We recommend using Azure Native.
azure.appservice.LinuxFunctionApp
Explore with Pulumi AI
Manages a Linux Function App.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleAccount = new azure.storage.Account("example", {
name: "linuxfunctionappsa",
resourceGroupName: example.name,
location: example.location,
accountTier: "Standard",
accountReplicationType: "LRS",
});
const exampleServicePlan = new azure.appservice.ServicePlan("example", {
name: "example-app-service-plan",
resourceGroupName: example.name,
location: example.location,
osType: "Linux",
skuName: "Y1",
});
const exampleLinuxFunctionApp = new azure.appservice.LinuxFunctionApp("example", {
name: "example-linux-function-app",
resourceGroupName: example.name,
location: example.location,
storageAccountName: exampleAccount.name,
storageAccountAccessKey: exampleAccount.primaryAccessKey,
servicePlanId: exampleServicePlan.id,
siteConfig: {},
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_account = azure.storage.Account("example",
name="linuxfunctionappsa",
resource_group_name=example.name,
location=example.location,
account_tier="Standard",
account_replication_type="LRS")
example_service_plan = azure.appservice.ServicePlan("example",
name="example-app-service-plan",
resource_group_name=example.name,
location=example.location,
os_type="Linux",
sku_name="Y1")
example_linux_function_app = azure.appservice.LinuxFunctionApp("example",
name="example-linux-function-app",
resource_group_name=example.name,
location=example.location,
storage_account_name=example_account.name,
storage_account_access_key=example_account.primary_access_key,
service_plan_id=example_service_plan.id,
site_config={})
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/appservice"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("linuxfunctionappsa"),
ResourceGroupName: example.Name,
Location: example.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
})
if err != nil {
return err
}
exampleServicePlan, err := appservice.NewServicePlan(ctx, "example", &appservice.ServicePlanArgs{
Name: pulumi.String("example-app-service-plan"),
ResourceGroupName: example.Name,
Location: example.Location,
OsType: pulumi.String("Linux"),
SkuName: pulumi.String("Y1"),
})
if err != nil {
return err
}
_, err = appservice.NewLinuxFunctionApp(ctx, "example", &appservice.LinuxFunctionAppArgs{
Name: pulumi.String("example-linux-function-app"),
ResourceGroupName: example.Name,
Location: example.Location,
StorageAccountName: exampleAccount.Name,
StorageAccountAccessKey: exampleAccount.PrimaryAccessKey,
ServicePlanId: exampleServicePlan.ID(),
SiteConfig: nil,
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "linuxfunctionappsa",
ResourceGroupName = example.Name,
Location = example.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var exampleServicePlan = new Azure.AppService.ServicePlan("example", new()
{
Name = "example-app-service-plan",
ResourceGroupName = example.Name,
Location = example.Location,
OsType = "Linux",
SkuName = "Y1",
});
var exampleLinuxFunctionApp = new Azure.AppService.LinuxFunctionApp("example", new()
{
Name = "example-linux-function-app",
ResourceGroupName = example.Name,
Location = example.Location,
StorageAccountName = exampleAccount.Name,
StorageAccountAccessKey = exampleAccount.PrimaryAccessKey,
ServicePlanId = exampleServicePlan.Id,
SiteConfig = null,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.appservice.ServicePlan;
import com.pulumi.azure.appservice.ServicePlanArgs;
import com.pulumi.azure.appservice.LinuxFunctionApp;
import com.pulumi.azure.appservice.LinuxFunctionAppArgs;
import com.pulumi.azure.appservice.inputs.LinuxFunctionAppSiteConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("linuxfunctionappsa")
.resourceGroupName(example.name())
.location(example.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var exampleServicePlan = new ServicePlan("exampleServicePlan", ServicePlanArgs.builder()
.name("example-app-service-plan")
.resourceGroupName(example.name())
.location(example.location())
.osType("Linux")
.skuName("Y1")
.build());
var exampleLinuxFunctionApp = new LinuxFunctionApp("exampleLinuxFunctionApp", LinuxFunctionAppArgs.builder()
.name("example-linux-function-app")
.resourceGroupName(example.name())
.location(example.location())
.storageAccountName(exampleAccount.name())
.storageAccountAccessKey(exampleAccount.primaryAccessKey())
.servicePlanId(exampleServicePlan.id())
.siteConfig()
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: linuxfunctionappsa
resourceGroupName: ${example.name}
location: ${example.location}
accountTier: Standard
accountReplicationType: LRS
exampleServicePlan:
type: azure:appservice:ServicePlan
name: example
properties:
name: example-app-service-plan
resourceGroupName: ${example.name}
location: ${example.location}
osType: Linux
skuName: Y1
exampleLinuxFunctionApp:
type: azure:appservice:LinuxFunctionApp
name: example
properties:
name: example-linux-function-app
resourceGroupName: ${example.name}
location: ${example.location}
storageAccountName: ${exampleAccount.name}
storageAccountAccessKey: ${exampleAccount.primaryAccessKey}
servicePlanId: ${exampleServicePlan.id}
siteConfig: {}
Create LinuxFunctionApp Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new LinuxFunctionApp(name: string, args: LinuxFunctionAppArgs, opts?: CustomResourceOptions);
@overload
def LinuxFunctionApp(resource_name: str,
args: LinuxFunctionAppArgs,
opts: Optional[ResourceOptions] = None)
@overload
def LinuxFunctionApp(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_group_name: Optional[str] = None,
site_config: Optional[LinuxFunctionAppSiteConfigArgs] = None,
service_plan_id: Optional[str] = None,
key_vault_reference_identity_id: Optional[str] = None,
zip_deploy_file: Optional[str] = None,
location: Optional[str] = None,
client_certificate_exclusion_paths: Optional[str] = None,
client_certificate_mode: Optional[str] = None,
connection_strings: Optional[Sequence[LinuxFunctionAppConnectionStringArgs]] = None,
content_share_force_disabled: Optional[bool] = None,
daily_memory_time_quota: Optional[int] = None,
enabled: Optional[bool] = None,
ftp_publish_basic_authentication_enabled: Optional[bool] = None,
functions_extension_version: Optional[str] = None,
https_only: Optional[bool] = None,
identity: Optional[LinuxFunctionAppIdentityArgs] = None,
app_settings: Optional[Mapping[str, str]] = None,
client_certificate_enabled: Optional[bool] = None,
public_network_access_enabled: Optional[bool] = None,
builtin_logging_enabled: Optional[bool] = None,
backup: Optional[LinuxFunctionAppBackupArgs] = None,
auth_settings_v2: Optional[LinuxFunctionAppAuthSettingsV2Args] = None,
auth_settings: Optional[LinuxFunctionAppAuthSettingsArgs] = None,
sticky_settings: Optional[LinuxFunctionAppStickySettingsArgs] = None,
storage_account_access_key: Optional[str] = None,
storage_account_name: Optional[str] = None,
storage_accounts: Optional[Sequence[LinuxFunctionAppStorageAccountArgs]] = None,
storage_key_vault_secret_id: Optional[str] = None,
storage_uses_managed_identity: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
virtual_network_subnet_id: Optional[str] = None,
vnet_image_pull_enabled: Optional[bool] = None,
webdeploy_publish_basic_authentication_enabled: Optional[bool] = None,
name: Optional[str] = None)
func NewLinuxFunctionApp(ctx *Context, name string, args LinuxFunctionAppArgs, opts ...ResourceOption) (*LinuxFunctionApp, error)
public LinuxFunctionApp(string name, LinuxFunctionAppArgs args, CustomResourceOptions? opts = null)
public LinuxFunctionApp(String name, LinuxFunctionAppArgs args)
public LinuxFunctionApp(String name, LinuxFunctionAppArgs args, CustomResourceOptions options)
type: azure:appservice:LinuxFunctionApp
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args LinuxFunctionAppArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args LinuxFunctionAppArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args LinuxFunctionAppArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LinuxFunctionAppArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args LinuxFunctionAppArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var linuxFunctionAppResource = new Azure.AppService.LinuxFunctionApp("linuxFunctionAppResource", new()
{
ResourceGroupName = "string",
SiteConfig = new Azure.AppService.Inputs.LinuxFunctionAppSiteConfigArgs
{
AlwaysOn = false,
ApiDefinitionUrl = "string",
ApiManagementApiId = "string",
AppCommandLine = "string",
AppScaleLimit = 0,
AppServiceLogs = new Azure.AppService.Inputs.LinuxFunctionAppSiteConfigAppServiceLogsArgs
{
DiskQuotaMb = 0,
RetentionPeriodDays = 0,
},
ApplicationInsightsConnectionString = "string",
ApplicationInsightsKey = "string",
ApplicationStack = new Azure.AppService.Inputs.LinuxFunctionAppSiteConfigApplicationStackArgs
{
Dockers = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppSiteConfigApplicationStackDockerArgs
{
ImageName = "string",
ImageTag = "string",
RegistryUrl = "string",
RegistryPassword = "string",
RegistryUsername = "string",
},
},
DotnetVersion = "string",
JavaVersion = "string",
NodeVersion = "string",
PowershellCoreVersion = "string",
PythonVersion = "string",
UseCustomRuntime = false,
UseDotnetIsolatedRuntime = false,
},
ContainerRegistryManagedIdentityClientId = "string",
ContainerRegistryUseManagedIdentity = false,
Cors = new Azure.AppService.Inputs.LinuxFunctionAppSiteConfigCorsArgs
{
AllowedOrigins = new[]
{
"string",
},
SupportCredentials = false,
},
DefaultDocuments = new[]
{
"string",
},
DetailedErrorLoggingEnabled = false,
ElasticInstanceMinimum = 0,
FtpsState = "string",
HealthCheckEvictionTimeInMin = 0,
HealthCheckPath = "string",
Http2Enabled = false,
IpRestrictionDefaultAction = "string",
IpRestrictions = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppSiteConfigIpRestrictionArgs
{
Action = "string",
Description = "string",
Headers = new Azure.AppService.Inputs.LinuxFunctionAppSiteConfigIpRestrictionHeadersArgs
{
XAzureFdids = new[]
{
"string",
},
XFdHealthProbe = "string",
XForwardedFors = new[]
{
"string",
},
XForwardedHosts = new[]
{
"string",
},
},
IpAddress = "string",
Name = "string",
Priority = 0,
ServiceTag = "string",
VirtualNetworkSubnetId = "string",
},
},
LinuxFxVersion = "string",
LoadBalancingMode = "string",
ManagedPipelineMode = "string",
MinimumTlsVersion = "string",
PreWarmedInstanceCount = 0,
RemoteDebuggingEnabled = false,
RemoteDebuggingVersion = "string",
RuntimeScaleMonitoringEnabled = false,
ScmIpRestrictionDefaultAction = "string",
ScmIpRestrictions = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppSiteConfigScmIpRestrictionArgs
{
Action = "string",
Description = "string",
Headers = new Azure.AppService.Inputs.LinuxFunctionAppSiteConfigScmIpRestrictionHeadersArgs
{
XAzureFdids = new[]
{
"string",
},
XFdHealthProbe = "string",
XForwardedFors = new[]
{
"string",
},
XForwardedHosts = new[]
{
"string",
},
},
IpAddress = "string",
Name = "string",
Priority = 0,
ServiceTag = "string",
VirtualNetworkSubnetId = "string",
},
},
ScmMinimumTlsVersion = "string",
ScmType = "string",
ScmUseMainIpRestriction = false,
Use32BitWorker = false,
VnetRouteAllEnabled = false,
WebsocketsEnabled = false,
WorkerCount = 0,
},
ServicePlanId = "string",
KeyVaultReferenceIdentityId = "string",
ZipDeployFile = "string",
Location = "string",
ClientCertificateExclusionPaths = "string",
ClientCertificateMode = "string",
ConnectionStrings = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppConnectionStringArgs
{
Name = "string",
Type = "string",
Value = "string",
},
},
ContentShareForceDisabled = false,
DailyMemoryTimeQuota = 0,
Enabled = false,
FtpPublishBasicAuthenticationEnabled = false,
FunctionsExtensionVersion = "string",
HttpsOnly = false,
Identity = new Azure.AppService.Inputs.LinuxFunctionAppIdentityArgs
{
Type = "string",
IdentityIds = new[]
{
"string",
},
PrincipalId = "string",
TenantId = "string",
},
AppSettings =
{
{ "string", "string" },
},
ClientCertificateEnabled = false,
PublicNetworkAccessEnabled = false,
BuiltinLoggingEnabled = false,
Backup = new Azure.AppService.Inputs.LinuxFunctionAppBackupArgs
{
Name = "string",
Schedule = new Azure.AppService.Inputs.LinuxFunctionAppBackupScheduleArgs
{
FrequencyInterval = 0,
FrequencyUnit = "string",
KeepAtLeastOneBackup = false,
LastExecutionTime = "string",
RetentionPeriodDays = 0,
StartTime = "string",
},
StorageAccountUrl = "string",
Enabled = false,
},
AuthSettingsV2 = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2Args
{
Login = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2LoginArgs
{
AllowedExternalRedirectUrls = new[]
{
"string",
},
CookieExpirationConvention = "string",
CookieExpirationTime = "string",
LogoutEndpoint = "string",
NonceExpirationTime = "string",
PreserveUrlFragmentsForLogins = false,
TokenRefreshExtensionTime = 0,
TokenStoreEnabled = false,
TokenStorePath = "string",
TokenStoreSasSettingName = "string",
ValidateNonce = false,
},
CustomOidcV2s = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2CustomOidcV2Args
{
ClientId = "string",
Name = "string",
OpenidConfigurationEndpoint = "string",
AuthorisationEndpoint = "string",
CertificationUri = "string",
ClientCredentialMethod = "string",
ClientSecretSettingName = "string",
IssuerEndpoint = "string",
NameClaimType = "string",
Scopes = new[]
{
"string",
},
TokenEndpoint = "string",
},
},
ActiveDirectoryV2 = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2ActiveDirectoryV2Args
{
ClientId = "string",
TenantAuthEndpoint = "string",
AllowedApplications = new[]
{
"string",
},
AllowedAudiences = new[]
{
"string",
},
AllowedGroups = new[]
{
"string",
},
AllowedIdentities = new[]
{
"string",
},
ClientSecretCertificateThumbprint = "string",
ClientSecretSettingName = "string",
JwtAllowedClientApplications = new[]
{
"string",
},
JwtAllowedGroups = new[]
{
"string",
},
LoginParameters =
{
{ "string", "string" },
},
WwwAuthenticationDisabled = false,
},
ForwardProxyCustomSchemeHeaderName = "string",
GoogleV2 = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2GoogleV2Args
{
ClientId = "string",
ClientSecretSettingName = "string",
AllowedAudiences = new[]
{
"string",
},
LoginScopes = new[]
{
"string",
},
},
GithubV2 = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2GithubV2Args
{
ClientId = "string",
ClientSecretSettingName = "string",
LoginScopes = new[]
{
"string",
},
},
DefaultProvider = "string",
ExcludedPaths = new[]
{
"string",
},
FacebookV2 = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2FacebookV2Args
{
AppId = "string",
AppSecretSettingName = "string",
GraphApiVersion = "string",
LoginScopes = new[]
{
"string",
},
},
ForwardProxyConvention = "string",
ForwardProxyCustomHostHeaderName = "string",
AzureStaticWebAppV2 = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2AzureStaticWebAppV2Args
{
ClientId = "string",
},
AuthEnabled = false,
ConfigFilePath = "string",
HttpRouteApiPrefix = "string",
AppleV2 = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2AppleV2Args
{
ClientId = "string",
ClientSecretSettingName = "string",
LoginScopes = new[]
{
"string",
},
},
MicrosoftV2 = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2MicrosoftV2Args
{
ClientId = "string",
ClientSecretSettingName = "string",
AllowedAudiences = new[]
{
