Azure Bicep - Deployment Scripts
Azure Bicep - Deployment Scripts

Azure Bicep – Using the Deployment Script

We have seen that a bicep file can create the resources using resource element. The resource element also allows to run a custom script (either PowerShell or Azure CLI). In this article, we are going to have a look at how to deploy a custom script.

Deployment Script Resource

Let’s discuss this resource in two steps. Firstly, let’s discuss about general structure of the resource. The script given below shows how to declare the resource element. It has symbolic name like other resources. It also has a kind property which decides whether the Azure CLI or PowerShell should be used.

Depending on which kind is used, the deployment object that we use in here may change. The snippet below shows the Azure CLI deployment object:

The code snippet given below shows the Azure PowerShell deployment object:

The script content can either be inline (using multi-line strings) or they can be loaded from the file using file functions. There are two principals involved here:

  • Deployment principal
  • Deployment script principal

Please refer the documentation to know more about minimum permissions required to execute the deployment scripts.

There are some additional samples available at this page.


Output of the PowerShell script can be stored in the $DeploymentScriptOutputs variable. Then we can use symbolic name of the resource to access this property and that’s how we can access the output from the script.

The code snippet given below shows two deployment script tasks. First task takes a parameter and outputs some value. Then the second resource takes the output from first one and generates some output.

When the kind is set to AzureCLI, the mechanism is bit different. There’s an environment variable called AZ_SCRIPTS_OUTPUT_PATH that stores the location where the script outputs file resides.

If a deployment script is run from a Bicep file, this environment variable is set automatically for you by the Bash shell. The value of AZ_SCRIPTS_OUTPUT_PATH is /mnt/azscripts/azscriptoutput/scriptoutputs.json. Deployment script outputs must be saved in the AZ_SCRIPTS_OUTPUT_PATH location, and the outputs must be a valid JSON string object. The contents of the file must be saved as a key-value pair. 

The code snippet given below shows an example of how Azure CLI script can be executed via deployment script task.

I hope you find this information helpful. Let me know your thoughts.

Leave a ReplyCancel reply