Introducing BRI

A DevOps tool to document Bicep modules in a Azure container registry

Published on Monday, 27 November 2023

Are you looking for a way to document your Azure Bicep modules in a simple and elegant way? If so, you might want to check out BRI, a .NET tool that I created to help you with that.

What is BRI?

BRI stands for Bicep registry inventory, and it does exactly what the name suggests: it scans a provided Azure Container Registry for any published Bicep modules and generates markdown files for each module version. These markdown files contain information about the module's input parameters, output values, and example usage. You can then use these files with any static site generator that supports markdown, such as Statiq, to create a beautiful documentation site for your modules.

How to use BRI?

BRI is very easy to use. You just need to install it from using the .NET SDK tool install command. It supports both .NET 7 and .NET 8, and you can install it globally or locally. For example, to install it globally, you can run:

dotnet tool install --global BRI

Or, to install it locally (tool manifest), you can run:

dotnet tool install --local BRI

Once installed, you can run BRI by typing (dotnet bri if installed locally):

bri inventory <container registry name> <output path>

For example, to scan the container registry named and generate markdown files in the ./output/path folder, you can run:

bri inventory ./output/path


You can see an example of the output that BRI generates at example.


By default, it'll try to authenticate using the DefaultAzureCredential which tries to authorize in the following order based on your environment.

  1. EnvironmentCredential
  2. WorkloadIdentityCredential
  3. ManagedIdentityCredential
  4. SharedTokenCacheCredential
  5. VisualStudioCredential
  6. VisualStudioCodeCredential
  7. AzureCliCredential
  8. AzurePowerShellCredential
  9. AzureDeveloperCliCredential
  10. InteractiveBrowserCredential

If running in a DevOps pipeline recommended way is to use a managed/workload identity, or create an Entra ID service principal and set the following environment variables fetched from pipeline secrets

  1. AZURE_TENANT_ID to its tenant ID
  2. AZURE_CLIENT_ID to its client ID
  3. AZURE_CLIENT_SECRET to its secret.

Where to find BRI?

BRI is open source and licensed under the MIT license, so you can use it freely and modify it as you wish. You can find the source code on GitHub and the NuGet package at

Feedback and suggestions

I hope you find BRI useful and that it helps you with your Bicep module development. If you have any feedback or suggestions, please feel free to open an issue or a pull request on GitHub. Happy coding!