```text

refactor: Add User Assigned Managed Identity to web app deployment

The code changes in the main.bicep and webapp.bicep files add support for User Assigned Managed Identity in the deployment of the web app. This allows the web app to access the SSL certificate stored in the KeyVault.

ocpp-server/infra/main.bicep

@@ -87,6 +87,8 @@ module webApp './modules/webapp.bicep' = {
     pubSubName: webPubSub.outputs.serviceName
     vnetName: virtualNetwork.outputs.vnetName
     subnetName: virtualNetwork.outputs.defaultSubnetName
+    keyVaultIdentityName: keyVaultIdentityName
+    keyVaultIdentityRG: keyVaultIdentityRG
   }
 }
 

ocpp-server/infra/modules/webapp.bicep

@@ -5,6 +5,8 @@ param location string = resourceGroup().location // Location for all resources
 param pubSubName string
 param subnetName string
 param vnetName string
+param keyVaultIdentityName string
+param keyVaultIdentityRG string
 
 var appServicePlanName = toLower('AppServicePlan-${webAppName}')
 var webSiteName = toLower(webAppName)
@@ -24,6 +26,11 @@ resource subNet 'Microsoft.Network/virtualNetworks/subnets@2021-02-01' existing
   parent: vNet
 }
 
+resource identity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' existing = {
+  name: keyVaultIdentityName
+  scope: resourceGroup(keyVaultIdentityRG)
+}
+
 // create an Application Insights resource
 resource appInsights 'Microsoft.Insights/components@2020-02-02-preview' = {
   name: appInsightsName
@@ -58,6 +65,12 @@ module storage 'storage.bicep' = {
 resource appService 'Microsoft.Web/sites@2020-06-01' = {
   name: webSiteName
   location: location
+  identity: {
+    type: 'UserAssigned'
+    userAssignedIdentities: {
+      '${identity.id}': {}
+    }
+  }
   properties: {
     serverFarmId: appServicePlan.id
     httpsOnly: true // Enable HTTPS only for improved security