Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Configure bicep parameters

            Modified on Tue, 12 Aug at 12:35 PM

            Table of contents


            Configure bicep parameters

            To deploy Azure resources (i.e. App services, Databases) you need to create a bicep parameter file. To prepare your parameter file, you need to find values for your parameters. Please follow following steps and note down parameter values.


            Step-1: Find your clientId, tenantId and audience

            1. Go to Azure Entra ID.

            2. Under overview tab, you’ll find tenant Id. Please take note of the tenantId


            3. Then from left menu, click App registrations. Select All application tab, then find for your Analytics UI app registration. Please take note of the Application (client) ID. Then click on the app.


            4. Go to the app registration for the API and copy the Application ID URI. Please take note of this value, because this is the value for your audience parameter


            Please note down the names of resource group, key vault and certificates that you’ve used/created in this pre requisites step.


            Now, please take note of custom domain name you’ve created in the prerequisite step.


            Step-3: Take note of parameters for SQL server admin

            1. Go to Azure Entra ID

            2. Then from left menu, click on Users.


            3. Search for the user who you want to be your SQL server Entra admin.


            4. Please take note of User principle name and Object ID


            Step-4: Get Flow parameters

            We fetch relevant ILAP terms (Fields in Ilap analytics) from Flow (ILAP data exchange). For that we have to configure some parameters. First, take note of the Flow Api URL from below for your target environment (i.e. If you want to fetch fields from Flow beta environment then use beta Url).


            EnvironmentFlow API Url
            Devhttps://dev.ilapdataexchange.promineo.no/api/api
            Betahttps://beta.ilapdataexchange.promineo.no/api/api
            Prodhttps://ilap.collabor8.no/api/api/


            Now, to access flow API, ILAP analytics needs an access token. Let’s create that.

            EnvironmentFlow UI Url
            Devhttps://dev.ilapdataexchange.promineo.no
            Betahttps://beta.ilapdataexchange.promineo.no
            Prodhttps://ilap.collabor8.no


            1. Go to Flow UI of your target environment.

            2. After login, go to analytics client



            3. Click Add New Component


            4. Now, create the client by giving it some name and description.


            5. Click on the three-dot menu on right of the client you’ve just created.

            Select Service Tokens.



            6. Then click on Add New Token



            7. Expiry date

            Select an expiry date for the token, please note that you will have to create and register a new token for the Analytics Client prior to this expiration date. The generated token needs to be stored securely as it can be used to access data within your tenant.



            8. Click on Create





            At this point you have everything you need to create parameter file. Create a file with .bicepparam extension. Dump the following code into the file. Update parameters as mentioned in the comments.

            using 'main.bicep'
var env = 'dev'  // Your environment name. Example: test, beta, prod etc.
var company = 'promineo'  // Your company name

param azureAd = {
  clientId: 'application client id of UI app registration' // Client id from step-1
  instance:'https://login.microsoftonline.com/'
  tenantId:'your_tenant_id' // Use tenant id from step-1
  audience:'analytics_api_audience_id' // Use audience from step-1
}

// Note: If you already have PublicConfigurations.js file then you can use same values in the following parameter
param publicConfigurations = {
  analyticsApiUrl: // Base URL of your ILAP analytics API app,
  //If you are using custom domain for analytics API, then use custom domain URL(+ '/api) here, instead of the default URL (i.e. URL that contains "[app-name].azurewebsites.net")
  // for example: 'https://app-rashik-ilapanalytics-api-dev.azurewebsites.net/api' or 'https://analytics-api.promineo.com/api'
  authenticationAuthority: //'https://login.microsoftonline.com/[your tenant id]/' for example: 'https://login.microsoftonline.com/8719bf0f-72ad-48f5-ba9d-da3dbbcd7509/'
  authenticationClientId: //'application client id of UI app registration'
  authenticationScopes: //'comma separated scopes from your API app registration' for example: 'api://970d7cfa-159b-45cd-9f97-9781b00e6624/user_impersonation,api://970d7cfa-159b-45cd-9f97-9781b00e6624/read'
  authenticationRedirectUri: //'your-ilapanalytics-ui-base-url'. // Base URL of your ILAP analytics UI app,
  //If you are using custom domain for analytics UI, then use custom domain URL here, instead of the default URL (i.e. URL that contains "[app-name].azurewebsites.net")
}

