Merge pull request #287414 from mumian/0926-bicep-freshness

Refresh Bicep content - 2024/01/01

Author: AnnaMHuff

articles/azure-resource-manager/bicep/add-template-to-azure-pipelines.md

@@ -3,7 +3,7 @@ title: CI/CD with Azure Pipelines, Bicep, and bicepparam files
 description: In this quickstart, you learn how to configure continuous integration in Azure Pipelines by using Bicep and bicepparam files. It shows how to use an Azure CLI task to deploy a bicepparam file.
 ms.topic: quickstart
 ms.custom: devx-track-bicep, devx-track-azurecli
-ms.date: 02/29/2024
+ms.date: 09/26/2024
 ---
 
 # Quickstart: Integrate Bicep with Azure Pipelines

articles/azure-resource-manager/bicep/child-resource-name-type.md

@@ -3,7 +3,7 @@ title: Child resources in Bicep
 description: Describes how to set the name and type for child resources in Bicep.
 ms.topic: conceptual
 ms.custom: devx-track-bicep
-ms.date: 06/23/2023
+ms.date: 09/26/2024
 ---
 
 # Set name and type for child resources in Bicep

articles/azure-resource-manager/bicep/create-resource-group.md

@@ -3,7 +3,7 @@ title: Use Bicep to create a new resource group
 description: Describes how to use Bicep to create a new resource group in your Azure subscription.
 ms.topic: how-to
 ms.custom: devx-track-bicep
-ms.date: 09/26/2023
+ms.date: 09/26/2024
 ---
 
 # Create resource groups by using Bicep

articles/azure-resource-manager/bicep/deploy-cloud-shell.md

@@ -3,7 +3,7 @@ title: Deploy Bicep files with Cloud Shell
 description: Use Azure Resource Manager and Azure Cloud Shell to deploy resources to Azure. The resources are defined in a Bicep file.
 ms.topic: how-to
 ms.custom: devx-track-bicep, devx-track-arm-template
-ms.date: 06/23/2023
+ms.date: 09/26/2024
 ---
 
 # Deploy Bicep files from Azure Cloud Shell

articles/azure-resource-manager/bicep/deploy-github-actions.md

@@ -2,7 +2,7 @@
 title: Deploy Bicep files by using GitHub Actions
 description: In this quickstart, you learn how to deploy Bicep files by using GitHub Actions.
 ms.topic: how-to
-ms.date: 01/19/2024
+ms.date: 09/26/2024
 ms.custom: github-actions-azure, devx-track-bicep
 ---
 
@@ -20,7 +20,7 @@ It provides a short introduction to GitHub actions and Bicep files. If you want
 
 ## Create resource group
 
-Create a resource group. Later in this quickstart, you'll deploy your Bicep file to this resource group.
+Create a resource group. Later in this quickstart, you deploy your Bicep file to this resource group.
 
 # [CLI](#tab/CLI)
 
@@ -40,15 +40,15 @@ New-AzResourceGroup -Name exampleRG -Location westus
 
 # [Service principal](#tab/userlevel)
 
-Your GitHub Actions run under an identity. Use the [az ad sp create-for-rbac](/cli/azure/ad/sp#az-ad-sp-create-for-rbac) command to create a [service principal](../../active-directory/develop/app-objects-and-service-principals.md#service-principal-object) for the identity. Grant the service principal the contributor role for the resource group created in the previous session so that the GitHub action with the identity can create resources in this resource group. It is recommended that you grant minimum required access.
+Your GitHub Actions run under an identity. Use the [az ad sp create-for-rbac](/cli/azure/ad/sp#az-ad-sp-create-for-rbac) command to create a [service principal](../../active-directory/develop/app-objects-and-service-principals.md#service-principal-object) for the identity. Grant the service principal the contributor role for the resource group created in the previous session so that the GitHub action with the identity can create resources in this resource group. It's recommended that you grant minimum required access.
 
 ```azurecli-interactive
 az ad sp create-for-rbac --name {app-name} --role contributor --scopes /subscriptions/{subscription-id}/resourceGroups/exampleRG --json-auth
 ```
 
 Replace the placeholder `{app-name}` with the name of your application. Replace `{subscription-id}` with your subscription ID.
 
-The output is a JSON object with the role assignment credentials that provide access to your App Service app similar to below. 
+The output is a JSON object with the role assignment credentials that provide access to your App Service app similar to the following output. 
 
 ```output
   {
@@ -60,21 +60,21 @@ The output is a JSON object with the role assignment credentials that provide ac
   }
 ```
 
-Copy this JSON object for later. You'll only need the sections with the `clientId`, `clientSecret`, `subscriptionId`, and `tenantId` values. Make sure you don't have an extra comma at the end of the last line, for example, the `tenantId` line in the preceding example, or else it will result in an invalid JSON file. You will get an error during the deployment saying "Login failed with Error: Content is not a valid JSON object. Double check if the 'auth-type' is correct."
+Copy this JSON object for later. You'll only need the sections with the `clientId`, `clientSecret`, `subscriptionId`, and `tenantId` values. Make sure you don't have an extra comma at the end of the last line, for example, the `tenantId` line in the preceding example, or else it results in an invalid JSON file. You get an error during the deployment saying "Login failed with Error: Content isn't a valid JSON object. Double check if the 'auth-type' is correct."
 
