@@ -60,6 +60,9 @@ param sku string = 'S0'
6060@description ('Optional. Location for all Resources.' )
6161param location string = resourceGroup ().location
6262
63+ @description ('Optional. Use this parameter to use an existing Cognitive Services resource ID from different resource group' )
64+ param azureExistingCognitiveServiceResourceId string = ''
65+
6366import { diagnosticSettingFullType } from 'br/public:avm/utl/types/avm-common-types:0.5.1'
6467@description ('Optional. The diagnostic settings of the service.' )
6568param diagnosticSettings diagnosticSettingFullType []?
@@ -123,6 +126,13 @@ param managedIdentities managedIdentityAllType?
123126@description ('Optional. Array of deployments about cognitive service accounts to create.' )
124127param deployments deploymentType []?
125128
129+ // Determine if we should reuse existing Cognitive Services resource
130+ var useExistingCognitiveService = !empty (azureExistingCognitiveServiceResourceId )
131+ var existingCogServiceName = useExistingCognitiveService ? last (split (azureExistingCognitiveServiceResourceId , '/' )) : ''
132+ var existingCogServiceRgName = useExistingCognitiveService ? split (azureExistingCognitiveServiceResourceId , '/' )[4 ] : ''
133+ var existingCogServiceSubscriptionId = useExistingCognitiveService ? split (azureExistingCognitiveServiceResourceId , '/' )[2 ] : ''
134+ var existingCogServiceEndpoint = useExistingCognitiveService ? format ('https://{0}.cognitiveservices.azure.com/' , existingCogServiceName ) : ''
135+
126136var enableReferencedModulesTelemetry = false
127137
128138var formattedUserAssignedIdentities = reduce (
@@ -260,7 +270,14 @@ var formattedRoleAssignments = [
260270 })
261271]
262272
263- resource cognitiveService 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = {
273+ // Reference to existing Cognitive Services account
274+ resource existingCognitiveService 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' existing = if (useExistingCognitiveService ) {
275+ name : existingCogServiceName
276+ scope : resourceGroup (existingCogServiceSubscriptionId , existingCogServiceRgName )
277+ }
278+
279+ // Create new Cognitive Services account only if not reusing existing one
280+ resource cognitiveService 'Microsoft.CognitiveServices/accounts@2025-04-01-preview' = if (!useExistingCognitiveService ) {
264281 name : name
265282 kind : kind
266283 identity : identity
@@ -307,7 +324,7 @@ resource cognitiveService 'Microsoft.CognitiveServices/accounts@2025-04-01-previ
307324
308325@batchSize (1 )
309326resource cognitiveService_deployments 'Microsoft.CognitiveServices/accounts/deployments@2024-10-01' = [
310- for (deployment , index ) in (deployments ?? []): {
327+ for (deployment , index ) in (useExistingCognitiveService ? [] : ( deployments ?? []) ): {
311328 parent : cognitiveService
312329 name : deployment .?name ?? '${name }-deployments'
313330 properties : {
@@ -327,7 +344,7 @@ resource cognitiveService_deployments 'Microsoft.CognitiveServices/accounts/depl
327344
328345#disable-next-line use-recent-api-versions
329346resource cognitiveService_diagnosticSettings 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = [
330- for (diagnosticSetting , index ) in (diagnosticSettings ?? []): {
347+ for (diagnosticSetting , index ) in (useExistingCognitiveService ? [] : ( diagnosticSettings ?? []) ): {
331348 name : diagnosticSetting .?name ?? '${name }-diagnosticSettings'
332349 properties : {
333350 storageAccountId : diagnosticSetting .?storageAccountResourceId
@@ -354,9 +371,9 @@ resource cognitiveService_diagnosticSettings 'Microsoft.Insights/diagnosticSetti
354371 scope : cognitiveService
355372 }
356373]
357-
374+ //
358375module cognitiveService_privateEndpoints 'br/public:avm/res/network/private-endpoint:0.11.0' = [
359- for (privateEndpoint , index ) in (privateEndpoints ?? []): {
376+ for (privateEndpoint , index ) in (useExistingCognitiveService ? [] : ( privateEndpoints ?? []) ): {