// Note: if useCustomDomain is false, then leave customDomain and certficateName parameters as is.
// Note: if you are using custom domain for analytics API, then you must use custom domain URL in IDE connector, instead of the default URL (i.e. URL that contains ".azurewebsites.net")

param webAppParams = {
  ilapAnalyticsUi: {
    name: //Enter any name for your ILAP analytics web UI app. For example: 'app-promineo-ilapanalytics-ui-dev'
    customDomain: //Enter custom domain name for analytics web UI app. // For example: 'analytics-ui.promineo.com' if you're not using custom domain, put any random string here
    certificateName:   // Certificate name from Step-2. Applicable only if you are using custom domain
    useCustomDomain:  // If you do not want custom domain for Api then make it false
  }
  ilapAnalyticsApi: {
    name: //Enter any name for your ILAP analytics web API app. For example: 'app-promineo-ilapanalytics-api-dev'
    customDomain: //Enter custom domain name for analytics web API app. // For example: 'analytics-api.promineo.com' if you're not using custom domain, put any random string here
    certificateName: //Certificate name for API  Applicable only if you are using custom domain
    useCustomDomain:   // If you do not want custom domain for Api then make it false
  }
  ilapAnalyticsBackgroundJob: {
    name: //Enter any name for your ILAP analytics background job app. For example: 'app-promineo-ilapanalytics-bg-dev'
    customDomain: //Enter custom domain name for background job app. // For example: 'analytics-bg.promineo.com' if you're not using custom domain, put any random string here
    certificateName: //Enter certificate name for BackgroundJobs app  Applicable only if you are using custom domain
    useCustomDomain:  // If you do not want custom domain for BackgroundJobApp then make it false
  }
}

param timephasingServiceConfiguration = {
    BaseUrl: 'https://timephasing.promineo.com'
    AccessToken: 'Your_Access_Token' // Access token from time phasing service. Go to https://timephasing.promineo.com For more details.
    MaxNumberOfActivitiesPerRequest: 2000 // Maximum number of activities to send in a single request. Feel free to adjust based on your need.
    IncludePerCalendar: false // To fetch calendar hours from time phasing. You can make it true if calendar hours related changes in timePhasing dev merged into main
}

param dataValidationConfiguration = {
  MaxIncrementLimit: 10 // In percentage
}

param databaseParams = {
  name: //Enter any name for ilap analytics database. For example: 'promineo-sqldb-ilapanalytics-dev-norwayeast'
  backupStorageRedundancy: 'Zone'// Use 'Zone' in prod. for dev environment you can use 'Local' to save cost.
  minCapacity: '2' // Use at least 2 in prod. For dev environment you can use '1' to save cost
  isZoneRedundant: true
  sku: {                 // Feel free to adjust based on your need.
    name: 'HS_S_Gen5' // Hyperscale Gen5 is recommended for production. For dev environment you can use S3
    tier: 'Hyperscale'
    family: 'Gen5'
    capacity: 8
  }
}

param archiveDatabaseParams = {
  name: //Enter any name for ilap analytics archive database. For example: 'promineo-sqldb-ilapanalytics-archive-dev-norwayeast'
  backupStorageRedundancy: 'Zone' // Use 'Zone' in prod. for dev environment you can use 'Local' to save cost.
  minCapacity: '2'// Use at least 2 in prod. For dev environment you can use '1' to save cost
  isZoneRedundant: true
  sku: {                 // Feel free to adjust based on your need.
    name: 'HS_S_Gen5'    //Hyperscale Gen5 is recommended for production. For dev environment you can use S3
    tier: 'Hyperscale'
    family: 'Gen5'
    capacity: 8
  }
}

var defaultAppServicePlanSku = { // Service plan SKU for all app services. in this sample we're using the same SKU for all app services.
// In order to save cost, you can use different SKU for the web ui
  name: 'P3v2'
  tier: 'PremiumV2'
  size: 'P3v2'
  family: 'Pv2'
}

param apiAppServicePlanName = 'Enter any name for ilap analytics api app service plan'
param bgAppServicePlanName = 'Enter any name for ilap analytics background job app service plan'
param webAppServicePlanName = 'Enter any name for ilap analytics web UI app service plan'

