How can I add managed identity of a resource to AAD group using bicep?

Question

I have a bicep file that I use to deploy new vm. I am also enabling managed identity for the vm.

resource vm 'Microsoft.Compute/virtualMachines@2021-03-01' = {
  name: vmName
  location: location
  identity: {
    type: 'SystemAssigned'
  }
  ....
}

Everything works fine but I also want to add the principalId of the managed identity to one of the existing active directory group. Can I do that?

Does this answer your question? [ARM template for Azure Active Directory](https://stackoverflow.com/questions/43386364/arm-template-for-azure-active-directory) — silent, Mar 09 '23 at 16:54
Yes, I've also found another link where they've mentioned the same. So it's not currently supported — Ask, Mar 10 '23 at 06:57

score 0 · Answer 1 · answered Mar 10 '23 at 17:10

0

Active Directory groups or, for example app registrations aren't Azure resources, they are part of AD. Currently, Bicep doesn't support AD management. Official approach is to use Powershell or Az cli Deployment Scripts in Bicep.

answered Mar 10 '23 at 17:10

Nikita

61
8

How can I add managed identity of a resource to AAD group using bicep?

1 Answers1