I would like to add role assigment from my App Configuration to my App Service. In Azure portal i can do it like this: App Configuration -> Access control (IAM) -> Add role assigment -> App Configuration Data Reader -> Assign access to Managed identity -> Select Members (choose my app service) -> Save But now i want to do this through ARM template, currently I dont even know from where I should start, because in Microsoft ARM Docs i dont see something like this:

"roleAppConfigDataReader": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', <Your role definition id for AppConfigDataReader>)]"

Then you will include it in the configuration stores resource's json:

{
      "type": "Microsoft.Authorization/roleAssignments",
      "apiVersion": "2018-01-01-preview",
      "scope": "[format('Microsoft.AppConfiguration/configurationStores/{0}', <YourConfigStoreName>)]",
      "name": "[guid(resourceId('Microsoft.Web/sites', <YourAppServiceName>)), resourceId('Microsoft.AppConfiguration/configurationStores', <YourConfigStoreName>), variables('roleAppConfigDataReader'))]",
      "properties": {
        "roleDefinitionId": "[variables('roleAppConfigDataReader')]",
        "principalId": "[reference(resourceId('Microsoft.Web/sites', <YourAppServiceName>), '2021-02-01', 'full').identity.principalId]"
      },
      "dependsOn": [
        "[resourceId('Microsoft.AppConfiguration/configurationStores', <YourConfigStoreName>)]"
      ]
    }

Please take help from the samples Microsoft provides from this link: https://docs.microsoft.com/en-us/samples/browse/?expanded=azure&products=azure-resource-manager