 # [Open ID Connect](#tab/openid)
 
 Open ID Connect is an authentication method that uses short-lived tokens. Setting up [OpenID Connect with GitHub Actions](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect) is more complex process that offers hardened security.
 
-1.  If you do not have an existing application, register a [new Active Directory application and service principal that can access resources](../../active-directory/develop/howto-create-service-principal-portal.md). Create the Active Directory application.
+1.  If you don't have an existing application, register a [new Active Directory application and service principal that can access resources](../../active-directory/develop/howto-create-service-principal-portal.md). Create the Active Directory application.
 
     ```azurecli-interactive
     az ad app create --display-name myApp
     ```
 
-    This command will output JSON with an `appId` that is your `client-id`. Save the value to use as the `AZURE_CLIENT_ID` GitHub secret later.
+    This command outputs JSON with an `appId` that is your `client-id`. Save the value to use as the `AZURE_CLIENT_ID` GitHub secret later.
 
-    You'll use the `objectId` value when creating federated credentials with Graph API and reference it as the `APPLICATION-OBJECT-ID`.
+    You use the `objectId` value when creating federated credentials with Graph API and reference it as the `APPLICATION-OBJECT-ID`.
 
 1. Create a service principal. Replace the `$appID` with the appId from your JSON output.
 
@@ -86,7 +86,7 @@ Open ID Connect is an authentication method that uses short-lived tokens. Settin
      az ad sp create --id $appId
     ```
 
-1. Create a new role assignment by subscription and object. By default, the role assignment will be tied to your default subscription. Replace `$subscriptionId` with your subscription ID, `$resourceGroupName` with your resource group name, and `$assigneeObjectId` with the generated `assignee-object-id`. Learn [how to manage Azure subscriptions with the Azure CLI](/cli/azure/manage-azure-subscriptions-azure-cli).
+1. Create a new role assignment by subscription and object. By default, the role assignment is tied to your default subscription. Replace `$subscriptionId` with your subscription ID, `$resourceGroupName` with your resource group name, and `$assigneeObjectId` with the generated `assignee-object-id`. Learn [how to manage Azure subscriptions with the Azure CLI](/cli/azure/manage-azure-subscriptions-azure-cli).
 
     ```azurecli-interactive
     az role assignment create --role contributor --subscription $subscriptionId --assignee-object-id  $assigneeObjectId --assignee-principal-type ServicePrincipal --scopes /subscriptions/$subscriptionId/resourceGroups/$resourceGroupName/providers/Microsoft.Web/sites/
@@ -112,7 +112,7 @@ Open ID Connect is an authentication method that uses short-lived tokens. Settin
 
 # [Service principal](#tab/userlevel)
 
-Create secrets for your Azure credentials, resource group, and subscriptions. You will use these secrets in the [Create workflow](#create-workflow) section.
+Create secrets for your Azure credentials, resource group, and subscriptions. You use these secrets in the [Create workflow](#create-workflow) section.
 
 1. In [GitHub](https://github.com/), navigate to your repository.
 
@@ -284,7 +284,7 @@ Updating either the workflow file or Bicep file triggers the workflow. The workf
 
 ## Check workflow status
 
-1. Select the **Actions** tab. You'll see a **Create deployBicepFile.yml** workflow listed. It takes 1-2 minutes to run the workflow.
+1. Select the **Actions** tab. You see a **Create deployBicepFile.yml** workflow listed. It takes 1-2 minutes to run the workflow.
 1. Select the workflow to open it, and verify the `Status` is `Success`.
 
 ## Clean up resources

articles/azure-resource-manager/bicep/deploy-to-management-group.md

@@ -3,7 +3,7 @@ title: Use Bicep to deploy resources to management group
 description: Describes how to create a Bicep file that deploys resources at the management group scope.
 ms.topic: how-to
 ms.custom: devx-track-bicep
-ms.date: 06/23/2023
+ms.date: 09/26/2024
 ---
 
 # Management group deployments with Bicep files
@@ -256,7 +256,7 @@ To deploy a template that moves an existing Azure subscription to a new manageme
 
 Custom policy definitions that are deployed to the management group are extensions of the management group. To get the ID of a custom policy definition, use the [extensionResourceId()](./bicep-functions-resource.md#extensionresourceid) function. Built-in policy definitions are tenant level resources. To get the ID of a built-in policy definition, use the [tenantResourceId()](./bicep-functions-resource.md#tenantresourceid) function.
 
