Is there a way to get multiple non-related IP addresses configured in an Azure SQL Server Firewall using Bicep?

Question

I am looking to whitelist multiple IP Addresses for an MS Azure SQL Server Firewall using a Bicep template. I've already configured the SQL server module, now I am looking to add/configure the firewallRules resource. I've used JSON parameter files for other Bicep modules. I'm wondering if there's any examples of this using Bicep code or JSON parameters. The module Microsoft provides is below, which is configured for a single range of IP addresses:

resource symbolicname 'Microsoft.Sql/servers/firewallRules@2022-05-01-preview' = { name: 'string' parent: resourceSymbolicName properties: { endIpAddress: 'string' startIpAddress: 'string' } }

Tried adding multiple parameter files and syntax/template appears to be wrong. Wondering what best practice here is.

score 2 · Answer 1 · answered Jan 04 '23 at 21:00

Define your parameters as an array and the create multiple resource instances with a for loop:

param firewallRules array

resource SqlServerAllowFirewall 'Microsoft.Sql/servers/firewallRules@2022-05-01-preview' = [for rule in firewallRules: {
  name: rule.name
  parent: SqlServer
  properties: {
    startIpAddress: rule.start
    endIpAddress: rule.end
  }
  dependsOn: [
    SqlServer
  ]
}]

{
    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
      "firewallRules": {
        "value": [
        {
          "name": "AllowAllWindowsAzureIps",
          "start": "0.0.0.0",
          "end": "0.0.0.0"
        },
        {
          "name": "AllowSomething",
          "start": "1.0.0.1",
          "end": "1.0.0.1"
        }
        ]
      }
    }
  }
}

Is there a way to get multiple non-related IP addresses configured in an Azure SQL Server Firewall using Bicep?

1 Answers1