"string",
},
LoginScopes = new[]
{
"string",
},
},
RequireAuthentication = false,
RequireHttps = false,
RuntimeVersion = "string",
TwitterV2 = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsV2TwitterV2Args
{
ConsumerKey = "string",
ConsumerSecretSettingName = "string",
},
UnauthenticatedAction = "string",
},
AuthSettings = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsArgs
{
Enabled = false,
Github = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsGithubArgs
{
ClientId = "string",
ClientSecret = "string",
ClientSecretSettingName = "string",
OauthScopes = new[]
{
"string",
},
},
Issuer = "string",
DefaultProvider = "string",
AdditionalLoginParameters =
{
{ "string", "string" },
},
Facebook = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsFacebookArgs
{
AppId = "string",
AppSecret = "string",
AppSecretSettingName = "string",
OauthScopes = new[]
{
"string",
},
},
ActiveDirectory = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsActiveDirectoryArgs
{
ClientId = "string",
AllowedAudiences = new[]
{
"string",
},
ClientSecret = "string",
ClientSecretSettingName = "string",
},
Google = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsGoogleArgs
{
ClientId = "string",
ClientSecret = "string",
ClientSecretSettingName = "string",
OauthScopes = new[]
{
"string",
},
},
AllowedExternalRedirectUrls = new[]
{
"string",
},
Microsoft = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsMicrosoftArgs
{
ClientId = "string",
ClientSecret = "string",
ClientSecretSettingName = "string",
OauthScopes = new[]
{
"string",
},
},
RuntimeVersion = "string",
TokenRefreshExtensionHours = 0,
TokenStoreEnabled = false,
Twitter = new Azure.AppService.Inputs.LinuxFunctionAppAuthSettingsTwitterArgs
{
ConsumerKey = "string",
ConsumerSecret = "string",
ConsumerSecretSettingName = "string",
},
UnauthenticatedClientAction = "string",
},
StickySettings = new Azure.AppService.Inputs.LinuxFunctionAppStickySettingsArgs
{
AppSettingNames = new[]
{
"string",
},
ConnectionStringNames = new[]
{
"string",
},
},
StorageAccountAccessKey = "string",
StorageAccountName = "string",
StorageAccounts = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppStorageAccountArgs
{
AccessKey = "string",
AccountName = "string",
Name = "string",
ShareName = "string",
Type = "string",
MountPath = "string",
},
},
StorageKeyVaultSecretId = "string",
StorageUsesManagedIdentity = false,
Tags =
{
{ "string", "string" },
},
VirtualNetworkSubnetId = "string",
VnetImagePullEnabled = false,
WebdeployPublishBasicAuthenticationEnabled = false,
Name = "string",
});
example, err := appservice.NewLinuxFunctionApp(ctx, "linuxFunctionAppResource", &appservice.LinuxFunctionAppArgs{
ResourceGroupName: pulumi.String("string"),
SiteConfig: &appservice.LinuxFunctionAppSiteConfigArgs{
AlwaysOn: pulumi.Bool(false),
ApiDefinitionUrl: pulumi.String("string"),
ApiManagementApiId: pulumi.String("string"),
AppCommandLine: pulumi.String("string"),
AppScaleLimit: pulumi.Int(0),
AppServiceLogs: &appservice.LinuxFunctionAppSiteConfigAppServiceLogsArgs{
DiskQuotaMb: pulumi.Int(0),
RetentionPeriodDays: pulumi.Int(0),
},
ApplicationInsightsConnectionString: pulumi.String("string"),
ApplicationInsightsKey: pulumi.String("string"),
ApplicationStack: &appservice.LinuxFunctionAppSiteConfigApplicationStackArgs{
Dockers: appservice.LinuxFunctionAppSiteConfigApplicationStackDockerArray{
&appservice.LinuxFunctionAppSiteConfigApplicationStackDockerArgs{
ImageName: pulumi.String("string"),
ImageTag: pulumi.String("string"),
RegistryUrl: pulumi.String("string"),
RegistryPassword: pulumi.String("string"),
RegistryUsername: pulumi.String("string"),
},
},
DotnetVersion: pulumi.String("string"),
JavaVersion: pulumi.String("string"),
NodeVersion: pulumi.String("string"),
PowershellCoreVersion: pulumi.String("string"),
PythonVersion: pulumi.String("string"),
UseCustomRuntime: pulumi.Bool(false),
UseDotnetIsolatedRuntime: pulumi.Bool(false),
},
ContainerRegistryManagedIdentityClientId: pulumi.String("string"),
ContainerRegistryUseManagedIdentity: pulumi.Bool(false),
Cors: &appservice.LinuxFunctionAppSiteConfigCorsArgs{
AllowedOrigins: pulumi.StringArray{
pulumi.String("string"),
},
SupportCredentials: pulumi.Bool(false),
},
DefaultDocuments: pulumi.StringArray{
pulumi.String("string"),
},
DetailedErrorLoggingEnabled: pulumi.Bool(false),
ElasticInstanceMinimum: pulumi.Int(0),
FtpsState: pulumi.String("string"),
HealthCheckEvictionTimeInMin: pulumi.Int(0),
HealthCheckPath: pulumi.String("string"),
Http2Enabled: pulumi.Bool(false),
IpRestrictionDefaultAction: pulumi.String("string"),
IpRestrictions: appservice.LinuxFunctionAppSiteConfigIpRestrictionArray{
&appservice.LinuxFunctionAppSiteConfigIpRestrictionArgs{
Action: pulumi.String("string"),
Description: pulumi.String("string"),
Headers: &appservice.LinuxFunctionAppSiteConfigIpRestrictionHeadersArgs{
XAzureFdids: pulumi.StringArray{
pulumi.String("string"),
},
XFdHealthProbe: pulumi.String("string"),
XForwardedFors: pulumi.StringArray{
pulumi.String("string"),
},
XForwardedHosts: pulumi.StringArray{
pulumi.String("string"),
},
},
IpAddress: pulumi.String("string"),
Name: pulumi.String("string"),
Priority: pulumi.Int(0),
ServiceTag: pulumi.String("string"),
VirtualNetworkSubnetId: pulumi.String("string"),
},
},
LinuxFxVersion: pulumi.String("string"),
LoadBalancingMode: pulumi.String("string"),
ManagedPipelineMode: pulumi.String("string"),
MinimumTlsVersion: pulumi.String("string"),
PreWarmedInstanceCount: pulumi.Int(0),
RemoteDebuggingEnabled: pulumi.Bool(false),
RemoteDebuggingVersion: pulumi.String("string"),
RuntimeScaleMonitoringEnabled: pulumi.Bool(false),
ScmIpRestrictionDefaultAction: pulumi.String("string"),
ScmIpRestrictions: appservice.LinuxFunctionAppSiteConfigScmIpRestrictionArray{
&appservice.LinuxFunctionAppSiteConfigScmIpRestrictionArgs{
Action: pulumi.String("string"),
Description: pulumi.String("string"),
Headers: &appservice.LinuxFunctionAppSiteConfigScmIpRestrictionHeadersArgs{
XAzureFdids: pulumi.StringArray{
pulumi.String("string"),
},
XFdHealthProbe: pulumi.String("string"),
XForwardedFors: pulumi.StringArray{
pulumi.String("string"),
},
XForwardedHosts: pulumi.StringArray{
pulumi.String("string"),
},
},
IpAddress: pulumi.String("string"),
Name: pulumi.String("string"),
Priority: pulumi.Int(0),
ServiceTag: pulumi.String("string"),
VirtualNetworkSubnetId: pulumi.String("string"),
},
},
ScmMinimumTlsVersion: pulumi.String("string"),
ScmType: pulumi.String("string"),
ScmUseMainIpRestriction: pulumi.Bool(false),
Use32BitWorker: pulumi.Bool(false),
VnetRouteAllEnabled: pulumi.Bool(false),
WebsocketsEnabled: pulumi.Bool(false),
WorkerCount: pulumi.Int(0),
},
ServicePlanId: pulumi.String("string"),
KeyVaultReferenceIdentityId: pulumi.String("string"),
ZipDeployFile: pulumi.String("string"),
Location: pulumi.String("string"),
ClientCertificateExclusionPaths: pulumi.String("string"),
ClientCertificateMode: pulumi.String("string"),
ConnectionStrings: appservice.LinuxFunctionAppConnectionStringArray{
&appservice.LinuxFunctionAppConnectionStringArgs{
Name: pulumi.String("string"),
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ContentShareForceDisabled: pulumi.Bool(false),
DailyMemoryTimeQuota: pulumi.Int(0),
Enabled: pulumi.Bool(false),
FtpPublishBasicAuthenticationEnabled: pulumi.Bool(false),
FunctionsExtensionVersion: pulumi.String("string"),
HttpsOnly: pulumi.Bool(false),
Identity: &appservice.LinuxFunctionAppIdentityArgs{
Type: pulumi.String("string"),
IdentityIds: pulumi.StringArray{
pulumi.String("string"),
},
PrincipalId: pulumi.String("string"),
TenantId: pulumi.String("string"),
},
AppSettings: pulumi.StringMap{
"string": pulumi.String("string"),
},
ClientCertificateEnabled: pulumi.Bool(false),
PublicNetworkAccessEnabled: pulumi.Bool(false),
BuiltinLoggingEnabled: pulumi.Bool(false),
Backup: &appservice.LinuxFunctionAppBackupArgs{
Name: pulumi.String("string"),
Schedule: &appservice.LinuxFunctionAppBackupScheduleArgs{
FrequencyInterval: pulumi.Int(0),
FrequencyUnit: pulumi.String("string"),
KeepAtLeastOneBackup: pulumi.Bool(false),
LastExecutionTime: pulumi.String("string"),
RetentionPeriodDays: pulumi.Int(0),
StartTime: pulumi.String("string"),
},
StorageAccountUrl: pulumi.String("string"),
Enabled: pulumi.Bool(false),
},
AuthSettingsV2: &appservice.LinuxFunctionAppAuthSettingsV2Args{
Login: &appservice.LinuxFunctionAppAuthSettingsV2LoginArgs{
AllowedExternalRedirectUrls: pulumi.StringArray{
pulumi.String("string"),
},
CookieExpirationConvention: pulumi.String("string"),
CookieExpirationTime: pulumi.String("string"),
LogoutEndpoint: pulumi.String("string"),
NonceExpirationTime: pulumi.String("string"),
PreserveUrlFragmentsForLogins: pulumi.Bool(false),
TokenRefreshExtensionTime: pulumi.Float64(0),
TokenStoreEnabled: pulumi.Bool(false),
TokenStorePath: pulumi.String("string"),
TokenStoreSasSettingName: pulumi.String("string"),
ValidateNonce: pulumi.Bool(false),
},
CustomOidcV2s: appservice.LinuxFunctionAppAuthSettingsV2CustomOidcV2Array{
&appservice.LinuxFunctionAppAuthSettingsV2CustomOidcV2Args{
ClientId: pulumi.String("string"),
Name: pulumi.String("string"),
OpenidConfigurationEndpoint: pulumi.String("string"),
AuthorisationEndpoint: pulumi.String("string"),
CertificationUri: pulumi.String("string"),
ClientCredentialMethod: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
IssuerEndpoint: pulumi.String("string"),
NameClaimType: pulumi.String("string"),
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
TokenEndpoint: pulumi.String("string"),
},
},
ActiveDirectoryV2: &appservice.LinuxFunctionAppAuthSettingsV2ActiveDirectoryV2Args{
ClientId: pulumi.String("string"),
TenantAuthEndpoint: pulumi.String("string"),
AllowedApplications: pulumi.StringArray{
pulumi.String("string"),
},
AllowedAudiences: pulumi.StringArray{
pulumi.String("string"),
},
AllowedGroups: pulumi.StringArray{
pulumi.String("string"),
},
AllowedIdentities: pulumi.StringArray{
pulumi.String("string"),
},
ClientSecretCertificateThumbprint: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
JwtAllowedClientApplications: pulumi.StringArray{
pulumi.String("string"),
},
JwtAllowedGroups: pulumi.StringArray{
pulumi.String("string"),
},
LoginParameters: pulumi.StringMap{
"string": pulumi.String("string"),
},
WwwAuthenticationDisabled: pulumi.Bool(false),
},
ForwardProxyCustomSchemeHeaderName: pulumi.String("string"),
GoogleV2: &appservice.LinuxFunctionAppAuthSettingsV2GoogleV2Args{
ClientId: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
AllowedAudiences: pulumi.StringArray{
pulumi.String("string"),
},
LoginScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
GithubV2: &appservice.LinuxFunctionAppAuthSettingsV2GithubV2Args{
ClientId: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
LoginScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
DefaultProvider: pulumi.String("string"),
ExcludedPaths: pulumi.StringArray{
pulumi.String("string"),
},
FacebookV2: &appservice.LinuxFunctionAppAuthSettingsV2FacebookV2Args{
AppId: pulumi.String("string"),
AppSecretSettingName: pulumi.String("string"),
GraphApiVersion: pulumi.String("string"),
LoginScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
ForwardProxyConvention: pulumi.String("string"),
ForwardProxyCustomHostHeaderName: pulumi.String("string"),
AzureStaticWebAppV2: &appservice.LinuxFunctionAppAuthSettingsV2AzureStaticWebAppV2Args{
ClientId: pulumi.String("string"),
},
AuthEnabled: pulumi.Bool(false),
ConfigFilePath: pulumi.String("string"),
HttpRouteApiPrefix: pulumi.String("string"),
AppleV2: &appservice.LinuxFunctionAppAuthSettingsV2AppleV2Args{
ClientId: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
LoginScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
MicrosoftV2: &appservice.LinuxFunctionAppAuthSettingsV2MicrosoftV2Args{
ClientId: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
AllowedAudiences: pulumi.StringArray{
pulumi.String("string"),
},
LoginScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
RequireAuthentication: pulumi.Bool(false),
RequireHttps: pulumi.Bool(false),
RuntimeVersion: pulumi.String("string"),
TwitterV2: &appservice.LinuxFunctionAppAuthSettingsV2TwitterV2Args{
ConsumerKey: pulumi.String("string"),
ConsumerSecretSettingName: pulumi.String("string"),
},
UnauthenticatedAction: pulumi.String("string"),
},
AuthSettings: &appservice.LinuxFunctionAppAuthSettingsArgs{
Enabled: pulumi.Bool(false),
Github: &appservice.LinuxFunctionAppAuthSettingsGithubArgs{
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
Issuer: pulumi.String("string"),
DefaultProvider: pulumi.String("string"),
AdditionalLoginParameters: pulumi.StringMap{
"string": pulumi.String("string"),
},
Facebook: &appservice.LinuxFunctionAppAuthSettingsFacebookArgs{
AppId: pulumi.String("string"),
AppSecret: pulumi.String("string"),
AppSecretSettingName: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
ActiveDirectory: &appservice.LinuxFunctionAppAuthSettingsActiveDirectoryArgs{
ClientId: pulumi.String("string"),
AllowedAudiences: pulumi.StringArray{
pulumi.String("string"),
},
ClientSecret: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
},
Google: &appservice.LinuxFunctionAppAuthSettingsGoogleArgs{
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
AllowedExternalRedirectUrls: pulumi.StringArray{
pulumi.String("string"),
},
Microsoft: &appservice.LinuxFunctionAppAuthSettingsMicrosoftArgs{
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
RuntimeVersion: pulumi.String("string"),
TokenRefreshExtensionHours: pulumi.Float64(0),
TokenStoreEnabled: pulumi.Bool(false),
Twitter: &appservice.LinuxFunctionAppAuthSettingsTwitterArgs{
ConsumerKey: pulumi.String("string"),
ConsumerSecret: pulumi.String("string"),
ConsumerSecretSettingName: pulumi.String("string"),
},
UnauthenticatedClientAction: pulumi.String("string"),
},
StickySettings: &appservice.LinuxFunctionAppStickySettingsArgs{
AppSettingNames: pulumi.StringArray{
pulumi.String("string"),
},
ConnectionStringNames: pulumi.StringArray{
pulumi.String("string"),
},
},
StorageAccountAccessKey: pulumi.String("string"),
StorageAccountName: pulumi.String("string"),
StorageAccounts: appservice.LinuxFunctionAppStorageAccountArray{
&appservice.LinuxFunctionAppStorageAccountArgs{
AccessKey: pulumi.String("string"),
AccountName: pulumi.String("string"),
Name: pulumi.String("string"),
ShareName: pulumi.String("string"),
Type: pulumi.String("string"),
MountPath: pulumi.String("string"),
},
},
StorageKeyVaultSecretId: pulumi.String("string"),
StorageUsesManagedIdentity: pulumi.Bool(false),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
VirtualNetworkSubnetId: pulumi.String("string"),
VnetImagePullEnabled: pulumi.Bool(false),
WebdeployPublishBasicAuthenticationEnabled: pulumi.Bool(false),
Name: pulumi.String("string"),
})
var linuxFunctionAppResource = new LinuxFunctionApp("linuxFunctionAppResource", LinuxFunctionAppArgs.builder()
.resourceGroupName("string")
.siteConfig(LinuxFunctionAppSiteConfigArgs.builder()
.alwaysOn(false)
.apiDefinitionUrl("string")
.apiManagementApiId("string")
.appCommandLine("string")
.appScaleLimit(0)
.appServiceLogs(LinuxFunctionAppSiteConfigAppServiceLogsArgs.builder()
.diskQuotaMb(0)
.retentionPeriodDays(0)
.build())
.applicationInsightsConnectionString("string")
