We recommend using Azure Native.
azure.appservice.LinuxFunctionAppSlot
Explore with Pulumi AI
Manages a Linux Function App Slot.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleAccount = new azure.storage.Account("example", {
name: "linuxfunctionappsa",
resourceGroupName: example.name,
location: example.location,
accountTier: "Standard",
accountReplicationType: "LRS",
});
const exampleServicePlan = new azure.appservice.ServicePlan("example", {
name: "example-app-service-plan",
resourceGroupName: example.name,
location: example.location,
osType: "Linux",
skuName: "Y1",
});
const exampleLinuxFunctionApp = new azure.appservice.LinuxFunctionApp("example", {
name: "example-linux-function-app",
resourceGroupName: example.name,
location: example.location,
servicePlanId: exampleServicePlan.id,
storageAccountName: exampleAccount.name,
siteConfig: {},
});
const exampleLinuxFunctionAppSlot = new azure.appservice.LinuxFunctionAppSlot("example", {
name: "example-linux-function-app-slot",
functionAppId: exampleLinuxFunctionApp.id,
storageAccountName: exampleAccount.name,
siteConfig: {},
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_account = azure.storage.Account("example",
name="linuxfunctionappsa",
resource_group_name=example.name,
location=example.location,
account_tier="Standard",
account_replication_type="LRS")
example_service_plan = azure.appservice.ServicePlan("example",
name="example-app-service-plan",
resource_group_name=example.name,
location=example.location,
os_type="Linux",
sku_name="Y1")
example_linux_function_app = azure.appservice.LinuxFunctionApp("example",
name="example-linux-function-app",
resource_group_name=example.name,
location=example.location,
service_plan_id=example_service_plan.id,
storage_account_name=example_account.name,
site_config={})
example_linux_function_app_slot = azure.appservice.LinuxFunctionAppSlot("example",
name="example-linux-function-app-slot",
function_app_id=example_linux_function_app.id,
storage_account_name=example_account.name,
site_config={})
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/appservice"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("linuxfunctionappsa"),
ResourceGroupName: example.Name,
Location: example.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
})
if err != nil {
return err
}
exampleServicePlan, err := appservice.NewServicePlan(ctx, "example", &appservice.ServicePlanArgs{
Name: pulumi.String("example-app-service-plan"),
ResourceGroupName: example.Name,
Location: example.Location,
OsType: pulumi.String("Linux"),
SkuName: pulumi.String("Y1"),
})
if err != nil {
return err
}
exampleLinuxFunctionApp, err := appservice.NewLinuxFunctionApp(ctx, "example", &appservice.LinuxFunctionAppArgs{
Name: pulumi.String("example-linux-function-app"),
ResourceGroupName: example.Name,
Location: example.Location,
ServicePlanId: exampleServicePlan.ID(),
StorageAccountName: exampleAccount.Name,
SiteConfig: &appservice.LinuxFunctionAppSiteConfigArgs{},
})
if err != nil {
return err
}
_, err = appservice.NewLinuxFunctionAppSlot(ctx, "example", &appservice.LinuxFunctionAppSlotArgs{
Name: pulumi.String("example-linux-function-app-slot"),
FunctionAppId: exampleLinuxFunctionApp.ID(),
StorageAccountName: exampleAccount.Name,
SiteConfig: &appservice.LinuxFunctionAppSlotSiteConfigArgs{},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "linuxfunctionappsa",
ResourceGroupName = example.Name,
Location = example.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var exampleServicePlan = new Azure.AppService.ServicePlan("example", new()
{
Name = "example-app-service-plan",
ResourceGroupName = example.Name,
Location = example.Location,
OsType = "Linux",
SkuName = "Y1",
});
var exampleLinuxFunctionApp = new Azure.AppService.LinuxFunctionApp("example", new()
{
Name = "example-linux-function-app",
ResourceGroupName = example.Name,
Location = example.Location,
ServicePlanId = exampleServicePlan.Id,
StorageAccountName = exampleAccount.Name,
SiteConfig = null,
});
var exampleLinuxFunctionAppSlot = new Azure.AppService.LinuxFunctionAppSlot("example", new()
{
Name = "example-linux-function-app-slot",
FunctionAppId = exampleLinuxFunctionApp.Id,
StorageAccountName = exampleAccount.Name,
SiteConfig = null,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.appservice.ServicePlan;
import com.pulumi.azure.appservice.ServicePlanArgs;
import com.pulumi.azure.appservice.LinuxFunctionApp;
import com.pulumi.azure.appservice.LinuxFunctionAppArgs;
import com.pulumi.azure.appservice.inputs.LinuxFunctionAppSiteConfigArgs;
import com.pulumi.azure.appservice.LinuxFunctionAppSlot;
import com.pulumi.azure.appservice.LinuxFunctionAppSlotArgs;
import com.pulumi.azure.appservice.inputs.LinuxFunctionAppSlotSiteConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("linuxfunctionappsa")
.resourceGroupName(example.name())
.location(example.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var exampleServicePlan = new ServicePlan("exampleServicePlan", ServicePlanArgs.builder()
.name("example-app-service-plan")
.resourceGroupName(example.name())
.location(example.location())
.osType("Linux")
.skuName("Y1")
.build());
var exampleLinuxFunctionApp = new LinuxFunctionApp("exampleLinuxFunctionApp", LinuxFunctionAppArgs.builder()
.name("example-linux-function-app")
.resourceGroupName(example.name())
.location(example.location())
.servicePlanId(exampleServicePlan.id())
.storageAccountName(exampleAccount.name())
.siteConfig()
.build());
var exampleLinuxFunctionAppSlot = new LinuxFunctionAppSlot("exampleLinuxFunctionAppSlot", LinuxFunctionAppSlotArgs.builder()
.name("example-linux-function-app-slot")
.functionAppId(exampleLinuxFunctionApp.id())
.storageAccountName(exampleAccount.name())
.siteConfig()
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: linuxfunctionappsa
resourceGroupName: ${example.name}
location: ${example.location}
accountTier: Standard
accountReplicationType: LRS
exampleServicePlan:
type: azure:appservice:ServicePlan
name: example
properties:
name: example-app-service-plan
resourceGroupName: ${example.name}
location: ${example.location}
osType: Linux
skuName: Y1
exampleLinuxFunctionApp:
type: azure:appservice:LinuxFunctionApp
name: example
properties:
name: example-linux-function-app
resourceGroupName: ${example.name}
location: ${example.location}
servicePlanId: ${exampleServicePlan.id}
storageAccountName: ${exampleAccount.name}
siteConfig: {}
exampleLinuxFunctionAppSlot:
type: azure:appservice:LinuxFunctionAppSlot
name: example
properties:
name: example-linux-function-app-slot
functionAppId: ${exampleLinuxFunctionApp.id}
storageAccountName: ${exampleAccount.name}
siteConfig: {}
Create LinuxFunctionAppSlot Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new LinuxFunctionAppSlot(name: string, args: LinuxFunctionAppSlotArgs, opts?: CustomResourceOptions);
@overload
def LinuxFunctionAppSlot(resource_name: str,
args: LinuxFunctionAppSlotArgs,
opts: Optional[ResourceOptions] = None)
@overload
def LinuxFunctionAppSlot(resource_name: str,
opts: Optional[ResourceOptions] = None,
function_app_id: Optional[str] = None,
site_config: Optional[LinuxFunctionAppSlotSiteConfigArgs] = None,
client_certificate_mode: Optional[str] = None,
client_certificate_exclusion_paths: Optional[str] = None,
identity: Optional[LinuxFunctionAppSlotIdentityArgs] = None,
client_certificate_enabled: Optional[bool] = None,
key_vault_reference_identity_id: Optional[str] = None,
app_settings: Optional[Mapping[str, str]] = None,
connection_strings: Optional[Sequence[LinuxFunctionAppSlotConnectionStringArgs]] = None,
content_share_force_disabled: Optional[bool] = None,
daily_memory_time_quota: Optional[int] = None,
enabled: Optional[bool] = None,
ftp_publish_basic_authentication_enabled: Optional[bool] = None,
name: Optional[str] = None,
functions_extension_version: Optional[str] = None,
https_only: Optional[bool] = None,
builtin_logging_enabled: Optional[bool] = None,
backup: Optional[LinuxFunctionAppSlotBackupArgs] = None,
auth_settings_v2: Optional[LinuxFunctionAppSlotAuthSettingsV2Args] = None,
public_network_access_enabled: Optional[bool] = None,
service_plan_id: Optional[str] = None,
auth_settings: Optional[LinuxFunctionAppSlotAuthSettingsArgs] = None,
storage_account_access_key: Optional[str] = None,
storage_account_name: Optional[str] = None,
storage_accounts: Optional[Sequence[LinuxFunctionAppSlotStorageAccountArgs]] = None,
storage_key_vault_secret_id: Optional[str] = None,
storage_uses_managed_identity: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
virtual_network_subnet_id: Optional[str] = None,
vnet_image_pull_enabled: Optional[bool] = None,
webdeploy_publish_basic_authentication_enabled: Optional[bool] = None)
