Bicep Module Documentation
← Back to Overview
Module management-group
managementGroup
| Property | Value | Description |
|---|---|---|
| general (required) | general | |
| name (required) | string | Name of the management group |
| displayName | string | Displayname of the management group (default: name) |
| parentId | string | Name of the parent management group |
| managementGroupLevel (required) | int | Level of the management group [integer 1-6] |
| subscriptionIds | string[] | List of subscription ids that should be assigned to this management group [Array of ResourceIds] |
| subscriptions | subscription[] | List of subscriptions that should be added to this management group |
general
| Property | Value | Description |
|---|---|---|
| naming (required) | naming | Naming module of the resource |
| sharedNaming (required) | naming | Reference to the default naming |
| roleAssignments | roleAssignment[] | Role assignments on the resource |
subscription
| Property | Value | Description |
|---|---|---|
| name (required) | string | Name of the subscription |
| workload | 'DevTest' 'Production' |
Workload of the subscription (default: Production) |
| billingProfileId (required) | string | Billing profile to which the subscription should be billed |
naming
| Property | Value | Description |
|---|---|---|
| forceFunctionAsFullName | bool | Use the function value as the full name of the resource |
| abbreviation | string | Override the abbreviation of this resource with this parameter |
| environment | string | The resource environment (for example: dev, tst, acc, prd) |
| location | string | The resource location (for example: weu, we, westeurope) |
| customer | string | The name of the customer |
| delimiter | string | The delimiter between resources (default: -) |
| nameFormat | Array containing any of: 'abbreviation' 'customer' 'environment' 'function' 'location' 'param1' 'param2' 'param3' 'useCaseName' |
The order of the array defines the order of elements in the naming scheme |
| param1 | string | Extra parameter self defined |
| param2 | string | Extra parameter self defined |
| param3 | string | Extra parameter self defined |
| function (required) | string | Function of the resource [can be app, db, security,...] |
| useCaseName | string | Name of the use case [can be hub, spoke,...] |
| suffix | string | Suffix for the resource, if empty non will be appended, otherwise will be added to the end [can be index, ...] |
| forceDefaultNaming | bool | Force the CAF naming instead of default company naming |
roleAssignment
| Property | Value | Description |
|---|---|---|
| principalId (required) | string | The principal ID |
| roleDefinitionId (required) | string | The role definition ID, data file can be used for this |
| condition | string | Condition on the role assignment |
| conditionVersion | string | Version of the condition. Currently the only accepted value is "2.0" |
| delegatedManagedIdentityResourceId | string | Id of the delegated managed identity resource |
| description | string | Description of role assignment |
Changelog
5.4.0 (2025-10-06)
Features
- update resource api version
5.3.1 (2025-09-24)
Bug Fixes
- remove deployment name + cleanup
5.3.0 (2025-03-24)
Features
- role assignments on management groups
5.2.0 (2025-03-24)
Features
- add role assignments on tenant root group
5.1.0 (2025-03-24)
Features
- add management group role assignments
5.0.0 (2025-01-22)
⚠ BREAKING CHANGES
- Remove unused properties
Bug Fixes
- Remove unused properties