.applicationInsightsKey("string")
.applicationStack(LinuxFunctionAppSiteConfigApplicationStackArgs.builder()
.dockers(LinuxFunctionAppSiteConfigApplicationStackDockerArgs.builder()
.imageName("string")
.imageTag("string")
.registryUrl("string")
.registryPassword("string")
.registryUsername("string")
.build())
.dotnetVersion("string")
.javaVersion("string")
.nodeVersion("string")
.powershellCoreVersion("string")
.pythonVersion("string")
.useCustomRuntime(false)
.useDotnetIsolatedRuntime(false)
.build())
.containerRegistryManagedIdentityClientId("string")
.containerRegistryUseManagedIdentity(false)
.cors(LinuxFunctionAppSiteConfigCorsArgs.builder()
.allowedOrigins("string")
.supportCredentials(false)
.build())
.defaultDocuments("string")
.detailedErrorLoggingEnabled(false)
.elasticInstanceMinimum(0)
.ftpsState("string")
.healthCheckEvictionTimeInMin(0)
.healthCheckPath("string")
.http2Enabled(false)
.ipRestrictionDefaultAction("string")
.ipRestrictions(LinuxFunctionAppSiteConfigIpRestrictionArgs.builder()
.action("string")
.description("string")
.headers(LinuxFunctionAppSiteConfigIpRestrictionHeadersArgs.builder()
.xAzureFdids("string")
.xFdHealthProbe("string")
.xForwardedFors("string")
.xForwardedHosts("string")
.build())
.ipAddress("string")
.name("string")
.priority(0)
.serviceTag("string")
.virtualNetworkSubnetId("string")
.build())
.linuxFxVersion("string")
.loadBalancingMode("string")
.managedPipelineMode("string")
.minimumTlsVersion("string")
.preWarmedInstanceCount(0)
.remoteDebuggingEnabled(false)
.remoteDebuggingVersion("string")
.runtimeScaleMonitoringEnabled(false)
.scmIpRestrictionDefaultAction("string")
.scmIpRestrictions(LinuxFunctionAppSiteConfigScmIpRestrictionArgs.builder()
.action("string")
.description("string")
.headers(LinuxFunctionAppSiteConfigScmIpRestrictionHeadersArgs.builder()
.xAzureFdids("string")
.xFdHealthProbe("string")
.xForwardedFors("string")
.xForwardedHosts("string")
.build())
.ipAddress("string")
.name("string")
.priority(0)
.serviceTag("string")
.virtualNetworkSubnetId("string")
.build())
.scmMinimumTlsVersion("string")
.scmType("string")
.scmUseMainIpRestriction(false)
.use32BitWorker(false)
.vnetRouteAllEnabled(false)
.websocketsEnabled(false)
.workerCount(0)
.build())
.servicePlanId("string")
.keyVaultReferenceIdentityId("string")
.zipDeployFile("string")
.location("string")
.clientCertificateExclusionPaths("string")
.clientCertificateMode("string")
.connectionStrings(LinuxFunctionAppConnectionStringArgs.builder()
.name("string")
.type("string")
.value("string")
.build())
.contentShareForceDisabled(false)
.dailyMemoryTimeQuota(0)
.enabled(false)
.ftpPublishBasicAuthenticationEnabled(false)
.functionsExtensionVersion("string")
.httpsOnly(false)
.identity(LinuxFunctionAppIdentityArgs.builder()
.type("string")
.identityIds("string")
.principalId("string")
.tenantId("string")
.build())
.appSettings(Map.of("string", "string"))
.clientCertificateEnabled(false)
.publicNetworkAccessEnabled(false)
.builtinLoggingEnabled(false)
.backup(LinuxFunctionAppBackupArgs.builder()
.name("string")
.schedule(LinuxFunctionAppBackupScheduleArgs.builder()
.frequencyInterval(0)
.frequencyUnit("string")
.keepAtLeastOneBackup(false)
.lastExecutionTime("string")
.retentionPeriodDays(0)
.startTime("string")
.build())
.storageAccountUrl("string")
.enabled(false)
.build())
.authSettingsV2(LinuxFunctionAppAuthSettingsV2Args.builder()
.login(LinuxFunctionAppAuthSettingsV2LoginArgs.builder()
.allowedExternalRedirectUrls("string")
.cookieExpirationConvention("string")
.cookieExpirationTime("string")
.logoutEndpoint("string")
.nonceExpirationTime("string")
.preserveUrlFragmentsForLogins(false)
.tokenRefreshExtensionTime(0)
.tokenStoreEnabled(false)
.tokenStorePath("string")
.tokenStoreSasSettingName("string")
.validateNonce(false)
.build())
.customOidcV2s(LinuxFunctionAppAuthSettingsV2CustomOidcV2Args.builder()
.clientId("string")
.name("string")
.openidConfigurationEndpoint("string")
.authorisationEndpoint("string")
.certificationUri("string")
.clientCredentialMethod("string")
.clientSecretSettingName("string")
.issuerEndpoint("string")
.nameClaimType("string")
.scopes("string")
.tokenEndpoint("string")
.build())
.activeDirectoryV2(LinuxFunctionAppAuthSettingsV2ActiveDirectoryV2Args.builder()
.clientId("string")
.tenantAuthEndpoint("string")
.allowedApplications("string")
.allowedAudiences("string")
.allowedGroups("string")
.allowedIdentities("string")
.clientSecretCertificateThumbprint("string")
.clientSecretSettingName("string")
.jwtAllowedClientApplications("string")
.jwtAllowedGroups("string")
.loginParameters(Map.of("string", "string"))
.wwwAuthenticationDisabled(false)
.build())
.forwardProxyCustomSchemeHeaderName("string")
.googleV2(LinuxFunctionAppAuthSettingsV2GoogleV2Args.builder()
.clientId("string")
.clientSecretSettingName("string")
.allowedAudiences("string")
.loginScopes("string")
.build())
.githubV2(LinuxFunctionAppAuthSettingsV2GithubV2Args.builder()
.clientId("string")
.clientSecretSettingName("string")
.loginScopes("string")
.build())
.defaultProvider("string")
.excludedPaths("string")
.facebookV2(LinuxFunctionAppAuthSettingsV2FacebookV2Args.builder()
.appId("string")
.appSecretSettingName("string")
.graphApiVersion("string")
.loginScopes("string")
.build())
.forwardProxyConvention("string")
.forwardProxyCustomHostHeaderName("string")
.azureStaticWebAppV2(LinuxFunctionAppAuthSettingsV2AzureStaticWebAppV2Args.builder()
.clientId("string")
.build())
.authEnabled(false)
.configFilePath("string")
.httpRouteApiPrefix("string")
.appleV2(LinuxFunctionAppAuthSettingsV2AppleV2Args.builder()
.clientId("string")
.clientSecretSettingName("string")
.loginScopes("string")
.build())
.microsoftV2(LinuxFunctionAppAuthSettingsV2MicrosoftV2Args.builder()
.clientId("string")
.clientSecretSettingName("string")
.allowedAudiences("string")
.loginScopes("string")
.build())
.requireAuthentication(false)
.requireHttps(false)
.runtimeVersion("string")
.twitterV2(LinuxFunctionAppAuthSettingsV2TwitterV2Args.builder()
.consumerKey("string")
.consumerSecretSettingName("string")
.build())
.unauthenticatedAction("string")
.build())
.authSettings(LinuxFunctionAppAuthSettingsArgs.builder()
.enabled(false)
.github(LinuxFunctionAppAuthSettingsGithubArgs.builder()
.clientId("string")
.clientSecret("string")
.clientSecretSettingName("string")
.oauthScopes("string")
.build())
.issuer("string")
.defaultProvider("string")
.additionalLoginParameters(Map.of("string", "string"))
.facebook(LinuxFunctionAppAuthSettingsFacebookArgs.builder()
.appId("string")
.appSecret("string")
.appSecretSettingName("string")
.oauthScopes("string")
.build())
.activeDirectory(LinuxFunctionAppAuthSettingsActiveDirectoryArgs.builder()
.clientId("string")
.allowedAudiences("string")
.clientSecret("string")
.clientSecretSettingName("string")
.build())
.google(LinuxFunctionAppAuthSettingsGoogleArgs.builder()
.clientId("string")
.clientSecret("string")
.clientSecretSettingName("string")
.oauthScopes("string")
.build())
.allowedExternalRedirectUrls("string")
.microsoft(LinuxFunctionAppAuthSettingsMicrosoftArgs.builder()
.clientId("string")
.clientSecret("string")
.clientSecretSettingName("string")
.oauthScopes("string")
.build())
.runtimeVersion("string")
.tokenRefreshExtensionHours(0)
.tokenStoreEnabled(false)
.twitter(LinuxFunctionAppAuthSettingsTwitterArgs.builder()
.consumerKey("string")
.consumerSecret("string")
.consumerSecretSettingName("string")
.build())
.unauthenticatedClientAction("string")
.build())
.stickySettings(LinuxFunctionAppStickySettingsArgs.builder()
.appSettingNames("string")
.connectionStringNames("string")
.build())
.storageAccountAccessKey("string")
.storageAccountName("string")
.storageAccounts(LinuxFunctionAppStorageAccountArgs.builder()
.accessKey("string")
.accountName("string")
.name("string")
.shareName("string")
.type("string")
.mountPath("string")
.build())
.storageKeyVaultSecretId("string")
.storageUsesManagedIdentity(false)
.tags(Map.of("string", "string"))
.virtualNetworkSubnetId("string")
.vnetImagePullEnabled(false)
.webdeployPublishBasicAuthenticationEnabled(false)
.name("string")
.build());
linux_function_app_resource = azure.appservice.LinuxFunctionApp("linuxFunctionAppResource",
resource_group_name="string",
site_config={
"alwaysOn": False,
"apiDefinitionUrl": "string",
"apiManagementApiId": "string",
"appCommandLine": "string",
"appScaleLimit": 0,
"appServiceLogs": {
"diskQuotaMb": 0,
"retentionPeriodDays": 0,
},
"applicationInsightsConnectionString": "string",
"applicationInsightsKey": "string",
"applicationStack": {
"dockers": [{
"imageName": "string",
"imageTag": "string",
"registryUrl": "string",
"registryPassword": "string",
"registryUsername": "string",
}],
"dotnetVersion": "string",
"javaVersion": "string",
"nodeVersion": "string",
"powershellCoreVersion": "string",
"pythonVersion": "string",
"useCustomRuntime": False,
"useDotnetIsolatedRuntime": False,
},
"containerRegistryManagedIdentityClientId": "string",
"containerRegistryUseManagedIdentity": False,
"cors": {
"allowedOrigins": ["string"],
"supportCredentials": False,
},
"defaultDocuments": ["string"],
"detailedErrorLoggingEnabled": False,
"elasticInstanceMinimum": 0,
"ftpsState": "string",
"healthCheckEvictionTimeInMin": 0,
"healthCheckPath": "string",
"http2Enabled": False,
"ipRestrictionDefaultAction": "string",
"ipRestrictions": [{
"action": "string",
"description": "string",
"headers": {
"xAzureFdids": ["string"],
"xFdHealthProbe": "string",
"xForwardedFors": ["string"],
"xForwardedHosts": ["string"],
},
"ipAddress": "string",
"name": "string",
"priority": 0,
"serviceTag": "string",
"virtualNetworkSubnetId": "string",
}],
"linuxFxVersion": "string",
"loadBalancingMode": "string",
"managedPipelineMode": "string",
"minimumTlsVersion": "string",
"preWarmedInstanceCount": 0,
"remoteDebuggingEnabled": False,
"remoteDebuggingVersion": "string",
"runtimeScaleMonitoringEnabled": False,
"scmIpRestrictionDefaultAction": "string",
"scmIpRestrictions": [{
"action": "string",
"description": "string",
"headers": {
"xAzureFdids": ["string"],
"xFdHealthProbe": "string",
"xForwardedFors": ["string"],
"xForwardedHosts": ["string"],
},
"ipAddress": "string",
"name": "string",
"priority": 0,
"serviceTag": "string",
"virtualNetworkSubnetId": "string",
}],
"scmMinimumTlsVersion": "string",
"scmType": "string",
"scmUseMainIpRestriction": False,
"use32BitWorker": False,
"vnetRouteAllEnabled": False,
"websocketsEnabled": False,
"workerCount": 0,
},
service_plan_id="string",
key_vault_reference_identity_id="string",
zip_deploy_file="string",
location="string",
client_certificate_exclusion_paths="string",
client_certificate_mode="string",
connection_strings=[{
"name": "string",
"type": "string",
"value": "string",
}],
content_share_force_disabled=False,
daily_memory_time_quota=0,
enabled=False,
ftp_publish_basic_authentication_enabled=False,
functions_extension_version="string",
https_only=False,
identity={
"type": "string",
"identityIds": ["string"],
"principalId": "string",
"tenantId": "string",
},
app_settings={
"string": "string",
},
client_certificate_enabled=False,
public_network_access_enabled=False,
builtin_logging_enabled=False,
backup={
"name": "string",
"schedule": {
"frequencyInterval": 0,
"frequencyUnit": "string",
"keepAtLeastOneBackup": False,
"lastExecutionTime": "string",
"retentionPeriodDays": 0,
"startTime": "string",
},
"storageAccountUrl": "string",
"enabled": False,
},
auth_settings_v2={
"login": {
"allowedExternalRedirectUrls": ["string"],
"cookieExpirationConvention": "string",
"cookieExpirationTime": "string",
"logoutEndpoint": "string",
"nonceExpirationTime": "string",
"preserveUrlFragmentsForLogins": False,
"tokenRefreshExtensionTime": 0,
"tokenStoreEnabled": False,
"tokenStorePath": "string",
"tokenStoreSasSettingName": "string",
"validateNonce": False,
},
"customOidcV2s": [{
"clientId": "string",
"name": "string",
"openidConfigurationEndpoint": "string",
"authorisationEndpoint": "string",
"certificationUri": "string",
"clientCredentialMethod": "string",
"clientSecretSettingName": "string",
"issuerEndpoint": "string",
"nameClaimType": "string",
"scopes": ["string"],
"tokenEndpoint": "string",
}],
"activeDirectoryV2": {
"clientId": "string",
"tenantAuthEndpoint": "string",
"allowedApplications": ["string"],
"allowedAudiences": ["string"],
"allowedGroups": ["string"],
"allowedIdentities": ["string"],
"clientSecretCertificateThumbprint": "string",
"clientSecretSettingName": "string",
"jwtAllowedClientApplications": ["string"],
"jwtAllowedGroups": ["string"],
"loginParameters": {
"string": "string",
},
"wwwAuthenticationDisabled": False,
},
"forwardProxyCustomSchemeHeaderName": "string",
"googleV2": {
"clientId": "string",
"clientSecretSettingName": "string",
"allowedAudiences": ["string"],
"loginScopes": ["string"],
},
"githubV2": {
"clientId": "string",
"clientSecretSettingName": "string",
"loginScopes": ["string"],
},
"defaultProvider": "string",
"excludedPaths": ["string"],
"facebookV2": {
"appId": "string",
"appSecretSettingName": "string",
"graphApiVersion": "string",
"loginScopes": ["string"],
},
"forwardProxyConvention": "string",
"forwardProxyCustomHostHeaderName": "string",
"azureStaticWebAppV2": {
"clientId": "string",
},
"authEnabled": False,
"configFilePath": "string",
"httpRouteApiPrefix": "string",
"appleV2": {
"clientId": "string",
"clientSecretSettingName": "string",
"loginScopes": ["string"],
},
"microsoftV2": {
"clientId": "string",
"clientSecretSettingName": "string",
"allowedAudiences": ["string"],
"loginScopes": ["string"],
},
"requireAuthentication": False,
"requireHttps": False,
"runtimeVersion": "string",
"twitterV2": {
"consumerKey": "string",
"consumerSecretSettingName": "string",
},
"unauthenticatedAction": "string",
},
auth_settings={
"enabled": False,
"github": {
"clientId": "string",
"clientSecret": "string",
"clientSecretSettingName": "string",
"oauthScopes": ["string"],
},
"issuer": "string",
"defaultProvider": "string",
"additionalLoginParameters": {
"string": "string",
},
"facebook": {
"appId": "string",
"appSecret": "string",
"appSecretSettingName": "string",
"oauthScopes": ["string"],
},
"activeDirectory": {
"clientId": "string",
"allowedAudiences": ["string"],
"clientSecret": "string",
"clientSecretSettingName": "string",
},
"google": {
"clientId": "string",
"clientSecret": "string",
"clientSecretSettingName": "string",
"oauthScopes": ["string"],
},
"allowedExternalRedirectUrls": ["string"],
"microsoft": {
"clientId": "string",
"clientSecret": "string",
"clientSecretSettingName": "string",
"oauthScopes": ["string"],
},
"runtimeVersion": "string",
"tokenRefreshExtensionHours": 0,
"tokenStoreEnabled": False,
"twitter": {
"consumerKey": "string",
"consumerSecret": "string",
"consumerSecretSettingName": "string",
},
"unauthenticatedClientAction": "string",
},
sticky_settings={
"appSettingNames": ["string"],
"connectionStringNames": ["string"],
},
storage_account_access_key="string",
storage_account_name="string",
storage_accounts=[{
"accessKey": "string",
"accountName": "string",
"name": "string",
"shareName": "string",
"type": "string",
"mountPath": "string",
}],
storage_key_vault_secret_id="string",
storage_uses_managed_identity=False,
tags={
"string": "string",
