File tree Expand file tree Collapse file tree 1 file changed +17
-5
lines changed Expand file tree Collapse file tree 1 file changed +17
-5
lines changed Original file line number Diff line number Diff line change @@ -101,15 +101,27 @@ module storage './core/storage/storage-account.bicep' = {
101101 }
102102}
103103
104- var storageRoleDefinitionId = 'b7e6dc6d-f1e8-4753-8033-0f276bb0955b' //Storage Blob Data Owner role
104+ var StorageBlobDataOwner = 'b7e6dc6d-f1e8-4753-8033-0f276bb0955b'
105+ var StorageQueueDataContributor = '974c5e8b-45b9-4653-ba55-5f855dd0fb88'
105106
106- // Allow access from api to storage account using a managed identity
107- module storageRoleAssignmentApi 'app/storage-Access.bicep' = {
108- name : 'storageRoleAssignmentapi '
107+ // Allow access from api to blob storage using a managed identity
108+ module blobRoleAssignmentApi 'app/storage-Access.bicep' = {
109+ name : 'blobRoleAssignmentapi '
109110 scope : rg
110111 params : {
111112 storageAccountName : storage .outputs .name
112- roleDefinitionID : storageRoleDefinitionId
113+ roleDefinitionID : StorageBlobDataOwner
114+ principalID : apiUserAssignedIdentity .outputs .identityPrincipalId
115+ }
116+ }
117+
118+ // Allow access from api to queue storage using a managed identity
119+ module queueRoleAssignmentApi 'app/storage-Access.bicep' = {
120+ name : 'queueRoleAssignmentapi'
121+ scope : rg
122+ params : {
123+ storageAccountName : storage .outputs .name
124+ roleDefinitionID : StorageQueueDataContributor
113125 principalID : apiUserAssignedIdentity .outputs .identityPrincipalId
114126 }
115127}
You can’t perform that action at this time.
0 commit comments