-The following example shows how to [define](../../governance/policy/concepts/definition-structure.md) a policy at the management group level, and assign it.
+The following example shows how to [define](../../governance/policy/concepts/definition-structure.md) a policy at the management group level, and how to assign it.
 
 ```bicep
 targetScope = 'managementGroup'

articles/azure-resource-manager/bicep/deploy-to-resource-group.md

@@ -3,7 +3,7 @@ title: Use Bicep to deploy resources to resource groups
 description: Describes how to deploy resources in a Bicep file. It shows how to target more than one resource group.
 ms.topic: how-to
 ms.custom: devx-track-bicep
-ms.date: 07/11/2024
+ms.date: 09/26/2024
 ---
 
 # Resource group deployments with Bicep files

articles/azure-resource-manager/bicep/deploy-to-subscription.md

@@ -3,7 +3,7 @@ title: Use Bicep to deploy resources to subscription
 description: Describes how to create a Bicep file that deploys resources to the Azure subscription scope.
 ms.topic: how-to
 ms.custom: devx-track-bicep
-ms.date: 09/26/2023
+ms.date: 09/26/2024
 ---
 
 # Subscription deployments with Bicep files

articles/azure-resource-manager/bicep/deploy-to-tenant.md

@@ -3,7 +3,7 @@ title: Use Bicep to deploy resources to tenant
 description: Describes how to deploy resources at the tenant scope in a Bicep file.
 ms.topic: how-to
 ms.custom: devx-track-bicep
-ms.date: 07/11/2024
+ms.date: 09/26/2024
 ---
 
 # Tenant deployments with Bicep file

articles/azure-resource-manager/bicep/deploy-what-if.md

@@ -3,7 +3,7 @@ title: Bicep deployment what-if
 description: Determine what changes will happen to your resources before deploying a Bicep file.
 ms.topic: conceptual
 ms.custom: devx-track-bicep, devx-track-azurecli, devx-track-azurepowershell
-ms.date: 09/06/2023
+ms.date: 09/26/2024
 ---
 
 # Bicep deployment what-if operation
@@ -12,7 +12,7 @@ Before deploying a Bicep file, you can preview the changes that will happen. Azu
 
 You can use the what-if operation with Azure PowerShell, Azure CLI, or REST API operations. What-if is supported for resource group, subscription, management group, and tenant level deployments.
 
-During What-If operations, the evaluation and expansion of `templateLink` are not supported. As a result, any resources deployed using template links within nested deployments, including template spec references, will not be visible in the What-If operation results.
+During What-If operations, the evaluation and expansion of `templateLink` aren't supported. As a result, any resources deployed using template links within nested deployments, including template spec references, won't be visible in the What-If operation results.
 
 ### Training resources
 
@@ -140,7 +140,7 @@ The what-if operation lists seven different types of changes:
 
 - **Create**: The resource doesn't currently exist but is defined in the Bicep file. The resource will be created.
 - **Delete**: This change type only applies when using [complete mode](../templates/deployment-modes.md) for JSON template deployment. The resource exists, but isn't defined in the Bicep file. With complete mode, the resource will be deleted. Only resources that [support complete mode deletion](../templates/deployment-complete-mode-deletion.md) are included in this change type.
-- **Ignore**: The resource exists, but isn't defined in the Bicep file. The resource won't be deployed or modified. When you reach the limits for expanding nested templates, you will encounter this change type. See [What-if limits](#what-if-limits).
+- **Ignore**: The resource exists, but isn't defined in the Bicep file. The resource won't be deployed or modified. When you reach the limits for expanding nested templates, you'll encounter this change type. See [What-if limits](#what-if-limits).
 - **NoChange**: The resource exists, and is defined in the Bicep file. The resource will be redeployed, but the properties of the resource won't change. This change type is returned when [ResultFormat](#result-format) is set to `FullResourcePayloads`, which is the default value.
 - **NoEffect**: The property is ready-only and will be ignored by the service. For example, the `sku.tier` property is always set to match `sku.name` in the [`Microsoft.ServiceBus`](/azure/templates/microsoft.servicebus/namespaces) namespace.
 - **Modify**: The resource exists, and is defined in the Bicep file. The resource will be redeployed, and the properties of the resource will change. This change type is returned when [ResultFormat](#result-format) is set to `FullResourcePayloads`, which is the default value.
@@ -484,5 +484,5 @@ You can use the what-if operation through the Azure SDKs.
 ## Next steps
 
 - To use the what-if operation in a pipeline, see [Test ARM templates with What-If in a pipeline](https://4bes.nl/2021/03/06/test-arm-templates-with-what-if/).
-- If you notice incorrect results from the what-if operation, please report the issues at [https://aka.ms/whatifissues](https://aka.ms/whatifissues).
+- If you notice incorrect results from the what-if operation, report the issues at [https://aka.ms/whatifissues](https://aka.ms/whatifissues).
 - For a Learn module that demonstrates using what-if, see [Preview changes and validate Azure resources by using what-if and the ARM template test toolkit](/training/modules/arm-template-test/).