},
virtual_network_subnet_id="string",
vnet_image_pull_enabled=False,
webdeploy_publish_basic_authentication_enabled=False,
name="string")
const linuxFunctionAppResource = new azure.appservice.LinuxFunctionApp("linuxFunctionAppResource", {
resourceGroupName: "string",
siteConfig: {
alwaysOn: false,
apiDefinitionUrl: "string",
apiManagementApiId: "string",
appCommandLine: "string",
appScaleLimit: 0,
appServiceLogs: {
diskQuotaMb: 0,
retentionPeriodDays: 0,
},
applicationInsightsConnectionString: "string",
applicationInsightsKey: "string",
applicationStack: {
dockers: [{
imageName: "string",
imageTag: "string",
registryUrl: "string",
registryPassword: "string",
registryUsername: "string",
}],
dotnetVersion: "string",
javaVersion: "string",
nodeVersion: "string",
powershellCoreVersion: "string",
pythonVersion: "string",
useCustomRuntime: false,
useDotnetIsolatedRuntime: false,
},
containerRegistryManagedIdentityClientId: "string",
containerRegistryUseManagedIdentity: false,
cors: {
allowedOrigins: ["string"],
supportCredentials: false,
},
defaultDocuments: ["string"],
detailedErrorLoggingEnabled: false,
elasticInstanceMinimum: 0,
ftpsState: "string",
healthCheckEvictionTimeInMin: 0,
healthCheckPath: "string",
http2Enabled: false,
ipRestrictionDefaultAction: "string",
ipRestrictions: [{
action: "string",
description: "string",
headers: {
xAzureFdids: ["string"],
xFdHealthProbe: "string",
xForwardedFors: ["string"],
xForwardedHosts: ["string"],
},
ipAddress: "string",
name: "string",
priority: 0,
serviceTag: "string",
virtualNetworkSubnetId: "string",
}],
linuxFxVersion: "string",
loadBalancingMode: "string",
managedPipelineMode: "string",
minimumTlsVersion: "string",
preWarmedInstanceCount: 0,
remoteDebuggingEnabled: false,
remoteDebuggingVersion: "string",
runtimeScaleMonitoringEnabled: false,
scmIpRestrictionDefaultAction: "string",
scmIpRestrictions: [{
action: "string",
description: "string",
headers: {
xAzureFdids: ["string"],
xFdHealthProbe: "string",
xForwardedFors: ["string"],
xForwardedHosts: ["string"],
},
ipAddress: "string",
name: "string",
priority: 0,
serviceTag: "string",
virtualNetworkSubnetId: "string",
}],
scmMinimumTlsVersion: "string",
scmType: "string",
scmUseMainIpRestriction: false,
use32BitWorker: false,
vnetRouteAllEnabled: false,
websocketsEnabled: false,
workerCount: 0,
},
servicePlanId: "string",
keyVaultReferenceIdentityId: "string",
zipDeployFile: "string",
location: "string",
clientCertificateExclusionPaths: "string",
clientCertificateMode: "string",
connectionStrings: [{
name: "string",
type: "string",
value: "string",
}],
contentShareForceDisabled: false,
dailyMemoryTimeQuota: 0,
enabled: false,
ftpPublishBasicAuthenticationEnabled: false,
functionsExtensionVersion: "string",
httpsOnly: false,
identity: {
type: "string",
identityIds: ["string"],
principalId: "string",
tenantId: "string",
},
appSettings: {
string: "string",
},
clientCertificateEnabled: false,
publicNetworkAccessEnabled: false,
builtinLoggingEnabled: false,
backup: {
name: "string",
schedule: {
frequencyInterval: 0,
frequencyUnit: "string",
keepAtLeastOneBackup: false,
lastExecutionTime: "string",
retentionPeriodDays: 0,
startTime: "string",
},
storageAccountUrl: "string",
enabled: false,
},
authSettingsV2: {
login: {
allowedExternalRedirectUrls: ["string"],
cookieExpirationConvention: "string",
cookieExpirationTime: "string",
logoutEndpoint: "string",
nonceExpirationTime: "string",
preserveUrlFragmentsForLogins: false,
tokenRefreshExtensionTime: 0,
tokenStoreEnabled: false,
tokenStorePath: "string",
tokenStoreSasSettingName: "string",
validateNonce: false,
},
customOidcV2s: [{
clientId: "string",
name: "string",
openidConfigurationEndpoint: "string",
authorisationEndpoint: "string",
certificationUri: "string",
clientCredentialMethod: "string",
clientSecretSettingName: "string",
issuerEndpoint: "string",
nameClaimType: "string",
scopes: ["string"],
tokenEndpoint: "string",
}],
activeDirectoryV2: {
clientId: "string",
tenantAuthEndpoint: "string",
allowedApplications: ["string"],
allowedAudiences: ["string"],
allowedGroups: ["string"],
allowedIdentities: ["string"],
clientSecretCertificateThumbprint: "string",
clientSecretSettingName: "string",
jwtAllowedClientApplications: ["string"],
jwtAllowedGroups: ["string"],
loginParameters: {
string: "string",
},
wwwAuthenticationDisabled: false,
},
forwardProxyCustomSchemeHeaderName: "string",
googleV2: {
clientId: "string",
clientSecretSettingName: "string",
allowedAudiences: ["string"],
loginScopes: ["string"],
},
githubV2: {
clientId: "string",
clientSecretSettingName: "string",
loginScopes: ["string"],
},
defaultProvider: "string",
excludedPaths: ["string"],
facebookV2: {
appId: "string",
appSecretSettingName: "string",
graphApiVersion: "string",
loginScopes: ["string"],
},
forwardProxyConvention: "string",
forwardProxyCustomHostHeaderName: "string",
azureStaticWebAppV2: {
clientId: "string",
},
authEnabled: false,
configFilePath: "string",
httpRouteApiPrefix: "string",
appleV2: {
clientId: "string",
clientSecretSettingName: "string",
loginScopes: ["string"],
},
microsoftV2: {
clientId: "string",
clientSecretSettingName: "string",
allowedAudiences: ["string"],
loginScopes: ["string"],
},
requireAuthentication: false,
requireHttps: false,
runtimeVersion: "string",
twitterV2: {
consumerKey: "string",
consumerSecretSettingName: "string",
},
unauthenticatedAction: "string",
},
authSettings: {
enabled: false,
github: {
clientId: "string",
clientSecret: "string",
clientSecretSettingName: "string",
oauthScopes: ["string"],
},
issuer: "string",
defaultProvider: "string",
additionalLoginParameters: {
string: "string",
},
facebook: {
appId: "string",
appSecret: "string",
appSecretSettingName: "string",
oauthScopes: ["string"],
},
activeDirectory: {
clientId: "string",
allowedAudiences: ["string"],
clientSecret: "string",
clientSecretSettingName: "string",
},
google: {
clientId: "string",
clientSecret: "string",
clientSecretSettingName: "string",
oauthScopes: ["string"],
},
allowedExternalRedirectUrls: ["string"],
microsoft: {
clientId: "string",
clientSecret: "string",
clientSecretSettingName: "string",
oauthScopes: ["string"],
},
runtimeVersion: "string",
tokenRefreshExtensionHours: 0,
tokenStoreEnabled: false,
twitter: {
consumerKey: "string",
consumerSecret: "string",
consumerSecretSettingName: "string",
},
unauthenticatedClientAction: "string",
},
stickySettings: {
appSettingNames: ["string"],
connectionStringNames: ["string"],
},
storageAccountAccessKey: "string",
storageAccountName: "string",
storageAccounts: [{
accessKey: "string",
accountName: "string",
name: "string",
shareName: "string",
type: "string",
mountPath: "string",
}],
storageKeyVaultSecretId: "string",
storageUsesManagedIdentity: false,
tags: {
string: "string",
},
virtualNetworkSubnetId: "string",
vnetImagePullEnabled: false,
webdeployPublishBasicAuthenticationEnabled: false,
name: "string",
});
type: azure:appservice:LinuxFunctionApp
properties:
appSettings:
string: string
authSettings:
activeDirectory:
allowedAudiences:
- string
clientId: string
clientSecret: string
clientSecretSettingName: string
additionalLoginParameters:
string: string
allowedExternalRedirectUrls:
- string
defaultProvider: string
enabled: false
facebook:
appId: string
appSecret: string
appSecretSettingName: string
oauthScopes:
- string
github:
clientId: string
clientSecret: string
clientSecretSettingName: string
oauthScopes:
- string
google:
clientId: string
clientSecret: string
clientSecretSettingName: string
oauthScopes:
- string
issuer: string
microsoft:
clientId: string
clientSecret: string
clientSecretSettingName: string
oauthScopes:
- string
runtimeVersion: string
tokenRefreshExtensionHours: 0
tokenStoreEnabled: false
twitter:
consumerKey: string
consumerSecret: string
consumerSecretSettingName: string
unauthenticatedClientAction: string
authSettingsV2:
activeDirectoryV2:
allowedApplications:
- string
allowedAudiences:
- string
allowedGroups:
- string
allowedIdentities:
- string
clientId: string
clientSecretCertificateThumbprint: string
clientSecretSettingName: string
jwtAllowedClientApplications:
- string
jwtAllowedGroups:
- string
loginParameters:
string: string
tenantAuthEndpoint: string
wwwAuthenticationDisabled: false
appleV2:
clientId: string
clientSecretSettingName: string
loginScopes:
- string
authEnabled: false
azureStaticWebAppV2:
clientId: string
configFilePath: string
customOidcV2s:
- authorisationEndpoint: string
certificationUri: string
clientCredentialMethod: string
clientId: string
clientSecretSettingName: string
issuerEndpoint: string
name: string
nameClaimType: string
openidConfigurationEndpoint: string
scopes:
- string
tokenEndpoint: string
defaultProvider: string
excludedPaths:
- string
facebookV2:
appId: string
appSecretSettingName: string
graphApiVersion: string
loginScopes:
- string
forwardProxyConvention: string
forwardProxyCustomHostHeaderName: string
forwardProxyCustomSchemeHeaderName: string
githubV2:
clientId: string
clientSecretSettingName: string
loginScopes:
- string
googleV2:
allowedAudiences:
- string
clientId: string
clientSecretSettingName: string
loginScopes:
- string
httpRouteApiPrefix: string
login:
allowedExternalRedirectUrls:
- string
cookieExpirationConvention: string
cookieExpirationTime: string
logoutEndpoint: string
nonceExpirationTime: string
preserveUrlFragmentsForLogins: false
tokenRefreshExtensionTime: 0
tokenStoreEnabled: false
tokenStorePath: string
tokenStoreSasSettingName: string
validateNonce: false
microsoftV2:
allowedAudiences:
- string
clientId: string
clientSecretSettingName: string
loginScopes:
- string
requireAuthentication: false
requireHttps: false
runtimeVersion: string
twitterV2:
consumerKey: string
consumerSecretSettingName: string
unauthenticatedAction: string
backup:
enabled: false
name: string
schedule:
frequencyInterval: 0
frequencyUnit: string
keepAtLeastOneBackup: false
lastExecutionTime: string
retentionPeriodDays: 0
startTime: string
storageAccountUrl: string
builtinLoggingEnabled: false
clientCertificateEnabled: false
clientCertificateExclusionPaths: string
clientCertificateMode: string
connectionStrings:
- name: string
type: string
value: string
contentShareForceDisabled: false
dailyMemoryTimeQuota: 0
enabled: false
ftpPublishBasicAuthenticationEnabled: false
functionsExtensionVersion: string
httpsOnly: false
identity:
identityIds:
- string
principalId: string
tenantId: string
type: string
keyVaultReferenceIdentityId: string
location: string
name: string
publicNetworkAccessEnabled: false
resourceGroupName: string
servicePlanId: string
siteConfig:
alwaysOn: false
apiDefinitionUrl: string
apiManagementApiId: string
appCommandLine: string
appScaleLimit: 0
appServiceLogs:
diskQuotaMb: 0
retentionPeriodDays: 0
applicationInsightsConnectionString: string
applicationInsightsKey: string
applicationStack:
dockers:
- imageName: string
imageTag: string
registryPassword: string
registryUrl: string
registryUsername: string
dotnetVersion: string
javaVersion: string
nodeVersion: string
powershellCoreVersion: string
pythonVersion: string
useCustomRuntime: false
useDotnetIsolatedRuntime: false
containerRegistryManagedIdentityClientId: string
containerRegistryUseManagedIdentity: false
cors:
allowedOrigins:
- string
supportCredentials: false
defaultDocuments:
- string
detailedErrorLoggingEnabled: false
elasticInstanceMinimum: 0
ftpsState: string
healthCheckEvictionTimeInMin: 0
healthCheckPath: string
http2Enabled: false
ipRestrictionDefaultAction: string
ipRestrictions:
- action: string
description: string
headers:
xAzureFdids:
- string
xFdHealthProbe: string
xForwardedFors:
- string
xForwardedHosts:
- string
ipAddress: string
name: string
priority: 0
serviceTag: string
virtualNetworkSubnetId: string
linuxFxVersion: string
loadBalancingMode: string
managedPipelineMode: string
minimumTlsVersion: string
preWarmedInstanceCount: 0
remoteDebuggingEnabled: false
remoteDebuggingVersion: string
runtimeScaleMonitoringEnabled: false
scmIpRestrictionDefaultAction: string
scmIpRestrictions:
- action: string
description: string
headers:
xAzureFdids:
- string
xFdHealthProbe: string
xForwardedFors:
- string
xForwardedHosts:
- string
ipAddress: string
name: string
priority: 0
serviceTag: string
virtualNetworkSubnetId: string
scmMinimumTlsVersion: string
scmType: string
scmUseMainIpRestriction: false
use32BitWorker: false
vnetRouteAllEnabled: false
websocketsEnabled: false
workerCount: 0
stickySettings:
appSettingNames:
- string
connectionStringNames:
- string
storageAccountAccessKey: string
storageAccountName: string
storageAccounts:
- accessKey: string
accountName: string
mountPath: string
name: string
shareName: string
type: string
storageKeyVaultSecretId: string
storageUsesManagedIdentity: false
tags:
string: string
virtualNetworkSubnetId: string
vnetImagePullEnabled: false
webdeployPublishBasicAuthenticationEnabled: false
zipDeployFile: string
LinuxFunctionApp Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The LinuxFunctionApp resource accepts the following input properties:
- Resource
Group stringName - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- Service
Plan stringId - The ID of the App Service Plan within which to create this Function App.
- Site
Config LinuxFunction App Site Config - A
site_config
block as defined below. - App
Settings Dictionary<string, string> - A map of key-value pairs for App Settings and custom values.
- Auth
Settings LinuxFunction App Auth Settings - A
auth_settings
block as defined below. - Auth
Settings LinuxV2 Function App Auth Settings V2 - An
auth_settings_v2
block as defined below. - Backup
Linux
Function App Backup - A
backup
block as defined below. - Builtin
Logging boolEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - Client
Certificate boolEnabled - Should the function app use Client Certificates.
- Client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- Client
Certificate stringMode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - Connection
Strings List<LinuxFunction App Connection String> - One or more
connection_string
blocks as defined below. - bool
- Should the settings for linking the Function App to storage be suppressed.
- Daily
Memory intTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - Enabled bool
- Is the Function App enabled? Defaults to
true
. - Ftp
Publish boolBasic Authentication Enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - Functions
Extension stringVersion - The runtime version associated with the Function App. Defaults to
~4
. - Https
Only bool - Can the Function App only be accessed via HTTPS? Defaults to
false
. - Identity
Linux
Function App Identity - A
identity
block as defined below. - Key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - Location string
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- Name string
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- Public
Network boolAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - Sticky
Settings LinuxFunction App Sticky Settings - A
sticky_settings
block as defined below. - Storage
Account stringAccess Key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - Storage
Account stringName - The backend storage account name which will be used by this Function App.
