raindancers-cloudfront 0.0.0

package/lib/bicep/resources/azure/functionApp.js

@@ -0,0 +1,54 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FunctionApp = void 0;
+const bicepConstruct_1 = require("../graph/bicepConstruct");
+class FunctionApp extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+        const pascalName = this.toPascalCase(resourceName);
+        this.name = `${pascalName}.name`;
+        this.defaultHostName = `${pascalName}.properties.defaultHostName`;
+    }
+    synthesize() {
+        const managedIdentityIdRef = `\${${this.props.managedIdentity.id}}`;
+        this.template.addResource(this.resourceName, {
+            type: 'Microsoft.Web/sites',
+            apiVersion: '2022-09-01',
+            name: this.props.name,
+            location: 'location',
+            kind: 'functionapp,linux',
+            identity: {
+                type: 'UserAssigned',
+                userAssignedIdentities: {
+                    [managedIdentityIdRef]: {},
+                },
+            },
+            properties: {
+                serverFarmId: this.props.appServicePlan.id,
+                siteConfig: {
+                    linuxFxVersion: 'Python|3.12',
+                    appSettings: [
+                        {
+                            name: 'AzureWebJobsStorage',
+                            value: `'DefaultEndpointsProtocol=https;AccountName=\${${this.props.storageAccount.name}};EndpointSuffix=\${environment().suffixes.storage};AccountKey=\${${this.toPascalCase(this.props.storageAccount.getResourceName())}.listKeys().keys[0].value}'`,
+                        },
+                        { name: 'FUNCTIONS_EXTENSION_VERSION', value: "'~4'" },
+                        { name: 'FUNCTIONS_WORKER_RUNTIME', value: "'python'" },
+                        { name: 'AZURE_CLIENT_ID', value: this.props.managedIdentity.clientId },
+                        { name: 'AzureWebJobsFeatureFlags', value: "'EnableWorkerIndexing'" },
+                        ...(this.props.applicationInsights ? [{
+                                name: 'APPLICATIONINSIGHTS_CONNECTION_STRING',
+                                value: this.props.applicationInsights.connectionString,
+                            }] : []),
+                    ],
+                    ftpsState: 'Disabled',
+                    minTlsVersion: '1.2',
+                },
+                httpsOnly: true,
+            },
+        });
+    }
+}
+exports.FunctionApp = FunctionApp;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZnVuY3Rpb25BcHAuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2F6dXJlL2Z1bmN0aW9uQXBwLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUtBLDREQUF5RDtBQVV6RCxNQUFhLFdBQVksU0FBUSwrQkFBYztJQUk3QyxZQUFZLFFBQXVCLEVBQUUsWUFBb0IsRUFBVSxLQUF1QjtRQUN4RixLQUFLLENBQUMsUUFBUSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBRG1DLFVBQUssR0FBTCxLQUFLLENBQWtCO1FBRXhGLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDbkQsSUFBSSxDQUFDLElBQUksR0FBRyxHQUFHLFVBQVUsT0FBTyxDQUFDO1FBQ2pDLElBQUksQ0FBQyxlQUFlLEdBQUcsR0FBRyxVQUFVLDZCQUE2QixDQUFDO0lBQ3BFLENBQUM7SUFFRCxVQUFVO1FBQ1IsTUFBTSxvQkFBb0IsR0FBRyxNQUFNLElBQUksQ0FBQyxLQUFLLENBQUMsZUFBZSxDQUFDLEVBQUUsR0FBRyxDQUFDO1FBRXBFLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUU7WUFDM0MsSUFBSSxFQUFFLHFCQUFxQjtZQUMzQixVQUFVLEVBQUUsWUFBWTtZQUN4QixJQUFJLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJO1lBQ3JCLFFBQVEsRUFBRSxVQUFVO1lBQ3BCLElBQUksRUFBRSxtQkFBbUI7WUFDekIsUUFBUSxFQUFFO2dCQUNSLElBQUksRUFBRSxjQUFjO2dCQUNwQixzQkFBc0IsRUFBRTtvQkFDdEIsQ0FBQyxvQkFBb0IsQ0FBQyxFQUFFLEVBQUU7aUJBQzNCO2FBQ0Y7WUFDRCxVQUFVLEVBQUU7Z0JBQ1YsWUFBWSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsY0FBYyxDQUFDLEVBQUU7Z0JBQzFDLFVBQVUsRUFBRTtvQkFDVixjQUFjLEVBQUUsYUFBYTtvQkFDN0IsV0FBVyxFQUFFO3dCQUNYOzRCQUNFLElBQUksRUFBRSxxQkFBcUI7NEJBQzNCLEtBQUssRUFBRSxrREFBa0QsSUFBSSxDQUFDLEtBQUssQ0FBQyxjQUFjLENBQUMsSUFBSSxxRUFBcUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLGNBQWMsQ0FBQyxlQUFlLEVBQUUsQ0FBQyw2QkFBNkI7eUJBQ3hQO3dCQUNELEVBQUUsSUFBSSxFQUFFLDZCQUE2QixFQUFFLEtBQUssRUFBRSxNQUFNLEVBQUU7d0JBQ3RELEVBQUUsSUFBSSxFQUFFLDBCQUEwQixFQUFFLEtBQUssRUFBRSxVQUFVLEVBQUU7d0JBQ3ZELEVBQUUsSUFBSSxFQUFFLGlCQUFpQixFQUFFLEtBQUssRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxRQUFRLEVBQUU7d0JBQ3ZFLEVBQUUsSUFBSSxFQUFFLDBCQUEwQixFQUFFLEtBQUssRUFBRSx3QkFBd0IsRUFBRTt3QkFDckUsR0FBRyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0NBQ3BDLElBQUksRUFBRSx1Q0FBdUM7Z0NBQzdDLEtBQUssRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLG1CQUFtQixDQUFDLGdCQUFnQjs2QkFDdkQsQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7cUJBQ1Q7b0JBQ0QsU0FBUyxFQUFFLFVBQVU7b0JBQ3JCLGFBQWEsRUFBRSxLQUFLO2lCQUNyQjtnQkFDRCxTQUFTLEVBQUUsSUFBSTthQUNoQjtTQUNGLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQW5ERCxrQ0FtREMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBBcHBsaWNhdGlvbkluc2lnaHRzIH0gZnJvbSAnLi9hcHBsaWNhdGlvbkluc2lnaHRzJztcbmltcG9ydCB7IEFwcFNlcnZpY2VQbGFuIH0gZnJvbSAnLi9hcHBTZXJ2aWNlUGxhbic7XG5pbXBvcnQgeyBNYW5hZ2VkSWRlbnRpdHkgfSBmcm9tICcuL21hbmFnZWRJZGVudGl0eSc7XG5pbXBvcnQgeyBTdG9yYWdlQWNjb3VudCB9IGZyb20gJy4vc3RvcmFnZUFjY291bnQnO1xuaW1wb3J0IHsgQmljZXBUZW1wbGF0ZSB9IGZyb20gJy4uLy4uL2RlcGxveS90ZW1wbGF0ZSc7XG5pbXBvcnQgeyBCaWNlcENvbnN0cnVjdCB9IGZyb20gJy4uL2dyYXBoL2JpY2VwQ29uc3RydWN0JztcblxuZXhwb3J0IGludGVyZmFjZSBGdW5jdGlvbkFwcFByb3BzIHtcbiAgcmVhZG9ubHkgbmFtZTogc3RyaW5nO1xuICByZWFkb25seSBtYW5hZ2VkSWRlbnRpdHk6IE1hbmFnZWRJZGVudGl0eTtcbiAgcmVhZG9ubHkgYXBwU2VydmljZVBsYW46IEFwcFNlcnZpY2VQbGFuO1xuICByZWFkb25seSBzdG9yYWdlQWNjb3VudDogU3RvcmFnZUFjY291bnQ7XG4gIHJlYWRvbmx5IGFwcGxpY2F0aW9uSW5zaWdodHM/OiBBcHBsaWNhdGlvbkluc2lnaHRzO1xufVxuXG5leHBvcnQgY2xhc3MgRnVuY3Rpb25BcHAgZXh0ZW5kcyBCaWNlcENvbnN0cnVjdCB7XG4gIHB1YmxpYyByZWFkb25seSBuYW1lOiBzdHJpbmc7XG4gIHB1YmxpYyByZWFkb25seSBkZWZhdWx0SG9zdE5hbWU6IHN0cmluZztcblxuICBjb25zdHJ1Y3Rvcih0ZW1wbGF0ZTogQmljZXBUZW1wbGF0ZSwgcmVzb3VyY2VOYW1lOiBzdHJpbmcsIHByaXZhdGUgcHJvcHM6IEZ1bmN0aW9uQXBwUHJvcHMpIHtcbiAgICBzdXBlcih0ZW1wbGF0ZSwgcmVzb3VyY2VOYW1lKTtcbiAgICBjb25zdCBwYXNjYWxOYW1lID0gdGhpcy50b1Bhc2NhbENhc2UocmVzb3VyY2VOYW1lKTtcbiAgICB0aGlzLm5hbWUgPSBgJHtwYXNjYWxOYW1lfS5uYW1lYDtcbiAgICB0aGlzLmRlZmF1bHRIb3N0TmFtZSA9IGAke3Bhc2NhbE5hbWV9LnByb3BlcnRpZXMuZGVmYXVsdEhvc3ROYW1lYDtcbiAgfVxuXG4gIHN5bnRoZXNpemUoKTogdm9pZCB7XG4gICAgY29uc3QgbWFuYWdlZElkZW50aXR5SWRSZWYgPSBgXFwkeyR7dGhpcy5wcm9wcy5tYW5hZ2VkSWRlbnRpdHkuaWR9fWA7XG5cbiAgICB0aGlzLnRlbXBsYXRlLmFkZFJlc291cmNlKHRoaXMucmVzb3VyY2VOYW1lLCB7XG4gICAgICB0eXBlOiAnTWljcm9zb2Z0LldlYi9zaXRlcycsXG4gICAgICBhcGlWZXJzaW9uOiAnMjAyMi0wOS0wMScsXG4gICAgICBuYW1lOiB0aGlzLnByb3BzLm5hbWUsXG4gICAgICBsb2NhdGlvbjogJ2xvY2F0aW9uJyxcbiAgICAgIGtpbmQ6ICdmdW5jdGlvbmFwcCxsaW51eCcsXG4gICAgICBpZGVudGl0eToge1xuICAgICAgICB0eXBlOiAnVXNlckFzc2lnbmVkJyxcbiAgICAgICAgdXNlckFzc2lnbmVkSWRlbnRpdGllczoge1xuICAgICAgICAgIFttYW5hZ2VkSWRlbnRpdHlJZFJlZl06IHt9LFxuICAgICAgICB9LFxuICAgICAgfSxcbiAgICAgIHByb3BlcnRpZXM6IHtcbiAgICAgICAgc2VydmVyRmFybUlkOiB0aGlzLnByb3BzLmFwcFNlcnZpY2VQbGFuLmlkLFxuICAgICAgICBzaXRlQ29uZmlnOiB7XG4gICAgICAgICAgbGludXhGeFZlcnNpb246ICdQeXRob258My4xMicsXG4gICAgICAgICAgYXBwU2V0dGluZ3M6IFtcbiAgICAgICAgICAgIHtcbiAgICAgICAgICAgICAgbmFtZTogJ0F6dXJlV2ViSm9ic1N0b3JhZ2UnLFxuICAgICAgICAgICAgICB2YWx1ZTogYCdEZWZhdWx0RW5kcG9pbnRzUHJvdG9jb2w9aHR0cHM7QWNjb3VudE5hbWU9XFwkeyR7dGhpcy5wcm9wcy5zdG9yYWdlQWNjb3VudC5uYW1lfX07RW5kcG9pbnRTdWZmaXg9XFwke2Vudmlyb25tZW50KCkuc3VmZml4ZXMuc3RvcmFnZX07QWNjb3VudEtleT1cXCR7JHt0aGlzLnRvUGFzY2FsQ2FzZSh0aGlzLnByb3BzLnN0b3JhZ2VBY2NvdW50LmdldFJlc291cmNlTmFtZSgpKX0ubGlzdEtleXMoKS5rZXlzWzBdLnZhbHVlfSdgLFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICAgIHsgbmFtZTogJ0ZVTkNUSU9OU19FWFRFTlNJT05fVkVSU0lPTicsIHZhbHVlOiBcIid+NCdcIiB9LFxuICAgICAgICAgICAgeyBuYW1lOiAnRlVOQ1RJT05TX1dPUktFUl9SVU5USU1FJywgdmFsdWU6IFwiJ3B5dGhvbidcIiB9LFxuICAgICAgICAgICAgeyBuYW1lOiAnQVpVUkVfQ0xJRU5UX0lEJywgdmFsdWU6IHRoaXMucHJvcHMubWFuYWdlZElkZW50aXR5LmNsaWVudElkIH0sXG4gICAgICAgICAgICB7IG5hbWU6ICdBenVyZVdlYkpvYnNGZWF0dXJlRmxhZ3MnLCB2YWx1ZTogXCInRW5hYmxlV29ya2VySW5kZXhpbmcnXCIgfSxcbiAgICAgICAgICAgIC4uLih0aGlzLnByb3BzLmFwcGxpY2F0aW9uSW5zaWdodHMgPyBbe1xuICAgICAgICAgICAgICBuYW1lOiAnQVBQTElDQVRJT05JTlNJR0hUU19DT05ORUNUSU9OX1NUUklORycsXG4gICAgICAgICAgICAgIHZhbHVlOiB0aGlzLnByb3BzLmFwcGxpY2F0aW9uSW5zaWdodHMuY29ubmVjdGlvblN0cmluZyxcbiAgICAgICAgICAgIH1dIDogW10pLFxuICAgICAgICAgIF0sXG4gICAgICAgICAgZnRwc1N0YXRlOiAnRGlzYWJsZWQnLFxuICAgICAgICAgIG1pblRsc1ZlcnNpb246ICcxLjInLFxuICAgICAgICB9LFxuICAgICAgICBodHRwc09ubHk6IHRydWUsXG4gICAgICB9LFxuICAgIH0pO1xuICB9XG59XG4iXX0=

