Proposed Pull Request Change

📄 Document Links

View on GitHub View on Microsoft Learn

--- title: Linter rule - admin user name shouldn't be literal description: Linter rule - admin user name shouldn't be a literal ms.topic: reference ms.custom: devx-track-bicep ms.date: 10/30/2025 --- # Linter rule - admin user name shouldn't be literal This rule finds when an admin user name is set to a literal value. ## Linter rule code Use the following value in the [Bicep configuration file](bicep-config-linter.md) to customize rule settings: `adminusername-should-not-be-literal` ## Solution Don't use a literal value or an expression that evaluates to a literal value. Instead, create a parameter for the user name and assign it to the admin user name. The following example fails this test because the user name is a literal value. ```bicep param location string = resourceGroup().location resource vm 'Microsoft.Compute/virtualMachines@2025-04-01' = { name: 'name' location: location properties: { osProfile: { adminUsername: 'adminUsername' } } } ``` The next example fails this test because the expression evaluates to a literal value when the default value is used. ```bicep param location string = resourceGroup().location var defaultAdmin = 'administrator' resource vm 'Microsoft.Compute/virtualMachines@2025-04-01' = { name: 'name' location: location properties: { osProfile: { adminUsername: defaultAdmin } } } ``` This example passes this test. ```bicep @secure() param adminUsername string param location string = resourceGroup().location resource vm 'Microsoft.Compute/virtualMachines@2025-04-01' = { name: 'name' location: location properties: { osProfile: { adminUsername: adminUsername } } } ``` ## Next steps For more information about the linter, see [Use Bicep linter](./linter.md).