- Storage
Accounts List<LinuxFunction App Storage Account> - One or more
storage_account
blocks as defined below. - Storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- Storage
Uses boolManaged Identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Dictionary<string, string>
- A mapping of tags which should be assigned to the Linux Function App.
- Virtual
Network stringSubnet Id - Vnet
Image boolPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - Webdeploy
Publish boolBasic Authentication Enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- Zip
Deploy stringFile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
- Resource
Group stringName - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- Service
Plan stringId - The ID of the App Service Plan within which to create this Function App.
- Site
Config LinuxFunction App Site Config Args - A
site_config
block as defined below. - App
Settings map[string]string - A map of key-value pairs for App Settings and custom values.
- Auth
Settings LinuxFunction App Auth Settings Args - A
auth_settings
block as defined below. - Auth
Settings LinuxV2 Function App Auth Settings V2Args - An
auth_settings_v2
block as defined below. - Backup
Linux
Function App Backup Args - A
backup
block as defined below. - Builtin
Logging boolEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - Client
Certificate boolEnabled - Should the function app use Client Certificates.
- Client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- Client
Certificate stringMode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - Connection
Strings []LinuxFunction App Connection String Args - One or more
connection_string
blocks as defined below. - bool
- Should the settings for linking the Function App to storage be suppressed.
- Daily
Memory intTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - Enabled bool
- Is the Function App enabled? Defaults to
true
. - Ftp
Publish boolBasic Authentication Enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - Functions
Extension stringVersion - The runtime version associated with the Function App. Defaults to
~4
. - Https
Only bool - Can the Function App only be accessed via HTTPS? Defaults to
false
. - Identity
Linux
Function App Identity Args - A
identity
block as defined below. - Key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - Location string
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- Name string
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- Public
Network boolAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - Sticky
Settings LinuxFunction App Sticky Settings Args - A
sticky_settings
block as defined below. - Storage
Account stringAccess Key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - Storage
Account stringName - The backend storage account name which will be used by this Function App.
- Storage
Accounts []LinuxFunction App Storage Account Args - One or more
storage_account
blocks as defined below. - Storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- Storage
Uses boolManaged Identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- map[string]string
- A mapping of tags which should be assigned to the Linux Function App.
- Virtual
Network stringSubnet Id - Vnet
Image boolPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - Webdeploy
Publish boolBasic Authentication Enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- Zip
Deploy stringFile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
- resource
Group StringName - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- service
Plan StringId - The ID of the App Service Plan within which to create this Function App.
- site
Config LinuxFunction App Site Config - A
site_config
block as defined below. - app
Settings Map<String,String> - A map of key-value pairs for App Settings and custom values.
- auth
Settings LinuxFunction App Auth Settings - A
auth_settings
block as defined below. - auth
Settings LinuxV2 Function App Auth Settings V2 - An
auth_settings_v2
block as defined below. - backup
Linux
Function App Backup - A
backup
block as defined below. - builtin
Logging BooleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate BooleanEnabled - Should the function app use Client Certificates.
- client
Certificate StringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate StringMode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings List<LinuxFunction App Connection String> - One or more
connection_string
blocks as defined below. - Boolean
- Should the settings for linking the Function App to storage be suppressed.
- daily
Memory IntegerTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - enabled Boolean
- Is the Function App enabled? Defaults to
true
. - ftp
Publish BooleanBasic Authentication Enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - functions
Extension StringVersion - The runtime version associated with the Function App. Defaults to
~4
. - https
Only Boolean - Can the Function App only be accessed via HTTPS? Defaults to
false
. - identity
Linux
Function App Identity - A
identity
block as defined below. - key
Vault StringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - location String
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- name String
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- public
Network BooleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - sticky
Settings LinuxFunction App Sticky Settings - A
sticky_settings
block as defined below. - storage
Account StringAccess Key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - storage
Account StringName - The backend storage account name which will be used by this Function App.
- storage
Accounts List<LinuxFunction App Storage Account> - One or more
storage_account
blocks as defined below. - storage
Key StringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses BooleanManaged Identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Map<String,String>
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network StringSubnet Id - vnet
Image BooleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish BooleanBasic Authentication Enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- zip
Deploy StringFile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
- resource
Group stringName - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- service
Plan stringId - The ID of the App Service Plan within which to create this Function App.
- site
Config LinuxFunction App Site Config - A
site_config
block as defined below. - app
Settings {[key: string]: string} - A map of key-value pairs for App Settings and custom values.
- auth
Settings LinuxFunction App Auth Settings - A
auth_settings
block as defined below. - auth
Settings LinuxV2 Function App Auth Settings V2 - An
auth_settings_v2
block as defined below. - backup
Linux
Function App Backup - A
backup
block as defined below. - builtin
Logging booleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate booleanEnabled - Should the function app use Client Certificates.
- client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate stringMode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings LinuxFunction App Connection String[] - One or more
connection_string
blocks as defined below. - boolean
- Should the settings for linking the Function App to storage be suppressed.
- daily
Memory numberTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - enabled boolean
- Is the Function App enabled? Defaults to
true
. - ftp
Publish booleanBasic Authentication Enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - functions
Extension stringVersion - The runtime version associated with the Function App. Defaults to
~4
. - https
Only boolean - Can the Function App only be accessed via HTTPS? Defaults to
false
. - identity
Linux
Function App Identity - A
identity
block as defined below. - key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - location string
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- name string
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- public
Network booleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - sticky
Settings LinuxFunction App Sticky Settings - A
sticky_settings
block as defined below. - storage
Account stringAccess Key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - storage
Account stringName - The backend storage account name which will be used by this Function App.
- storage
Accounts LinuxFunction App Storage Account[] - One or more
storage_account
blocks as defined below. - storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses booleanManaged Identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- {[key: string]: string}
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network stringSubnet Id - vnet
Image booleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish booleanBasic Authentication Enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- zip
Deploy stringFile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
- resource_
group_ strname - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- service_
plan_ strid - The ID of the App Service Plan within which to create this Function App.
- site_
config LinuxFunction App Site Config Args - A
site_config
block as defined below. - app_
settings Mapping[str, str] - A map of key-value pairs for App Settings and custom values.
- auth_
settings LinuxFunction App Auth Settings Args - A
auth_settings
block as defined below. - auth_
settings_ Linuxv2 Function App Auth Settings V2Args - An
auth_settings_v2
block as defined below. - backup
Linux
Function App Backup Args - A
backup
block as defined below. - builtin_
logging_ boolenabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client_
certificate_ boolenabled - Should the function app use Client Certificates.
- client_
certificate_ strexclusion_ paths - Paths to exclude when using client certificates, separated by ;
- client_
certificate_ strmode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection_
strings Sequence[LinuxFunction App Connection String Args] - One or more
connection_string
blocks as defined below. - bool
- Should the settings for linking the Function App to storage be suppressed.
- daily_
memory_ inttime_ quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - enabled bool
- Is the Function App enabled? Defaults to
true
. - ftp_
publish_ boolbasic_ authentication_ enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - functions_
extension_ strversion - The runtime version associated with the Function App. Defaults to
~4
. - https_
only bool - Can the Function App only be accessed via HTTPS? Defaults to
false
. - identity
Linux
Function App Identity Args - A
identity
block as defined below. - key_
vault_ strreference_ identity_ id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - location str
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- name str
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- public_
network_ boolaccess_ enabled - Should public network access be enabled for the Function App. Defaults to
true
. - sticky_
settings LinuxFunction App Sticky Settings Args - A
sticky_settings
block as defined below. - storage_
account_ straccess_ key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - storage_
account_ strname - The backend storage account name which will be used by this Function App.
- storage_
accounts Sequence[LinuxFunction App Storage Account Args] - One or more
storage_account
blocks as defined below. - storage_
key_ strvault_ secret_ id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage_
uses_ boolmanaged_ identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Mapping[str, str]
- A mapping of tags which should be assigned to the Linux Function App.
- virtual_
network_ strsubnet_ id - vnet_
image_ boolpull_ enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy_
publish_ boolbasic_ authentication_ enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- zip_
deploy_ strfile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
- resource
Group StringName - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- service
Plan StringId - The ID of the App Service Plan within which to create this Function App.
- site
Config Property Map - A
site_config
block as defined below. - app
Settings Map<String> - A map of key-value pairs for App Settings and custom values.
- auth
Settings Property Map - A
auth_settings
block as defined below. - auth
Settings Property MapV2 - An
auth_settings_v2
block as defined below. - backup Property Map
- A
backup
block as defined below. - builtin
Logging BooleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate BooleanEnabled - Should the function app use Client Certificates.
- client
Certificate StringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate StringMode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings List<Property Map> - One or more
connection_string
blocks as defined below. - Boolean
- Should the settings for linking the Function App to storage be suppressed.
- daily
Memory NumberTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - enabled Boolean
- Is the Function App enabled? Defaults to
true
. - ftp
Publish BooleanBasic Authentication Enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - functions
Extension StringVersion - The runtime version associated with the Function App. Defaults to
~4
. - https
Only Boolean - Can the Function App only be accessed via HTTPS? Defaults to
false
. - identity Property Map
- A
identity
block as defined below. - key
Vault StringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - location String
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- name String
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- public
Network BooleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - sticky
Settings Property Map - A
sticky_settings
block as defined below. - storage
Account StringAccess Key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - storage
Account StringName - The backend storage account name which will be used by this Function App.
- storage
Accounts List<Property Map> - One or more
storage_account
blocks as defined below. - storage
Key StringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses BooleanManaged Identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Map<String>
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network StringSubnet Id - vnet
Image BooleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish BooleanBasic Authentication Enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- zip
Deploy StringFile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
Outputs
All input properties are implicitly available as output properties. Additionally, the LinuxFunctionApp resource produces the following output properties:
- Custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- Default
Hostname string - The default hostname of the Linux Function App.
- Hosting
Environment stringId - The ID of the App Service Environment used by Function App.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kind string
- The Kind value for this Linux Function App.
- Outbound
Ip List<string>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- Outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - Possible
Outbound List<string>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - Possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - Site
Credentials List<LinuxFunction App Site Credential> - A
site_credential
block as defined below.
- Custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- Default
Hostname string - The default hostname of the Linux Function App.
- Hosting
Environment stringId - The ID of the App Service Environment used by Function App.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kind string
- The Kind value for this Linux Function App.
- Outbound
Ip []stringAddress Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- Outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - Possible
Outbound []stringIp Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - Possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - Site
Credentials []LinuxFunction App Site Credential - A
site_credential
block as defined below.
- custom
Domain StringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- default
Hostname String - The default hostname of the Linux Function App.
- hosting
Environment StringId - The ID of the App Service Environment used by Function App.
- id String
- The provider-assigned unique ID for this managed resource.
- kind String
- The Kind value for this Linux Function App.
- outbound
Ip List<String>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip StringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound List<String>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound StringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - site
Credentials List<LinuxFunction App Site Credential> - A
site_credential
block as defined below.
- custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- default
Hostname string - The default hostname of the Linux Function App.
- hosting
Environment stringId - The ID of the App Service Environment used by Function App.
- id string
- The provider-assigned unique ID for this managed resource.
- kind string
- The Kind value for this Linux Function App.
- outbound
Ip string[]Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound string[]Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - site
Credentials LinuxFunction App Site Credential[] - A
site_credential
block as defined below.
- custom_
domain_ strverification_ id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- default_
hostname str - The default hostname of the Linux Function App.
- hosting_
environment_ strid - The ID of the App Service Environment used by Function App.
- id str
- The provider-assigned unique ID for this managed resource.
- kind str
- The Kind value for this Linux Function App.
- outbound_
ip_ Sequence[str]address_ lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound_
ip_ straddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible_
outbound_ Sequence[str]ip_ address_ lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible_
outbound_ strip_ addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - site_
credentials Sequence[LinuxFunction App Site Credential] - A
site_credential
block as defined below.
- custom
Domain StringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- default
Hostname String - The default hostname of the Linux Function App.
- hosting
Environment StringId - The ID of the App Service Environment used by Function App.
- id String
- The provider-assigned unique ID for this managed resource.
- kind String
- The Kind value for this Linux Function App.
- outbound
Ip List<String>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip StringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound List<String>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound StringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - site
Credentials List<Property Map> - A
site_credential
block as defined below.
Look up Existing LinuxFunctionApp Resource
Get an existing LinuxFunctionApp resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: LinuxFunctionAppState, opts?: CustomResourceOptions): LinuxFunctionApp
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
app_settings: Optional[Mapping[str, str]] = None,
auth_settings: Optional[LinuxFunctionAppAuthSettingsArgs] = None,
auth_settings_v2: Optional[LinuxFunctionAppAuthSettingsV2Args] = None,
backup: Optional[LinuxFunctionAppBackupArgs] = None,
builtin_logging_enabled: Optional[bool] = None,
client_certificate_enabled: Optional[bool] = None,
client_certificate_exclusion_paths: Optional[str] = None,
client_certificate_mode: Optional[str] = None,
connection_strings: Optional[Sequence[LinuxFunctionAppConnectionStringArgs]] = None,
content_share_force_disabled: Optional[bool] = None,
custom_domain_verification_id: Optional[str] = None,
daily_memory_time_quota: Optional[int] = None,
default_hostname: Optional[str] = None,
enabled: Optional[bool] = None,
ftp_publish_basic_authentication_enabled: Optional[bool] = None,
functions_extension_version: Optional[str] = None,
hosting_environment_id: Optional[str] = None,
https_only: Optional[bool] = None,
identity: Optional[LinuxFunctionAppIdentityArgs] = None,
key_vault_reference_identity_id: Optional[str] = None,
kind: Optional[str] = None,
location: Optional[str] = None,
name: Optional[str] = None,
outbound_ip_address_lists: Optional[Sequence[str]] = None,
outbound_ip_addresses: Optional[str] = None,
possible_outbound_ip_address_lists: Optional[Sequence[str]] = None,
possible_outbound_ip_addresses: Optional[str] = None,
public_network_access_enabled: Optional[bool] = None,
resource_group_name: Optional[str] = None,
service_plan_id: Optional[str] = None,
site_config: Optional[LinuxFunctionAppSiteConfigArgs] = None,
site_credentials: Optional[Sequence[LinuxFunctionAppSiteCredentialArgs]] = None,
sticky_settings: Optional[LinuxFunctionAppStickySettingsArgs] = None,
storage_account_access_key: Optional[str] = None,
storage_account_name: Optional[str] = None,
storage_accounts: Optional[Sequence[LinuxFunctionAppStorageAccountArgs]] = None,
storage_key_vault_secret_id: Optional[str] = None,
storage_uses_managed_identity: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
virtual_network_subnet_id: Optional[str] = None,
vnet_image_pull_enabled: Optional[bool] = None,
webdeploy_publish_basic_authentication_enabled: Optional[bool] = None,
zip_deploy_file: Optional[str] = None) -> LinuxFunctionApp
func GetLinuxFunctionApp(ctx *Context, name string, id IDInput, state *LinuxFunctionAppState, opts ...ResourceOption) (*LinuxFunctionApp, error)
public static LinuxFunctionApp Get(string name, Input<string> id, LinuxFunctionAppState? state, CustomResourceOptions? opts = null)
public static LinuxFunctionApp get(String name, Output<String> id, LinuxFunctionAppState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- App
Settings Dictionary<string, string> - A map of key-value pairs for App Settings and custom values.
- Auth
Settings LinuxFunction App Auth Settings - A
auth_settings
block as defined below. - Auth
Settings LinuxV2 Function App Auth Settings V2 - An
auth_settings_v2
block as defined below. - Backup
Linux
Function App Backup - A
backup
block as defined below. - Builtin
Logging boolEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - Client
Certificate boolEnabled - Should the function app use Client Certificates.
- Client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- Client
Certificate stringMode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - Connection
Strings List<LinuxFunction App Connection String> - One or more
connection_string
blocks as defined below. - bool
- Should the settings for linking the Function App to storage be suppressed.
- Custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- Daily
Memory intTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - Default
Hostname string - The default hostname of the Linux Function App.
- Enabled bool
- Is the Function App enabled? Defaults to
true
. - Ftp
Publish boolBasic Authentication Enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - Functions
Extension stringVersion - The runtime version associated with the Function App. Defaults to
~4
. - Hosting
Environment stringId - The ID of the App Service Environment used by Function App.