package/lib/bicep/resources/azure/index.d.ts

@@ -0,0 +1,8 @@
+export * from './managedIdentity';
+export * from './storageAccount';
+export * from './appServicePlan';
+export * from './functionApp';
+export * from './deploymentScript';
+export * from './roleAssignment';
+export * from './logAnalyticsWorkspace';
+export * from './applicationInsights';

package/lib/bicep/resources/azure/index.js

@@ -0,0 +1,25 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./managedIdentity"), exports);
+__exportStar(require("./storageAccount"), exports);
+__exportStar(require("./appServicePlan"), exports);
+__exportStar(require("./functionApp"), exports);
+__exportStar(require("./deploymentScript"), exports);
+__exportStar(require("./roleAssignment"), exports);
+__exportStar(require("./logAnalyticsWorkspace"), exports);
+__exportStar(require("./applicationInsights"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2F6dXJlL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxvREFBa0M7QUFDbEMsbURBQWlDO0FBQ2pDLG1EQUFpQztBQUNqQyxnREFBOEI7QUFDOUIscURBQW1DO0FBQ25DLG1EQUFpQztBQUNqQywwREFBd0M7QUFDeEMsd0RBQXNDIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0ICogZnJvbSAnLi9tYW5hZ2VkSWRlbnRpdHknO1xuZXhwb3J0ICogZnJvbSAnLi9zdG9yYWdlQWNjb3VudCc7XG5leHBvcnQgKiBmcm9tICcuL2FwcFNlcnZpY2VQbGFuJztcbmV4cG9ydCAqIGZyb20gJy4vZnVuY3Rpb25BcHAnO1xuZXhwb3J0ICogZnJvbSAnLi9kZXBsb3ltZW50U2NyaXB0JztcbmV4cG9ydCAqIGZyb20gJy4vcm9sZUFzc2lnbm1lbnQnO1xuZXhwb3J0ICogZnJvbSAnLi9sb2dBbmFseXRpY3NXb3Jrc3BhY2UnO1xuZXhwb3J0ICogZnJvbSAnLi9hcHBsaWNhdGlvbkluc2lnaHRzJztcbiJdfQ==

package/lib/bicep/resources/azure/logAnalyticsWorkspace.d.ts

@@ -0,0 +1,11 @@
+import { BicepTemplate } from '../../deploy/template';
+import { BicepConstruct } from '../graph/bicepConstruct';
+export interface LogAnalyticsWorkspaceProps {
+    readonly name: string;
+}
+export declare class LogAnalyticsWorkspace extends BicepConstruct {
+    private props;
+    readonly id: string;
+    constructor(template: BicepTemplate, resourceName: string, props: LogAnalyticsWorkspaceProps);
+    synthesize(): void;
+}

package/lib/bicep/resources/azure/logAnalyticsWorkspace.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LogAnalyticsWorkspace = void 0;
+const bicepConstruct_1 = require("../graph/bicepConstruct");
+class LogAnalyticsWorkspace extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+        const pascalName = this.toPascalCase(resourceName);
+        this.id = `${pascalName}.id`;
+    }
+    synthesize() {
+        this.template.addResource(this.resourceName, {
+            type: 'Microsoft.OperationalInsights/workspaces',
+            apiVersion: '2022-10-01',
+            name: this.props.name,
+            location: 'location',
+            properties: {
+                sku: { name: 'PerGB2018' },
+                retentionInDays: 30,
+            },
+        });
+    }
+}
+exports.LogAnalyticsWorkspace = LogAnalyticsWorkspace;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibG9nQW5hbHl0aWNzV29ya3NwYWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2JpY2VwL3Jlc291cmNlcy9henVyZS9sb2dBbmFseXRpY3NXb3Jrc3BhY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EsNERBQXlEO0FBTXpELE1BQWEscUJBQXNCLFNBQVEsK0JBQWM7SUFHdkQsWUFBWSxRQUF1QixFQUFFLFlBQW9CLEVBQVUsS0FBaUM7UUFDbEcsS0FBSyxDQUFDLFFBQVEsRUFBRSxZQUFZLENBQUMsQ0FBQztRQURtQyxVQUFLLEdBQUwsS0FBSyxDQUE0QjtRQUVsRyxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBQ25ELElBQUksQ0FBQyxFQUFFLEdBQUcsR0FBRyxVQUFVLEtBQUssQ0FBQztJQUMvQixDQUFDO0lBRUQsVUFBVTtRQUNSLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUU7WUFDM0MsSUFBSSxFQUFFLDBDQUEwQztZQUNoRCxVQUFVLEVBQUUsWUFBWTtZQUN4QixJQUFJLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJO1lBQ3JCLFFBQVEsRUFBRSxVQUFVO1lBQ3BCLFVBQVUsRUFBRTtnQkFDVixHQUFHLEVBQUUsRUFBRSxJQUFJLEVBQUUsV0FBVyxFQUFFO2dCQUMxQixlQUFlLEVBQUUsRUFBRTthQUNwQjtTQUNGLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQXJCRCxzREFxQkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBCaWNlcFRlbXBsYXRlIH0gZnJvbSAnLi4vLi4vZGVwbG95L3RlbXBsYXRlJztcbmltcG9ydCB7IEJpY2VwQ29uc3RydWN0IH0gZnJvbSAnLi4vZ3JhcGgvYmljZXBDb25zdHJ1Y3QnO1xuXG5leHBvcnQgaW50ZXJmYWNlIExvZ0FuYWx5dGljc1dvcmtzcGFjZVByb3BzIHtcbiAgcmVhZG9ubHkgbmFtZTogc3RyaW5nO1xufVxuXG5leHBvcnQgY2xhc3MgTG9nQW5hbHl0aWNzV29ya3NwYWNlIGV4dGVuZHMgQmljZXBDb25zdHJ1Y3Qge1xuICBwdWJsaWMgcmVhZG9ubHkgaWQ6IHN0cmluZztcblxuICBjb25zdHJ1Y3Rvcih0ZW1wbGF0ZTogQmljZXBUZW1wbGF0ZSwgcmVzb3VyY2VOYW1lOiBzdHJpbmcsIHByaXZhdGUgcHJvcHM6IExvZ0FuYWx5dGljc1dvcmtzcGFjZVByb3BzKSB7XG4gICAgc3VwZXIodGVtcGxhdGUsIHJlc291cmNlTmFtZSk7XG4gICAgY29uc3QgcGFzY2FsTmFtZSA9IHRoaXMudG9QYXNjYWxDYXNlKHJlc291cmNlTmFtZSk7XG4gICAgdGhpcy5pZCA9IGAke3Bhc2NhbE5hbWV9LmlkYDtcbiAgfVxuXG4gIHN5bnRoZXNpemUoKTogdm9pZCB7XG4gICAgdGhpcy50ZW1wbGF0ZS5hZGRSZXNvdXJjZSh0aGlzLnJlc291cmNlTmFtZSwge1xuICAgICAgdHlwZTogJ01pY3Jvc29mdC5PcGVyYXRpb25hbEluc2lnaHRzL3dvcmtzcGFjZXMnLFxuICAgICAgYXBpVmVyc2lvbjogJzIwMjItMTAtMDEnLFxuICAgICAgbmFtZTogdGhpcy5wcm9wcy5uYW1lLFxuICAgICAgbG9jYXRpb246ICdsb2NhdGlvbicsXG4gICAgICBwcm9wZXJ0aWVzOiB7XG4gICAgICAgIHNrdTogeyBuYW1lOiAnUGVyR0IyMDE4JyB9LFxuICAgICAgICByZXRlbnRpb25JbkRheXM6IDMwLFxuICAgICAgfSxcbiAgICB9KTtcbiAgfVxufVxuIl19

