SZ's blog

Problem statement Once an ARM template is deployed into a resource group, one way to completely delete those deployed resources is to delete that resource group. But it seems roles assignments can't be cleaned up entirely. In our case, we have an ARM template to deploy Azure AKS cluster in a specified resource group, and two role assignments. One is to assign "Network Contributor" on VNET to the managed Id of the AKS cluster, and the other is to assign "Contributor" role on an already existing Azure Container Registry (ACR) to the managed Id of the AKS cluster. First we successfully deployed the ARM template. The AKS was setup, and those two role assignments were deployed. Then we deleted that resource group. All resources under that resource group, including the AKS cluster, VNET,  etc. were deleted successfully. The role assignment on VNET was cleaned up as well, but the role assignment on ACR was still there. Role assignments before and after resource group d...

Problem statement When you deploy an ARM template, it's normal to provide a parameter file, in which you can put custom values for parameters used during the ARM template deployment. When you add an artifact of ARM deployment into a blueprint, unluckily you can't use a parameter file on Azure Portal - there is just no field on UI for you to specify a parameter file as shown on the below screenshot. But alternatively you can use a command line to add an artifact of ARM template deployment to a blueprint, which allows you to specify a parameter file! E.g. using the below PowerShell command to insert an ARM template deployment of a Log Analytics workspace. $bpDefinition = Get-AzBlueprint -SubscriptionId '<sub Id>' -Name '<blueprint name>' -Version '<blueprint version number>' New-AzBlueprintArtifact -Blueprint $bpDefinition -Type TemplateArtifact -Name 'la-workspace' -TemplateFile .\la-workspace-deploy.json -TemplateParame...