bicep
bicep copied to clipboard
Azure
False positive for use-resource-id-functions, should not fail on resourceGroup().id or similar
param vaultName string = 'vault${uniqueString(resourceGroup().id)}'
param diskName string = 'disk${uniqueString(resourceGroup().id)}'
resource backupVault 'Microsoft.DataProtection/backupVaults@2021-01-01' existing = {
name: vaultName
}
resource backupInstance 'Microsoft.DataProtection/backupvaults/backupInstances@2021-01-01' = {
parent: backupVault
name: diskName
properties: {
policyInfo: {
policyParameters: {
dataStoreParametersList: [
{
objectType: 'AzureOperationalStoreParameters'
dataStoreType: 'OperationalStore'
resourceGroupId: resourceGroup().id // <<<<<<<<<<<<<<<<<<<<<<< SHOULDN'T FAIL BUT DOES
}
]
}
}
}
}
Should probably pass if top-level expression is a call to any of these: resourceGroup(), deployment(), environment(), subscription(), tenant() or managementGroup()
Another possibility is to reverse the logic and only fail if the top-level expression is something like a concat or string interpolation.
@StephenWeatherford is this the same as https://github.com/Azure/bicep/issues/11051?
Unfortunately no. This one is that the linter rule doesn't realize the function+property resourceGroup().id returns a valid resource ID that should succeed.
Unfortunately no. This one is that the linter rule doesn't realize the function+property resourceGroup().id returns a valid resource ID that should succeed.
Oh, and the one I linked to is about the property itself not actually denoting a resource ID (rather a subscription ID), and hence added to the ignore list in the PR fix?