- Https
Only bool - Can the Function App only be accessed via HTTPS? Defaults to
false
. - Identity
Linux
Function App Identity - A
identity
block as defined below. - Key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - Kind string
- The Kind value for this Linux Function App.
- Location string
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- Name string
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- Outbound
Ip List<string>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- Outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - Possible
Outbound List<string>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - Possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - Public
Network boolAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - Resource
Group stringName - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- Service
Plan stringId - The ID of the App Service Plan within which to create this Function App.
- Site
Config LinuxFunction App Site Config - A
site_config
block as defined below. - Site
Credentials List<LinuxFunction App Site Credential> - A
site_credential
block as defined below. - Sticky
Settings LinuxFunction App Sticky Settings - A
sticky_settings
block as defined below. - Storage
Account stringAccess Key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - Storage
Account stringName - The backend storage account name which will be used by this Function App.
- Storage
Accounts List<LinuxFunction App Storage Account> - One or more
storage_account
blocks as defined below. - Storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- Storage
Uses boolManaged Identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Dictionary<string, string>
- A mapping of tags which should be assigned to the Linux Function App.
- Virtual
Network stringSubnet Id - Vnet
Image boolPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - Webdeploy
Publish boolBasic Authentication Enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- Zip
Deploy stringFile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
- App
Settings map[string]string - A map of key-value pairs for App Settings and custom values.
- Auth
Settings LinuxFunction App Auth Settings Args - A
auth_settings
block as defined below. - Auth
Settings LinuxV2 Function App Auth Settings V2Args - An
auth_settings_v2
block as defined below. - Backup
Linux
Function App Backup Args - A
backup
block as defined below. - Builtin
Logging boolEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - Client
Certificate boolEnabled - Should the function app use Client Certificates.
- Client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- Client
Certificate stringMode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - Connection
Strings []LinuxFunction App Connection String Args - One or more
connection_string
blocks as defined below. - bool
- Should the settings for linking the Function App to storage be suppressed.
- Custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- Daily
Memory intTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - Default
Hostname string - The default hostname of the Linux Function App.
- Enabled bool
- Is the Function App enabled? Defaults to
true
. - Ftp
Publish boolBasic Authentication Enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - Functions
Extension stringVersion - The runtime version associated with the Function App. Defaults to
~4
. - Hosting
Environment stringId - The ID of the App Service Environment used by Function App.
- Https
Only bool - Can the Function App only be accessed via HTTPS? Defaults to
false
. - Identity
Linux
Function App Identity Args - A
identity
block as defined below. - Key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - Kind string
- The Kind value for this Linux Function App.
- Location string
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- Name string
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- Outbound
Ip []stringAddress Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- Outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - Possible
Outbound []stringIp Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - Possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - Public
Network boolAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - Resource
Group stringName - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- Service
Plan stringId - The ID of the App Service Plan within which to create this Function App.
- Site
Config LinuxFunction App Site Config Args - A
site_config
block as defined below. - Site
Credentials []LinuxFunction App Site Credential Args - A
site_credential
block as defined below. - Sticky
Settings LinuxFunction App Sticky Settings Args - A
sticky_settings
block as defined below. - Storage
Account stringAccess Key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - Storage
Account stringName - The backend storage account name which will be used by this Function App.
- Storage
Accounts []LinuxFunction App Storage Account Args - One or more
storage_account
blocks as defined below. - Storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- Storage
Uses boolManaged Identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- map[string]string
- A mapping of tags which should be assigned to the Linux Function App.
- Virtual
Network stringSubnet Id - Vnet
Image boolPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - Webdeploy
Publish boolBasic Authentication Enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- Zip
Deploy stringFile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
- app
Settings Map<String,String> - A map of key-value pairs for App Settings and custom values.
- auth
Settings LinuxFunction App Auth Settings - A
auth_settings
block as defined below. - auth
Settings LinuxV2 Function App Auth Settings V2 - An
auth_settings_v2
block as defined below. - backup
Linux
Function App Backup - A
backup
block as defined below. - builtin
Logging BooleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate BooleanEnabled - Should the function app use Client Certificates.
- client
Certificate StringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate StringMode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings List<LinuxFunction App Connection String> - One or more
connection_string
blocks as defined below. - Boolean
- Should the settings for linking the Function App to storage be suppressed.
- custom
Domain StringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- daily
Memory IntegerTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - default
Hostname String - The default hostname of the Linux Function App.
- enabled Boolean
- Is the Function App enabled? Defaults to
true
. - ftp
Publish BooleanBasic Authentication Enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - functions
Extension StringVersion - The runtime version associated with the Function App. Defaults to
~4
. - hosting
Environment StringId - The ID of the App Service Environment used by Function App.
- https
Only Boolean - Can the Function App only be accessed via HTTPS? Defaults to
false
. - identity
Linux
Function App Identity - A
identity
block as defined below. - key
Vault StringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - kind String
- The Kind value for this Linux Function App.
- location String
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- name String
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- outbound
Ip List<String>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip StringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound List<String>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound StringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - public
Network BooleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - resource
Group StringName - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- service
Plan StringId - The ID of the App Service Plan within which to create this Function App.
- site
Config LinuxFunction App Site Config - A
site_config
block as defined below. - site
Credentials List<LinuxFunction App Site Credential> - A
site_credential
block as defined below. - sticky
Settings LinuxFunction App Sticky Settings - A
sticky_settings
block as defined below. - storage
Account StringAccess Key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - storage
Account StringName - The backend storage account name which will be used by this Function App.
- storage
Accounts List<LinuxFunction App Storage Account> - One or more
storage_account
blocks as defined below. - storage
Key StringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses BooleanManaged Identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Map<String,String>
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network StringSubnet Id - vnet
Image BooleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish BooleanBasic Authentication Enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- zip
Deploy StringFile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
- app
Settings {[key: string]: string} - A map of key-value pairs for App Settings and custom values.
- auth
Settings LinuxFunction App Auth Settings - A
auth_settings
block as defined below. - auth
Settings LinuxV2 Function App Auth Settings V2 - An
auth_settings_v2
block as defined below. - backup
Linux
Function App Backup - A
backup
block as defined below. - builtin
Logging booleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate booleanEnabled - Should the function app use Client Certificates.
- client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate stringMode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings LinuxFunction App Connection String[] - One or more
connection_string
blocks as defined below. - boolean
- Should the settings for linking the Function App to storage be suppressed.
- custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- daily
Memory numberTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - default
Hostname string - The default hostname of the Linux Function App.
- enabled boolean
- Is the Function App enabled? Defaults to
true
. - ftp
Publish booleanBasic Authentication Enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - functions
Extension stringVersion - The runtime version associated with the Function App. Defaults to
~4
. - hosting
Environment stringId - The ID of the App Service Environment used by Function App.
- https
Only boolean - Can the Function App only be accessed via HTTPS? Defaults to
false
. - identity
Linux
Function App Identity - A
identity
block as defined below. - key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - kind string
- The Kind value for this Linux Function App.
- location string
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- name string
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- outbound
Ip string[]Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound string[]Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - public
Network booleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - resource
Group stringName - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- service
Plan stringId - The ID of the App Service Plan within which to create this Function App.
- site
Config LinuxFunction App Site Config - A
site_config
block as defined below. - site
Credentials LinuxFunction App Site Credential[] - A
site_credential
block as defined below. - sticky
Settings LinuxFunction App Sticky Settings - A
sticky_settings
block as defined below. - storage
Account stringAccess Key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - storage
Account stringName - The backend storage account name which will be used by this Function App.
- storage
Accounts LinuxFunction App Storage Account[] - One or more
storage_account
blocks as defined below. - storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses booleanManaged Identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- {[key: string]: string}
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network stringSubnet Id - vnet
Image booleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish booleanBasic Authentication Enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- zip
Deploy stringFile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
- app_
settings Mapping[str, str] - A map of key-value pairs for App Settings and custom values.
- auth_
settings LinuxFunction App Auth Settings Args - A
auth_settings
block as defined below. - auth_
settings_ Linuxv2 Function App Auth Settings V2Args - An
auth_settings_v2
block as defined below. - backup
Linux
Function App Backup Args - A
backup
block as defined below. - builtin_
logging_ boolenabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client_
certificate_ boolenabled - Should the function app use Client Certificates.
- client_
certificate_ strexclusion_ paths - Paths to exclude when using client certificates, separated by ;
- client_
certificate_ strmode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection_
strings Sequence[LinuxFunction App Connection String Args] - One or more
connection_string
blocks as defined below. - bool
- Should the settings for linking the Function App to storage be suppressed.
- custom_
domain_ strverification_ id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- daily_
memory_ inttime_ quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - default_
hostname str - The default hostname of the Linux Function App.
- enabled bool
- Is the Function App enabled? Defaults to
true
. - ftp_
publish_ boolbasic_ authentication_ enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - functions_
extension_ strversion - The runtime version associated with the Function App. Defaults to
~4
. - hosting_
environment_ strid - The ID of the App Service Environment used by Function App.
- https_
only bool - Can the Function App only be accessed via HTTPS? Defaults to
false
. - identity
Linux
Function App Identity Args - A
identity
block as defined below. - key_
vault_ strreference_ identity_ id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - kind str
- The Kind value for this Linux Function App.
- location str
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- name str
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- outbound_
ip_ Sequence[str]address_ lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound_
ip_ straddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible_
outbound_ Sequence[str]ip_ address_ lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible_
outbound_ strip_ addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - public_
network_ boolaccess_ enabled - Should public network access be enabled for the Function App. Defaults to
true
. - resource_
group_ strname - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- service_
plan_ strid - The ID of the App Service Plan within which to create this Function App.
- site_
config LinuxFunction App Site Config Args - A
site_config
block as defined below. - site_
credentials Sequence[LinuxFunction App Site Credential Args] - A
site_credential
block as defined below. - sticky_
settings LinuxFunction App Sticky Settings Args - A
sticky_settings
block as defined below. - storage_
account_ straccess_ key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - storage_
account_ strname - The backend storage account name which will be used by this Function App.
- storage_
accounts Sequence[LinuxFunction App Storage Account Args] - One or more
storage_account
blocks as defined below. - storage_
key_ strvault_ secret_ id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage_
uses_ boolmanaged_ identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Mapping[str, str]
- A mapping of tags which should be assigned to the Linux Function App.
- virtual_
network_ strsubnet_ id - vnet_
image_ boolpull_ enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy_
publish_ boolbasic_ authentication_ enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- zip_
deploy_ strfile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
- app
Settings Map<String> - A map of key-value pairs for App Settings and custom values.
- auth
Settings Property Map - A
auth_settings
block as defined below. - auth
Settings Property MapV2 - An
auth_settings_v2
block as defined below. - backup Property Map
- A
backup
block as defined below. - builtin
Logging BooleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate BooleanEnabled - Should the function app use Client Certificates.
- client
Certificate StringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate StringMode - The mode of the Function App's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings List<Property Map> - One or more
connection_string
blocks as defined below. - Boolean
- Should the settings for linking the Function App to storage be suppressed.
- custom
Domain StringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- daily
Memory NumberTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to
0
. - default
Hostname String - The default hostname of the Linux Function App.
- enabled Boolean
- Is the Function App enabled? Defaults to
true
. - ftp
Publish BooleanBasic Authentication Enabled - Should the default FTP Basic Authentication publishing profile be enabled. Defaults to
true
. - functions
Extension StringVersion - The runtime version associated with the Function App. Defaults to
~4
. - hosting
Environment StringId - The ID of the App Service Environment used by Function App.
- https
Only Boolean - Can the Function App only be accessed via HTTPS? Defaults to
false
. - identity Property Map
- A
identity
block as defined below. - key
Vault StringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - kind String
- The Kind value for this Linux Function App.
- location String
- The Azure Region where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- name String
- The name which should be used for this Linux Function App. Changing this forces a new Linux Function App to be created. Limit the function name to 32 characters to avoid naming collisions. For more information about Function App naming rule and Host ID Collisions
- outbound
Ip List<String>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip StringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound List<String>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound StringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. - public
Network BooleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - resource
Group StringName - The name of the Resource Group where the Linux Function App should exist. Changing this forces a new Linux Function App to be created.
- service
Plan StringId - The ID of the App Service Plan within which to create this Function App.
- site
Config Property Map - A
site_config
block as defined below. - site
Credentials List<Property Map> - A
site_credential
block as defined below. - sticky
Settings Property Map - A
sticky_settings
block as defined below. - storage
Account StringAccess Key - The access key which will be used to access the backend storage account for the Function App. Conflicts with
storage_uses_managed_identity
. - storage
Account StringName - The backend storage account name which will be used by this Function App.
- storage
Accounts List<Property Map> - One or more
storage_account
blocks as defined below. - storage
Key StringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses BooleanManaged Identity Should the Function App use Managed Identity to access the storage account. Conflicts with
storage_account_access_key
.NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Map<String>
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network StringSubnet Id - vnet
Image BooleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish BooleanBasic Authentication Enabled Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.NOTE: Setting this value to true will disable the ability to use
zip_deploy_file
which currently relies on the default publishing profile.- zip
Deploy StringFile The local path and filename of the Zip packaged application to deploy to this Linux Function App.
Note: Using this value requires either
WEBSITE_RUN_FROM_PACKAGE=1
orSCM_DO_BUILD_DURING_DEPLOYMENT=true
to be set on the App inapp_settings
. Refer to the Azure docs for further details.
Supporting Types
LinuxFunctionAppAuthSettings, LinuxFunctionAppAuthSettingsArgs
- Enabled bool
- Should the Authentication / Authorization feature be enabled for the Linux Web App?
- Active
Directory LinuxFunction App Auth Settings Active Directory - An
active_directory
block as defined above. - Additional
Login Dictionary<string, string>Parameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- Allowed
External List<string>Redirect Urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Linux Web App.
- Default
Provider string The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- Facebook
Linux
Function App Auth Settings Facebook - A
facebook
block as defined below. - Github
Linux
Function App Auth Settings Github - A
github
block as defined below. - Google
Linux
Function App Auth Settings Google - A
google
block as defined below. - Issuer string
The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Linux Web App.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- Microsoft
Linux
Function App Auth Settings Microsoft - A
microsoft
block as defined below. - Runtime
Version string - The RuntimeVersion of the Authentication / Authorization feature in use for the Linux Web App.
- Token
Refresh doubleExtension Hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - Token
Store boolEnabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - Twitter
Linux
Function App Auth Settings Twitter - A
twitter
block as defined below. - Unauthenticated
Client stringAction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
- Enabled bool
- Should the Authentication / Authorization feature be enabled for the Linux Web App?
- Active
Directory LinuxFunction App Auth Settings Active Directory - An
active_directory
block as defined above. - Additional
Login map[string]stringParameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- Allowed
External []stringRedirect Urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Linux Web App.
- Default
Provider string The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- Facebook
Linux
Function App Auth Settings Facebook - A
facebook
block as defined below. - Github
Linux
Function App Auth Settings Github - A
github
block as defined below. - Google
Linux
Function App Auth Settings Google - A
google
block as defined below. - Issuer string
The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Linux Web App.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- Microsoft
Linux
Function App Auth Settings Microsoft - A
microsoft
block as defined below. - Runtime
Version string - The RuntimeVersion of the Authentication / Authorization feature in use for the Linux Web App.
- Token
Refresh float64Extension Hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - Token
Store boolEnabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - Twitter
Linux
Function App Auth Settings Twitter - A
twitter
block as defined below. - Unauthenticated
Client stringAction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
- enabled Boolean
- Should the Authentication / Authorization feature be enabled for the Linux Web App?
- active
Directory LinuxFunction App Auth Settings Active Directory - An
active_directory
block as defined above. - additional
Login Map<String,String>Parameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- allowed
External List<String>Redirect Urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Linux Web App.
- default
Provider String The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- facebook
Linux
Function App Auth Settings Facebook - A
facebook
block as defined below. - github
Linux
Function App Auth Settings Github - A
github
block as defined below. - google
Linux
Function App Auth Settings Google - A
google
block as defined below. - issuer String
The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Linux Web App.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- microsoft
Linux
Function App Auth Settings Microsoft - A
microsoft
block as defined below. - runtime
Version String - The RuntimeVersion of the Authentication / Authorization feature in use for the Linux Web App.
- token
Refresh DoubleExtension Hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token
Store BooleanEnabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - twitter
Linux
Function App Auth Settings Twitter - A
twitter
block as defined below. - unauthenticated
Client StringAction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
- enabled boolean
- Should the Authentication / Authorization feature be enabled for the Linux Web App?