func NewLinuxFunctionAppSlot(ctx *Context, name string, args LinuxFunctionAppSlotArgs, opts ...ResourceOption) (*LinuxFunctionAppSlot, error)
public LinuxFunctionAppSlot(string name, LinuxFunctionAppSlotArgs args, CustomResourceOptions? opts = null)
public LinuxFunctionAppSlot(String name, LinuxFunctionAppSlotArgs args)
public LinuxFunctionAppSlot(String name, LinuxFunctionAppSlotArgs args, CustomResourceOptions options)
type: azure:appservice:LinuxFunctionAppSlot
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args LinuxFunctionAppSlotArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args LinuxFunctionAppSlotArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args LinuxFunctionAppSlotArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LinuxFunctionAppSlotArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args LinuxFunctionAppSlotArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var linuxFunctionAppSlotResource = new Azure.AppService.LinuxFunctionAppSlot("linuxFunctionAppSlotResource", new()
{
FunctionAppId = "string",
SiteConfig = new Azure.AppService.Inputs.LinuxFunctionAppSlotSiteConfigArgs
{
AlwaysOn = false,
ApiDefinitionUrl = "string",
ApiManagementApiId = "string",
AppCommandLine = "string",
AppScaleLimit = 0,
AppServiceLogs = new Azure.AppService.Inputs.LinuxFunctionAppSlotSiteConfigAppServiceLogsArgs
{
DiskQuotaMb = 0,
RetentionPeriodDays = 0,
},
ApplicationInsightsConnectionString = "string",
ApplicationInsightsKey = "string",
ApplicationStack = new Azure.AppService.Inputs.LinuxFunctionAppSlotSiteConfigApplicationStackArgs
{
Dockers = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppSlotSiteConfigApplicationStackDockerArgs
{
ImageName = "string",
ImageTag = "string",
RegistryUrl = "string",
RegistryPassword = "string",
RegistryUsername = "string",
},
},
DotnetVersion = "string",
JavaVersion = "string",
NodeVersion = "string",
PowershellCoreVersion = "string",
PythonVersion = "string",
UseCustomRuntime = false,
UseDotnetIsolatedRuntime = false,
},
AutoSwapSlotName = "string",
ContainerRegistryManagedIdentityClientId = "string",
ContainerRegistryUseManagedIdentity = false,
Cors = new Azure.AppService.Inputs.LinuxFunctionAppSlotSiteConfigCorsArgs
{
AllowedOrigins = new[]
{
"string",
},
SupportCredentials = false,
},
DefaultDocuments = new[]
{
"string",
},
DetailedErrorLoggingEnabled = false,
ElasticInstanceMinimum = 0,
FtpsState = "string",
HealthCheckEvictionTimeInMin = 0,
HealthCheckPath = "string",
Http2Enabled = false,
IpRestrictionDefaultAction = "string",
IpRestrictions = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppSlotSiteConfigIpRestrictionArgs
{
Action = "string",
Description = "string",
Headers = new Azure.AppService.Inputs.LinuxFunctionAppSlotSiteConfigIpRestrictionHeadersArgs
{
XAzureFdids = new[]
{
"string",
},
XFdHealthProbe = "string",
XForwardedFors = new[]
{
"string",
},
XForwardedHosts = new[]
{
"string",
},
},
IpAddress = "string",
Name = "string",
Priority = 0,
ServiceTag = "string",
VirtualNetworkSubnetId = "string",
},
},
LinuxFxVersion = "string",
LoadBalancingMode = "string",
ManagedPipelineMode = "string",
MinimumTlsVersion = "string",
PreWarmedInstanceCount = 0,
RemoteDebuggingEnabled = false,
RemoteDebuggingVersion = "string",
RuntimeScaleMonitoringEnabled = false,
ScmIpRestrictionDefaultAction = "string",
ScmIpRestrictions = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppSlotSiteConfigScmIpRestrictionArgs
{
Action = "string",
Description = "string",
Headers = new Azure.AppService.Inputs.LinuxFunctionAppSlotSiteConfigScmIpRestrictionHeadersArgs
{
XAzureFdids = new[]
{
"string",
},
XFdHealthProbe = "string",
XForwardedFors = new[]
{
"string",
},
XForwardedHosts = new[]
{
"string",
},
},
IpAddress = "string",
Name = "string",
Priority = 0,
ServiceTag = "string",
VirtualNetworkSubnetId = "string",
},
},
ScmMinimumTlsVersion = "string",
ScmType = "string",
ScmUseMainIpRestriction = false,
Use32BitWorker = false,
VnetRouteAllEnabled = false,
WebsocketsEnabled = false,
WorkerCount = 0,
},
ClientCertificateMode = "string",
ClientCertificateExclusionPaths = "string",
Identity = new Azure.AppService.Inputs.LinuxFunctionAppSlotIdentityArgs
{
Type = "string",
IdentityIds = new[]
{
"string",
},
PrincipalId = "string",
TenantId = "string",
},
ClientCertificateEnabled = false,
KeyVaultReferenceIdentityId = "string",
AppSettings =
{
{ "string", "string" },
},
ConnectionStrings = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppSlotConnectionStringArgs
{
Name = "string",
Type = "string",
Value = "string",
},
},
ContentShareForceDisabled = false,
DailyMemoryTimeQuota = 0,
Enabled = false,
FtpPublishBasicAuthenticationEnabled = false,
Name = "string",
FunctionsExtensionVersion = "string",
HttpsOnly = false,
BuiltinLoggingEnabled = false,
Backup = new Azure.AppService.Inputs.LinuxFunctionAppSlotBackupArgs
{
Name = "string",
Schedule = new Azure.AppService.Inputs.LinuxFunctionAppSlotBackupScheduleArgs
{
FrequencyInterval = 0,
FrequencyUnit = "string",
KeepAtLeastOneBackup = false,
LastExecutionTime = "string",
RetentionPeriodDays = 0,
StartTime = "string",
},
StorageAccountUrl = "string",
Enabled = false,
},
AuthSettingsV2 = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2Args
{
Login = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2LoginArgs
{
AllowedExternalRedirectUrls = new[]
{
"string",
},
CookieExpirationConvention = "string",
CookieExpirationTime = "string",
LogoutEndpoint = "string",
NonceExpirationTime = "string",
PreserveUrlFragmentsForLogins = false,
TokenRefreshExtensionTime = 0,
TokenStoreEnabled = false,
TokenStorePath = "string",
TokenStoreSasSettingName = "string",
ValidateNonce = false,
},
CustomOidcV2s = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2CustomOidcV2Args
{
ClientId = "string",
Name = "string",
OpenidConfigurationEndpoint = "string",
AuthorisationEndpoint = "string",
CertificationUri = "string",
ClientCredentialMethod = "string",
ClientSecretSettingName = "string",
IssuerEndpoint = "string",
NameClaimType = "string",
Scopes = new[]
{
"string",
},
TokenEndpoint = "string",
},
},
ActiveDirectoryV2 = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2ActiveDirectoryV2Args
{
ClientId = "string",
TenantAuthEndpoint = "string",
AllowedApplications = new[]
{
"string",
},
AllowedAudiences = new[]
{
"string",
},
AllowedGroups = new[]
{
"string",
},
AllowedIdentities = new[]
{
"string",
},
ClientSecretCertificateThumbprint = "string",
ClientSecretSettingName = "string",
JwtAllowedClientApplications = new[]
{
"string",
},
JwtAllowedGroups = new[]
{
"string",
},
LoginParameters =
{
{ "string", "string" },
},
WwwAuthenticationDisabled = false,
},
ForwardProxyCustomSchemeHeaderName = "string",
GoogleV2 = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2GoogleV2Args
{
ClientId = "string",
ClientSecretSettingName = "string",
AllowedAudiences = new[]
{
"string",
},
LoginScopes = new[]
{
"string",
},
},
GithubV2 = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2GithubV2Args
{
ClientId = "string",
ClientSecretSettingName = "string",
LoginScopes = new[]
{
"string",
},
},
DefaultProvider = "string",
ExcludedPaths = new[]
{
"string",
},
FacebookV2 = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2FacebookV2Args
{
AppId = "string",
AppSecretSettingName = "string",
GraphApiVersion = "string",
LoginScopes = new[]
{
"string",
},
},
ForwardProxyConvention = "string",
ForwardProxyCustomHostHeaderName = "string",
AzureStaticWebAppV2 = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2AzureStaticWebAppV2Args
{
ClientId = "string",
},
AuthEnabled = false,
ConfigFilePath = "string",
HttpRouteApiPrefix = "string",
AppleV2 = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2AppleV2Args
{
ClientId = "string",
ClientSecretSettingName = "string",
LoginScopes = new[]
{
"string",
},
},
MicrosoftV2 = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2MicrosoftV2Args
{
ClientId = "string",
ClientSecretSettingName = "string",
AllowedAudiences = new[]
{
"string",
},
LoginScopes = new[]
{
"string",
},
},
RequireAuthentication = false,
RequireHttps = false,
RuntimeVersion = "string",
TwitterV2 = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsV2TwitterV2Args
{
ConsumerKey = "string",
ConsumerSecretSettingName = "string",
},
UnauthenticatedAction = "string",
},
PublicNetworkAccessEnabled = false,
ServicePlanId = "string",
AuthSettings = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsArgs
{
Enabled = false,
Github = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsGithubArgs
{
ClientId = "string",
ClientSecret = "string",
ClientSecretSettingName = "string",
OauthScopes = new[]
{
"string",
},
},
Issuer = "string",
DefaultProvider = "string",