360377 name : take ('${uniqueString (deployment ().name , location )}-cognitiveService-PrivateEndpoint-${index }' , 64 )
361378 scope : resourceGroup (
362379 split (privateEndpoint .?resourceGroupResourceId ?? resourceGroup ().id , '/' )[2 ],
@@ -410,7 +427,7 @@ module cognitiveService_privateEndpoints 'br/public:avm/res/network/private-endp
410427]
411428
412429resource cognitiveService_roleAssignments 'Microsoft.Authorization/roleAssignments@2022-04-01' = [
413- for (roleAssignment , index ) in (formattedRoleAssignments ?? []): {
430+ for (roleAssignment , index ) in (useExistingCognitiveService ? [] : ( formattedRoleAssignments ?? []) ): {
414431 name : roleAssignment .?name ?? guid (cognitiveService .id , roleAssignment .principalId , roleAssignment .roleDefinitionId )
415432 properties : {
416433 roleDefinitionId : roleAssignment .roleDefinitionId
@@ -425,26 +442,41 @@ resource cognitiveService_roleAssignments 'Microsoft.Authorization/roleAssignmen
425442 }
426443]
427444
445+ // Role assignments for existing Cognitive Services from different resource group
446+ module existingCognitiveService_roleAssignments 'br/public:avm/ptn/authorization/resource-role-assignment:0.1.2' = [
447+ for (roleAssignment , i ) in (useExistingCognitiveService ? formattedRoleAssignments : []): {
448+ name : 'existing-cog-role-${i }-${take (uniqueString (azureExistingCognitiveServiceResourceId , roleAssignment .roleDefinitionId , roleAssignment .principalId ), 8 )}'
449+ scope : resourceGroup (existingCogServiceSubscriptionId , existingCogServiceRgName )
450+ params : {
451+ roleDefinitionId : roleAssignment .roleDefinitionId
452+ principalId : roleAssignment .principalId
453+ principalType : roleAssignment .?principalType ?? 'ServicePrincipal'
454+ resourceId : azureExistingCognitiveServiceResourceId
455+ enableTelemetry : enableReferencedModulesTelemetry
456+ }
457+ }
458+ ]
459+
428460@description ('The name of the cognitive services account.' )
429- output name string = cognitiveService .name
461+ output name string = useExistingCognitiveService ? existingCogServiceName : cognitiveService .name
430462
431463@description ('The resource ID of the cognitive services account.' )
432- output resourceId string = cognitiveService .id
464+ output resourceId string = useExistingCognitiveService ? azureExistingCognitiveServiceResourceId : cognitiveService .id
433465
434466@description ('The resource group the cognitive services account was deployed into.' )
435- output resourceGroupName string = resourceGroup ().name
467+ output resourceGroupName string = useExistingCognitiveService ? existingCogServiceRgName : resourceGroup ().name
436468
437469@description ('The service endpoint of the cognitive services account.' )
438- output endpoint string = cognitiveService .properties .endpoint
470+ output endpoint string = useExistingCognitiveService ? existingCogServiceEndpoint : cognitiveService .properties .endpoint
439471
440472@description ('All endpoints available for the cognitive services account, types depends on the cognitive service kind.' )
441- output endpoints endpointType = cognitiveService .properties .endpoints
473+ output endpoints endpointType = useExistingCognitiveService ? {} : cognitiveService .properties .endpoints
442474
443475@description ('The principal ID of the system assigned identity.' )
444- output systemAssignedMIPrincipalId string ? = cognitiveService .?identity .?principalId
476+ output systemAssignedMIPrincipalId string ? = useExistingCognitiveService ? null : cognitiveService .?identity .?principalId
445477
446478@description ('The location the resource was deployed into.' )
447- output location string = cognitiveService .location
479+ output location string = useExistingCognitiveService ? reference ( azureExistingCognitiveServiceResourceId , '2025-04-01-preview' , 'Full' ). location : cognitiveService .location
448480
449481@description ('The private endpoints of the congitive services account.' )
450482output privateEndpoints privateEndpointOutputType [] = [
0 commit comments