Azure Bicep / Json - not parsing JSON properly

Question

I'm having trouble parsing in network security groups from a JSON File, so that we can create multiple NSGs using a single template

param NSGs array = array(json(loadTextContent('./shared-rules.json')))
resource nsg 'Microsoft.Network/networkSecurityGroups@2020-05-01' = [for (ns, index) in NSGs: {
  name: ?????
  location: resourceGroup().location
  properties: {
    securityRules: ????
  }
}]

Here is a copy of my templates file:

{
  "NSG-1": [
    {
      "name": "Allow_RDP_from_company_IP_address",
      "properties": {
        "description": "Allow inbound RDP from the company's IP address range.",
        "protocol": "Tcp",
        "sourceAddressPrefix": "203.0.113.0/24",
        "sourcePortRange": "*",
        "destinationAddressPrefix": "VirtualNetwork",
        "destinationPortRange": "3389",
        "access": "Allow",
        "priority": 100,
        "direction": "Inbound"
      }
    },
    {
      "name": "Allow_VirtualNetwork_to_Storage",
      "properties": {
        "description": "Allow outbound connections to the Azure Storage service tag.",
        "protocol": "Tcp",
        "sourceAddressPrefix": "VirtualNetwork",
        "sourcePortRange": "*",
        "destinationAddressPrefix": "Storage",
        "destinationPortRange": "*",
        "access": "Allow",
        "priority": 100,
        "direction": "Outbound"
      }
    }
  ],
  "NSG-2": [
    {
      "name": "Allow_RDP_from_company_IP_address",
      "properties": {
        "description": "Allow inbound RDP from the company's IP address range.",
        "protocol": "Tcp",
        "sourceAddressPrefix": "203.0.113.0/24",
        "sourcePortRange": "*",
        "destinationAddressPrefix": "VirtualNetwork",
        "destinationPortRange": "3389",
        "access": "Allow",
        "priority": 100,
        "direction": "Inbound"
      }
    },
    {
      "name": "Allow_VirtualNetwork_to_Storage",
      "properties": {
        "description": "Allow outbound connections to the Azure Storage service tag.",
        "protocol": "Tcp",
        "sourceAddressPrefix": "VirtualNetwork",
        "sourcePortRange": "*",
        "destinationAddressPrefix": "Storage",
        "destinationPortRange": "*",
        "access": "Allow",
        "priority": 100,
        "direction": "Outbound"
      }
    }
  ]
}

There are only two lines I think I need to fill to get this working: That is the name and securityRules in the bicep template ((first code block)

That is assuming my JSON file is correct too - wondering if anyone has any ideas?

Answer 1

Your param should be an object type (dictionary) and overall would look something like this: https://docs.microsoft.com/en-us/azure/azure-resource-manager/bicep/loops#dictionary-object

Answer 2

As already suggested, you could use the items function.

A sample on how to use it can be found here: Dictionary object.

For your use case, it should look like that:

param sharedRules object = json(loadTextContent('./shared-rules.json'))

resource nsgs 'Microsoft.Network/networkSecurityGroups@2020-05-01' = [for rule in items(sharedRules): {
  name: rule.key
  location: resourceGroup().location
  properties: {
    securityRules: rule.value
  }
}]