AdditionalLoginParameters =
{
{ "string", "string" },
},
Facebook = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsFacebookArgs
{
AppId = "string",
AppSecret = "string",
AppSecretSettingName = "string",
OauthScopes = new[]
{
"string",
},
},
ActiveDirectory = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsActiveDirectoryArgs
{
ClientId = "string",
AllowedAudiences = new[]
{
"string",
},
ClientSecret = "string",
ClientSecretSettingName = "string",
},
Google = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsGoogleArgs
{
ClientId = "string",
ClientSecret = "string",
ClientSecretSettingName = "string",
OauthScopes = new[]
{
"string",
},
},
AllowedExternalRedirectUrls = new[]
{
"string",
},
Microsoft = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsMicrosoftArgs
{
ClientId = "string",
ClientSecret = "string",
ClientSecretSettingName = "string",
OauthScopes = new[]
{
"string",
},
},
RuntimeVersion = "string",
TokenRefreshExtensionHours = 0,
TokenStoreEnabled = false,
Twitter = new Azure.AppService.Inputs.LinuxFunctionAppSlotAuthSettingsTwitterArgs
{
ConsumerKey = "string",
ConsumerSecret = "string",
ConsumerSecretSettingName = "string",
},
UnauthenticatedClientAction = "string",
},
StorageAccountAccessKey = "string",
StorageAccountName = "string",
StorageAccounts = new[]
{
new Azure.AppService.Inputs.LinuxFunctionAppSlotStorageAccountArgs
{
AccessKey = "string",
AccountName = "string",
Name = "string",
ShareName = "string",
Type = "string",
MountPath = "string",
},
},
StorageKeyVaultSecretId = "string",
StorageUsesManagedIdentity = false,
Tags =
{
{ "string", "string" },
},
VirtualNetworkSubnetId = "string",
VnetImagePullEnabled = false,
WebdeployPublishBasicAuthenticationEnabled = false,
});
example, err := appservice.NewLinuxFunctionAppSlot(ctx, "linuxFunctionAppSlotResource", &appservice.LinuxFunctionAppSlotArgs{
FunctionAppId: pulumi.String("string"),
SiteConfig: &appservice.LinuxFunctionAppSlotSiteConfigArgs{
AlwaysOn: pulumi.Bool(false),
ApiDefinitionUrl: pulumi.String("string"),
ApiManagementApiId: pulumi.String("string"),
AppCommandLine: pulumi.String("string"),
AppScaleLimit: pulumi.Int(0),
AppServiceLogs: &appservice.LinuxFunctionAppSlotSiteConfigAppServiceLogsArgs{
DiskQuotaMb: pulumi.Int(0),
RetentionPeriodDays: pulumi.Int(0),
},
ApplicationInsightsConnectionString: pulumi.String("string"),
ApplicationInsightsKey: pulumi.String("string"),
ApplicationStack: &appservice.LinuxFunctionAppSlotSiteConfigApplicationStackArgs{
Dockers: appservice.LinuxFunctionAppSlotSiteConfigApplicationStackDockerArray{
&appservice.LinuxFunctionAppSlotSiteConfigApplicationStackDockerArgs{
ImageName: pulumi.String("string"),
ImageTag: pulumi.String("string"),
RegistryUrl: pulumi.String("string"),
RegistryPassword: pulumi.String("string"),
RegistryUsername: pulumi.String("string"),
},
},
DotnetVersion: pulumi.String("string"),
JavaVersion: pulumi.String("string"),
NodeVersion: pulumi.String("string"),
PowershellCoreVersion: pulumi.String("string"),
PythonVersion: pulumi.String("string"),
UseCustomRuntime: pulumi.Bool(false),
UseDotnetIsolatedRuntime: pulumi.Bool(false),
},
AutoSwapSlotName: pulumi.String("string"),
ContainerRegistryManagedIdentityClientId: pulumi.String("string"),
ContainerRegistryUseManagedIdentity: pulumi.Bool(false),
Cors: &appservice.LinuxFunctionAppSlotSiteConfigCorsArgs{
AllowedOrigins: pulumi.StringArray{
pulumi.String("string"),
},
SupportCredentials: pulumi.Bool(false),
},
DefaultDocuments: pulumi.StringArray{
pulumi.String("string"),
},
DetailedErrorLoggingEnabled: pulumi.Bool(false),
ElasticInstanceMinimum: pulumi.Int(0),
FtpsState: pulumi.String("string"),
HealthCheckEvictionTimeInMin: pulumi.Int(0),
HealthCheckPath: pulumi.String("string"),
Http2Enabled: pulumi.Bool(false),
IpRestrictionDefaultAction: pulumi.String("string"),
IpRestrictions: appservice.LinuxFunctionAppSlotSiteConfigIpRestrictionArray{
&appservice.LinuxFunctionAppSlotSiteConfigIpRestrictionArgs{
Action: pulumi.String("string"),
Description: pulumi.String("string"),
Headers: &appservice.LinuxFunctionAppSlotSiteConfigIpRestrictionHeadersArgs{
XAzureFdids: pulumi.StringArray{
pulumi.String("string"),
},
XFdHealthProbe: pulumi.String("string"),
XForwardedFors: pulumi.StringArray{
pulumi.String("string"),
},
XForwardedHosts: pulumi.StringArray{
pulumi.String("string"),
},
},
IpAddress: pulumi.String("string"),
Name: pulumi.String("string"),
Priority: pulumi.Int(0),
ServiceTag: pulumi.String("string"),
VirtualNetworkSubnetId: pulumi.String("string"),
},
},
LinuxFxVersion: pulumi.String("string"),
LoadBalancingMode: pulumi.String("string"),
ManagedPipelineMode: pulumi.String("string"),
MinimumTlsVersion: pulumi.String("string"),
PreWarmedInstanceCount: pulumi.Int(0),
RemoteDebuggingEnabled: pulumi.Bool(false),
RemoteDebuggingVersion: pulumi.String("string"),
RuntimeScaleMonitoringEnabled: pulumi.Bool(false),
ScmIpRestrictionDefaultAction: pulumi.String("string"),
ScmIpRestrictions: appservice.LinuxFunctionAppSlotSiteConfigScmIpRestrictionArray{
&appservice.LinuxFunctionAppSlotSiteConfigScmIpRestrictionArgs{
Action: pulumi.String("string"),
Description: pulumi.String("string"),
Headers: &appservice.LinuxFunctionAppSlotSiteConfigScmIpRestrictionHeadersArgs{
XAzureFdids: pulumi.StringArray{
pulumi.String("string"),
},
XFdHealthProbe: pulumi.String("string"),
XForwardedFors: pulumi.StringArray{
pulumi.String("string"),
},
XForwardedHosts: pulumi.StringArray{
pulumi.String("string"),
},
},
IpAddress: pulumi.String("string"),
Name: pulumi.String("string"),
Priority: pulumi.Int(0),
ServiceTag: pulumi.String("string"),
VirtualNetworkSubnetId: pulumi.String("string"),
},
},
ScmMinimumTlsVersion: pulumi.String("string"),
ScmType: pulumi.String("string"),
ScmUseMainIpRestriction: pulumi.Bool(false),
Use32BitWorker: pulumi.Bool(false),
VnetRouteAllEnabled: pulumi.Bool(false),
WebsocketsEnabled: pulumi.Bool(false),
WorkerCount: pulumi.Int(0),
},
ClientCertificateMode: pulumi.String("string"),
ClientCertificateExclusionPaths: pulumi.String("string"),
Identity: &appservice.LinuxFunctionAppSlotIdentityArgs{
Type: pulumi.String("string"),
IdentityIds: pulumi.StringArray{
pulumi.String("string"),
},
PrincipalId: pulumi.String("string"),
TenantId: pulumi.String("string"),
},
ClientCertificateEnabled: pulumi.Bool(false),
KeyVaultReferenceIdentityId: pulumi.String("string"),
AppSettings: pulumi.StringMap{
"string": pulumi.String("string"),
},
ConnectionStrings: appservice.LinuxFunctionAppSlotConnectionStringArray{
&appservice.LinuxFunctionAppSlotConnectionStringArgs{
Name: pulumi.String("string"),
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ContentShareForceDisabled: pulumi.Bool(false),
DailyMemoryTimeQuota: pulumi.Int(0),
Enabled: pulumi.Bool(false),
FtpPublishBasicAuthenticationEnabled: pulumi.Bool(false),
Name: pulumi.String("string"),
FunctionsExtensionVersion: pulumi.String("string"),
HttpsOnly: pulumi.Bool(false),
BuiltinLoggingEnabled: pulumi.Bool(false),
Backup: &appservice.LinuxFunctionAppSlotBackupArgs{
Name: pulumi.String("string"),
Schedule: &appservice.LinuxFunctionAppSlotBackupScheduleArgs{
FrequencyInterval: pulumi.Int(0),
FrequencyUnit: pulumi.String("string"),
KeepAtLeastOneBackup: pulumi.Bool(false),
LastExecutionTime: pulumi.String("string"),
RetentionPeriodDays: pulumi.Int(0),
StartTime: pulumi.String("string"),
},
StorageAccountUrl: pulumi.String("string"),
Enabled: pulumi.Bool(false),
},
AuthSettingsV2: &appservice.LinuxFunctionAppSlotAuthSettingsV2Args{
Login: &appservice.LinuxFunctionAppSlotAuthSettingsV2LoginArgs{
AllowedExternalRedirectUrls: pulumi.StringArray{
pulumi.String("string"),
},
CookieExpirationConvention: pulumi.String("string"),
CookieExpirationTime: pulumi.String("string"),
LogoutEndpoint: pulumi.String("string"),
NonceExpirationTime: pulumi.String("string"),
PreserveUrlFragmentsForLogins: pulumi.Bool(false),
TokenRefreshExtensionTime: pulumi.Float64(0),
TokenStoreEnabled: pulumi.Bool(false),
TokenStorePath: pulumi.String("string"),
TokenStoreSasSettingName: pulumi.String("string"),
ValidateNonce: pulumi.Bool(false),
},
CustomOidcV2s: appservice.LinuxFunctionAppSlotAuthSettingsV2CustomOidcV2Array{
&appservice.LinuxFunctionAppSlotAuthSettingsV2CustomOidcV2Args{
ClientId: pulumi.String("string"),
Name: pulumi.String("string"),
OpenidConfigurationEndpoint: pulumi.String("string"),
AuthorisationEndpoint: pulumi.String("string"),
CertificationUri: pulumi.String("string"),
ClientCredentialMethod: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
IssuerEndpoint: pulumi.String("string"),
NameClaimType: pulumi.String("string"),
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
TokenEndpoint: pulumi.String("string"),
},
