryptionKeyIdentity | All identity configuration for Customer-managed key settings defining which identity should be used to auth to Key Vault. |
| keyEncryptionKeyUrl (required) | string | Key encryption key URL, versioned or non-versioned, e.g.: https://contosovault.vault.azure.net/keys/contosokek/562a4bb76b524a1493a6afe8e536ee78 or https://contosovault.vault.azure.net/keys/contosokek. |
encryption
| Property | Value | Description |
|---|---|---|
| customerManagedKeyEncryption (required) | customerManagedKeyEncryption |
devCenterProject
| Property | Value | Description |
|---|---|---|
| general | general | |
| identity | identity | Identity object |
| azureAiServicesMode | 'AutoDeploy' 'Disabled' |
Indicates whether Azure AI services is enabled. |
| catalogItemSyncTypes | Array containing any of: 'EnvironmentDefinition' 'ImageDefinition' |
Indicates catalog item types that can be synced. |
| description | string | Description of the project. |
| devBoxAutoDeleteSettings | devBoxAutoDeleteSettings | |
| maxDevBoxesPerUser | int | When specified, limits the maximum number of Dev Boxes a single user can create across all pools in the project. This will have no effect on existing Dev Boxes when reduced. |
| name (required) | string | Name of the Dev Center project. |
| customizationSettings | customizationSettings | |
| serverlessGpuSessionsSettings | serverlessGpuSessionsSettings | |
| workspaceStorageMode | 'AutoDeploy' 'Disabled' |
devBoxAutoDeleteSettings
| Property | Value | Description |
|---|---|---|
| deleteMode (required) | 'Auto' 'Manual' |
Indicates the delete mode for Dev Boxes within this project. |
| gracePeriod (required) | string | ISO8601 duration required for the dev box to be marked for deletion prior to it being deleted. ISO8601 format PT[n]H[n]M[n]S. |
| inactiveThreshold (required) | string | ISO8601 duration required for the dev box to not be inactive prior to it being scheduled for deletion. ISO8601 format PT[n]H[n]M[n]S. |
identities
| Property | Value | Description |
|---|---|---|
| identityResourceId (required) | string | E.g. /subscriptions/fa5fc227-a624-475e-b696-cdd604c735bc/resourceGroups/ |
| identityType (required) | 'systemAssignedIdentity' 'userAssignedIdentity' |
customizationSettings
| Property | Value | Description |
|---|---|---|
| identities (required) | identities[] | The identities that can to be used in customization scenarios; e.g., to clone a repository. |
| userCustomizationsEnableStatus (required) | 'Disabled' 'Enabled' |
Indicates whether user customizations are enabled (default: Enabled). |
serverlessGpuSessionsSettings
| Property | Value | Description |
|---|---|---|
| maxConcurrentSessionsPerProject (required) | int | When specified, limits the maximum number of concurrent sessions across all pools in the project. |
| serverlessGpuSessionsMode (required) | 'AutoDeploy' 'Disabled' |
Indicates whether serverless GPU access is enabled on the project. |
naming
| Property | Value | Description |
|---|---|---|
| forceFunctionAsFullName | bool | Use the function value as the full name of the resource |
| abbreviation | string | Override the abbreviation of this resource with this parameter |
| environment | string | The resource environment (for example: dev, tst, acc, prd) |
| location | string | The resource location (for example: weu, we, westeurope) |
| customer | string | The name of the customer |
| delimiter | string | The delimiter between resources (default: -) |
| nameFormat | Array containing any of: 'abbreviation' 'customer' 'environment' 'function' 'location' 'param1' 'param2' 'param3' 'useCaseName' |
The order of the array defines the order of elements in the naming scheme |
| param1 | string | Extra parameter self defined |
| param2 | string | Extra parameter self defined |
| param3 | string | Extra parameter self defined |
| function (required) | string | Function of the resource [can be app, db, security,...] |
| useCaseName | string | Name of the use case [can be hub, spoke,...] |
| suffix | string | Suffix for the resource, if empty non will be appended, otherwise will be added to the end [can be index, ...] |
| forceDefaultNaming | bool | Force the CAF naming instead of default company naming |
resourceLock
| Property | Value | Description |
|---|---|---|
| name | string | Character limit: 1-90. Valid characters: Alphanumerics, periods, underscores, hyphens, and parenthesis. Can't end in period. |
| level (required) | 'CanNotDelete' 'ReadOnly' |
The level of the lock. Possible values are: CanNotDelete and ReadOnly. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can't modify or delete it. Read-Only locks must be commented to be able to deploy again |
| notes | string | Notes about the lock. Maximum of 512 characters. |
| owners | resourceLockOwner[] | The owners of the lock |
resourceLockOwner
| Property | Value | Description |
|---|---|---|
| applicationId (required) | string | The application ID of the lock owner. |
roleAssignment
| Property | Value | Description |
|---|---|---|
| principalId (required) | string | The principal ID |
| roleDefinitionId (required) | string | The role definition ID, data file can be used for this |
| condition | string | Condition on the role assignment |
| conditionVersion | string | Version of the condition. Currently the only accepted value is "2.0" |
| delegatedManagedIdentityResourceId | string | Id of the delegated managed identity resource |
| description | string | Description of role assignment |
general
| Property | Value | Description |
|---|---|---|
| tags | object | Tags of the resource [hashtable] |
| location (required) | string | Location of the resource |
| naming (required) | naming | Naming module of the resource |
| resourceGroupName (required) | string | Name of the resource group where the resource should be located |
| sharedNaming (required) | naming | Reference to the default naming |
| roleAssignments | roleAssignment[] | Role assignments on the resource |
| resourceLocks | resourceLock[] | Resource Locks on the resource |
Changelog
1.0.1 (2025-09-24)
Bug Fixes
- remove deployment name + cleanup
1.0.0 (2025-07-14)
Features
- add initial version