package/lib/bicep/resources/azure/managedIdentity.d.ts

@@ -0,0 +1,13 @@
+import { BicepTemplate } from '../../deploy/template';
+import { BicepConstruct } from '../graph/bicepConstruct';
+export interface ManagedIdentityProps {
+    readonly name: string;
+}
+export declare class ManagedIdentity extends BicepConstruct {
+    private props;
+    readonly id: string;
+    readonly principalId: string;
+    readonly clientId: string;
+    constructor(template: BicepTemplate, resourceName: string, props: ManagedIdentityProps);
+    synthesize(): void;
+}

package/lib/bicep/resources/azure/managedIdentity.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ManagedIdentity = void 0;
+const bicepConstruct_1 = require("../graph/bicepConstruct");
+class ManagedIdentity extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+        const pascalName = this.toPascalCase(resourceName);
+        this.id = `${pascalName}.id`;
+        this.principalId = `${pascalName}.properties.principalId`;
+        this.clientId = `${pascalName}.properties.clientId`;
+    }
+    synthesize() {
+        this.template.addResource(this.resourceName, {
+            type: 'Microsoft.ManagedIdentity/userAssignedIdentities',
+            apiVersion: '2023-01-31',
+            name: this.props.name,
+            location: 'location',
+        });
+    }
+}
+exports.ManagedIdentity = ManagedIdentity;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWFuYWdlZElkZW50aXR5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2JpY2VwL3Jlc291cmNlcy9henVyZS9tYW5hZ2VkSWRlbnRpdHkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EsNERBQXlEO0FBTXpELE1BQWEsZUFBZ0IsU0FBUSwrQkFBYztJQUtqRCxZQUFZLFFBQXVCLEVBQUUsWUFBb0IsRUFBVSxLQUEyQjtRQUM1RixLQUFLLENBQUMsUUFBUSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBRG1DLFVBQUssR0FBTCxLQUFLLENBQXNCO1FBRTVGLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDbkQsSUFBSSxDQUFDLEVBQUUsR0FBRyxHQUFHLFVBQVUsS0FBSyxDQUFDO1FBQzdCLElBQUksQ0FBQyxXQUFXLEdBQUcsR0FBRyxVQUFVLHlCQUF5QixDQUFDO1FBQzFELElBQUksQ0FBQyxRQUFRLEdBQUcsR0FBRyxVQUFVLHNCQUFzQixDQUFDO0lBQ3RELENBQUM7SUFFRCxVQUFVO1FBQ1IsSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLFlBQVksRUFBRTtZQUMzQyxJQUFJLEVBQUUsa0RBQWtEO1lBQ3hELFVBQVUsRUFBRSxZQUFZO1lBQ3hCLElBQUksRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUk7WUFDckIsUUFBUSxFQUFFLFVBQVU7U0FDckIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBckJELDBDQXFCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEJpY2VwVGVtcGxhdGUgfSBmcm9tICcuLi8uLi9kZXBsb3kvdGVtcGxhdGUnO1xuaW1wb3J0IHsgQmljZXBDb25zdHJ1Y3QgfSBmcm9tICcuLi9ncmFwaC9iaWNlcENvbnN0cnVjdCc7XG5cbmV4cG9ydCBpbnRlcmZhY2UgTWFuYWdlZElkZW50aXR5UHJvcHMge1xuICByZWFkb25seSBuYW1lOiBzdHJpbmc7XG59XG5cbmV4cG9ydCBjbGFzcyBNYW5hZ2VkSWRlbnRpdHkgZXh0ZW5kcyBCaWNlcENvbnN0cnVjdCB7XG4gIHB1YmxpYyByZWFkb25seSBpZDogc3RyaW5nO1xuICBwdWJsaWMgcmVhZG9ubHkgcHJpbmNpcGFsSWQ6IHN0cmluZztcbiAgcHVibGljIHJlYWRvbmx5IGNsaWVudElkOiBzdHJpbmc7XG5cbiAgY29uc3RydWN0b3IodGVtcGxhdGU6IEJpY2VwVGVtcGxhdGUsIHJlc291cmNlTmFtZTogc3RyaW5nLCBwcml2YXRlIHByb3BzOiBNYW5hZ2VkSWRlbnRpdHlQcm9wcykge1xuICAgIHN1cGVyKHRlbXBsYXRlLCByZXNvdXJjZU5hbWUpO1xuICAgIGNvbnN0IHBhc2NhbE5hbWUgPSB0aGlzLnRvUGFzY2FsQ2FzZShyZXNvdXJjZU5hbWUpO1xuICAgIHRoaXMuaWQgPSBgJHtwYXNjYWxOYW1lfS5pZGA7XG4gICAgdGhpcy5wcmluY2lwYWxJZCA9IGAke3Bhc2NhbE5hbWV9LnByb3BlcnRpZXMucHJpbmNpcGFsSWRgO1xuICAgIHRoaXMuY2xpZW50SWQgPSBgJHtwYXNjYWxOYW1lfS5wcm9wZXJ0aWVzLmNsaWVudElkYDtcbiAgfVxuXG4gIHN5bnRoZXNpemUoKTogdm9pZCB7XG4gICAgdGhpcy50ZW1wbGF0ZS5hZGRSZXNvdXJjZSh0aGlzLnJlc291cmNlTmFtZSwge1xuICAgICAgdHlwZTogJ01pY3Jvc29mdC5NYW5hZ2VkSWRlbnRpdHkvdXNlckFzc2lnbmVkSWRlbnRpdGllcycsXG4gICAgICBhcGlWZXJzaW9uOiAnMjAyMy0wMS0zMScsXG4gICAgICBuYW1lOiB0aGlzLnByb3BzLm5hbWUsXG4gICAgICBsb2NhdGlvbjogJ2xvY2F0aW9uJyxcbiAgICB9KTtcbiAgfVxufVxuIl19

package/lib/bicep/resources/azure/roleAssignment.d.ts

@@ -0,0 +1,18 @@
+import { ManagedIdentity } from './managedIdentity';
+import { BicepTemplate } from '../../deploy/template';
+import { BicepConstruct } from '../graph/bicepConstruct';
+export declare const AzureBuiltInRole: {
+    readonly CONTRIBUTOR: "b24988ac-6180-42a0-ab88-20f7382dd24c";
+    readonly WEBSITE_CONTRIBUTOR: "de139f84-1756-47ae-9be6-808fbbe84772";
+    readonly STORAGE_BLOB_DATA_CONTRIBUTOR: "ba92f5b4-2d11-453d-a403-e96b0029c9fe";
+};
+export interface RoleAssignmentProps {
+    readonly name: string;
+    readonly roleDefinitionId: string;
+    readonly principalId: ManagedIdentity | string;
+}
+export declare class RoleAssignment extends BicepConstruct {
+    private props;
+    constructor(template: BicepTemplate, resourceName: string, props: RoleAssignmentProps);
+    synthesize(): void;
+}