},
ActiveDirectoryV2: &appservice.LinuxFunctionAppSlotAuthSettingsV2ActiveDirectoryV2Args{
ClientId: pulumi.String("string"),
TenantAuthEndpoint: pulumi.String("string"),
AllowedApplications: pulumi.StringArray{
pulumi.String("string"),
},
AllowedAudiences: pulumi.StringArray{
pulumi.String("string"),
},
AllowedGroups: pulumi.StringArray{
pulumi.String("string"),
},
AllowedIdentities: pulumi.StringArray{
pulumi.String("string"),
},
ClientSecretCertificateThumbprint: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
JwtAllowedClientApplications: pulumi.StringArray{
pulumi.String("string"),
},
JwtAllowedGroups: pulumi.StringArray{
pulumi.String("string"),
},
LoginParameters: pulumi.StringMap{
"string": pulumi.String("string"),
},
WwwAuthenticationDisabled: pulumi.Bool(false),
},
ForwardProxyCustomSchemeHeaderName: pulumi.String("string"),
GoogleV2: &appservice.LinuxFunctionAppSlotAuthSettingsV2GoogleV2Args{
ClientId: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
AllowedAudiences: pulumi.StringArray{
pulumi.String("string"),
},
LoginScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
GithubV2: &appservice.LinuxFunctionAppSlotAuthSettingsV2GithubV2Args{
ClientId: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
LoginScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
DefaultProvider: pulumi.String("string"),
ExcludedPaths: pulumi.StringArray{
pulumi.String("string"),
},
FacebookV2: &appservice.LinuxFunctionAppSlotAuthSettingsV2FacebookV2Args{
AppId: pulumi.String("string"),
AppSecretSettingName: pulumi.String("string"),
GraphApiVersion: pulumi.String("string"),
LoginScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
ForwardProxyConvention: pulumi.String("string"),
ForwardProxyCustomHostHeaderName: pulumi.String("string"),
AzureStaticWebAppV2: &appservice.LinuxFunctionAppSlotAuthSettingsV2AzureStaticWebAppV2Args{
ClientId: pulumi.String("string"),
},
AuthEnabled: pulumi.Bool(false),
ConfigFilePath: pulumi.String("string"),
HttpRouteApiPrefix: pulumi.String("string"),
AppleV2: &appservice.LinuxFunctionAppSlotAuthSettingsV2AppleV2Args{
ClientId: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
LoginScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
MicrosoftV2: &appservice.LinuxFunctionAppSlotAuthSettingsV2MicrosoftV2Args{
ClientId: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
AllowedAudiences: pulumi.StringArray{
pulumi.String("string"),
},
LoginScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
RequireAuthentication: pulumi.Bool(false),
RequireHttps: pulumi.Bool(false),
RuntimeVersion: pulumi.String("string"),
TwitterV2: &appservice.LinuxFunctionAppSlotAuthSettingsV2TwitterV2Args{
ConsumerKey: pulumi.String("string"),
ConsumerSecretSettingName: pulumi.String("string"),
},
UnauthenticatedAction: pulumi.String("string"),
},
PublicNetworkAccessEnabled: pulumi.Bool(false),
ServicePlanId: pulumi.String("string"),
AuthSettings: &appservice.LinuxFunctionAppSlotAuthSettingsArgs{
Enabled: pulumi.Bool(false),
Github: &appservice.LinuxFunctionAppSlotAuthSettingsGithubArgs{
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
Issuer: pulumi.String("string"),
DefaultProvider: pulumi.String("string"),
AdditionalLoginParameters: pulumi.StringMap{
"string": pulumi.String("string"),
},
Facebook: &appservice.LinuxFunctionAppSlotAuthSettingsFacebookArgs{
AppId: pulumi.String("string"),
AppSecret: pulumi.String("string"),
AppSecretSettingName: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
ActiveDirectory: &appservice.LinuxFunctionAppSlotAuthSettingsActiveDirectoryArgs{
ClientId: pulumi.String("string"),
AllowedAudiences: pulumi.StringArray{
pulumi.String("string"),
},
ClientSecret: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
},
Google: &appservice.LinuxFunctionAppSlotAuthSettingsGoogleArgs{
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
AllowedExternalRedirectUrls: pulumi.StringArray{
pulumi.String("string"),
},
Microsoft: &appservice.LinuxFunctionAppSlotAuthSettingsMicrosoftArgs{
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
ClientSecretSettingName: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
},
RuntimeVersion: pulumi.String("string"),
TokenRefreshExtensionHours: pulumi.Float64(0),
TokenStoreEnabled: pulumi.Bool(false),
Twitter: &appservice.LinuxFunctionAppSlotAuthSettingsTwitterArgs{
ConsumerKey: pulumi.String("string"),
ConsumerSecret: pulumi.String("string"),
ConsumerSecretSettingName: pulumi.String("string"),
},
UnauthenticatedClientAction: pulumi.String("string"),
},
StorageAccountAccessKey: pulumi.String("string"),
StorageAccountName: pulumi.String("string"),
StorageAccounts: appservice.LinuxFunctionAppSlotStorageAccountArray{
&appservice.LinuxFunctionAppSlotStorageAccountArgs{
AccessKey: pulumi.String("string"),
AccountName: pulumi.String("string"),
Name: pulumi.String("string"),
ShareName: pulumi.String("string"),
Type: pulumi.String("string"),
MountPath: pulumi.String("string"),
},
},
StorageKeyVaultSecretId: pulumi.String("string"),
StorageUsesManagedIdentity: pulumi.Bool(false),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
VirtualNetworkSubnetId: pulumi.String("string"),
VnetImagePullEnabled: pulumi.Bool(false),
WebdeployPublishBasicAuthenticationEnabled: pulumi.Bool(false),
})
var linuxFunctionAppSlotResource = new LinuxFunctionAppSlot("linuxFunctionAppSlotResource", LinuxFunctionAppSlotArgs.builder()
.functionAppId("string")
.siteConfig(LinuxFunctionAppSlotSiteConfigArgs.builder()
.alwaysOn(false)
.apiDefinitionUrl("string")
.apiManagementApiId("string")
.appCommandLine("string")
.appScaleLimit(0)
.appServiceLogs(LinuxFunctionAppSlotSiteConfigAppServiceLogsArgs.builder()
.diskQuotaMb(0)
.retentionPeriodDays(0)
.build())
.applicationInsightsConnectionString("string")
.applicationInsightsKey("string")
.applicationStack(LinuxFunctionAppSlotSiteConfigApplicationStackArgs.builder()
.dockers(LinuxFunctionAppSlotSiteConfigApplicationStackDockerArgs.builder()
.imageName("string")
.imageTag("string")
.registryUrl("string")
.registryPassword("string")
.registryUsername("string")
.build())
.dotnetVersion("string")
.javaVersion("string")
.nodeVersion("string")
.powershellCoreVersion("string")
.pythonVersion("string")
.useCustomRuntime(false)
.useDotnetIsolatedRuntime(false)
.build())
.autoSwapSlotName("string")
.containerRegistryManagedIdentityClientId("string")
.containerRegistryUseManagedIdentity(false)
.cors(LinuxFunctionAppSlotSiteConfigCorsArgs.builder()
.allowedOrigins("string")
.supportCredentials(false)
.build())
.defaultDocuments("string")
.detailedErrorLoggingEnabled(false)
.elasticInstanceMinimum(0)
.ftpsState("string")
.healthCheckEvictionTimeInMin(0)
.healthCheckPath("string")
.http2Enabled(false)
.ipRestrictionDefaultAction("string")
.ipRestrictions(LinuxFunctionAppSlotSiteConfigIpRestrictionArgs.builder()
.action("string")
.description("string")
.headers(LinuxFunctionAppSlotSiteConfigIpRestrictionHeadersArgs.builder()
.xAzureFdids("string")
.xFdHealthProbe("string")
.xForwardedFors("string")
.xForwardedHosts("string")
.build())
.ipAddress("string")
.name("string")
.priority(0)
.serviceTag("string")
.virtualNetworkSubnetId("string")
.build())
.linuxFxVersion("string")
.loadBalancingMode("string")
.managedPipelineMode("string")
.minimumTlsVersion("string")
.preWarmedInstanceCount(0)
.remoteDebuggingEnabled(false)
.remoteDebuggingVersion("string")
.runtimeScaleMonitoringEnabled(false)
.scmIpRestrictionDefaultAction("string")
.scmIpRestrictions(LinuxFunctionAppSlotSiteConfigScmIpRestrictionArgs.builder()
.action("string")
.description("string")
.headers(LinuxFunctionAppSlotSiteConfigScmIpRestrictionHeadersArgs.builder()
.xAzureFdids("string")
.xFdHealthProbe("string")
.xForwardedFors("string")
.xForwardedHosts("string")
.build())
.ipAddress("string")
.name("string")
.priority(0)
.serviceTag("string")
.virtualNetworkSubnetId("string")
.build())
.scmMinimumTlsVersion("string")
.scmType("string")
.scmUseMainIpRestriction(false)
.use32BitWorker(false)
.vnetRouteAllEnabled(false)
.websocketsEnabled(false)
.workerCount(0)
.build())
.clientCertificateMode("string")
.clientCertificateExclusionPaths("string")
.identity(LinuxFunctionAppSlotIdentityArgs.builder()
.type("string")
.identityIds("string")
.principalId("string")
.tenantId("string")
.build())
.clientCertificateEnabled(false)
.keyVaultReferenceIdentityId("string")
.appSettings(Map.of("string", "string"))
.connectionStrings(LinuxFunctionAppSlotConnectionStringArgs.builder()
.name("string")
.type("string")
.value("string")
.build())
.contentShareForceDisabled(false)
.dailyMemoryTimeQuota(0)
.enabled(false)
.ftpPublishBasicAuthenticationEnabled(false)
.name("string")
.functionsExtensionVersion("string")
