I created a managed identity in Azure ARM and authorized the acrpull role for the identity, but there are always errors during deployment. The error description shows that the principal ID of the identity cannot be found during authorization. I even added dependency and used output to output the principal ID of the identity, but it still has no effect. How can I solve this problem?
bicep tempate:
param identityName string
param acrName string
param location string
param tags object
resource userAssignedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
name: identityName
location: location
tags: tags
}
output principalId string = userAssignedIdentity.properties.principalId
resource acr 'Microsoft.ContainerRegistry/registries@2023-11-01-preview' existing = {
name: acrName
}
resource acrPullRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
name: guid(acr.id, userAssignedIdentity.id, 'acrpull')
scope: acr
properties: {
roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d') // AcrPull role ID
principalId: userAssignedIdentity.properties.principalId
}
}