Question 196617 in Azure Question posted in
The official documentation to get you started can be found here.

Execute AzurePowerShell via BICEP Script with External Parameters

I need to enable CDN-managed HTTPS on a custom domain via BICEP. The only way to do this is by running an AzurePowerShell command inline within the BICEP code.

I’m struggling with creating a correct power shell command to pass parameters from the BICEP code.

**Example **

This generates error:

The provided script failed with the following error:
System.Management.Automation.CommandNotFoundException: The term
‘param’ is not recognized as a name of a cmdlet, function, script
file, or executable program. Check the spelling of the name, or if a
path was included, verify that the path is correct and try again.

I’m following this example where param is used.

 var ResourceGroupName = 'xx-Bicep-xxx-Build-Work'
 var ProfileName = profile.name
 var EndpointName = endpoint.name
var CustomDomainName = dnsCnameRecordCnd
    
    var ScriptContent = '''
    param([string] $ResourceGroupName)
    param([string] $ProfileName)
    param([string] $EndpointName)
    param([string] $CustomDomainName)
    $customDomainHttpsParameter = New-AzCdnManagedHttpsParametersObject -CertificateSourceParameterCertificateType Dedicated -CertificateSource Cdn  -ProtocolType ServerNameIndication
    Enable-AzCdnCustomDomainCustomHttps -ResourceGroupName $ResourceGroupName -ProfileName $ProfileName -EndpointName $EndpointName -CustomDomainName $CustomDomainName -CustomDomainHttpsParameter $customDomainHttpsParameter -SubscriptionId xx-xx-xx-xx-xxx
    '''
    
    resource SetServicesCertificates 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
      name: 'SetServicesCertificates'
      location: location
      kind: 'AzurePowerShell'
      properties: {
        arguments: '-ProfileName ${ProfileName} -EndpointName ${EndpointName} -ResourceGroupName ${ResourceGroupName} -CustomDomainName ${CustomDomainName}'
        azPowerShellVersion: '8.3'
        scriptContent: ScriptContent
        cleanupPreference: 'OnSuccess'
        retentionInterval: 'P1D'
        timeout: 'PT3M'
      }
      dependsOn:[
        UpdateExistingDnsZoneCdn
        endPointCustomDomain
      ]
    }

What am I missing?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    The solution was to correctly use param per one of the comments. (as an array)

    I also needed to create and assign a user identity to execute the script. The new user identity needed CDN Contributor role assigned also.

    var ScriptContent = '''
   param (
    [string]$ProfileName,
    [string]$EndpointName,
    [string]$ResourceGroupNamea,
    [string]$CustomDomainName
)   
   $customDomainHttpsParameter = New-AzCdnManagedHttpsParametersObject -CertificateSourceParameterCertificateType Dedicated -CertificateSource Cdn  -ProtocolType ServerNameIndication
   Enable-AzCdnCustomDomainCustomHttps -ResourceGroupName $ResourceGroupNamea -ProfileName $ProfileName -EndpointName $EndpointName -CustomDomainName $CustomDomainName -CustomDomainHttpsParameter $customDomainHttpsParameter -SubscriptionId xx-xx-xx-xx-xx
   '''

   resource SetServicesCertificates 'Microsoft.Resources/deploymentScripts@2020-10-01' =  {
    name: 'SetCdnTLS${deploymentName}${resourceSuffix}'
    location: location
    kind: 'AzurePowerShell'
    identity: {
     type: 'UserAssigned'
     userAssignedIdentities: {
       '${managedidentity.id}' : {}
     }
   }
    properties: {
      arguments: '-ProfileName ${profile.name} -EndpointName ${endpoint.name} -ResourceGroupNamea "xx-Bicep-xx-Build-Work" -CustomDomainName ${dnsCnameRecordCnd}'
      azPowerShellVersion: '9.0'
      scriptContent: ScriptContent
      cleanupPreference: 'OnSuccess'
      retentionInterval: 'P1D'
      timeout: 'PT10M'
    }
    dependsOn:[
     roles
     endPointCustomDomain
     UpdateExistingDnsZoneCdn
    ]
}

  2. 0

    PowerShell arguments in the script differ from bicep parameters. That is why you’re getting the error "PowerShell command is not recognized."

    When providing parameters from the Bicep code to the PowerShell script, there is no need of declaring param blocks in Bicep.

    To resolve this, remove the param blocks from your script. Instead, Use arguments property to pass the parameters. The parameters will be provided to the script automatically with the arguments property.

    I modified your deployment script as below and it worked as expected.

    var ResourceGroupName = 'xxxx'
var ProfileName = 'cdn'
var EndpointName = 'endptest'
var CustomDomainName = 'customdomain'
param location string = 'eastus'
var ScriptContent = '''
   $customDomainHttpsParameter = New-AzCdnManagedHttpsParametersObject -CertificateSourceParameterCertificateType Dedicated -CertificateSource Cdn  -ProtocolType TLS12
   Enable-AzCdnCustomDomainCustomHttps -ResourceGroupName $ResourceGroupName -ProfileName $ProfileName -EndpointName $EndpointName -CustomDomainName $CustomDomainName -CustomDomainHttpsParameter $customDomainHttpsParameter -SubscriptionId xx-xx-xx-xx-xxx
   '''
   
resource SetServicesCertificates 'Microsoft.Resources/deploymentScripts@2020-10-01' = 
{
     name: 'SetServicesCertificates'
     location: location
     kind: 'AzurePowerShell'
     properties: {
       arguments: '-ProfileName ${ProfileName} -EndpointName ${EndpointName} -ResourceGroupName ${ResourceGroupName} -CustomDomainName ${CustomDomainName}'
       azPowerShellVersion: '8.3'
       scriptContent: ScriptContent
       cleanupPreference: 'OnSuccess'
       retentionInterval: 'P1D'
       timeout: 'PT3M'
     }
 }

    Output:

    enter image description here

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search