package/lib/bicep/resources/azure/roleAssignment.js

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RoleAssignment = exports.AzureBuiltInRole = void 0;
+const bicepConstruct_1 = require("../graph/bicepConstruct");
+// Well-known Azure built-in role definition IDs
+exports.AzureBuiltInRole = {
+    CONTRIBUTOR: 'b24988ac-6180-42a0-ab88-20f7382dd24c',
+    WEBSITE_CONTRIBUTOR: 'de139f84-1756-47ae-9be6-808fbbe84772',
+    STORAGE_BLOB_DATA_CONTRIBUTOR: 'ba92f5b4-2d11-453d-a403-e96b0029c9fe',
+};
+class RoleAssignment extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+    }
+    synthesize() {
+        const principalId = typeof this.props.principalId === 'string'
+            ? this.props.principalId
+            : this.props.principalId.principalId;
+        this.template.addResource(this.resourceName, {
+            type: 'Microsoft.Authorization/roleAssignments',
+            apiVersion: '2022-04-01',
+            name: this.props.name,
+            properties: {
+                roleDefinitionId: `subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '${this.props.roleDefinitionId}')`,
+                principalId: principalId,
+                principalType: '\'ServicePrincipal\'',
+            },
+            dependsOn: this.explicitDependencies.length > 0 ? this.explicitDependencies : undefined,
+        });
+    }
+}
+exports.RoleAssignment = RoleAssignment;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm9sZUFzc2lnbm1lbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2F6dXJlL3JvbGVBc3NpZ25tZW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUVBLDREQUF5RDtBQUV6RCxnREFBZ0Q7QUFDbkMsUUFBQSxnQkFBZ0IsR0FBRztJQUM5QixXQUFXLEVBQUUsc0NBQXNDO0lBQ25ELG1CQUFtQixFQUFFLHNDQUFzQztJQUMzRCw2QkFBNkIsRUFBRSxzQ0FBc0M7Q0FDN0QsQ0FBQztBQVFYLE1BQWEsY0FBZSxTQUFRLCtCQUFjO0lBQ2hELFlBQVksUUFBdUIsRUFBRSxZQUFvQixFQUFVLEtBQTBCO1FBQzNGLEtBQUssQ0FBQyxRQUFRLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFEbUMsVUFBSyxHQUFMLEtBQUssQ0FBcUI7SUFFN0YsQ0FBQztJQUVELFVBQVU7UUFDUixNQUFNLFdBQVcsR0FBRyxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsV0FBVyxLQUFLLFFBQVE7WUFDNUQsQ0FBQyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsV0FBVztZQUN4QixDQUFDLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsV0FBVyxDQUFDO1FBRXZDLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUU7WUFDM0MsSUFBSSxFQUFFLHlDQUF5QztZQUMvQyxVQUFVLEVBQUUsWUFBWTtZQUN4QixJQUFJLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJO1lBQ3JCLFVBQVUsRUFBRTtnQkFDVixnQkFBZ0IsRUFBRSxzRUFBc0UsSUFBSSxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsSUFBSTtnQkFDdkgsV0FBVyxFQUFFLFdBQVc7Z0JBQ3hCLGFBQWEsRUFBRSxzQkFBc0I7YUFDdEM7WUFDRCxTQUFTLEVBQUUsSUFBSSxDQUFDLG9CQUFvQixDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDLENBQUMsU0FBUztTQUN4RixDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUF0QkQsd0NBc0JDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgTWFuYWdlZElkZW50aXR5IH0gZnJvbSAnLi9tYW5hZ2VkSWRlbnRpdHknO1xuaW1wb3J0IHsgQmljZXBUZW1wbGF0ZSB9IGZyb20gJy4uLy4uL2RlcGxveS90ZW1wbGF0ZSc7XG5pbXBvcnQgeyBCaWNlcENvbnN0cnVjdCB9IGZyb20gJy4uL2dyYXBoL2JpY2VwQ29uc3RydWN0JztcblxuLy8gV2VsbC1rbm93biBBenVyZSBidWlsdC1pbiByb2xlIGRlZmluaXRpb24gSURzXG5leHBvcnQgY29uc3QgQXp1cmVCdWlsdEluUm9sZSA9IHtcbiAgQ09OVFJJQlVUT1I6ICdiMjQ5ODhhYy02MTgwLTQyYTAtYWI4OC0yMGY3MzgyZGQyNGMnLFxuICBXRUJTSVRFX0NPTlRSSUJVVE9SOiAnZGUxMzlmODQtMTc1Ni00N2FlLTliZTYtODA4ZmJiZTg0NzcyJyxcbiAgU1RPUkFHRV9CTE9CX0RBVEFfQ09OVFJJQlVUT1I6ICdiYTkyZjViNC0yZDExLTQ1M2QtYTQwMy1lOTZiMDAyOWM5ZmUnLFxufSBhcyBjb25zdDtcblxuZXhwb3J0IGludGVyZmFjZSBSb2xlQXNzaWdubWVudFByb3BzIHtcbiAgcmVhZG9ubHkgbmFtZTogc3RyaW5nO1xuICByZWFkb25seSByb2xlRGVmaW5pdGlvbklkOiBzdHJpbmc7XG4gIHJlYWRvbmx5IHByaW5jaXBhbElkOiBNYW5hZ2VkSWRlbnRpdHkgfCBzdHJpbmc7XG59XG5cbmV4cG9ydCBjbGFzcyBSb2xlQXNzaWdubWVudCBleHRlbmRzIEJpY2VwQ29uc3RydWN0IHtcbiAgY29uc3RydWN0b3IodGVtcGxhdGU6IEJpY2VwVGVtcGxhdGUsIHJlc291cmNlTmFtZTogc3RyaW5nLCBwcml2YXRlIHByb3BzOiBSb2xlQXNzaWdubWVudFByb3BzKSB7XG4gICAgc3VwZXIodGVtcGxhdGUsIHJlc291cmNlTmFtZSk7XG4gIH1cblxuICBzeW50aGVzaXplKCk6IHZvaWQge1xuICAgIGNvbnN0IHByaW5jaXBhbElkID0gdHlwZW9mIHRoaXMucHJvcHMucHJpbmNpcGFsSWQgPT09ICdzdHJpbmcnXG4gICAgICA/IHRoaXMucHJvcHMucHJpbmNpcGFsSWRcbiAgICAgIDogdGhpcy5wcm9wcy5wcmluY2lwYWxJZC5wcmluY2lwYWxJZDtcblxuICAgIHRoaXMudGVtcGxhdGUuYWRkUmVzb3VyY2UodGhpcy5yZXNvdXJjZU5hbWUsIHtcbiAgICAgIHR5cGU6ICdNaWNyb3NvZnQuQXV0aG9yaXphdGlvbi9yb2xlQXNzaWdubWVudHMnLFxuICAgICAgYXBpVmVyc2lvbjogJzIwMjItMDQtMDEnLFxuICAgICAgbmFtZTogdGhpcy5wcm9wcy5uYW1lLFxuICAgICAgcHJvcGVydGllczoge1xuICAgICAgICByb2xlRGVmaW5pdGlvbklkOiBgc3Vic2NyaXB0aW9uUmVzb3VyY2VJZCgnTWljcm9zb2Z0LkF1dGhvcml6YXRpb24vcm9sZURlZmluaXRpb25zJywgJyR7dGhpcy5wcm9wcy5yb2xlRGVmaW5pdGlvbklkfScpYCxcbiAgICAgICAgcHJpbmNpcGFsSWQ6IHByaW5jaXBhbElkLFxuICAgICAgICBwcmluY2lwYWxUeXBlOiAnXFwnU2VydmljZVByaW5jaXBhbFxcJycsXG4gICAgICB9LFxuICAgICAgZGVwZW5kc09uOiB0aGlzLmV4cGxpY2l0RGVwZW5kZW5jaWVzLmxlbmd0aCA+IDAgPyB0aGlzLmV4cGxpY2l0RGVwZW5kZW5jaWVzIDogdW5kZWZpbmVkLFxuICAgIH0pO1xuICB9XG59XG4iXX0=

package/lib/bicep/resources/azure/storageAccount.d.ts

@@ -0,0 +1,11 @@
+import { BicepTemplate } from '../../deploy/template';
+import { BicepConstruct } from '../graph/bicepConstruct';
+export interface StorageAccountProps {
+    readonly name: string;
+}
+export declare class StorageAccount extends BicepConstruct {
+    private props;
+    readonly name: string;
+    constructor(template: BicepTemplate, resourceName: string, props: StorageAccountProps);
+    synthesize(): void;
+}

package/lib/bicep/resources/azure/storageAccount.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.StorageAccount = void 0;
+const bicepConstruct_1 = require("../graph/bicepConstruct");
+class StorageAccount extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+        const pascalName = this.toPascalCase(resourceName);
+        this.name = `${pascalName}.name`;
+    }
+    synthesize() {
+        this.template.addResource(this.resourceName, {
+            type: 'Microsoft.Storage/storageAccounts',
+            apiVersion: '2023-01-01',
+            name: this.props.name,
+            location: 'location',
+            sku: { name: 'Standard_LRS' },
+            kind: 'StorageV2',
+            properties: {
+                minimumTlsVersion: 'TLS1_2',
+                supportsHttpsTrafficOnly: true,
+            },
+        });
+    }
+}
+exports.StorageAccount = StorageAccount;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3RvcmFnZUFjY291bnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2F6dXJlL3N0b3JhZ2VBY2NvdW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLDREQUF5RDtBQU16RCxNQUFhLGNBQWUsU0FBUSwrQkFBYztJQUdoRCxZQUFZLFFBQXVCLEVBQUUsWUFBb0IsRUFBVSxLQUEwQjtRQUMzRixLQUFLLENBQUMsUUFBUSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBRG1DLFVBQUssR0FBTCxLQUFLLENBQXFCO1FBRTNGLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDbkQsSUFBSSxDQUFDLElBQUksR0FBRyxHQUFHLFVBQVUsT0FBTyxDQUFDO0lBQ25DLENBQUM7SUFFRCxVQUFVO1FBQ1IsSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLFlBQVksRUFBRTtZQUMzQyxJQUFJLEVBQUUsbUNBQW1DO1lBQ3pDLFVBQVUsRUFBRSxZQUFZO1lBQ3hCLElBQUksRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUk7WUFDckIsUUFBUSxFQUFFLFVBQVU7WUFDcEIsR0FBRyxFQUFFLEVBQUUsSUFBSSxFQUFFLGNBQWMsRUFBRTtZQUM3QixJQUFJLEVBQUUsV0FBVztZQUNqQixVQUFVLEVBQUU7Z0JBQ1YsaUJBQWlCLEVBQUUsUUFBUTtnQkFDM0Isd0JBQXdCLEVBQUUsSUFBSTthQUMvQjtTQUNGLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQXZCRCx3Q0F1QkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBCaWNlcFRlbXBsYXRlIH0gZnJvbSAnLi4vLi4vZGVwbG95L3RlbXBsYXRlJztcbmltcG9ydCB7IEJpY2VwQ29uc3RydWN0IH0gZnJvbSAnLi4vZ3JhcGgvYmljZXBDb25zdHJ1Y3QnO1xuXG5leHBvcnQgaW50ZXJmYWNlIFN0b3JhZ2VBY2NvdW50UHJvcHMge1xuICByZWFkb25seSBuYW1lOiBzdHJpbmc7XG59XG5cbmV4cG9ydCBjbGFzcyBTdG9yYWdlQWNjb3VudCBleHRlbmRzIEJpY2VwQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IG5hbWU6IHN0cmluZztcblxuICBjb25zdHJ1Y3Rvcih0ZW1wbGF0ZTogQmljZXBUZW1wbGF0ZSwgcmVzb3VyY2VOYW1lOiBzdHJpbmcsIHByaXZhdGUgcHJvcHM6IFN0b3JhZ2VBY2NvdW50UHJvcHMpIHtcbiAgICBzdXBlcih0ZW1wbGF0ZSwgcmVzb3VyY2VOYW1lKTtcbiAgICBjb25zdCBwYXNjYWxOYW1lID0gdGhpcy50b1Bhc2NhbENhc2UocmVzb3VyY2VOYW1lKTtcbiAgICB0aGlzLm5hbWUgPSBgJHtwYXNjYWxOYW1lfS5uYW1lYDtcbiAgfVxuXG4gIHN5bnRoZXNpemUoKTogdm9pZCB7XG4gICAgdGhpcy50ZW1wbGF0ZS5hZGRSZXNvdXJjZSh0aGlzLnJlc291cmNlTmFtZSwge1xuICAgICAgdHlwZTogJ01pY3Jvc29mdC5TdG9yYWdlL3N0b3JhZ2VBY2NvdW50cycsXG4gICAgICBhcGlWZXJzaW9uOiAnMjAyMy0wMS0wMScsXG4gICAgICBuYW1lOiB0aGlzLnByb3BzLm5hbWUsXG4gICAgICBsb2NhdGlvbjogJ2xvY2F0aW9uJyxcbiAgICAgIHNrdTogeyBuYW1lOiAnU3RhbmRhcmRfTFJTJyB9LFxuICAgICAga2luZDogJ1N0b3JhZ2VWMicsXG4gICAgICBwcm9wZXJ0aWVzOiB7XG4gICAgICAgIG1pbmltdW1UbHNWZXJzaW9uOiAnVExTMV8yJyxcbiAgICAgICAgc3VwcG9ydHNIdHRwc1RyYWZmaWNPbmx5OiB0cnVlLFxuICAgICAgfSxcbiAgICB9KTtcbiAgfVxufVxuIl19

