| additional_login_params |
(Optional) Login parameters to send to the OpenID Connect authorization endpoint when a user logs in. Each parameter must be in the form key=value. |
map(string) |
null |
| allowed_external_redirect_urls |
(Optional) External URLs that can be redirected to as part of logging in or logging out of the app. |
list(string) |
[] |
| always_on |
(Optional) Should the app be loaded at all times? Defaults to false. |
bool |
false |
| app_command_line |
(Optional) App command line to launch, e.g. '/sbin/myserver -b 0.0.0.0'. |
string |
"" |
| app_logs_azure_blob_storage |
(Optional) Needs to be set if app_logs_enabled = true. |
object({ # Possible values include Error, Warning, Information, Verbose and Off. # NOTE: below field is not available for http_logs level = string # The number of days to retain logs for. retention_in_days = number # The URL to the storage container, with a Service SAS token appended. sas_url = string }) |
null |
| app_logs_enabled |
(Optional) Should Application logs be enabled? For this to work logs_enabled need to be true. |
bool |
false |
| app_service_plan_id |
(Required) The ID of the App Service Plan within which to create this App Service. |
string |
null |
| app_service_plan_kind |
(Required) The kind used for app service plan. Possible values are: 'Windows' and 'Linux'. Defaults to 'Windows'. |
string |
null |
| app_settings |
(Optional) Map of KEY = VALUE pairs to pass to App Service environment, all values will be registered as plain text environment variables. |
map(string) |
{} |
| auth_active_directory |
(Optional) Object defining AD authentication integration. Required: client_id and client_secret. |
object({ client_id = string client_secret = string allowed_audiences = list(string) }) |
null |
| auth_enabled |
(Optional) Is Authentication enabled? |
bool |
false |
| auth_facebook |
(Optional) Object defining Facebook authetication integration. Required: app_id and app_secret. |
object({ app_id = string app_secret = string oauth_scopes = list(string) }) |
null |
| auth_google |
(Optional) Object defining Google authetication integration. Required: client_id and client_secret. |
object({ client_id = string client_secret = string oauth_scopes = list(string) }) |
null |
| auth_microsoft |
(Optional) Object defining Microsoft authetication integration. Required: client_id and client_secret. |
object({ client_id = string client_secret = string oauth_scopes = list(string) }) |
null |
| auth_twitter |
(Optional) Object defining Twitter authetication integration. Required: consumer_key and consumer_secret. |
object({ consumer_key = string consumer_secret = string }) |
null |
| backup_enabled |
(Optional) Should backup be enabled? |
bool |
false |
| backup_name |
(Optional) Specifies the name for this Backup. |
string |
"bak" |
| backup_schedule |
(Optional) Object defining backup schedule, Required if backup_enabled = true. |
object({ frequency_interval = number frequency_unit = string keep_at_least_one_backup = bool retention_period_in_days = number start_time = string }) |
{ "frequency_interval": 1, "frequency_unit": "Day", "keep_at_least_one_backup": true, "retention_period_in_days": 30, "start_time": null } |
| backup_storage_account_url |
The SAS URL to a Storage Container where Backups should be saved. |
string |
null |
| cert_name |
(Optional) Name of the certificate resource. Defaults to App Service Name with '-cert' suffix. |
string |
null |
| cert_path |
(Optional) Path to your certificate pfx, if this is set custom_domain is required. |
string |
null |
| cert_secret |
(Optional) Password to your certificate pfx. |
string |
"" |
| client_affinity_enabled |
(Optional) Should the App Service send session affinity cookies, which route client requests in the same session to the same instance? |
bool |
false |
| client_cert_enabled |
(Optional) Does the App Service require client certificates for incoming requests? Defaults to false. |
bool |
false |
| compose_file_path |
(Optional) Path to a docker-compose file for App Service to run. |
string |
null |
| connection_string |
(Optional) Possible type values are APIHub, Custom, DocDb, EventHub, MySQL, NotificationHub, PostgreSQL, RedisCache, ServiceBus, SQLAzure and SQLServer. |
list(object({ name = string type = string value = string })) |
[] |
| cors |
(Optional) Object to define CORS block in site config. |
object({ allowed_origins = list(string) support_credentials = bool }) |
{ "allowed_origins": [], "support_credentials": null } |
| custom_domain |
(Optional) Custom domain to attach to the App Service. |
string |
null |
| default_documents |
(Optional) The ordering of default documents to load, if an address isn't specified. |
list(string) |
null |
| default_provider |
(Optional) The default provider to use when multiple providers have been set up. Possible values are AzureActiveDirectory, Facebook, Google, MicrosoftAccount and Twitter. |
string |
"AzureActiveDirectory" |
| docker_container |
(Optional) <user/image:tag> to run a docker image. |
string |
null |
| dotnet_framework_version |
(Optional) The version of the .NET framework's CLR used in this App Service. See https://en.wikipedia.org/wiki/.NET_Framework_version_history#Overview . |
string |
null |
| enabled |
(Optional) Is the App Service Enabled? |
bool |
true |
| ftps_state |
(Optional) State of FTP / FTPS service for this App Service. Possible values include: AllAllowed, FtpsOnly and Disabled. Defaults to Disabled. |
string |
"Disabled" |
| http2_enabled |
(Optional) Is HTTP2 Enabled on this App Service? Defaults to true. |
bool |
true |
| http_logs_azure_blob_storage |
(Optional) Needs to be set if http_logs_enabled == true and file_system storage is not set. |
object({ # The number of days to retain logs for. retention_in_days = number # The URL to the storage container, with a Service SAS token appended. sas_url = string }) |
null |
| http_logs_enabled |
(Optional) Should HTTP logs be enabled? For this to work logs_enabled need to be true. |
