Deploy Azure resources by using Bicep and GitHub Actions

Intermediate
Developer
Administrator
Solution Architect
Azure
Azure Resource Manager

Gain all of the benefits of infrastructure as code by using an automated workflow to deploy your Bicep templates, and integrate other deployment activities with your workflows. You'll build workflows using GitHub Actions.

Take this learning path to learn how to:

  • Build a workflow that deploys your Bicep files.
  • Create a service principal that can securely connect your workflow to Azure.
  • Ensure your Bicep code quality by validating and testing it within your workflow.
  • Work with multiple environments, and handle parameters and approvals.
  • Deploy other Azure configuration settings, applications, and databases.
  • Use pull requests to automatically validate and deploy your Bicep code as part of your review process.
  • Build workflows that publish reusable Bicep files to template specs and modules.
  • Secure your workflows, and ensure all of your Azure deployments follow your organization's standards.

Tip

Want to learn about using Bicep with GitHub Actions live from subject matter experts? Follow on-demand Learn Live sessions with our experts.

To learn about Bicep, we recommend you take these three learning paths:

After that, you might be interested in adding your Bicep code to a deployment pipeline. Take one of these two learning paths based on the tool you want to use:

Prerequisites

This learning path assumes you have familiarity with deploying infrastructure using Bicep.

Modules in this learning path

In this module, you'll create an automated workflow in GitHub Actions that securely deploys resources to Azure from Bicep code. You'll also learn to configure your workflow to run on a schedule or when your configuration changes.

Workload identities enable your deployment workflows to authenticate securely with Azure without you managing any passwords, keys, or secrets. In this module, you'll learn what workload identities are, how they work, and how to create them. You'll also learn how to grant them permission to your Azure resources so that your workflows can deploy your Bicep files.

Validate and test your Bicep code in your deployment workflow. You'll use linting, preflight validation, and the what-if operation to validate your Azure changes before you deploy, and you'll test your resources after each deployment.

Deploy your Bicep code to multiple environments to improve the quality of your deployments. Use reusable workflows to reduce code duplication, and set parameter values for each environment.

Create a unified workflow to deploy your entire environment. You'll add build jobs to your workflow, and use workflow artifacts and Bicep outputs to publish applications, databases, and blobs.

Add checks to pull requests that run automatically during your code reviews. Run the Bicep linter on your code, and deploy the resources to a temporary environment to enable further automated and manual testing.

Publish Azure template specs and Bicep modules by using a deployment workflow. Automatically validate and add versioning to your reusable Bicep code.

Plan how to harden and help secure your Azure environment, along with the controls to apply to your configuration changes and deployments. Require your infrastructure be defined as code, and protect your environment against manual changes.