param appServicePlanParams = [
  {
    name: apiAppServicePlanName
    sku: defaultAppServicePlanSku
  }
  {
    name: bgAppServicePlanName
    sku: defaultAppServicePlanSku
  }  
  {
    name: webAppServicePlanName
    sku: defaultAppServicePlanSku
  }  
]

param sqlServerParams = {
  name: //Enter any name for sql server. For example: 'promineo-sqlserver-ilapanalytics-dev-norwayeast'
  administrators: {
    administratorType: 'ActiveDirectory'
    principalType: 'Group'
    login: //Enter sql server admin email (user principal name from step-3)
    sid: //Enter user Id of sql server admin (object ID from step-3)'.
    tenantId: //Enter tenant ID (tenant Id from step-1)
    azureADOnlyAuthentication: false
  }
}

// If you are not using any custom domain, then ignore the following param
param keyVaultParams = {
  name: //Enter name of the keyvault which stores certificates for custom domain (Key Vault name from step-2). for example: 'promineo-kv-ilapanalytics-dev-norwayeast'
  resourceGroupName: //Enter resource group name (resource group name from step-2). for example: 'promineo-rg-ilapanalytics-dev-norwayeast'
}

param moveIlapFileToBlobStorage = 'false'  // Ilap files are deleted from Database after background jobs are completed. So, if you want to store Ilap files to above storage account then make it 'true'.

// If you do not want to move ILAP file to blob storage (in other words if moveIlapFileToBlobStorage param is false), then please ignore the following param
param storageAccountParams = {
  name: //Enter any storage name. For example: 'promineoilapanalyticsdevstorage'
  kind: 'StorageV2'
  sku: {               // Feel free to adjust based on your need.
    name: 'Standard_LRS'
    tier: 'Standard'
  }
}

param flowApiBaseUrl = 'https://dev.ilapdataexchange.promineo.no/api/api' // Flow API URL from step-4
param flowApiAccessToken = 'eyJhbGciOiJIUzI..........' // Access token from step-4
param synchronizeFieldsJobSchedule = '*/10 * * * *' // Means: Every 10 minutes. It specifies how often background job will fetch ILAP terms from Flow.
param graphQlExecutionTimeout = '15' // In munites
param enableFieldSyncronization = 'true' // To syncronize ilap terms (aka. metadataFields) with IDE
param enableFieldImport = 'true' // To import ilap terms (aka. metadataFields) from IDE
param SendJobStatusToIDE = 'false' // Send background job operation status to IDE

param instanceInformation = {
  Identifier: '8fa0e03b-e2bd-4052-b394-0aeaa2bf6c5f' // Autonomous Component Identifier from IDE. you get it on the 4th step of the setup guide.
}

param enableApiVersionValidation = 'false' // Enable if you want API versions to be validated

param planningScheduleDeleteConfiguration = {
  // Set to 'true' to automatically delete planning schedules that are no longer referenced by any report schedule.
  PlanningScheduleAutomaticDeletion: false
  // Specifies the retention period (in days) for unreferenced planning schedules
  // before they are deleted from the database.
  PlanningScheduleRetentionPeriodInDays: 7
}

param reportScheduleArchiveConfiguration = {
  // Set to 'true' to enable automatic archiving of closed report schedules.
  EnableReportScheduleAutomaticArchive: false
  // Defines how long (in days) closed report schedules should remain in the database
  // before being moved to the archive.
  ReportScheduleRetentionPeriodInDays: 7
  // Number of report schedule records to process in a single batch when archiving.
  // Reduce this value to decrease the load on the application and database,
  // but note that smaller batches may increase total archive time.
  QueryBatchSize: 3000


            Bicep Parameter File Documentation (Tabular Format)

            This table provides a detailed overview of the parameters and variables in the Bicep parameter file for configuring an ILAP analytics application deployment on Azure. It is designed to help new users understand each parameter’s purpose, default values, significance, and examples. See the attached file:

            Notes

            • Custom Domains: If useCustomDomain is false, leave customDomain and certificateName as is (e.g., random string for customDomain). Use custom domain URLs in the IDE connector for APIs if enabled.
            • Blob Storage: storageAccountParams is relevant only if moveIlapFileToBlobStorage is 'true'.
            • Cost Optimization: Use 'Local' for backupStorageRedundancy, '1' for minCapacity, or S3 SKU in development to save costs.


            Attachments (1)

            xlsx

            configuringBicepParams.xlsx
            16.1 KB

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0