package/lib/bicep/resources/graph/appRoleAssignment.d.ts

@@ -0,0 +1,25 @@
+import { BicepConstruct } from './bicepConstruct';
+import { ExistingServicePrincipal } from './existingServicePrincipal';
+import { Group } from './group';
+import { ServicePrincipal } from './servicePrincipal';
+import { BicepTemplate } from '../../deploy/template';
+/**
+ * Properties for Graph App Role Assignment construct
+ */
+export interface AppRoleAssignmentProps {
+    /** The service principal (resource) that owns the app role */
+    readonly resourceServicePrincipal: ServicePrincipal | ExistingServicePrincipal | string;
+    /** The principal (group, user, or managed identity) to assign the role to */
+    readonly principal: Group | string;
+    /** The app role ID (use '00000000-0000-0000-0000-000000000000' for default access) */
+    readonly appRoleId: string;
+}
+/**
+ * CDK-style construct for Microsoft Graph App Role Assignment
+ * Assigns a principal (group, user, managed identity) to a service principal app role
+ */
+export declare class AppRoleAssignment extends BicepConstruct {
+    readonly props: AppRoleAssignmentProps;
+    constructor(template: BicepTemplate, resourceName: string, props: AppRoleAssignmentProps);
+    synthesize(): void;
+}

package/lib/bicep/resources/graph/appRoleAssignment.js

@@ -0,0 +1,33 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AppRoleAssignment = void 0;
+const bicepConstruct_1 = require("./bicepConstruct");
+/**
+ * CDK-style construct for Microsoft Graph App Role Assignment
+ * Assigns a principal (group, user, managed identity) to a service principal app role
+ */
+class AppRoleAssignment extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+    }
+    synthesize() {
+        const principalId = typeof this.props.principal === 'string'
+            ? this.props.principal
+            : this.props.principal.groupId;
+        const resourceId = typeof this.props.resourceServicePrincipal === 'string'
+            ? this.props.resourceServicePrincipal
+            : this.props.resourceServicePrincipal.servicePrincipalId;
+        this.template.addResource(this.resourceName, {
+            type: 'Microsoft.Graph/appRoleAssignedTo',
+            apiVersion: 'v1.0',
+            comment: 'Assign principal to application role',
+            principalId: principalId,
+            resourceId: resourceId,
+            appRoleId: this.props.appRoleId,
+            dependsOn: this.explicitDependencies.length > 0 ? this.explicitDependencies : undefined,
+        });
+    }
+}
+exports.AppRoleAssignment = AppRoleAssignment;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXBwUm9sZUFzc2lnbm1lbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2dyYXBoL2FwcFJvbGVBc3NpZ25tZW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLHFEQUFrRDtBQWtCbEQ7OztHQUdHO0FBQ0gsTUFBYSxpQkFBa0IsU0FBUSwrQkFBYztJQUNuRCxZQUFZLFFBQXVCLEVBQUUsWUFBb0IsRUFBa0IsS0FBNkI7UUFDdEcsS0FBSyxDQUFDLFFBQVEsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUQyQyxVQUFLLEdBQUwsS0FBSyxDQUF3QjtJQUV4RyxDQUFDO0lBRUQsVUFBVTtRQUNSLE1BQU0sV0FBVyxHQUFHLE9BQU8sSUFBSSxDQUFDLEtBQUssQ0FBQyxTQUFTLEtBQUssUUFBUTtZQUMxRCxDQUFDLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxTQUFTO1lBQ3RCLENBQUMsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUM7UUFFakMsTUFBTSxVQUFVLEdBQUcsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDLHdCQUF3QixLQUFLLFFBQVE7WUFDeEUsQ0FBQyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsd0JBQXdCO1lBQ3JDLENBQUMsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLHdCQUF3QixDQUFDLGtCQUFrQixDQUFDO1FBRTNELElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUU7WUFDM0MsSUFBSSxFQUFFLG1DQUFtQztZQUN6QyxVQUFVLEVBQUUsTUFBTTtZQUNsQixPQUFPLEVBQUUsc0NBQXNDO1lBQy9DLFdBQVcsRUFBRSxXQUFXO1lBQ3hCLFVBQVUsRUFBRSxVQUFVO1lBQ3RCLFNBQVMsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFNBQVM7WUFDL0IsU0FBUyxFQUFFLElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsb0JBQW9CLENBQUMsQ0FBQyxDQUFDLFNBQVM7U0FDeEYsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBeEJELDhDQXdCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEJpY2VwQ29uc3RydWN0IH0gZnJvbSAnLi9iaWNlcENvbnN0cnVjdCc7XG5pbXBvcnQgeyBFeGlzdGluZ1NlcnZpY2VQcmluY2lwYWwgfSBmcm9tICcuL2V4aXN0aW5nU2VydmljZVByaW5jaXBhbCc7XG5pbXBvcnQgeyBHcm91cCB9IGZyb20gJy4vZ3JvdXAnO1xuaW1wb3J0IHsgU2VydmljZVByaW5jaXBhbCB9IGZyb20gJy4vc2VydmljZVByaW5jaXBhbCc7XG5pbXBvcnQgeyBCaWNlcFRlbXBsYXRlIH0gZnJvbSAnLi4vLi4vZGVwbG95L3RlbXBsYXRlJztcblxuLyoqXG4gKiBQcm9wZXJ0aWVzIGZvciBHcmFwaCBBcHAgUm9sZSBBc3NpZ25tZW50IGNvbnN0cnVjdFxuICovXG5leHBvcnQgaW50ZXJmYWNlIEFwcFJvbGVBc3NpZ25tZW50UHJvcHMge1xuICAvKiogVGhlIHNlcnZpY2UgcHJpbmNpcGFsIChyZXNvdXJjZSkgdGhhdCBvd25zIHRoZSBhcHAgcm9sZSAqL1xuICByZWFkb25seSByZXNvdXJjZVNlcnZpY2VQcmluY2lwYWw6IFNlcnZpY2VQcmluY2lwYWwgfCBFeGlzdGluZ1NlcnZpY2VQcmluY2lwYWwgfCBzdHJpbmc7XG4gIC8qKiBUaGUgcHJpbmNpcGFsIChncm91cCwgdXNlciwgb3IgbWFuYWdlZCBpZGVudGl0eSkgdG8gYXNzaWduIHRoZSByb2xlIHRvICovXG4gIHJlYWRvbmx5IHByaW5jaXBhbDogR3JvdXAgfCBzdHJpbmc7XG4gIC8qKiBUaGUgYXBwIHJvbGUgSUQgKHVzZSAnMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwJyBmb3IgZGVmYXVsdCBhY2Nlc3MpICovXG4gIHJlYWRvbmx5IGFwcFJvbGVJZDogc3RyaW5nO1xufVxuXG4vKipcbiAqIENESy1zdHlsZSBjb25zdHJ1Y3QgZm9yIE1pY3Jvc29mdCBHcmFwaCBBcHAgUm9sZSBBc3NpZ25tZW50XG4gKiBBc3NpZ25zIGEgcHJpbmNpcGFsIChncm91cCwgdXNlciwgbWFuYWdlZCBpZGVudGl0eSkgdG8gYSBzZXJ2aWNlIHByaW5jaXBhbCBhcHAgcm9sZVxuICovXG5leHBvcnQgY2xhc3MgQXBwUm9sZUFzc2lnbm1lbnQgZXh0ZW5kcyBCaWNlcENvbnN0cnVjdCB7XG4gIGNvbnN0cnVjdG9yKHRlbXBsYXRlOiBCaWNlcFRlbXBsYXRlLCByZXNvdXJjZU5hbWU6IHN0cmluZywgcHVibGljIHJlYWRvbmx5IHByb3BzOiBBcHBSb2xlQXNzaWdubWVudFByb3BzKSB7XG4gICAgc3VwZXIodGVtcGxhdGUsIHJlc291cmNlTmFtZSk7XG4gIH1cblxuICBzeW50aGVzaXplKCk6IHZvaWQge1xuICAgIGNvbnN0IHByaW5jaXBhbElkID0gdHlwZW9mIHRoaXMucHJvcHMucHJpbmNpcGFsID09PSAnc3RyaW5nJ1xuICAgICAgPyB0aGlzLnByb3BzLnByaW5jaXBhbFxuICAgICAgOiB0aGlzLnByb3BzLnByaW5jaXBhbC5ncm91cElkO1xuXG4gICAgY29uc3QgcmVzb3VyY2VJZCA9IHR5cGVvZiB0aGlzLnByb3BzLnJlc291cmNlU2VydmljZVByaW5jaXBhbCA9PT0gJ3N0cmluZydcbiAgICAgID8gdGhpcy5wcm9wcy5yZXNvdXJjZVNlcnZpY2VQcmluY2lwYWxcbiAgICAgIDogdGhpcy5wcm9wcy5yZXNvdXJjZVNlcnZpY2VQcmluY2lwYWwuc2VydmljZVByaW5jaXBhbElkO1xuXG4gICAgdGhpcy50ZW1wbGF0ZS5hZGRSZXNvdXJjZSh0aGlzLnJlc291cmNlTmFtZSwge1xuICAgICAgdHlwZTogJ01pY3Jvc29mdC5HcmFwaC9hcHBSb2xlQXNzaWduZWRUbycsXG4gICAgICBhcGlWZXJzaW9uOiAndjEuMCcsXG4gICAgICBjb21tZW50OiAnQXNzaWduIHByaW5jaXBhbCB0byBhcHBsaWNhdGlvbiByb2xlJyxcbiAgICAgIHByaW5jaXBhbElkOiBwcmluY2lwYWxJZCxcbiAgICAgIHJlc291cmNlSWQ6IHJlc291cmNlSWQsXG4gICAgICBhcHBSb2xlSWQ6IHRoaXMucHJvcHMuYXBwUm9sZUlkLFxuICAgICAgZGVwZW5kc09uOiB0aGlzLmV4cGxpY2l0RGVwZW5kZW5jaWVzLmxlbmd0aCA+IDAgPyB0aGlzLmV4cGxpY2l0RGVwZW5kZW5jaWVzIDogdW5kZWZpbmVkLFxuICAgIH0pO1xuICB9XG59Il19