- active
Directory LinuxFunction App Auth Settings Active Directory - An
active_directory
block as defined above. - additional
Login {[key: string]: string}Parameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- allowed
External string[]Redirect Urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Linux Web App.
- default
Provider string The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- facebook
Linux
Function App Auth Settings Facebook - A
facebook
block as defined below. - github
Linux
Function App Auth Settings Github - A
github
block as defined below. - google
Linux
Function App Auth Settings Google - A
google
block as defined below. - issuer string
The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Linux Web App.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- microsoft
Linux
Function App Auth Settings Microsoft - A
microsoft
block as defined below. - runtime
Version string - The RuntimeVersion of the Authentication / Authorization feature in use for the Linux Web App.
- token
Refresh numberExtension Hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token
Store booleanEnabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - twitter
Linux
Function App Auth Settings Twitter - A
twitter
block as defined below. - unauthenticated
Client stringAction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
- enabled bool
- Should the Authentication / Authorization feature be enabled for the Linux Web App?
- active_
directory LinuxFunction App Auth Settings Active Directory - An
active_directory
block as defined above. - additional_
login_ Mapping[str, str]parameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- allowed_
external_ Sequence[str]redirect_ urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Linux Web App.
- default_
provider str The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- facebook
Linux
Function App Auth Settings Facebook - A
facebook
block as defined below. - github
Linux
Function App Auth Settings Github - A
github
block as defined below. - google
Linux
Function App Auth Settings Google - A
google
block as defined below. - issuer str
The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Linux Web App.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- microsoft
Linux
Function App Auth Settings Microsoft - A
microsoft
block as defined below. - runtime_
version str - The RuntimeVersion of the Authentication / Authorization feature in use for the Linux Web App.
- token_
refresh_ floatextension_ hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token_
store_ boolenabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - twitter
Linux
Function App Auth Settings Twitter - A
twitter
block as defined below. - unauthenticated_
client_ straction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
- enabled Boolean
- Should the Authentication / Authorization feature be enabled for the Linux Web App?
- active
Directory Property Map - An
active_directory
block as defined above. - additional
Login Map<String>Parameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- allowed
External List<String>Redirect Urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Linux Web App.
- default
Provider String The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- facebook Property Map
- A
facebook
block as defined below. - github Property Map
- A
github
block as defined below. - google Property Map
- A
google
block as defined below. - issuer String
The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Linux Web App.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- microsoft Property Map
- A
microsoft
block as defined below. - runtime
Version String - The RuntimeVersion of the Authentication / Authorization feature in use for the Linux Web App.
- token
Refresh NumberExtension Hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token
Store BooleanEnabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - twitter Property Map
- A
twitter
block as defined below. - unauthenticated
Client StringAction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
LinuxFunctionAppAuthSettingsActiveDirectory, LinuxFunctionAppAuthSettingsActiveDirectoryArgs
- Client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- Allowed
Audiences List<string> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- Client
Secret string - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - Client
Secret stringSetting Name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
- Client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- Allowed
Audiences []string Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- Client
Secret string - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - Client
Secret stringSetting Name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
- client
Id String - The ID of the Client to use to authenticate with Azure Active Directory.
- allowed
Audiences List<String> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- client
Secret String - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - client
Secret StringSetting Name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
- client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- allowed
Audiences string[] Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- client
Secret string - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - client
Secret stringSetting Name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
- client_
id str - The ID of the Client to use to authenticate with Azure Active Directory.
- allowed_
audiences Sequence[str] Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- client_
secret str - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - client_
secret_ strsetting_ name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
- client
Id String - The ID of the Client to use to authenticate with Azure Active Directory.
- allowed
Audiences List<String> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- client
Secret String - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - client
Secret StringSetting Name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
LinuxFunctionAppAuthSettingsFacebook, LinuxFunctionAppAuthSettingsFacebookArgs
- App
Id string - The App ID of the Facebook app used for login.
- App
Secret string - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - App
Secret stringSetting Name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - Oauth
Scopes List<string> - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
- App
Id string - The App ID of the Facebook app used for login.
- App
Secret string - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - App
Secret stringSetting Name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - Oauth
Scopes []string - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
- app
Id String - The App ID of the Facebook app used for login.
- app
Secret String - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - app
Secret StringSetting Name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
- app
Id string - The App ID of the Facebook app used for login.
- app
Secret string - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - app
Secret stringSetting Name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - oauth
Scopes string[] - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
- app_
id str - The App ID of the Facebook app used for login.
- app_
secret str - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - app_
secret_ strsetting_ name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - oauth_
scopes Sequence[str] - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
- app
Id String - The App ID of the Facebook app used for login.
- app
Secret String - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - app
Secret StringSetting Name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
LinuxFunctionAppAuthSettingsGithub, LinuxFunctionAppAuthSettingsGithubArgs
- Client
Id string - The ID of the GitHub app used for login.
- Client
Secret string - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - Oauth
Scopes List<string> - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
- Client
Id string - The ID of the GitHub app used for login.
- Client
Secret string - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - Oauth
Scopes []string - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
- client
Id String - The ID of the GitHub app used for login.
- client
Secret String - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
- client
Id string - The ID of the GitHub app used for login.
- client
Secret string - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - oauth
Scopes string[] - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
- client_
id str - The ID of the GitHub app used for login.
- client_
secret str - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - client_
secret_ strsetting_ name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - oauth_
scopes Sequence[str] - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
- client
Id String - The ID of the GitHub app used for login.
- client
Secret String - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
LinuxFunctionAppAuthSettingsGoogle, LinuxFunctionAppAuthSettingsGoogleArgs
- Client
Id string - The OpenID Connect Client ID for the Google web application.
- Client
Secret string - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - Oauth
Scopes List<string> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
- Client
Id string - The OpenID Connect Client ID for the Google web application.
- Client
Secret string - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - Oauth
Scopes []string - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
- client
Id String - The OpenID Connect Client ID for the Google web application.
- client
Secret String - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
- client
Id string - The OpenID Connect Client ID for the Google web application.
- client
Secret string - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - oauth
Scopes string[] - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
- client_
id str - The OpenID Connect Client ID for the Google web application.
- client_
secret str - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - client_
secret_ strsetting_ name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - oauth_
scopes Sequence[str] - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
- client
Id String - The OpenID Connect Client ID for the Google web application.
- client
Secret String - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
LinuxFunctionAppAuthSettingsMicrosoft, LinuxFunctionAppAuthSettingsMicrosoftArgs
- Client
Id string - The OAuth 2.0 client ID that was created for the app used for authentication.
- Client
Secret string - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - Oauth
Scopes List<string> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
- Client
Id string - The OAuth 2.0 client ID that was created for the app used for authentication.
- Client
Secret string - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - Oauth
Scopes []string - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
- client
Id String - The OAuth 2.0 client ID that was created for the app used for authentication.
- client
Secret String - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
- client
Id string - The OAuth 2.0 client ID that was created for the app used for authentication.
- client
Secret string - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - client
Secret stringSetting Name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - oauth
Scopes string[] - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
- client_
id str - The OAuth 2.0 client ID that was created for the app used for authentication.
- client_
secret str - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - client_
secret_ strsetting_ name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - oauth_
scopes Sequence[str] - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
- client
Id String - The OAuth 2.0 client ID that was created for the app used for authentication.
- client
Secret String - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
LinuxFunctionAppAuthSettingsTwitter, LinuxFunctionAppAuthSettingsTwitterArgs
- Consumer
Key string - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- Consumer
Secret string - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - Consumer
Secret stringSetting Name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
- Consumer
Key string - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- Consumer
Secret string - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - Consumer
Secret stringSetting Name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
- consumer
Key String - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- consumer
Secret String - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - consumer
Secret StringSetting Name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
- consumer
Key string - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- consumer
Secret string - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - consumer
Secret stringSetting Name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
- consumer_
key str - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- consumer_
secret str - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - consumer_
secret_ strsetting_ name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
- consumer
Key String - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- consumer
Secret String - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - consumer
Secret StringSetting Name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
LinuxFunctionAppAuthSettingsV2, LinuxFunctionAppAuthSettingsV2Args
- Login
Linux
Function App Auth Settings V2Login - A
login
block as defined below. - Active
Directory LinuxV2 Function App Auth Settings V2Active Directory V2 - An
active_directory_v2
block as defined below. - Apple
V2 LinuxFunction App Auth Settings V2Apple V2 - An
apple_v2
block as defined below. - Auth
Enabled bool - Should the AuthV2 Settings be enabled. Defaults to
false
. - Azure
Static LinuxWeb App V2 Function App Auth Settings V2Azure Static Web App V2 - An
azure_static_web_app_v2
block as defined below. - Config
File stringPath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- Custom
Oidc List<LinuxV2s Function App Auth Settings V2Custom Oidc V2> - Zero or more
custom_oidc_v2
blocks as defined below. - Default
Provider string The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- Excluded
Paths List<string> The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- Facebook
V2 LinuxFunction App Auth Settings V2Facebook V2 - A
facebook_v2
block as defined below. - Forward
Proxy stringConvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - Forward
Proxy stringCustom Host Header Name - The name of the custom header containing the host of the request.
- Forward
Proxy stringCustom Scheme Header Name - The name of the custom header containing the scheme of the request.
- Github
V2 LinuxFunction App Auth Settings V2Github V2 - A
github_v2
block as defined below. - Google
V2 LinuxFunction App Auth Settings V2Google V2 - A
google_v2
block as defined below. - Http
Route stringApi Prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - Microsoft
V2 LinuxFunction App Auth Settings V2Microsoft V2 - A
microsoft_v2
block as defined below. - Require
Authentication bool - Should the authentication flow be used for all requests.
- Require
Https bool - Should HTTPS be required on connections? Defaults to
true
. - Runtime
Version string - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - Twitter
V2 LinuxFunction App Auth Settings V2Twitter V2 - A
twitter_v2
block as defined below. - Unauthenticated
Action string - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
- Login
Linux
Function App Auth Settings V2Login - A
login
block as defined below. - Active
Directory LinuxV2 Function App Auth Settings V2Active Directory V2 - An
active_directory_v2
block as defined below. - Apple
V2 LinuxFunction App Auth Settings V2Apple V2 - An
apple_v2
block as defined below. - Auth
Enabled bool - Should the AuthV2 Settings be enabled. Defaults to
false
. - Azure
Static LinuxWeb App V2 Function App Auth Settings V2Azure Static Web App V2 - An
azure_static_web_app_v2
block as defined below. - Config
File stringPath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- Custom
Oidc []LinuxV2s Function App Auth Settings V2Custom Oidc V2 - Zero or more
custom_oidc_v2
blocks as defined below. - Default
Provider string The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- Excluded
Paths []string The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- Facebook
V2 LinuxFunction App Auth Settings V2Facebook V2 - A
facebook_v2
block as defined below. - Forward
Proxy stringConvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - Forward
Proxy stringCustom Host Header Name - The name of the custom header containing the host of the request.
- Forward
Proxy stringCustom Scheme Header Name - The name of the custom header containing the scheme of the request.
- Github
V2 LinuxFunction App Auth Settings V2Github V2 - A
github_v2
block as defined below. - Google
V2 LinuxFunction App Auth Settings V2Google V2 - A
google_v2
block as defined below. - Http
Route stringApi Prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - Microsoft
V2 LinuxFunction App Auth Settings V2Microsoft V2 - A
microsoft_v2
block as defined below. - Require
Authentication bool - Should the authentication flow be used for all requests.
- Require
Https bool - Should HTTPS be required on connections? Defaults to
true
. - Runtime
Version string - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - Twitter
V2 LinuxFunction App Auth Settings V2Twitter V2 - A
twitter_v2
block as defined below. - Unauthenticated
Action string - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
- login
Linux
Function App Auth Settings V2Login - A
login
block as defined below. - active
Directory LinuxV2 Function App Auth Settings V2Active Directory V2 - An
active_directory_v2
block as defined below. - apple
V2 LinuxFunction App Auth Settings V2Apple V2 - An
apple_v2
block as defined below. - auth
Enabled Boolean - Should the AuthV2 Settings be enabled. Defaults to
false
. - azure
Static LinuxWeb App V2 Function App Auth Settings V2Azure Static Web App V2 - An
azure_static_web_app_v2
block as defined below. - config
File StringPath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- custom
Oidc List<LinuxV2s Function App Auth Settings V2Custom Oidc V2> - Zero or more
custom_oidc_v2
blocks as defined below. - default
Provider String The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- excluded
Paths List<String> The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- facebook
V2 LinuxFunction App Auth Settings V2Facebook V2 - A
facebook_v2
block as defined below. - forward
Proxy StringConvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - forward
Proxy StringCustom Host Header Name - The name of the custom header containing the host of the request.
- forward
Proxy StringCustom Scheme Header Name - The name of the custom header containing the scheme of the request.
- github
V2 LinuxFunction App Auth Settings V2Github V2 - A
github_v2
block as defined below. - google
V2 LinuxFunction App Auth Settings V2Google V2 - A
google_v2
block as defined below. - http
Route StringApi Prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - microsoft
V2 LinuxFunction App Auth Settings V2Microsoft V2 - A
microsoft_v2
block as defined below. - require
Authentication Boolean - Should the authentication flow be used for all requests.
- require
Https Boolean - Should HTTPS be required on connections? Defaults to
true
. - runtime
Version String - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - twitter
V2 LinuxFunction App Auth Settings V2Twitter V2 - A
twitter_v2
block as defined below. - unauthenticated
Action String - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
- login
Linux
Function App Auth Settings V2Login - A
login
block as defined below. - active
Directory LinuxV2 Function App Auth Settings V2Active Directory V2 - An
active_directory_v2
block as defined below. - apple
V2 LinuxFunction App Auth Settings V2Apple V2 - An
apple_v2
block as defined below. - auth
Enabled boolean - Should the AuthV2 Settings be enabled. Defaults to
false
. - azure
Static LinuxWeb App V2 Function App Auth Settings V2Azure Static Web App V2 - An
azure_static_web_app_v2
block as defined below. - config
File stringPath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- custom
Oidc LinuxV2s Function App Auth Settings V2Custom Oidc V2[] - Zero or more
custom_oidc_v2
blocks as defined below. - default
Provider string The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- excluded
Paths string[] The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- facebook
V2 LinuxFunction App Auth Settings V2Facebook V2 - A
facebook_v2
block as defined below. - forward
Proxy stringConvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - forward
Proxy stringCustom Host Header Name - The name of the custom header containing the host of the request.
- forward
Proxy stringCustom Scheme Header Name - The name of the custom header containing the scheme of the request.
- github
V2 LinuxFunction App Auth Settings V2Github V2 - A
github_v2
block as defined below. - google
V2 LinuxFunction App Auth Settings V2Google V2 - A
google_v2
block as defined below. - http
Route stringApi Prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - microsoft
V2 LinuxFunction App Auth Settings V2Microsoft V2 - A
microsoft_v2
block as defined below. - require
Authentication boolean - Should the authentication flow be used for all requests.
- require
Https boolean - Should HTTPS be required on connections? Defaults to
true
. - runtime
Version string - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - twitter
V2 LinuxFunction App Auth Settings V2Twitter V2 - A
twitter_v2
block as defined below. - unauthenticated
Action string - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
- login
Linux
Function App Auth Settings V2Login - A
login
block as defined below. - active_
directory_ Linuxv2 Function App Auth Settings V2Active Directory V2 - An
active_directory_v2
block as defined below. - apple_
v2 LinuxFunction App Auth Settings V2Apple V2 - An
apple_v2
block as defined below. - auth_
enabled bool - Should the AuthV2 Settings be enabled. Defaults to
false
. - azure_
static_ Linuxweb_ app_ v2 Function App Auth Settings V2Azure Static Web App V2 - An
azure_static_web_app_v2
block as defined below. - config_
file_ strpath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- custom_
oidc_ Sequence[Linuxv2s Function App Auth Settings V2Custom Oidc V2] - Zero or more
custom_oidc_v2
blocks as defined below. - default_
provider str The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- excluded_
paths Sequence[str] The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- facebook_
v2 LinuxFunction App Auth Settings V2Facebook V2 - A
facebook_v2
block as defined below. - forward_
proxy_ strconvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - forward_
proxy_ strcustom_ host_ header_ name - The name of the custom header containing the host of the request.
- forward_
proxy_ strcustom_ scheme_ header_ name - The name of the custom header containing the scheme of the request.