.httpsOnly(false)
.builtinLoggingEnabled(false)
.backup(LinuxFunctionAppSlotBackupArgs.builder()
.name("string")
.schedule(LinuxFunctionAppSlotBackupScheduleArgs.builder()
.frequencyInterval(0)
.frequencyUnit("string")
.keepAtLeastOneBackup(false)
.lastExecutionTime("string")
.retentionPeriodDays(0)
.startTime("string")
.build())
.storageAccountUrl("string")
.enabled(false)
.build())
.authSettingsV2(LinuxFunctionAppSlotAuthSettingsV2Args.builder()
.login(LinuxFunctionAppSlotAuthSettingsV2LoginArgs.builder()
.allowedExternalRedirectUrls("string")
.cookieExpirationConvention("string")
.cookieExpirationTime("string")
.logoutEndpoint("string")
.nonceExpirationTime("string")
.preserveUrlFragmentsForLogins(false)
.tokenRefreshExtensionTime(0)
.tokenStoreEnabled(false)
.tokenStorePath("string")
.tokenStoreSasSettingName("string")
.validateNonce(false)
.build())
.customOidcV2s(LinuxFunctionAppSlotAuthSettingsV2CustomOidcV2Args.builder()
.clientId("string")
.name("string")
.openidConfigurationEndpoint("string")
.authorisationEndpoint("string")
.certificationUri("string")
.clientCredentialMethod("string")
.clientSecretSettingName("string")
.issuerEndpoint("string")
.nameClaimType("string")
.scopes("string")
.tokenEndpoint("string")
.build())
.activeDirectoryV2(LinuxFunctionAppSlotAuthSettingsV2ActiveDirectoryV2Args.builder()
.clientId("string")
.tenantAuthEndpoint("string")
.allowedApplications("string")
.allowedAudiences("string")
.allowedGroups("string")
.allowedIdentities("string")
.clientSecretCertificateThumbprint("string")
.clientSecretSettingName("string")
.jwtAllowedClientApplications("string")
.jwtAllowedGroups("string")
.loginParameters(Map.of("string", "string"))
.wwwAuthenticationDisabled(false)
.build())
.forwardProxyCustomSchemeHeaderName("string")
.googleV2(LinuxFunctionAppSlotAuthSettingsV2GoogleV2Args.builder()
.clientId("string")
.clientSecretSettingName("string")
.allowedAudiences("string")
.loginScopes("string")
.build())
.githubV2(LinuxFunctionAppSlotAuthSettingsV2GithubV2Args.builder()
.clientId("string")
.clientSecretSettingName("string")
.loginScopes("string")
.build())
.defaultProvider("string")
.excludedPaths("string")
.facebookV2(LinuxFunctionAppSlotAuthSettingsV2FacebookV2Args.builder()
.appId("string")
.appSecretSettingName("string")
.graphApiVersion("string")
.loginScopes("string")
.build())
.forwardProxyConvention("string")
.forwardProxyCustomHostHeaderName("string")
.azureStaticWebAppV2(LinuxFunctionAppSlotAuthSettingsV2AzureStaticWebAppV2Args.builder()
.clientId("string")
.build())
.authEnabled(false)
.configFilePath("string")
.httpRouteApiPrefix("string")
.appleV2(LinuxFunctionAppSlotAuthSettingsV2AppleV2Args.builder()
.clientId("string")
.clientSecretSettingName("string")
.loginScopes("string")
.build())
.microsoftV2(LinuxFunctionAppSlotAuthSettingsV2MicrosoftV2Args.builder()
.clientId("string")
.clientSecretSettingName("string")
.allowedAudiences("string")
.loginScopes("string")
.build())
.requireAuthentication(false)
.requireHttps(false)
.runtimeVersion("string")
.twitterV2(LinuxFunctionAppSlotAuthSettingsV2TwitterV2Args.builder()
.consumerKey("string")
.consumerSecretSettingName("string")
.build())
.unauthenticatedAction("string")
.build())
.publicNetworkAccessEnabled(false)
.servicePlanId("string")
.authSettings(LinuxFunctionAppSlotAuthSettingsArgs.builder()
.enabled(false)
.github(LinuxFunctionAppSlotAuthSettingsGithubArgs.builder()
.clientId("string")
.clientSecret("string")
.clientSecretSettingName("string")
.oauthScopes("string")
.build())
.issuer("string")
.defaultProvider("string")
.additionalLoginParameters(Map.of("string", "string"))
.facebook(LinuxFunctionAppSlotAuthSettingsFacebookArgs.builder()
.appId("string")
.appSecret("string")
.appSecretSettingName("string")
.oauthScopes("string")
.build())
.activeDirectory(LinuxFunctionAppSlotAuthSettingsActiveDirectoryArgs.builder()
.clientId("string")
.allowedAudiences("string")
.clientSecret("string")
.clientSecretSettingName("string")
.build())
.google(LinuxFunctionAppSlotAuthSettingsGoogleArgs.builder()
.clientId("string")
.clientSecret("string")
.clientSecretSettingName("string")
.oauthScopes("string")
.build())
.allowedExternalRedirectUrls("string")
.microsoft(LinuxFunctionAppSlotAuthSettingsMicrosoftArgs.builder()
.clientId("string")
.clientSecret("string")
.clientSecretSettingName("string")
.oauthScopes("string")
.build())
.runtimeVersion("string")
.tokenRefreshExtensionHours(0)
.tokenStoreEnabled(false)
.twitter(LinuxFunctionAppSlotAuthSettingsTwitterArgs.builder()
.consumerKey("string")
.consumerSecret("string")
.consumerSecretSettingName("string")
.build())
.unauthenticatedClientAction("string")
.build())
.storageAccountAccessKey("string")
.storageAccountName("string")
.storageAccounts(LinuxFunctionAppSlotStorageAccountArgs.builder()
.accessKey("string")
.accountName("string")
.name("string")
.shareName("string")
.type("string")
.mountPath("string")
.build())
.storageKeyVaultSecretId("string")
.storageUsesManagedIdentity(false)
.tags(Map.of("string", "string"))
.virtualNetworkSubnetId("string")
.vnetImagePullEnabled(false)
.webdeployPublishBasicAuthenticationEnabled(false)
.build());
linux_function_app_slot_resource = azure.appservice.LinuxFunctionAppSlot("linuxFunctionAppSlotResource",
function_app_id="string",
site_config={
"always_on": False,
"api_definition_url": "string",
"api_management_api_id": "string",
"app_command_line": "string",
"app_scale_limit": 0,
"app_service_logs": {
"disk_quota_mb": 0,
"retention_period_days": 0,
},
"application_insights_connection_string": "string",
"application_insights_key": "string",
"application_stack": {
"dockers": [{
"image_name": "string",
"image_tag": "string",
"registry_url": "string",
"registry_password": "string",
"registry_username": "string",
}],
"dotnet_version": "string",
"java_version": "string",
"node_version": "string",
"powershell_core_version": "string",
"python_version": "string",
"use_custom_runtime": False,
"use_dotnet_isolated_runtime": False,
},
"auto_swap_slot_name": "string",
"container_registry_managed_identity_client_id": "string",
"container_registry_use_managed_identity": False,
"cors": {
"allowed_origins": ["string"],
"support_credentials": False,
},
"default_documents": ["string"],
"detailed_error_logging_enabled": False,
"elastic_instance_minimum": 0,
"ftps_state": "string",
"health_check_eviction_time_in_min": 0,
"health_check_path": "string",
"http2_enabled": False,
"ip_restriction_default_action": "string",
"ip_restrictions": [{
"action": "string",
"description": "string",
"headers": {
"x_azure_fdids": ["string"],
"x_fd_health_probe": "string",
"x_forwarded_fors": ["string"],
"x_forwarded_hosts": ["string"],
},
"ip_address": "string",
"name": "string",
"priority": 0,
"service_tag": "string",
"virtual_network_subnet_id": "string",
}],
"linux_fx_version": "string",
"load_balancing_mode": "string",
"managed_pipeline_mode": "string",
"minimum_tls_version": "string",
"pre_warmed_instance_count": 0,
"remote_debugging_enabled": False,
"remote_debugging_version": "string",
"runtime_scale_monitoring_enabled": False,
"scm_ip_restriction_default_action": "string",
"scm_ip_restrictions": [{
"action": "string",
"description": "string",
"headers": {
"x_azure_fdids": ["string"],
"x_fd_health_probe": "string",
"x_forwarded_fors": ["string"],
"x_forwarded_hosts": ["string"],
},
"ip_address": "string",
"name": "string",
"priority": 0,
"service_tag": "string",
"virtual_network_subnet_id": "string",
}],
"scm_minimum_tls_version": "string",
"scm_type": "string",
"scm_use_main_ip_restriction": False,
"use32_bit_worker": False,
"vnet_route_all_enabled": False,
"websockets_enabled": False,
"worker_count": 0,
},
client_certificate_mode="string",
client_certificate_exclusion_paths="string",
identity={
"type": "string",
"identity_ids": ["string"],
"principal_id": "string",
"tenant_id": "string",
},
client_certificate_enabled=False,
key_vault_reference_identity_id="string",
app_settings={
"string": "string",
},
connection_strings=[{
"name": "string",
"type": "string",
"value": "string",
}],
content_share_force_disabled=False,
daily_memory_time_quota=0,
enabled=False,
ftp_publish_basic_authentication_enabled=False,
name="string",
functions_extension_version="string",
https_only=False,
builtin_logging_enabled=False,
backup={
"name": "string",
"schedule": {
"frequency_interval": 0,
"frequency_unit": "string",
"keep_at_least_one_backup": False,
"last_execution_time": "string",
"retention_period_days": 0,
"start_time": "string",
},
"storage_account_url": "string",
"enabled": False,
},
auth_settings_v2={
"login": {
"allowed_external_redirect_urls": ["string"],
"cookie_expiration_convention": "string",
