SNFR22 - Parameters/Variables for Resource IDs
ID: SNFR22 - Category: Inputs - Parameters/Variables for Resource IDs
A module parameter/variable that requires a full Azure Resource ID as an input value, e.g. /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.KeyVault/vaults/{keyVaultName}, SHOULD contain ResourceId/resource_id in its parameter/variable name when that parameter/variable is part of a user-defined type. This assists users in knowing what value to provide at a glance of the parameter/variable name.
Example for the property workspaceId for the Diagnostic Settings resource in a user-defined type: in Bicep its parameter name should be workspaceResourceId and the variable name in Terraform should be workspace_resource_id.
In that user-defined context, workspaceId is not descriptive enough and is ambiguous as to which ID is required to be input.
Special considerations for Bicep
If the property is nested in a parameter and you opt for a resource-derived type (that is, a schema defined by the resource provider), this requirement does not apply. We do however recommend to use a user-defined type whenever these cases occur to increase the module’s usability.
Example for the property subnetArmId of the Cognitive Service’s property networkInjections:
If using a user-defined type, you may define a type for the networkInjections parameter like
param networkInjections networkInjectionType?
@export()
type networkInjectionType = {
subnetResourceId: string
// (...)
}
resource cognitiveService 'Microsoft.CognitiveServices/accounts@2025-06-01' = {
// (...)
properties: {
// (...)
networkInjections: [{
subnetArmId: networkInjections.?subnetResourceId
// (...)
}]
}
}or a resource-derived type like
param networkInjections resourceInput<'Microsoft.CognitiveServices/accounts@2025-06-01'>.properties.networkInjections
resource cognitiveService 'Microsoft.CognitiveServices/accounts@2025-06-01' = {
// (...)
properties: {
// (...)
networkInjections: networkInjections
}
}