bool |
false |
| http_logs_file_system |
(Optional) Retention specs if https logs need to be stored on the file system, both values are required. |
object({ retention_in_days = number retention_in_mb = number }) |
null |
| https_only |
(Optional) Can the App Service only be accessed via HTTPS? |
bool |
true |
| identity |
(Optional) Toggle for SystemAssigned managed identity. Defaults to true. |
bool |
true |
| identity_ids |
(Optional) Specifies a list of user managed identity ids to be assigned. Required if type is UserAssigned. |
list(string) |
null |
| identity_type |
(Optional) Specifies the identity type of the App Service. Possible values are SystemAssigned (where Azure will generate a Service Principal for you), UserAssigned where you can specify the Service Principal IDs in the identity_ids field. |
string |
"SystemAssigned" |
| ip_restriction |
(Optional) A Map representing IP restrictions to the App Service. |
map(map(string)) |
{} |
| issuer |
(Optional) Issuer URI. When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/. |
string |
null |
| java |
(Optional) Java version possible values are 1.7, 1.8 and 11 and their specific versions. Java container possible values are JAVA, JETTY, and TOMCAT. |
object({ version = string container = string container_version = string }) |
null |
| key_vault_secret_id |
(Optional) Key Vault Secret ID for your App Certificate, ether this or cert_path needs to be specified, if this is set custom_domain is required. |
string |
null |
| kubernetes_file_path |
(Optional) Path to kubernetes manifest for App Service to run. |
string |
null |
| linux_fx_version |
(Optional) Linux App Framework and version for the App Service. Contrary to the documentation there are more supported options than DOCKER| COMPOSE| and KUBE|. Values also available are DOTNETCORE| NODE| PHP| PYTHON| JAVA| RUBY|. |
string |
null |
| local_mysql_enabled |
(Optional) This runs a local MySQL instance with your app and shares resources from the App Service plan. |
bool |
false |
| location |
(Optional) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. |
string |
"westeurope" |
| log_analytics_workspace_id |
(Optional) Resource ID of an existing log analytics workspace. Providing ID enables logging. |
string |
null |
| logs_enabled |
(Optional) Should Logs be enabled? |
bool |
false |
| managed_pipeline_mode |
(Optional) The Managed Pipeline Mode. Possible values are Integrated and Classic. |
string |
"Integrated" |
| min_tls_version |
(Optional) The minimum supported TLS version for the app service. Possible values are '1.0', '1.1', and '1.2'. |
string |
"1.2" |
| name |
(Required) Specifies the name of the App Service. Changing this forces a new resource to be created. |
string |
null |
| php_version |
(Optional) The version of PHP to use in this App Service. Possible values are '5.5', '5.6', '7.0', '7.1', '7.2', '7.3' and '7.4'. |
string |
null |
| python_version |
(Optional) The version of Python to use in this App Service. Possible values are '2.7' and '3.4'. |
string |
null |
| remote_debugging_enabled |
(Optional) Is Remote Debugging Enabled? |
bool |
false |
| remote_debugging_version |
(Optional) Which version of Visual Studio should the Remote Debugger be compatible with? Possible values are VS2012, VS2013, VS2015 and VS2017. |
string |
"VS2017" |
| resource_group_name |
(Required) The name of the resource group in which to create the App Service. |
string |
null |
| runtime_version |
(Optional) The runtime version of the Authentication/Authorization module. |
string |
null |
| scm_ip_restriction |
(Optional) A Map representing IP restrictions to the Kudu Management page (scm) App Service. |
map(map(string)) |
{} |
| scm_type |
(Optional) The type of Source Control enabled for this App Service. Defaults to None. Possible values are: BitbucketGit, BitbucketHg, CodePlexGit, CodePlexHg, Dropbox, ExternalGit, ExternalHg, GitHub, LocalGit, None, OneDrive, Tfs, VSO, and VSTSRM |
string |
"None" |
| scm_use_main_ip_restriction |
(Optional) IP security restrictions for Kudu Managment page (scm) to use main IP restrictions. Defaults to true. |
bool |
true |
| source_control |
(Optional) A Source Control block for the App Service. |
map(string) |
null |
| ssl_state |
(Optional) The SSL type. Possible values are IpBasedEnabled and SniEnabled, if this is set cert thumbprint needs to be generated by ether providing cert_path or key_vault_secret_id |
string |
null |
| storage_account |
(Optional) object that can include storage account block to the configuration. |
object({ # The name of the storage account identifier. name = string # Possible values are AzureBlob and AzureFiles. type = string # The name of the storage account. account_name = string # The name of the file share (container name, for Blob storage). share_name = string # The access key for the storage account. access_key = string # (Optional) The path to mount the storage within the site's runtime environment. mount_path = string }) |
null |
| tags |
(Optional) A mapping of tags to assign to the resource. |
map(string) |
{} |
| token_refresh_extension_hours |
(Optional) The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to 72. |
number |
null |
| token_store_enabled |
(Optional) If enabled the module will durably store platform-specific security tokens that are obtained during login flows. Defaults to false. |
bool |
false |
| unauthenticated_client_action |
(Optional) The action to take when an unauthenticated client attempts to access the app. Possible values are AllowAnonymous and RedirectToLoginPage. |
string |
"RedirectToLoginPage" |
| use_32_bit_worker_process |
(Optional) When using an App Service Plan in the Free or Shared Tiers use_32_bit_worker_process must be set to true |
bool |
false |
| websockets_enabled |
(Optional) Should WebSockets be enabled? |
bool |
false |
| windows_fx_version |
(Optional) Windows App Framework and version for the App Service. |
string |
null |
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent