In January 2024 Microsoft launched a new initiative called Azure Verified Modules (AVM). It's a collection of official and supported Bicep and Terraform modules that makes it easier to deploy resources in a standardized fashion as-code.
It's easy to use and fast to get started. And I was actually surprised at how well it works. One of the reasons for this initiative is that until now there hasn't been a formal, centralized repository for modules or templates so people have been relying on either there own or some public repo that might not be maintained over time.
The link for AVM is: http://aka.ms/avm
And the getting started guide (which is quite good) is here: http://aka.ms/avm/using
You should have VS Code installed and the Bicep extension. And Azure CLI, see install info here for Windows or here for MacOS.
And then you just follow the guide.
To use the modules you have to have internet connection from your source. If not, you can download a local copy of all the content and reference them locally.
For each resource module there is a basic version and an extended version with more options. You can copy the additional parameters from the extended version into the basic version or start with the extended version and remove the parts you don't need.
The good thing about modules is that most of the code (or the Bicep file) is managed/written by MSFT and you only have to reference the module in your Bicep file and fill in the relevant parameters. Below you can see a file for a basic blob storage account.
- Blob storage account
- Private DNS zone (for key vaults)
- Private endpoint with privateDnsZoneGroup (adds A record in PDNS zone), requires existing PDNS zone for blob storage
- Simple Windows virtual machine with public IP
- VNet with one subnet and a VNet peering (requires existing Hub VNet)