Tutorial: Use condition in ARM templates

Learn how to deploy Azure resources based on conditions in an Azure Resource Manager template (ARM template).

In the Set resource deployment order tutorial, you create a virtual machine, a virtual network, and some other dependent resources including a storage account. Instead of creating a new storage account every time, you let people choose between creating a new storage account and using an existing storage account. To accomplish this goal, you define an additional parameter. If the value of the parameter is new, a new storage account is created. Otherwise, an existing storage account with the name provided is used.

Resource Manager template use condition diagram

This tutorial covers the following tasks:

  • Open a Quickstart template
  • Modify the template
  • Deploy the template
  • Clean up resources

This tutorial only covers a basic scenario of using conditions. For more information, see:

For a Learn module that covers conditions, see Manage complex cloud deployments by using advanced ARM template features.

If you don't have an Azure subscription, create a free account before you begin.

Prerequisites

To complete this article, you need:

Open a Quickstart template

Azure Quickstart Templates is a repository for ARM templates. Instead of creating a template from scratch, you can find a sample template and customize it. The template used in this tutorial is called Deploy a simple Windows VM.

  1. From Visual Studio Code, select File > Open File.

  2. In File name, paste the following URL:

    https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.compute/vm-simple-windows/azuredeploy.json
    
  3. Select Open to open the file.

  4. There are six resources defined by the template:

    It is helpful to review the template reference before customizing a template.

  5. Select File > Save As to save a copy of the file to your local computer with the name azuredeploy.json.

Modify the template

Make two changes to the existing template:

  • Add a storage account name parameter. Users can specify either a new storage account name or an existing storage account name.
  • Add a new parameter called newOrExisting. The deployment uses this parameter to determine whether to create a new storage account or use an existing storage account.

Here is the procedure to make the changes:

  1. Open azuredeploy.json in Visual Studio Code.

  2. Replace the three variables('storageAccountName') with parameters('storageAccountName') in the whole template.

  3. Remove the following variable definition:

    Screenshot that highlights the variable definitions that you need to remove.

  4. Add the following two parameters to the beginning of the parameters section:

    "storageAccountName": {
      "type": "string"
    },
    "newOrExisting": {
      "type": "string",
      "allowedValues": [
        "new",
        "existing"
      ]
    },
    

    Press Alt+Shift+F to format the template in Visual Studio Code.

    The updated parameters definition looks like:

    Resource Manager use condition

  5. Add the following line to the beginning of the storage account definition.

    "condition": "[equals(parameters('newOrExisting'),'new')]",
    

    The condition checks the value of the parameter newOrExisting. If the parameter value is new, the deployment creates the storage account.

    The updated storage account definition looks like:

    Screenshot that shows the updated storage account definition.

  6. Update the storageUri property of the virtual machine resource definition with the following value:

    "storageUri": "[concat('https://', parameters('storageAccountName'), '.blob.core.windows.net')]"
    

    This change is necessary when you use an existing storage account under a different resource group.

  7. Save the changes.

Deploy the template

  1. Sign in to Cloud Shell.

  2. Choose your preferred environment by selecting either PowerShell or Bash (for CLI) on the upper left corner. Restarting the shell is required when you switch.

    Azure portal Cloud Shell upload file

  3. Select Upload/download files, and then select Upload. See the previous screenshot. Select the file you saved in the previous section. After uploading the file, you can use the ls command and the cat command to verify the file was uploaded successfully.

  4. Run the following PowerShell script to deploy the template.

    Important

    The storage account name must be unique across Azure. The name must have only lowercase letters or numbers. It can be no longer than 24 characters. The storage account name is the project name with store appended. Make sure the project name and the generated storage account name meet the storage account name requirements.

    $projectName = Read-Host -Prompt "Enter a project name that is used to generate resource group name and resource names"
    $newOrExisting = Read-Host -Prompt "Create new or use existing (Enter new or existing)"
    $location = Read-Host -Prompt "Enter the Azure location (i.e. centralus)"
    $vmAdmin = Read-Host -Prompt "Enter the admin username"
    $vmPassword = Read-Host -Prompt "Enter the admin password" -AsSecureString
    $dnsLabelPrefix = Read-Host -Prompt "Enter the DNS Label prefix"
    
    $resourceGroupName = "${projectName}rg"
    $storageAccountName = "${projectName}store"
    
    New-AzResourceGroup -Name $resourceGroupName -Location $location
    New-AzResourceGroupDeployment `
        -ResourceGroupName $resourceGroupName `
        -adminUsername $vmAdmin `
        -adminPassword $vmPassword `
        -dnsLabelPrefix $dnsLabelPrefix `
        -storageAccountName $storageAccountName `
        -newOrExisting $newOrExisting `
        -TemplateFile "$HOME/azuredeploy.json"
    
    Write-Host "Press [ENTER] to continue ..."
    

    Note

    The deployment fails if newOrExisting is new, but the storage account with the storage account name specified already exists.

Try making another deployment with newOrExisting set to existing and specify an existing storage account. To create a storage account beforehand, see Create a storage account.

Clean up resources

When the Azure resources are no longer needed, clean up the resources you deployed by deleting the resource group. To delete the resource group, select Try it to open the Cloud Shell. To paste the PowerShell script, right-click the shell pane, and then select Paste.

$projectName = Read-Host -Prompt "Enter the same project name you used in the last procedure"
$resourceGroupName = "${projectName}rg"

Remove-AzResourceGroup -Name $resourceGroupName

Write-Host "Press [ENTER] to continue ..."

Next steps

In this tutorial, you developed a template that allows users to choose between creating a new storage account and using an existing storage account. To learn how to retrieve secrets from Azure Key Vault, and use the secrets as passwords in the template deployment, see: