Use constants in Azure Bicep to simplify your IaC life.

Azure is an ecosystem full of constants, identifiers, IDs or role definitions. Unfortunately, ARM and Bicep do not provide as much support as they could.
So you have to become active yourself, as bitter as it sounds.

Json Files

Bicep allows via loadJsonContent the possibility to use the contents of Json files to make them available in Bicep.
So if I want to access a RoleID, I can store it flat in a json.

1// roleids.json
2{
3  "Contributor": "b24988ac-6180-42a0-ab88-20f7382dd24c",
4}

This can now be loaded and used.

 1var roleIds = loadJsonContent('../roleids.json')
 2
 3module rbac 'services/rbac.bicep' = {
 4    name: 'appconfig-rbac-${envName}'
 5    params: {
 6        appConfigName: appConfig.outputs.name
 7        roleId: roleIds.Contributor
 8        type: 'ServicePrincipal'
 9    }
10}

Module Outputs

The alternative is to declare a separate module with static outputs.

1output Contributor string = 'b24988ac-6180-42a0-ab88-20f7382dd24c'

This module can now be called.

1module roleConstants './services/builtInRoles.bicep' = {
2    name: 'roleConstants-${envName}'
3}

And be addressed as a module in Bicep as usual

1
2module rbac 'services/rbac.bicep' = {
3    name: 'appconfig-rbac-${envName}'
4    params: {
5        appConfigName: appConfig.outputs.name
6        roleId: roleConstants.outputs.Contributor
7        type: 'ServicePrincipal'
8    }
9}

As can be seen: Simplifications are possible.
But I agree with all the people who say that this should have been implemented by Microsoft instead of everyone having to do it themselves.

But maybe that will come - eventually.