"cookie_expiration_time": "string",
"logout_endpoint": "string",
"nonce_expiration_time": "string",
"preserve_url_fragments_for_logins": False,
"token_refresh_extension_time": 0,
"token_store_enabled": False,
"token_store_path": "string",
"token_store_sas_setting_name": "string",
"validate_nonce": False,
},
"custom_oidc_v2s": [{
"client_id": "string",
"name": "string",
"openid_configuration_endpoint": "string",
"authorisation_endpoint": "string",
"certification_uri": "string",
"client_credential_method": "string",
"client_secret_setting_name": "string",
"issuer_endpoint": "string",
"name_claim_type": "string",
"scopes": ["string"],
"token_endpoint": "string",
}],
"active_directory_v2": {
"client_id": "string",
"tenant_auth_endpoint": "string",
"allowed_applications": ["string"],
"allowed_audiences": ["string"],
"allowed_groups": ["string"],
"allowed_identities": ["string"],
"client_secret_certificate_thumbprint": "string",
"client_secret_setting_name": "string",
"jwt_allowed_client_applications": ["string"],
"jwt_allowed_groups": ["string"],
"login_parameters": {
"string": "string",
},
"www_authentication_disabled": False,
},
"forward_proxy_custom_scheme_header_name": "string",
"google_v2": {
"client_id": "string",
"client_secret_setting_name": "string",
"allowed_audiences": ["string"],
"login_scopes": ["string"],
},
"github_v2": {
"client_id": "string",
"client_secret_setting_name": "string",
"login_scopes": ["string"],
},
"default_provider": "string",
"excluded_paths": ["string"],
"facebook_v2": {
"app_id": "string",
"app_secret_setting_name": "string",
"graph_api_version": "string",
"login_scopes": ["string"],
},
"forward_proxy_convention": "string",
"forward_proxy_custom_host_header_name": "string",
"azure_static_web_app_v2": {
"client_id": "string",
},
"auth_enabled": False,
"config_file_path": "string",
"http_route_api_prefix": "string",
"apple_v2": {
"client_id": "string",
"client_secret_setting_name": "string",
"login_scopes": ["string"],
},
"microsoft_v2": {
"client_id": "string",
"client_secret_setting_name": "string",
"allowed_audiences": ["string"],
"login_scopes": ["string"],
},
"require_authentication": False,
"require_https": False,
"runtime_version": "string",
"twitter_v2": {
"consumer_key": "string",
"consumer_secret_setting_name": "string",
},
"unauthenticated_action": "string",
},
public_network_access_enabled=False,
service_plan_id="string",
auth_settings={
"enabled": False,
"github": {
"client_id": "string",
"client_secret": "string",
"client_secret_setting_name": "string",
"oauth_scopes": ["string"],
},
"issuer": "string",
"default_provider": "string",
"additional_login_parameters": {
"string": "string",
},
"facebook": {
"app_id": "string",
"app_secret": "string",
"app_secret_setting_name": "string",
"oauth_scopes": ["string"],
},
"active_directory": {
"client_id": "string",
"allowed_audiences": ["string"],
"client_secret": "string",
"client_secret_setting_name": "string",
},
"google": {
"client_id": "string",
"client_secret": "string",
"client_secret_setting_name": "string",
"oauth_scopes": ["string"],
},
"allowed_external_redirect_urls": ["string"],
"microsoft": {
"client_id": "string",
"client_secret": "string",
"client_secret_setting_name": "string",
"oauth_scopes": ["string"],
},
"runtime_version": "string",
"token_refresh_extension_hours": 0,
"token_store_enabled": False,
"twitter": {
"consumer_key": "string",
"consumer_secret": "string",
"consumer_secret_setting_name": "string",
},
"unauthenticated_client_action": "string",
},
storage_account_access_key="string",
storage_account_name="string",
storage_accounts=[{
"access_key": "string",
"account_name": "string",
"name": "string",
"share_name": "string",
"type": "string",
"mount_path": "string",
}],
storage_key_vault_secret_id="string",
storage_uses_managed_identity=False,
tags={
"string": "string",
},
virtual_network_subnet_id="string",
vnet_image_pull_enabled=False,
webdeploy_publish_basic_authentication_enabled=False)
const linuxFunctionAppSlotResource = new azure.appservice.LinuxFunctionAppSlot("linuxFunctionAppSlotResource", {
functionAppId: "string",
siteConfig: {
alwaysOn: false,
apiDefinitionUrl: "string",
apiManagementApiId: "string",
appCommandLine: "string",
appScaleLimit: 0,
appServiceLogs: {
diskQuotaMb: 0,
retentionPeriodDays: 0,
},
applicationInsightsConnectionString: "string",
applicationInsightsKey: "string",
applicationStack: {
dockers: [{
imageName: "string",
imageTag: "string",
registryUrl: "string",
registryPassword: "string",
registryUsername: "string",
}],
dotnetVersion: "string",
javaVersion: "string",
nodeVersion: "string",
powershellCoreVersion: "string",
pythonVersion: "string",
useCustomRuntime: false,
useDotnetIsolatedRuntime: false,
},
autoSwapSlotName: "string",
containerRegistryManagedIdentityClientId: "string",
containerRegistryUseManagedIdentity: false,
cors: {
allowedOrigins: ["string"],
supportCredentials: false,
},
defaultDocuments: ["string"],
detailedErrorLoggingEnabled: false,
elasticInstanceMinimum: 0,
ftpsState: "string",
healthCheckEvictionTimeInMin: 0,
healthCheckPath: "string",
http2Enabled: false,
ipRestrictionDefaultAction: "string",
ipRestrictions: [{
action: "string",
description: "string",
headers: {
xAzureFdids: ["string"],
xFdHealthProbe: "string",
xForwardedFors: ["string"],
xForwardedHosts: ["string"],
},
ipAddress: "string",
name: "string",
priority: 0,
serviceTag: "string",
virtualNetworkSubnetId: "string",
}],
linuxFxVersion: "string",
loadBalancingMode: "string",
managedPipelineMode: "string",
minimumTlsVersion: "string",
preWarmedInstanceCount: 0,
remoteDebuggingEnabled: false,
remoteDebuggingVersion: "string",
runtimeScaleMonitoringEnabled: false,
scmIpRestrictionDefaultAction: "string",
scmIpRestrictions: [{
action: "string",
description: "string",
headers: {
xAzureFdids: ["string"],
xFdHealthProbe: "string",
xForwardedFors: ["string"],
xForwardedHosts: ["string"],
},
ipAddress: "string",
name: "string",
priority: 0,
serviceTag: "string",
virtualNetworkSubnetId: "string",
}],
scmMinimumTlsVersion: "string",
scmType: "string",
scmUseMainIpRestriction: false,
use32BitWorker: false,
vnetRouteAllEnabled: false,
websocketsEnabled: false,
workerCount: 0,
},
clientCertificateMode: "string",
clientCertificateExclusionPaths: "string",
identity: {
type: "string",
identityIds: ["string"],
principalId: "string",
tenantId: "string",
},
clientCertificateEnabled: false,
keyVaultReferenceIdentityId: "string",
appSettings: {
string: "string",
},
connectionStrings: [{
name: "string",
type: "string",
value: "string",
}],
contentShareForceDisabled: false,
dailyMemoryTimeQuota: 0,
enabled: false,
ftpPublishBasicAuthenticationEnabled: false,
name: "string",
functionsExtensionVersion: "string",
httpsOnly: false,
builtinLoggingEnabled: false,
backup: {
name: "string",
schedule: {
frequencyInterval: 0,
frequencyUnit: "string",
keepAtLeastOneBackup: false,
lastExecutionTime: "string",
retentionPeriodDays: 0,
startTime: "string",
},
storageAccountUrl: "string",
enabled: false,
},
authSettingsV2: {
login: {
allowedExternalRedirectUrls: ["string"],
cookieExpirationConvention: "string",
cookieExpirationTime: "string",
logoutEndpoint: "string",
nonceExpirationTime: "string",
preserveUrlFragmentsForLogins: false,
tokenRefreshExtensionTime: 0,
tokenStoreEnabled: false,
tokenStorePath: "string",
tokenStoreSasSettingName: "string",
validateNonce: false,
},
customOidcV2s: [{
clientId: "string",
name: "string",
openidConfigurationEndpoint: "string",
authorisationEndpoint: "string",
certificationUri: "string",
clientCredentialMethod: "string",
clientSecretSettingName: "string",
issuerEndpoint: "string",
nameClaimType: "string",
scopes: ["string"],
tokenEndpoint: "string",
}],
activeDirectoryV2: {
clientId: "string",
tenantAuthEndpoint: "string",
allowedApplications: ["string"],
allowedAudiences: ["string"],
allowedGroups: ["string"],
allowedIdentities: ["string"],
clientSecretCertificateThumbprint: "string",
clientSecretSettingName: "string",
jwtAllowedClientApplications: ["string"],
jwtAllowedGroups: ["string"],
loginParameters: {
string: "string",
},
wwwAuthenticationDisabled: false,
},
forwardProxyCustomSchemeHeaderName: "string",
googleV2: {
clientId: "string",
clientSecretSettingName: "string",
allowedAudiences: ["string"],
loginScopes: ["string"],
},
githubV2: {
clientId: "string",
clientSecretSettingName: "string",
loginScopes: ["string"],
},
defaultProvider: "string",
excludedPaths: ["string"],
facebookV2: {
appId: "string",
appSecretSettingName: "string",
graphApiVersion: "string",
loginScopes: ["string"],
},
forwardProxyConvention: "string",
forwardProxyCustomHostHeaderName: "string",
azureStaticWebAppV2: {
clientId: "string",
},
authEnabled: false,