package/lib/bicep/resources/graph/application.d.ts

@@ -0,0 +1,51 @@
+import { BicepConstruct } from './bicepConstruct';
+import * as types from './types';
+import { BicepTemplate } from '../../deploy/template';
+/**
+ * Properties for Graph Application construct
+ */
+export interface ApplicationProps {
+    /** Display name of the application */
+    readonly displayName: string;
+    /** Redirect URIs for web authentication */
+    readonly redirectUris: string[];
+    /** Supported account types */
+    readonly signInAudience?: types.SignInAudience;
+    /** App roles for the application */
+    readonly appRoles?: Array<{
+        id: string;
+        displayName: string;
+        description: string;
+        value: string;
+        allowedMemberTypes: types.AllowedMemberType[];
+        isEnabled: boolean;
+    }>;
+    /** Required resource access permissions */
+    readonly requiredResourceAccess?: Array<{
+        resourceAppId: types.ResourceAppId;
+        resourceAccess: Array<{
+            id: types.MicrosoftGraphPermission;
+            type: types.PermissionType;
+        }>;
+    }>;
+    /** Identifier URIs (App ID URIs) for the application when used as a resource app */
+    readonly identifierUris?: string[];
+    /** Optional claims configuration */
+    readonly optionalClaims?: {
+        idToken?: Array<{
+            name: string;
+            essential: boolean;
+            source?: string;
+        }>;
+    };
+}
+/**
+ * CDK-style construct for Microsoft Graph Application
+ */
+export declare class Application extends BicepConstruct {
+    readonly props: ApplicationProps;
+    readonly appId: string;
+    readonly applicationId: string;
+    constructor(template: BicepTemplate, resourceName: string, props: ApplicationProps);
+    synthesize(): void;
+}

