Add Bicep examples

SonarSource · Sep 4, 2023 · 7d2557b · 7d2557b
1 parent 4a579ed
commit 7d2557b
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/rules/S6378/azureresourcemanager/rule.adoc b/rules/S6378/azureresourcemanager/rule.adoc
@@ -6,6 +6,8 @@ include::../recommended.adoc[]
 
 == Sensitive Code Example
 
+Using ARM templates:
+
 [source,json,diff-id=1,diff-type=noncompliant]
 ----
 {
@@ -21,9 +23,20 @@ include::../recommended.adoc[]
 }
 ----
 
+Using Bicep:
+
+[source,bicep,diff-id=2,diff-type=noncompliant]
+----
+resource sensitiveApiManagementService 'Microsoft.ApiManagement/service@2022-09-01-preview' = {
+  name: 'apiManagementService'
+  // Sensitive: no Managed Identity is defined
+}
+----
 
 == Compliant Solution
 
+Using ARM templates:
+
 [source,json,diff-id=1,diff-type=compliant]
 ----
 {
@@ -42,6 +55,17 @@ include::../recommended.adoc[]
 }
 ----
 
+Using Bicep:
+
+[source,json,diff-id=2,diff-type=noncompliant]
+----
+resource sensitiveApiManagementService 'Microsoft.ApiManagement/service@2022-09-01-preview' = {
+  name: 'apiManagementService'
+  identity: {
+    type: 'SystemAssigned'
+  }
+}
+----
 
 include::../see.adoc[]