- github_
v2 LinuxFunction App Auth Settings V2Github V2 - A
github_v2
block as defined below. - google_
v2 LinuxFunction App Auth Settings V2Google V2 - A
google_v2
block as defined below. - http_
route_ strapi_ prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - microsoft_
v2 LinuxFunction App Auth Settings V2Microsoft V2 - A
microsoft_v2
block as defined below. - require_
authentication bool - Should the authentication flow be used for all requests.
- require_
https bool - Should HTTPS be required on connections? Defaults to
true
. - runtime_
version str - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - twitter_
v2 LinuxFunction App Auth Settings V2Twitter V2 - A
twitter_v2
block as defined below. - unauthenticated_
action str - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
- login Property Map
- A
login
block as defined below. - active
Directory Property MapV2 - An
active_directory_v2
block as defined below. - apple
V2 Property Map - An
apple_v2
block as defined below. - auth
Enabled Boolean - Should the AuthV2 Settings be enabled. Defaults to
false
. - azure
Static Property MapWeb App V2 - An
azure_static_web_app_v2
block as defined below. - config
File StringPath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- custom
Oidc List<Property Map>V2s - Zero or more
custom_oidc_v2
blocks as defined below. - default
Provider String The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- excluded
Paths List<String> The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- facebook
V2 Property Map - A
facebook_v2
block as defined below. - forward
Proxy StringConvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - forward
Proxy StringCustom Host Header Name - The name of the custom header containing the host of the request.
- forward
Proxy StringCustom Scheme Header Name - The name of the custom header containing the scheme of the request.
- github
V2 Property Map - A
github_v2
block as defined below. - google
V2 Property Map - A
google_v2
block as defined below. - http
Route StringApi Prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - microsoft
V2 Property Map - A
microsoft_v2
block as defined below. - require
Authentication Boolean - Should the authentication flow be used for all requests.
- require
Https Boolean - Should HTTPS be required on connections? Defaults to
true
. - runtime
Version String - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - twitter
V2 Property Map - A
twitter_v2
block as defined below. - unauthenticated
Action String - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
LinuxFunctionAppAuthSettingsV2ActiveDirectoryV2, LinuxFunctionAppAuthSettingsV2ActiveDirectoryV2Args
- Client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- Tenant
Auth stringEndpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- Allowed
Applications List<string> - The list of allowed Applications for the Default Authorisation Policy.
- Allowed
Audiences List<string> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- Allowed
Groups List<string> - The list of allowed Group Names for the Default Authorisation Policy.
- Allowed
Identities List<string> - The list of allowed Identities for the Default Authorisation Policy.
- Client
Secret stringCertificate Thumbprint - The thumbprint of the certificate used for signing purposes.
- Client
Secret stringSetting Name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Jwt
Allowed List<string>Client Applications - A list of Allowed Client Applications in the JWT Claim.
- Jwt
Allowed List<string>Groups - A list of Allowed Groups in the JWT Claim.
- Login
Parameters Dictionary<string, string> - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- Www
Authentication boolDisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
- Client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- Tenant
Auth stringEndpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- Allowed
Applications []string - The list of allowed Applications for the Default Authorisation Policy.
- Allowed
Audiences []string Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- Allowed
Groups []string - The list of allowed Group Names for the Default Authorisation Policy.
- Allowed
Identities []string - The list of allowed Identities for the Default Authorisation Policy.
- Client
Secret stringCertificate Thumbprint - The thumbprint of the certificate used for signing purposes.
- Client
Secret stringSetting Name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Jwt
Allowed []stringClient Applications - A list of Allowed Client Applications in the JWT Claim.
- Jwt
Allowed []stringGroups - A list of Allowed Groups in the JWT Claim.
- Login
Parameters map[string]string - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- Www
Authentication boolDisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
- client
Id String - The ID of the Client to use to authenticate with Azure Active Directory.
- tenant
Auth StringEndpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- allowed
Applications List<String> - The list of allowed Applications for the Default Authorisation Policy.
- allowed
Audiences List<String> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- allowed
Groups List<String> - The list of allowed Group Names for the Default Authorisation Policy.
- allowed
Identities List<String> - The list of allowed Identities for the Default Authorisation Policy.
- client
Secret StringCertificate Thumbprint - The thumbprint of the certificate used for signing purposes.
- client
Secret StringSetting Name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- jwt
Allowed List<String>Client Applications - A list of Allowed Client Applications in the JWT Claim.
- jwt
Allowed List<String>Groups - A list of Allowed Groups in the JWT Claim.
- login
Parameters Map<String,String> - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- www
Authentication BooleanDisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
- client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- tenant
Auth stringEndpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- allowed
Applications string[] - The list of allowed Applications for the Default Authorisation Policy.
- allowed
Audiences string[] Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- allowed
Groups string[] - The list of allowed Group Names for the Default Authorisation Policy.
- allowed
Identities string[] - The list of allowed Identities for the Default Authorisation Policy.
- client
Secret stringCertificate Thumbprint - The thumbprint of the certificate used for signing purposes.
- client
Secret stringSetting Name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- jwt
Allowed string[]Client Applications - A list of Allowed Client Applications in the JWT Claim.
- jwt
Allowed string[]Groups - A list of Allowed Groups in the JWT Claim.
- login
Parameters {[key: string]: string} - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- www
Authentication booleanDisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
- client_
id str - The ID of the Client to use to authenticate with Azure Active Directory.
- tenant_
auth_ strendpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- allowed_
applications Sequence[str] - The list of allowed Applications for the Default Authorisation Policy.
- allowed_
audiences Sequence[str] Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- allowed_
groups Sequence[str] - The list of allowed Group Names for the Default Authorisation Policy.
- allowed_
identities Sequence[str] - The list of allowed Identities for the Default Authorisation Policy.
- client_
secret_ strcertificate_ thumbprint - The thumbprint of the certificate used for signing purposes.
- client_
secret_ strsetting_ name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- jwt_
allowed_ Sequence[str]client_ applications - A list of Allowed Client Applications in the JWT Claim.
- jwt_
allowed_ Sequence[str]groups - A list of Allowed Groups in the JWT Claim.
- login_
parameters Mapping[str, str] - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- www_
authentication_ booldisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
- client
Id String - The ID of the Client to use to authenticate with Azure Active Directory.
- tenant
Auth StringEndpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- allowed
Applications List<String> - The list of allowed Applications for the Default Authorisation Policy.
- allowed
Audiences List<String> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- allowed
Groups List<String> - The list of allowed Group Names for the Default Authorisation Policy.
- allowed
Identities List<String> - The list of allowed Identities for the Default Authorisation Policy.
- client
Secret StringCertificate Thumbprint - The thumbprint of the certificate used for signing purposes.
- client
Secret StringSetting Name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- jwt
Allowed List<String>Client Applications - A list of Allowed Client Applications in the JWT Claim.
- jwt
Allowed List<String>Groups - A list of Allowed Groups in the JWT Claim.
- login
Parameters Map<String> - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- www
Authentication BooleanDisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
LinuxFunctionAppAuthSettingsV2AppleV2, LinuxFunctionAppAuthSettingsV2AppleV2Args
- Client
Id string - The OpenID Connect Client ID for the Apple web application.
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Login
Scopes List<string> A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- Client
Id string - The OpenID Connect Client ID for the Apple web application.
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Login
Scopes []string A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- client
Id String - The OpenID Connect Client ID for the Apple web application.
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes List<String> A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- client
Id string - The OpenID Connect Client ID for the Apple web application.
- client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes string[] A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- client_
id str - The OpenID Connect Client ID for the Apple web application.
- client_
secret_ strsetting_ name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login_
scopes Sequence[str] A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- client
Id String - The OpenID Connect Client ID for the Apple web application.
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes List<String> A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
LinuxFunctionAppAuthSettingsV2AzureStaticWebAppV2, LinuxFunctionAppAuthSettingsV2AzureStaticWebAppV2Args
- Client
Id string - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
- Client
Id string - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
- client
Id String - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
- client
Id string - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
- client_
id str - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
- client
Id String - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
LinuxFunctionAppAuthSettingsV2CustomOidcV2, LinuxFunctionAppAuthSettingsV2CustomOidcV2Args
- Client
Id string - The ID of the Client to use to authenticate with the Custom OIDC.
- Name string
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- Openid
Configuration stringEndpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - string
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - Certification
Uri string - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - Client
Credential stringMethod - The Client Credential Method used.
- Client
Secret stringSetting Name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - Issuer
Endpoint string - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - Name
Claim stringType - The name of the claim that contains the users name.
- Scopes List<string>
- The list of the scopes that should be requested while authenticating.
- Token
Endpoint string - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
- Client
Id string - The ID of the Client to use to authenticate with the Custom OIDC.
- Name string
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- Openid
Configuration stringEndpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - string
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - Certification
Uri string - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - Client
Credential stringMethod - The Client Credential Method used.
- Client
Secret stringSetting Name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - Issuer
Endpoint string - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - Name
Claim stringType - The name of the claim that contains the users name.
- Scopes []string
- The list of the scopes that should be requested while authenticating.
- Token
Endpoint string - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
- client
Id String - The ID of the Client to use to authenticate with the Custom OIDC.
- name String
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- openid
Configuration StringEndpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - String
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - certification
Uri String - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - client
Credential StringMethod - The Client Credential Method used.
- client
Secret StringSetting Name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - issuer
Endpoint String - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - name
Claim StringType - The name of the claim that contains the users name.
- scopes List<String>
- The list of the scopes that should be requested while authenticating.
- token
Endpoint String - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
- client
Id string - The ID of the Client to use to authenticate with the Custom OIDC.
- name string
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- openid
Configuration stringEndpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - string
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - certification
Uri string - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - client
Credential stringMethod - The Client Credential Method used.
- client
Secret stringSetting Name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - issuer
Endpoint string - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - name
Claim stringType - The name of the claim that contains the users name.
- scopes string[]
- The list of the scopes that should be requested while authenticating.
- token
Endpoint string - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
- client_
id str - The ID of the Client to use to authenticate with the Custom OIDC.
- name str
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- openid_
configuration_ strendpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - str
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - certification_
uri str - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - client_
credential_ strmethod - The Client Credential Method used.
- client_
secret_ strsetting_ name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - issuer_
endpoint str - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - name_
claim_ strtype - The name of the claim that contains the users name.
- scopes Sequence[str]
- The list of the scopes that should be requested while authenticating.
- token_
endpoint str - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
- client
Id String - The ID of the Client to use to authenticate with the Custom OIDC.
- name String
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- openid
Configuration StringEndpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - String
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - certification
Uri String - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - client
Credential StringMethod - The Client Credential Method used.
- client
Secret StringSetting Name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - issuer
Endpoint String - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - name
Claim StringType - The name of the claim that contains the users name.
- scopes List<String>
- The list of the scopes that should be requested while authenticating.
- token
Endpoint String - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
LinuxFunctionAppAuthSettingsV2FacebookV2, LinuxFunctionAppAuthSettingsV2FacebookV2Args
- App
Id string - The App ID of the Facebook app used for login.
- App
Secret stringSetting Name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Graph
Api stringVersion - The version of the Facebook API to be used while logging in.
- Login
Scopes List<string> - The list of scopes that should be requested as part of Facebook Login authentication.
- App
Id string - The App ID of the Facebook app used for login.
- App
Secret stringSetting Name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Graph
Api stringVersion - The version of the Facebook API to be used while logging in.
- Login
Scopes []string - The list of scopes that should be requested as part of Facebook Login authentication.
- app
Id String - The App ID of the Facebook app used for login.
- app
Secret StringSetting Name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- graph
Api StringVersion - The version of the Facebook API to be used while logging in.
- login
Scopes List<String> - The list of scopes that should be requested as part of Facebook Login authentication.
- app
Id string - The App ID of the Facebook app used for login.
- app
Secret stringSetting Name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- graph
Api stringVersion - The version of the Facebook API to be used while logging in.
- login
Scopes string[] - The list of scopes that should be requested as part of Facebook Login authentication.
- app_
id str - The App ID of the Facebook app used for login.
- app_
secret_ strsetting_ name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- graph_
api_ strversion - The version of the Facebook API to be used while logging in.
- login_
scopes Sequence[str] - The list of scopes that should be requested as part of Facebook Login authentication.
- app
Id String - The App ID of the Facebook app used for login.
- app
Secret StringSetting Name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- graph
Api StringVersion - The version of the Facebook API to be used while logging in.
- login
Scopes List<String> - The list of scopes that should be requested as part of Facebook Login authentication.
LinuxFunctionAppAuthSettingsV2GithubV2, LinuxFunctionAppAuthSettingsV2GithubV2Args
- Client
Id string - The ID of the GitHub app used for login..
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Login
Scopes List<string> - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
- Client
Id string - The ID of the GitHub app used for login..
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Login
Scopes []string - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
- client
Id String - The ID of the GitHub app used for login..
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes List<String> - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
- client
Id string - The ID of the GitHub app used for login..
- client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes string[] - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
- client_
id str - The ID of the GitHub app used for login..
- client_
secret_ strsetting_ name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login_
scopes Sequence[str] - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
- client
Id String - The ID of the GitHub app used for login..
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes List<String> - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
LinuxFunctionAppAuthSettingsV2GoogleV2, LinuxFunctionAppAuthSettingsV2GoogleV2Args
- Client
Id string - The OpenID Connect Client ID for the Google web application.
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Allowed
Audiences List<string> - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- Login
Scopes List<string> - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
- Client
Id string - The OpenID Connect Client ID for the Google web application.
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Allowed
Audiences []string - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- Login
Scopes []string - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
- client
Id String - The OpenID Connect Client ID for the Google web application.
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- allowed
Audiences List<String> - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- login
Scopes List<String> - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
- client
Id string - The OpenID Connect Client ID for the Google web application.
- client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- allowed
Audiences string[] - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- login
Scopes string[] - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
- client_
id str - The OpenID Connect Client ID for the Google web application.
- client_
secret_ strsetting_ name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- allowed_
audiences Sequence[str] - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- login_
scopes Sequence[str] - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
- client
Id String - The OpenID Connect Client ID for the Google web application.
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- allowed
Audiences List<String> - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- login
Scopes List<String> - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
LinuxFunctionAppAuthSettingsV2Login, LinuxFunctionAppAuthSettingsV2LoginArgs
- Allowed
External List<string>Redirect Urls External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
Note: URLs within the current domain are always implicitly allowed.
- string
- The method by which cookies expire. Possible values include:
FixedTime
, andIdentityProviderDerived
. Defaults toFixedTime
. - string
- The time after the request is made when the session cookie should expire. Defaults to
08:00:00
. - Logout
Endpoint string - The endpoint to which logout requests should be made.
- Nonce
Expiration stringTime - The time after the request is made when the nonce should expire. Defaults to
00:05:00
. - Preserve
Url boolFragments For Logins - Should the fragments from the request be preserved after the login request is made. Defaults to
false
. - Token
Refresh doubleExtension Time - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - Token
Store boolEnabled - Should the Token Store configuration Enabled. Defaults to
false
- Token
Store stringPath - The directory path in the App Filesystem in which the tokens will be stored.
- Token
Store stringSas Setting Name - The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
- Validate
Nonce bool - Should the nonce be validated while completing the login flow. Defaults to
true
.
- Allowed
External []stringRedirect Urls External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
Note: URLs within the current domain are always implicitly allowed.
- string
- The method by which cookies expire. Possible values include:
FixedTime
, andIdentityProviderDerived
. Defaults toFixedTime
. - string
- The time after the request is made when the session cookie should expire. Defaults to
08:00:00
. - Logout
Endpoint string - The endpoint to which logout requests should be made.
- Nonce
Expiration stringTime - The time after the request is made when the nonce should expire. Defaults to
00:05:00
. - Preserve
Url boolFragments For Logins - Should the fragments from the request be preserved after the login request is made. Defaults to
false
. - Token
Refresh float64Extension Time - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - Token
Store boolEnabled - Should the Token Store configuration Enabled. Defaults to
false
- Token
Store stringPath - The directory path in the App Filesystem in which the tokens will be stored.
- Token
Store stringSas Setting Name - The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
- Validate
Nonce bool - Should the nonce be validated while completing the login flow. Defaults to
true
.
- allowed
External List<String>Redirect Urls External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
Note: URLs within the current domain are always implicitly allowed.
- String
- The method by which cookies expire. Possible values include:
FixedTime
, andIdentityProviderDerived
. Defaults toFixedTime
. - String
- The time after the request is made when the session cookie should expire. Defaults to
08:00:00
. - logout
Endpoint String - The endpoint to which logout requests should be made.
- nonce
Expiration StringTime - The time after the request is made when the nonce should expire. Defaults to
00:05:00
. - preserve
Url BooleanFragments For Logins - Should the fragments from the request be preserved after the login request is made. Defaults to
false
.