package/lib/bicep/resources/graph/application.js

@@ -0,0 +1,88 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Application = void 0;
+const bicepConstruct_1 = require("./bicepConstruct");
+const types = __importStar(require("./types"));
+/**
+ * CDK-style construct for Microsoft Graph Application
+ */
+class Application extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+        const pascalName = this.toPascalCase(resourceName);
+        this.appId = `${pascalName}.appId`;
+        this.applicationId = `${pascalName}.id`;
+    }
+    synthesize() {
+        const resource = {
+            type: 'Microsoft.Graph/applications',
+            apiVersion: 'v1.0',
+            comment: 'Application registration with OAuth configuration',
+            uniqueName: this.props.displayName,
+            displayName: this.props.displayName,
+            signInAudience: this.props.signInAudience || types.SignInAudience.AZURE_AD_MY_ORG,
+            appRoles: this.props.appRoles || [],
+            web: {
+                redirectUris: this.props.redirectUris,
+                implicitGrantSettings: {
+                    enableIdTokenIssuance: true,
+                    enableAccessTokenIssuance: false,
+                },
+            },
+            requiredResourceAccess: this.props.requiredResourceAccess || [
+                {
+                    resourceAppId: types.ResourceAppId.MICROSOFT_GRAPH,
+                    resourceAccess: [
+                        {
+                            id: types.MicrosoftGraphPermission.USER_READ,
+                            type: types.PermissionType.SCOPE,
+                        },
+                    ],
+                },
+            ],
+        };
+        if (this.props.identifierUris) {
+            resource.identifierUris = this.props.identifierUris;
+        }
+        if (this.props.optionalClaims) {
+            resource.optionalClaims = this.props.optionalClaims;
+        }
+        this.template.addResource(this.resourceName, resource);
+    }
+}
+exports.Application = Application;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXBwbGljYXRpb24uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2dyYXBoL2FwcGxpY2F0aW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHFEQUFrRDtBQUNsRCwrQ0FBaUM7QUEwQ2pDOztHQUVHO0FBQ0gsTUFBYSxXQUFZLFNBQVEsK0JBQWM7SUFJN0MsWUFBWSxRQUF1QixFQUFFLFlBQW9CLEVBQWtCLEtBQXVCO1FBQ2hHLEtBQUssQ0FBQyxRQUFRLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFEMkMsVUFBSyxHQUFMLEtBQUssQ0FBa0I7UUFFaEcsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUNuRCxJQUFJLENBQUMsS0FBSyxHQUFHLEdBQUcsVUFBVSxRQUFRLENBQUM7UUFDbkMsSUFBSSxDQUFDLGFBQWEsR0FBRyxHQUFHLFVBQVUsS0FBSyxDQUFDO0lBQzFDLENBQUM7SUFFRCxVQUFVO1FBQ1IsTUFBTSxRQUFRLEdBQVE7WUFDcEIsSUFBSSxFQUFFLDhCQUE4QjtZQUNwQyxVQUFVLEVBQUUsTUFBTTtZQUNsQixPQUFPLEVBQUUsbURBQW1EO1lBQzVELFVBQVUsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVc7WUFDbEMsV0FBVyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsV0FBVztZQUNuQyxjQUFjLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxjQUFjLElBQUksS0FBSyxDQUFDLGNBQWMsQ0FBQyxlQUFlO1lBQ2pGLFFBQVEsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFFBQVEsSUFBSSxFQUFFO1lBQ25DLEdBQUcsRUFBRTtnQkFDSCxZQUFZLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxZQUFZO2dCQUNyQyxxQkFBcUIsRUFBRTtvQkFDckIscUJBQXFCLEVBQUUsSUFBSTtvQkFDM0IseUJBQXlCLEVBQUUsS0FBSztpQkFDakM7YUFDRjtZQUNELHNCQUFzQixFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsc0JBQXNCLElBQUk7Z0JBQzNEO29CQUNFLGFBQWEsRUFBRSxLQUFLLENBQUMsYUFBYSxDQUFDLGVBQWU7b0JBQ2xELGNBQWMsRUFBRTt3QkFDZDs0QkFDRSxFQUFFLEVBQUUsS0FBSyxDQUFDLHdCQUF3QixDQUFDLFNBQVM7NEJBQzVDLElBQUksRUFBRSxLQUFLLENBQUMsY0FBYyxDQUFDLEtBQUs7eUJBQ2pDO3FCQUNGO2lCQUNGO2FBQ0Y7U0FDRixDQUFDO1FBRUYsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLGNBQWMsRUFBRSxDQUFDO1lBQzlCLFFBQVEsQ0FBQyxjQUFjLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxjQUFjLENBQUM7UUFDdEQsQ0FBQztRQUVELElBQUksSUFBSSxDQUFDLEtBQUssQ0FBQyxjQUFjLEVBQUUsQ0FBQztZQUM5QixRQUFRLENBQUMsY0FBYyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsY0FBYyxDQUFDO1FBQ3RELENBQUM7UUFFRCxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxJQUFJLENBQUMsWUFBWSxFQUFFLFFBQVEsQ0FBQyxDQUFDO0lBQ3pELENBQUM7Q0FDRjtBQWxERCxrQ0FrREMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBCaWNlcENvbnN0cnVjdCB9IGZyb20gJy4vYmljZXBDb25zdHJ1Y3QnO1xuaW1wb3J0ICogYXMgdHlwZXMgZnJvbSAnLi90eXBlcyc7XG5pbXBvcnQgeyBCaWNlcFRlbXBsYXRlIH0gZnJvbSAnLi4vLi4vZGVwbG95L3RlbXBsYXRlJztcblxuLyoqXG4gKiBQcm9wZXJ0aWVzIGZvciBHcmFwaCBBcHBsaWNhdGlvbiBjb25zdHJ1Y3RcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBBcHBsaWNhdGlvblByb3BzIHtcbiAgLyoqIERpc3BsYXkgbmFtZSBvZiB0aGUgYXBwbGljYXRpb24gKi9cbiAgcmVhZG9ubHkgZGlzcGxheU5hbWU6IHN0cmluZztcbiAgLyoqIFJlZGlyZWN0IFVSSXMgZm9yIHdlYiBhdXRoZW50aWNhdGlvbiAqL1xuICByZWFkb25seSByZWRpcmVjdFVyaXM6IHN0cmluZ1tdO1xuICAvKiogU3VwcG9ydGVkIGFjY291bnQgdHlwZXMgKi9cbiAgcmVhZG9ubHkgc2lnbkluQXVkaWVuY2U/OiB0eXBlcy5TaWduSW5BdWRpZW5jZTtcbiAgLyoqIEFwcCByb2xlcyBmb3IgdGhlIGFwcGxpY2F0aW9uICovXG4gIHJlYWRvbmx5IGFwcFJvbGVzPzogQXJyYXk8e1xuICAgIGlkOiBzdHJpbmc7XG4gICAgZGlzcGxheU5hbWU6IHN0cmluZztcbiAgICBkZXNjcmlwdGlvbjogc3RyaW5nO1xuICAgIHZhbHVlOiBzdHJpbmc7XG4gICAgYWxsb3dlZE1lbWJlclR5cGVzOiB0eXBlcy5BbGxvd2VkTWVtYmVyVHlwZVtdO1xuICAgIGlzRW5hYmxlZDogYm9vbGVhbjtcbiAgfT47XG4gIC8qKiBSZXF1aXJlZCByZXNvdXJjZSBhY2Nlc3MgcGVybWlzc2lvbnMgKi9cbiAgcmVhZG9ubHkgcmVxdWlyZWRSZXNvdXJjZUFjY2Vzcz86IEFycmF5PHtcbiAgICByZXNvdXJjZUFwcElkOiB0eXBlcy5SZXNvdXJjZUFwcElkO1xuICAgIHJlc291cmNlQWNjZXNzOiBBcnJheTx7XG4gICAgICBpZDogdHlwZXMuTWljcm9zb2Z0R3JhcGhQZXJtaXNzaW9uO1xuICAgICAgdHlwZTogdHlwZXMuUGVybWlzc2lvblR5cGU7XG4gICAgfT47XG4gIH0+O1xuICAvKiogSWRlbnRpZmllciBVUklzIChBcHAgSUQgVVJJcykgZm9yIHRoZSBhcHBsaWNhdGlvbiB3aGVuIHVzZWQgYXMgYSByZXNvdXJjZSBhcHAgKi9cbiAgcmVhZG9ubHkgaWRlbnRpZmllclVyaXM/OiBzdHJpbmdbXTtcbiAgLyoqIE9wdGlvbmFsIGNsYWltcyBjb25maWd1cmF0aW9uICovXG4gIHJlYWRvbmx5IG9wdGlvbmFsQ2xhaW1zPzoge1xuICAgIGlkVG9rZW4/OiBBcnJheTx7XG4gICAgICBuYW1lOiBzdHJpbmc7XG4gICAgICBlc3NlbnRpYWw6IGJvb2xlYW47XG4gICAgICBzb3VyY2U/OiBzdHJpbmc7XG4gICAgfT47XG4gIH07XG59XG5cbi8qKlxuICogQ0RLLXN0eWxlIGNvbnN0cnVjdCBmb3IgTWljcm9zb2Z0IEdyYXBoIEFwcGxpY2F0aW9uXG4gKi9cbmV4cG9ydCBjbGFzcyBBcHBsaWNhdGlvbiBleHRlbmRzIEJpY2VwQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IGFwcElkOiBzdHJpbmc7XG4gIHB1YmxpYyByZWFkb25seSBhcHBsaWNhdGlvbklkOiBzdHJpbmc7XG5cbiAgY29uc3RydWN0b3IodGVtcGxhdGU6IEJpY2VwVGVtcGxhdGUsIHJlc291cmNlTmFtZTogc3RyaW5nLCBwdWJsaWMgcmVhZG9ubHkgcHJvcHM6IEFwcGxpY2F0aW9uUHJvcHMpIHtcbiAgICBzdXBlcih0ZW1wbGF0ZSwgcmVzb3VyY2VOYW1lKTtcbiAgICBjb25zdCBwYXNjYWxOYW1lID0gdGhpcy50b1Bhc2NhbENhc2UocmVzb3VyY2VOYW1lKTtcbiAgICB0aGlzLmFwcElkID0gYCR7cGFzY2FsTmFtZX0uYXBwSWRgO1xuICAgIHRoaXMuYXBwbGljYXRpb25JZCA9IGAke3Bhc2NhbE5hbWV9LmlkYDtcbiAgfVxuXG4gIHN5bnRoZXNpemUoKTogdm9pZCB7XG4gICAgY29uc3QgcmVzb3VyY2U6IGFueSA9IHtcbiAgICAgIHR5cGU6ICdNaWNyb3NvZnQuR3JhcGgvYXBwbGljYXRpb25zJyxcbiAgICAgIGFwaVZlcnNpb246ICd2MS4wJyxcbiAgICAgIGNvbW1lbnQ6ICdBcHBsaWNhdGlvbiByZWdpc3RyYXRpb24gd2l0aCBPQXV0aCBjb25maWd1cmF0aW9uJyxcbiAgICAgIHVuaXF1ZU5hbWU6IHRoaXMucHJvcHMuZGlzcGxheU5hbWUsXG4gICAgICBkaXNwbGF5TmFtZTogdGhpcy5wcm9wcy5kaXNwbGF5TmFtZSxcbiAgICAgIHNpZ25JbkF1ZGllbmNlOiB0aGlzLnByb3BzLnNpZ25JbkF1ZGllbmNlIHx8IHR5cGVzLlNpZ25JbkF1ZGllbmNlLkFaVVJFX0FEX01ZX09SRyxcbiAgICAgIGFwcFJvbGVzOiB0aGlzLnByb3BzLmFwcFJvbGVzIHx8IFtdLFxuICAgICAgd2ViOiB7XG4gICAgICAgIHJlZGlyZWN0VXJpczogdGhpcy5wcm9wcy5yZWRpcmVjdFVyaXMsXG4gICAgICAgIGltcGxpY2l0R3JhbnRTZXR0aW5nczoge1xuICAgICAgICAgIGVuYWJsZUlkVG9rZW5Jc3N1YW5jZTogdHJ1ZSxcbiAgICAgICAgICBlbmFibGVBY2Nlc3NUb2tlbklzc3VhbmNlOiBmYWxzZSxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgICByZXF1aXJlZFJlc291cmNlQWNjZXNzOiB0aGlzLnByb3BzLnJlcXVpcmVkUmVzb3VyY2VBY2Nlc3MgfHwgW1xuICAgICAgICB7XG4gICAgICAgICAgcmVzb3VyY2VBcHBJZDogdHlwZXMuUmVzb3VyY2VBcHBJZC5NSUNST1NPRlRfR1JBUEgsXG4gICAgICAgICAgcmVzb3VyY2VBY2Nlc3M6IFtcbiAgICAgICAgICAgIHtcbiAgICAgICAgICAgICAgaWQ6IHR5cGVzLk1pY3Jvc29mdEdyYXBoUGVybWlzc2lvbi5VU0VSX1JFQUQsXG4gICAgICAgICAgICAgIHR5cGU6IHR5cGVzLlBlcm1pc3Npb25UeXBlLlNDT1BFLFxuICAgICAgICAgICAgfSxcbiAgICAgICAgICBdLFxuICAgICAgICB9LFxuICAgICAgXSxcbiAgICB9O1xuXG4gICAgaWYgKHRoaXMucHJvcHMuaWRlbnRpZmllclVyaXMpIHtcbiAgICAgIHJlc291cmNlLmlkZW50aWZpZXJVcmlzID0gdGhpcy5wcm9wcy5pZGVudGlmaWVyVXJpcztcbiAgICB9XG5cbiAgICBpZiAodGhpcy5wcm9wcy5vcHRpb25hbENsYWltcykge1xuICAgICAgcmVzb3VyY2Uub3B0aW9uYWxDbGFpbXMgPSB0aGlzLnByb3BzLm9wdGlvbmFsQ2xhaW1zO1xuICAgIH1cblxuICAgIHRoaXMudGVtcGxhdGUuYWRkUmVzb3VyY2UodGhpcy5yZXNvdXJjZU5hbWUsIHJlc291cmNlKTtcbiAgfVxufSJdfQ==

package/lib/bicep/resources/graph/bicepConstruct.d.ts

@@ -0,0 +1,14 @@
+import { BicepTemplate } from '../../deploy/template';
+/**
+ * Base class for Bicep constructs - provides CDK-like experience for Bicep resources
+ */
+export declare abstract class BicepConstruct {
+    protected template: BicepTemplate;
+    protected resourceName: string;
+    protected explicitDependencies: string[];
+    constructor(template: BicepTemplate, resourceName: string);
+    getResourceName(): string;
+    addDependency(resource: BicepConstruct): void;
+    protected toPascalCase(str: string): string;
+    abstract synthesize(): void;
+}