configFilePath: "string",
httpRouteApiPrefix: "string",
appleV2: {
clientId: "string",
clientSecretSettingName: "string",
loginScopes: ["string"],
},
microsoftV2: {
clientId: "string",
clientSecretSettingName: "string",
allowedAudiences: ["string"],
loginScopes: ["string"],
},
requireAuthentication: false,
requireHttps: false,
runtimeVersion: "string",
twitterV2: {
consumerKey: "string",
consumerSecretSettingName: "string",
},
unauthenticatedAction: "string",
},
publicNetworkAccessEnabled: false,
servicePlanId: "string",
authSettings: {
enabled: false,
github: {
clientId: "string",
clientSecret: "string",
clientSecretSettingName: "string",
oauthScopes: ["string"],
},
issuer: "string",
defaultProvider: "string",
additionalLoginParameters: {
string: "string",
},
facebook: {
appId: "string",
appSecret: "string",
appSecretSettingName: "string",
oauthScopes: ["string"],
},
activeDirectory: {
clientId: "string",
allowedAudiences: ["string"],
clientSecret: "string",
clientSecretSettingName: "string",
},
google: {
clientId: "string",
clientSecret: "string",
clientSecretSettingName: "string",
oauthScopes: ["string"],
},
allowedExternalRedirectUrls: ["string"],
microsoft: {
clientId: "string",
clientSecret: "string",
clientSecretSettingName: "string",
oauthScopes: ["string"],
},
runtimeVersion: "string",
tokenRefreshExtensionHours: 0,
tokenStoreEnabled: false,
twitter: {
consumerKey: "string",
consumerSecret: "string",
consumerSecretSettingName: "string",
},
unauthenticatedClientAction: "string",
},
storageAccountAccessKey: "string",
storageAccountName: "string",
storageAccounts: [{
accessKey: "string",
accountName: "string",
name: "string",
shareName: "string",
type: "string",
mountPath: "string",
}],
storageKeyVaultSecretId: "string",
storageUsesManagedIdentity: false,
tags: {
string: "string",
},
virtualNetworkSubnetId: "string",
vnetImagePullEnabled: false,
webdeployPublishBasicAuthenticationEnabled: false,
});
type: azure:appservice:LinuxFunctionAppSlot
properties:
appSettings:
string: string
authSettings:
activeDirectory:
allowedAudiences:
- string
clientId: string
clientSecret: string
clientSecretSettingName: string
additionalLoginParameters:
string: string
allowedExternalRedirectUrls:
- string
defaultProvider: string
enabled: false
facebook:
appId: string
appSecret: string
appSecretSettingName: string
oauthScopes:
- string
github:
clientId: string
clientSecret: string
clientSecretSettingName: string
oauthScopes:
- string
google:
clientId: string
clientSecret: string
clientSecretSettingName: string
oauthScopes:
- string
issuer: string
microsoft:
clientId: string
clientSecret: string
clientSecretSettingName: string
oauthScopes:
- string
runtimeVersion: string
tokenRefreshExtensionHours: 0
tokenStoreEnabled: false
twitter:
consumerKey: string
consumerSecret: string
consumerSecretSettingName: string
unauthenticatedClientAction: string
authSettingsV2:
activeDirectoryV2:
allowedApplications:
- string
allowedAudiences:
- string
allowedGroups:
- string
allowedIdentities:
- string
clientId: string
clientSecretCertificateThumbprint: string
clientSecretSettingName: string
jwtAllowedClientApplications:
- string
jwtAllowedGroups:
- string
loginParameters:
string: string
tenantAuthEndpoint: string
wwwAuthenticationDisabled: false
appleV2:
clientId: string
clientSecretSettingName: string
loginScopes:
- string
authEnabled: false
azureStaticWebAppV2:
clientId: string
configFilePath: string
customOidcV2s:
- authorisationEndpoint: string
certificationUri: string
clientCredentialMethod: string
clientId: string
clientSecretSettingName: string
issuerEndpoint: string
name: string
nameClaimType: string
openidConfigurationEndpoint: string
scopes:
- string
tokenEndpoint: string
defaultProvider: string
excludedPaths:
- string
facebookV2:
appId: string
appSecretSettingName: string
graphApiVersion: string
loginScopes:
- string
forwardProxyConvention: string
forwardProxyCustomHostHeaderName: string
forwardProxyCustomSchemeHeaderName: string
githubV2:
clientId: string
clientSecretSettingName: string
loginScopes:
- string
googleV2:
allowedAudiences:
- string
clientId: string
clientSecretSettingName: string
loginScopes:
- string
httpRouteApiPrefix: string
login:
allowedExternalRedirectUrls:
- string
cookieExpirationConvention: string
cookieExpirationTime: string
logoutEndpoint: string
nonceExpirationTime: string
preserveUrlFragmentsForLogins: false
tokenRefreshExtensionTime: 0
tokenStoreEnabled: false
tokenStorePath: string
tokenStoreSasSettingName: string
validateNonce: false
microsoftV2:
allowedAudiences:
- string
clientId: string
clientSecretSettingName: string
loginScopes:
- string
requireAuthentication: false
requireHttps: false
runtimeVersion: string
twitterV2:
consumerKey: string
consumerSecretSettingName: string
unauthenticatedAction: string
backup:
enabled: false
name: string
schedule:
frequencyInterval: 0
frequencyUnit: string
keepAtLeastOneBackup: false
lastExecutionTime: string
retentionPeriodDays: 0
startTime: string
storageAccountUrl: string
builtinLoggingEnabled: false
clientCertificateEnabled: false
clientCertificateExclusionPaths: string
clientCertificateMode: string
connectionStrings:
- name: string
type: string
value: string
contentShareForceDisabled: false
dailyMemoryTimeQuota: 0
enabled: false
ftpPublishBasicAuthenticationEnabled: false
functionAppId: string
functionsExtensionVersion: string
httpsOnly: false
identity:
identityIds:
- string
principalId: string
tenantId: string
type: string
keyVaultReferenceIdentityId: string
name: string
publicNetworkAccessEnabled: false
servicePlanId: string
siteConfig:
alwaysOn: false
apiDefinitionUrl: string
apiManagementApiId: string
appCommandLine: string
appScaleLimit: 0
appServiceLogs:
diskQuotaMb: 0
retentionPeriodDays: 0
applicationInsightsConnectionString: string
applicationInsightsKey: string
applicationStack:
dockers:
- imageName: string
imageTag: string
registryPassword: string
registryUrl: string
registryUsername: string
dotnetVersion: string
javaVersion: string
nodeVersion: string
powershellCoreVersion: string
pythonVersion: string
useCustomRuntime: false
useDotnetIsolatedRuntime: false
autoSwapSlotName: string
containerRegistryManagedIdentityClientId: string
containerRegistryUseManagedIdentity: false
cors:
allowedOrigins:
- string
supportCredentials: false
defaultDocuments:
- string
detailedErrorLoggingEnabled: false
elasticInstanceMinimum: 0
ftpsState: string
healthCheckEvictionTimeInMin: 0
healthCheckPath: string
http2Enabled: false
ipRestrictionDefaultAction: string
ipRestrictions:
- action: string
description: string
headers:
xAzureFdids:
- string
xFdHealthProbe: string
xForwardedFors:
- string
xForwardedHosts:
- string
ipAddress: string
name: string
priority: 0
serviceTag: string
virtualNetworkSubnetId: string
linuxFxVersion: string
loadBalancingMode: string
managedPipelineMode: string
minimumTlsVersion: string
preWarmedInstanceCount: 0
remoteDebuggingEnabled: false
remoteDebuggingVersion: string
runtimeScaleMonitoringEnabled: false
scmIpRestrictionDefaultAction: string
scmIpRestrictions:
- action: string
description: string
headers:
xAzureFdids:
- string
xFdHealthProbe: string
xForwardedFors:
- string
xForwardedHosts:
- string
ipAddress: string
name: string
priority: 0
serviceTag: string
virtualNetworkSubnetId: string
scmMinimumTlsVersion: string
scmType: string
scmUseMainIpRestriction: false
use32BitWorker: false
vnetRouteAllEnabled: false
websocketsEnabled: false
workerCount: 0
storageAccountAccessKey: string
storageAccountName: string
storageAccounts:
- accessKey: string
accountName: string
mountPath: string
name: string
shareName: string
type: string
storageKeyVaultSecretId: string
storageUsesManagedIdentity: false
tags:
string: string
virtualNetworkSubnetId: string
vnetImagePullEnabled: false
webdeployPublishBasicAuthenticationEnabled: false
LinuxFunctionAppSlot Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The LinuxFunctionAppSlot resource accepts the following input properties:
- Function
App stringId - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- Site
Config LinuxFunction App Slot Site Config - a
site_config
block as detailed below. - App
Settings Dictionary<string, string> - A map of key-value pairs for App Settings and custom values.
- Auth
Settings LinuxFunction App Slot Auth Settings - an
auth_settings
block as detailed below. - Auth
Settings LinuxV2 Function App Slot Auth Settings V2 - an
auth_settings_v2
block as detailed below. - Backup
Linux
Function App Slot Backup - a
backup
block as detailed below. - Builtin
Logging boolEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - Client
Certificate boolEnabled - Should the Function App Slot use Client Certificates.
