Share via

Bicep templates for Microsoft Graph resources

  • Article

Bicep templates for Microsoft Graph resources allow you to define the tenant infrastructure you want to deploy, such as groups or applications, in a file, then use the file throughout the development lifecycle to repeatedly deploy your infrastructure. The file uses the Bicep language, a domain-specific language (DSL) that uses declarative syntax to deploy resources, typically for your infrastructure as code solutions.

Suppose you want to call custom APIs from Azure Logic Apps where the web app is secured using Microsoft Entra ID. To create the two application identities for the logic app and the web app, you can define the Microsoft Graph application and service principal resources in a Bicep file, instead of creating them manually beforehand. In the same file, you can define the logic app and web app resources. Then, you can repeatedly deploy the file throughout the development lifecycle and have confidence that all your Azure and Microsoft Graph resources are deployed consistently.

Important

Microsoft Graph Bicep is currently in PREVIEW. See the Supplemental Terms of Use for Microsoft Azure Previews for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.

Microsoft Graph Bicep extension

Bicep was originally created to provide an improved authoring experience over Azure Resource Manager JSON templates, for deployment and management of Azure resources. Bicep extensibility extends the original capability, allowing Bicep templates to reference resources outside of Azure Resource Manager.

Using Bicep extensibility, the new Microsoft Graph Bicep extension allows you to author, deploy, and manage a limited set of Microsoft Graph resources (currently Microsoft Entra ID resources) in Bicep template files, alongside Azure resources.

Microsoft Graph Bicep extension

  • Azure customers can use familiar tools to deploy Azure resources together with the Microsoft Graph resources they depend on, such as applications and service principals, using infrastructure as code (IaC) and DevOps practices.
  • It also opens the door for existing Microsoft Graph customers to use Bicep templates and IaC practices to deploy and manage their tenant's resources.

Benefits of the Microsoft Graph Bicep extension

  • Authoring experience: You get the same first-class authoring experience that's supported in the Bicep Extension for VS Code when you use it to create your Bicep files. The editor provides rich type-safety, intellisense, and syntax validation.

    Bicep file authoring example

    You can also create Bicep files in Visual Studio with the Bicep extension for Visual Studio.

  • Support for both beta and v1.0 API versions: The Microsoft Graph Bicep extension allows you to reference both beta and v1.0 versions of supported Microsoft Graph resource types within the same Bicep file.

  • Repeatable results: Repeatedly deploy your infrastructure throughout the development lifecycle and have confidence your resources are deployed in a consistent manner. Bicep files are idempotent, which means you can deploy the same file many times and get the same resource types in the same state. You can develop one file that represents the desired state, rather than developing lots of separate files to represent updates.

  • Orchestration: You don't have to worry about the complexities of ordering operations. Resource Manager orchestrates the deployment of interdependent resources so they're created in the correct order. When possible, Resource Manager deploys resources in parallel so your deployments finish faster than serial deployments. You deploy the file through one command, rather than through multiple imperative commands.

License requirements

Deploying Microsoft Graph resources using Bicep requires any licenses necessary to work with the Microsoft Graph resources you're deploying. A valid Azure subscription is required, if also deploying any Azure resources.

Get started

Try out your first quickstart

Start by Installing Bicep tools then proceed to author and deploy your first Bicep file containing Microsoft Graph resources in minutes.

Learn more

Learn more from the community

You can learn more about Bicep extensibility and how to manage Microsoft Entra objects declaratively from John Savill's Technical Training on YouTube. This resource is provided by the community and is not officially maintained by Microsoft.

Learn more about Bicep

  1. Understand Bicep, its uses, and structure and syntax of Bicep files.
  2. Explore Learn modules for Bicep.

Learn more about Microsoft Graph

  1. Learn about Microsoft Graph.
  2. Understand authentication and authorization principles in Microsoft Graph.
  3. Try the Microsoft Graph tutorials.

Explore Microsoft Graph Bicep types

To learn about the Microsoft Graph Bicep types that are available for use in your Bicep files, see Microsoft Graph Bicep resource reference.