package/lib/bicep/resources/graph/bicepConstruct.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BicepConstruct = void 0;
+/**
+ * Base class for Bicep constructs - provides CDK-like experience for Bicep resources
+ */
+class BicepConstruct {
+    constructor(template, resourceName) {
+        this.explicitDependencies = [];
+        this.template = template;
+        this.resourceName = resourceName;
+    }
+    getResourceName() {
+        return this.toPascalCase(this.resourceName);
+    }
+    addDependency(resource) {
+        this.explicitDependencies.push(resource.getResourceName());
+    }
+    toPascalCase(str) {
+        return str
+            .split(/[-_\s]+/)
+            .map(word => word.charAt(0).toUpperCase() + word.slice(1).toLowerCase())
+            .join('')
+            .replace(/[^a-zA-Z0-9]/g, '')
+            .replace(/^[0-9]/, '_$&');
+    }
+}
+exports.BicepConstruct = BicepConstruct;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYmljZXBDb25zdHJ1Y3QuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2dyYXBoL2JpY2VwQ29uc3RydWN0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUVBOztHQUVHO0FBQ0gsTUFBc0IsY0FBYztJQUtsQyxZQUFZLFFBQXVCLEVBQUUsWUFBb0I7UUFGL0MseUJBQW9CLEdBQWEsRUFBRSxDQUFDO1FBRzVDLElBQUksQ0FBQyxRQUFRLEdBQUcsUUFBUSxDQUFDO1FBQ3pCLElBQUksQ0FBQyxZQUFZLEdBQUcsWUFBWSxDQUFDO0lBQ25DLENBQUM7SUFFTSxlQUFlO1FBQ3BCLE9BQU8sSUFBSSxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUM7SUFDOUMsQ0FBQztJQUVNLGFBQWEsQ0FBQyxRQUF3QjtRQUMzQyxJQUFJLENBQUMsb0JBQW9CLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxlQUFlLEVBQUUsQ0FBQyxDQUFDO0lBQzdELENBQUM7SUFFUyxZQUFZLENBQUMsR0FBVztRQUNoQyxPQUFPLEdBQUc7YUFDUCxLQUFLLENBQUMsU0FBUyxDQUFDO2FBQ2hCLEdBQUcsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUMsV0FBVyxFQUFFLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxXQUFXLEVBQUUsQ0FBQzthQUN2RSxJQUFJLENBQUMsRUFBRSxDQUFDO2FBQ1IsT0FBTyxDQUFDLGVBQWUsRUFBRSxFQUFFLENBQUM7YUFDNUIsT0FBTyxDQUFDLFFBQVEsRUFBRSxLQUFLLENBQUMsQ0FBQztJQUM5QixDQUFDO0NBR0Y7QUE1QkQsd0NBNEJDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQmljZXBUZW1wbGF0ZSB9IGZyb20gJy4uLy4uL2RlcGxveS90ZW1wbGF0ZSc7XG5cbi8qKlxuICogQmFzZSBjbGFzcyBmb3IgQmljZXAgY29uc3RydWN0cyAtIHByb3ZpZGVzIENESy1saWtlIGV4cGVyaWVuY2UgZm9yIEJpY2VwIHJlc291cmNlc1xuICovXG5leHBvcnQgYWJzdHJhY3QgY2xhc3MgQmljZXBDb25zdHJ1Y3Qge1xuICBwcm90ZWN0ZWQgdGVtcGxhdGU6IEJpY2VwVGVtcGxhdGU7XG4gIHByb3RlY3RlZCByZXNvdXJjZU5hbWU6IHN0cmluZztcbiAgcHJvdGVjdGVkIGV4cGxpY2l0RGVwZW5kZW5jaWVzOiBzdHJpbmdbXSA9IFtdO1xuXG4gIGNvbnN0cnVjdG9yKHRlbXBsYXRlOiBCaWNlcFRlbXBsYXRlLCByZXNvdXJjZU5hbWU6IHN0cmluZykge1xuICAgIHRoaXMudGVtcGxhdGUgPSB0ZW1wbGF0ZTtcbiAgICB0aGlzLnJlc291cmNlTmFtZSA9IHJlc291cmNlTmFtZTtcbiAgfVxuXG4gIHB1YmxpYyBnZXRSZXNvdXJjZU5hbWUoKTogc3RyaW5nIHtcbiAgICByZXR1cm4gdGhpcy50b1Bhc2NhbENhc2UodGhpcy5yZXNvdXJjZU5hbWUpO1xuICB9XG5cbiAgcHVibGljIGFkZERlcGVuZGVuY3kocmVzb3VyY2U6IEJpY2VwQ29uc3RydWN0KTogdm9pZCB7XG4gICAgdGhpcy5leHBsaWNpdERlcGVuZGVuY2llcy5wdXNoKHJlc291cmNlLmdldFJlc291cmNlTmFtZSgpKTtcbiAgfVxuXG4gIHByb3RlY3RlZCB0b1Bhc2NhbENhc2Uoc3RyOiBzdHJpbmcpOiBzdHJpbmcge1xuICAgIHJldHVybiBzdHJcbiAgICAgIC5zcGxpdCgvWy1fXFxzXSsvKVxuICAgICAgLm1hcCh3b3JkID0+IHdvcmQuY2hhckF0KDApLnRvVXBwZXJDYXNlKCkgKyB3b3JkLnNsaWNlKDEpLnRvTG93ZXJDYXNlKCkpXG4gICAgICAuam9pbignJylcbiAgICAgIC5yZXBsYWNlKC9bXmEtekEtWjAtOV0vZywgJycpXG4gICAgICAucmVwbGFjZSgvXlswLTldLywgJ18kJicpO1xuICB9XG5cbiAgYWJzdHJhY3Qgc3ludGhlc2l6ZSgpOiB2b2lkO1xufVxuIl19

package/lib/bicep/resources/graph/existingServicePrincipal.d.ts

@@ -0,0 +1,19 @@
+import { BicepConstruct } from './bicepConstruct';
+import { BicepTemplate } from '../../deploy/template';
+/**
+ * Properties for existing Service Principal lookup
+ */
+export interface ExistingServicePrincipalProps {
+    /** The application (client) ID of the service principal to look up */
+    readonly appId: string;
+}
+/**
+ * CDK-style construct for looking up an existing Microsoft Graph Service Principal
+ * Uses Bicep 'existing' keyword to reference service principals by appId
+ */
+export declare class ExistingServicePrincipal extends BicepConstruct {
+    readonly props: ExistingServicePrincipalProps;
+    readonly servicePrincipalId: string;
+    constructor(template: BicepTemplate, resourceName: string, props: ExistingServicePrincipalProps);
+    synthesize(): void;
+}

package/lib/bicep/resources/graph/existingServicePrincipal.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ExistingServicePrincipal = void 0;
+const bicepConstruct_1 = require("./bicepConstruct");
+/**
+ * CDK-style construct for looking up an existing Microsoft Graph Service Principal
+ * Uses Bicep 'existing' keyword to reference service principals by appId
+ */
+class ExistingServicePrincipal extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+        this.servicePrincipalId = `${this.toPascalCase(resourceName)}.id`;
+    }
+    synthesize() {
+        this.template.addResource(this.resourceName, {
+            type: 'Microsoft.Graph/servicePrincipals',
+            apiVersion: 'v1.0',
+            existing: true,
+            comment: 'Reference to existing service principal',
+            appId: this.props.appId,
+        });
+    }
+}
+exports.ExistingServicePrincipal = ExistingServicePrincipal;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXhpc3RpbmdTZXJ2aWNlUHJpbmNpcGFsLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2JpY2VwL3Jlc291cmNlcy9ncmFwaC9leGlzdGluZ1NlcnZpY2VQcmluY2lwYWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEscURBQWtEO0FBV2xEOzs7R0FHRztBQUNILE1BQWEsd0JBQXlCLFNBQVEsK0JBQWM7SUFHMUQsWUFBWSxRQUF1QixFQUFFLFlBQW9CLEVBQWtCLEtBQW9DO1FBQzdHLEtBQUssQ0FBQyxRQUFRLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFEMkMsVUFBSyxHQUFMLEtBQUssQ0FBK0I7UUFFN0csSUFBSSxDQUFDLGtCQUFrQixHQUFHLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxZQUFZLENBQUMsS0FBSyxDQUFDO0lBQ3BFLENBQUM7SUFFRCxVQUFVO1FBQ1IsSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLFlBQVksRUFBRTtZQUMzQyxJQUFJLEVBQUUsbUNBQW1DO1lBQ3pDLFVBQVUsRUFBRSxNQUFNO1lBQ2xCLFFBQVEsRUFBRSxJQUFJO1lBQ2QsT0FBTyxFQUFFLHlDQUF5QztZQUNsRCxLQUFLLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxLQUFLO1NBQ3hCLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQWpCRCw0REFpQkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBCaWNlcENvbnN0cnVjdCB9IGZyb20gJy4vYmljZXBDb25zdHJ1Y3QnO1xuaW1wb3J0IHsgQmljZXBUZW1wbGF0ZSB9IGZyb20gJy4uLy4uL2RlcGxveS90ZW1wbGF0ZSc7XG5cbi8qKlxuICogUHJvcGVydGllcyBmb3IgZXhpc3RpbmcgU2VydmljZSBQcmluY2lwYWwgbG9va3VwXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgRXhpc3RpbmdTZXJ2aWNlUHJpbmNpcGFsUHJvcHMge1xuICAvKiogVGhlIGFwcGxpY2F0aW9uIChjbGllbnQpIElEIG9mIHRoZSBzZXJ2aWNlIHByaW5jaXBhbCB0byBsb29rIHVwICovXG4gIHJlYWRvbmx5IGFwcElkOiBzdHJpbmc7XG59XG5cbi8qKlxuICogQ0RLLXN0eWxlIGNvbnN0cnVjdCBmb3IgbG9va2luZyB1cCBhbiBleGlzdGluZyBNaWNyb3NvZnQgR3JhcGggU2VydmljZSBQcmluY2lwYWxcbiAqIFVzZXMgQmljZXAgJ2V4aXN0aW5nJyBrZXl3b3JkIHRvIHJlZmVyZW5jZSBzZXJ2aWNlIHByaW5jaXBhbHMgYnkgYXBwSWRcbiAqL1xuZXhwb3J0IGNsYXNzIEV4aXN0aW5nU2VydmljZVByaW5jaXBhbCBleHRlbmRzIEJpY2VwQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IHNlcnZpY2VQcmluY2lwYWxJZDogc3RyaW5nO1xuXG4gIGNvbnN0cnVjdG9yKHRlbXBsYXRlOiBCaWNlcFRlbXBsYXRlLCByZXNvdXJjZU5hbWU6IHN0cmluZywgcHVibGljIHJlYWRvbmx5IHByb3BzOiBFeGlzdGluZ1NlcnZpY2VQcmluY2lwYWxQcm9wcykge1xuICAgIHN1cGVyKHRlbXBsYXRlLCByZXNvdXJjZU5hbWUpO1xuICAgIHRoaXMuc2VydmljZVByaW5jaXBhbElkID0gYCR7dGhpcy50b1Bhc2NhbENhc2UocmVzb3VyY2VOYW1lKX0uaWRgO1xuICB9XG5cbiAgc3ludGhlc2l6ZSgpOiB2b2lkIHtcbiAgICB0aGlzLnRlbXBsYXRlLmFkZFJlc291cmNlKHRoaXMucmVzb3VyY2VOYW1lLCB7XG4gICAgICB0eXBlOiAnTWljcm9zb2Z0LkdyYXBoL3NlcnZpY2VQcmluY2lwYWxzJyxcbiAgICAgIGFwaVZlcnNpb246ICd2MS4wJyxcbiAgICAgIGV4aXN0aW5nOiB0cnVlLFxuICAgICAgY29tbWVudDogJ1JlZmVyZW5jZSB0byBleGlzdGluZyBzZXJ2aWNlIHByaW5jaXBhbCcsXG4gICAgICBhcHBJZDogdGhpcy5wcm9wcy5hcHBJZCxcbiAgICB9KTtcbiAgfVxufVxuIl19