- Client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- Client
Certificate stringMode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - Connection
Strings List<LinuxFunction App Slot Connection String> - a
connection_string
block as detailed below. - bool
- Force disable the content share settings.
- Daily
Memory intTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - Enabled bool
- Is the Linux Function App Slot enabled. Defaults to
true
. - Ftp
Publish boolBasic Authentication Enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - Functions
Extension stringVersion - The runtime version associated with the Function App Slot. Defaults to
~4
. - Https
Only bool - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - Identity
Linux
Function App Slot Identity - An
identity
block as detailed below. - Key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - Name string
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- Public
Network boolAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - Service
Plan stringId - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- Storage
Account stringAccess Key - The access key which will be used to access the storage account for the Function App Slot.
- Storage
Account stringName - The backend storage account name which will be used by this Function App Slot.
- Storage
Accounts List<LinuxFunction App Slot Storage Account> - One or more
storage_account
blocks as defined below. - Storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- Storage
Uses boolManaged Identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Dictionary<string, string>
- A mapping of tags which should be assigned to the Linux Function App.
- Virtual
Network stringSubnet Id - Vnet
Image boolPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - Webdeploy
Publish boolBasic Authentication Enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
- Function
App stringId - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- Site
Config LinuxFunction App Slot Site Config Args - a
site_config
block as detailed below. - App
Settings map[string]string - A map of key-value pairs for App Settings and custom values.
- Auth
Settings LinuxFunction App Slot Auth Settings Args - an
auth_settings
block as detailed below. - Auth
Settings LinuxV2 Function App Slot Auth Settings V2Args - an
auth_settings_v2
block as detailed below. - Backup
Linux
Function App Slot Backup Args - a
backup
block as detailed below. - Builtin
Logging boolEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - Client
Certificate boolEnabled - Should the Function App Slot use Client Certificates.
- Client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- Client
Certificate stringMode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - Connection
Strings []LinuxFunction App Slot Connection String Args - a
connection_string
block as detailed below. - bool
- Force disable the content share settings.
- Daily
Memory intTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - Enabled bool
- Is the Linux Function App Slot enabled. Defaults to
true
. - Ftp
Publish boolBasic Authentication Enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - Functions
Extension stringVersion - The runtime version associated with the Function App Slot. Defaults to
~4
. - Https
Only bool - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - Identity
Linux
Function App Slot Identity Args - An
identity
block as detailed below. - Key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - Name string
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- Public
Network boolAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - Service
Plan stringId - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- Storage
Account stringAccess Key - The access key which will be used to access the storage account for the Function App Slot.
- Storage
Account stringName - The backend storage account name which will be used by this Function App Slot.
- Storage
Accounts []LinuxFunction App Slot Storage Account Args - One or more
storage_account
blocks as defined below. - Storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- Storage
Uses boolManaged Identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- map[string]string
- A mapping of tags which should be assigned to the Linux Function App.
- Virtual
Network stringSubnet Id - Vnet
Image boolPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - Webdeploy
Publish boolBasic Authentication Enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
- function
App StringId - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- site
Config LinuxFunction App Slot Site Config - a
site_config
block as detailed below. - app
Settings Map<String,String> - A map of key-value pairs for App Settings and custom values.
- auth
Settings LinuxFunction App Slot Auth Settings - an
auth_settings
block as detailed below. - auth
Settings LinuxV2 Function App Slot Auth Settings V2 - an
auth_settings_v2
block as detailed below. - backup
Linux
Function App Slot Backup - a
backup
block as detailed below. - builtin
Logging BooleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate BooleanEnabled - Should the Function App Slot use Client Certificates.
- client
Certificate StringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate StringMode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings List<LinuxFunction App Slot Connection String> - a
connection_string
block as detailed below. - Boolean
- Force disable the content share settings.
- daily
Memory IntegerTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - enabled Boolean
- Is the Linux Function App Slot enabled. Defaults to
true
. - ftp
Publish BooleanBasic Authentication Enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - functions
Extension StringVersion - The runtime version associated with the Function App Slot. Defaults to
~4
. - https
Only Boolean - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - identity
Linux
Function App Slot Identity - An
identity
block as detailed below. - key
Vault StringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - name String
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- public
Network BooleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - service
Plan StringId - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- storage
Account StringAccess Key - The access key which will be used to access the storage account for the Function App Slot.
- storage
Account StringName - The backend storage account name which will be used by this Function App Slot.
- storage
Accounts List<LinuxFunction App Slot Storage Account> - One or more
storage_account
blocks as defined below. - storage
Key StringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses BooleanManaged Identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Map<String,String>
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network StringSubnet Id - vnet
Image BooleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish BooleanBasic Authentication Enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
- function
App stringId - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- site
Config LinuxFunction App Slot Site Config - a
site_config
block as detailed below. - app
Settings {[key: string]: string} - A map of key-value pairs for App Settings and custom values.
- auth
Settings LinuxFunction App Slot Auth Settings - an
auth_settings
block as detailed below. - auth
Settings LinuxV2 Function App Slot Auth Settings V2 - an
auth_settings_v2
block as detailed below. - backup
Linux
Function App Slot Backup - a
backup
block as detailed below. - builtin
Logging booleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate booleanEnabled - Should the Function App Slot use Client Certificates.
- client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate stringMode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings LinuxFunction App Slot Connection String[] - a
connection_string
block as detailed below. - boolean
- Force disable the content share settings.
- daily
Memory numberTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - enabled boolean
- Is the Linux Function App Slot enabled. Defaults to
true
. - ftp
Publish booleanBasic Authentication Enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - functions
Extension stringVersion - The runtime version associated with the Function App Slot. Defaults to
~4
. - https
Only boolean - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - identity
Linux
Function App Slot Identity - An
identity
block as detailed below. - key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - name string
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- public
Network booleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - service
Plan stringId - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- storage
Account stringAccess Key - The access key which will be used to access the storage account for the Function App Slot.
- storage
Account stringName - The backend storage account name which will be used by this Function App Slot.
- storage
Accounts LinuxFunction App Slot Storage Account[] - One or more
storage_account
blocks as defined below. - storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses booleanManaged Identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- {[key: string]: string}
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network stringSubnet Id - vnet
Image booleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish booleanBasic Authentication Enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
- function_
app_ strid - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- site_
config LinuxFunction App Slot Site Config Args - a
site_config
block as detailed below. - app_
settings Mapping[str, str] - A map of key-value pairs for App Settings and custom values.
- auth_
settings LinuxFunction App Slot Auth Settings Args - an
auth_settings
block as detailed below. - auth_
settings_ Linuxv2 Function App Slot Auth Settings V2Args - an
auth_settings_v2
block as detailed below. - backup
Linux
Function App Slot Backup Args - a
backup
block as detailed below. - builtin_
logging_ boolenabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client_
certificate_ boolenabled - Should the Function App Slot use Client Certificates.
- client_
certificate_ strexclusion_ paths - Paths to exclude when using client certificates, separated by ;
- client_
certificate_ strmode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection_
strings Sequence[LinuxFunction App Slot Connection String Args] - a
connection_string
block as detailed below. - bool
- Force disable the content share settings.
- daily_
memory_ inttime_ quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - enabled bool
- Is the Linux Function App Slot enabled. Defaults to
true
. - ftp_
publish_ boolbasic_ authentication_ enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - functions_
extension_ strversion - The runtime version associated with the Function App Slot. Defaults to
~4
. - https_
only bool - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - identity
Linux
Function App Slot Identity Args - An
identity
block as detailed below. - key_
vault_ strreference_ identity_ id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - name str
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- public_
network_ boolaccess_ enabled - Should public network access be enabled for the Function App. Defaults to
true
. - service_
plan_ strid - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- storage_
account_ straccess_ key - The access key which will be used to access the storage account for the Function App Slot.
- storage_
account_ strname - The backend storage account name which will be used by this Function App Slot.
- storage_
accounts Sequence[LinuxFunction App Slot Storage Account Args] - One or more
storage_account
blocks as defined below. - storage_
key_ strvault_ secret_ id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage_
uses_ boolmanaged_ identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Mapping[str, str]
- A mapping of tags which should be assigned to the Linux Function App.
- virtual_
network_ strsubnet_ id - vnet_
image_ boolpull_ enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy_
publish_ boolbasic_ authentication_ enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
- function
App StringId - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- site
Config Property Map - a
site_config
block as detailed below. - app
Settings Map<String> - A map of key-value pairs for App Settings and custom values.
- auth
Settings Property Map - an
auth_settings
block as detailed below. - auth
Settings Property MapV2 - an
auth_settings_v2
block as detailed below. - backup Property Map
- a
backup
block as detailed below. - builtin
Logging BooleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate BooleanEnabled - Should the Function App Slot use Client Certificates.
- client
Certificate StringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate StringMode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings List<Property Map> - a
connection_string
block as detailed below. - Boolean
- Force disable the content share settings.
- daily
Memory NumberTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - enabled Boolean
- Is the Linux Function App Slot enabled. Defaults to
true
. - ftp
Publish BooleanBasic Authentication Enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - functions
Extension StringVersion - The runtime version associated with the Function App Slot. Defaults to
~4
. - https
Only Boolean - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - identity Property Map
- An
identity
block as detailed below. - key
Vault StringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - name String
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- public
Network BooleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - service
Plan StringId - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- storage
Account StringAccess Key - The access key which will be used to access the storage account for the Function App Slot.
- storage
Account StringName - The backend storage account name which will be used by this Function App Slot.
- storage
Accounts List<Property Map> - One or more
storage_account
blocks as defined below. - storage
Key StringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses BooleanManaged Identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Map<String>
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network StringSubnet Id - vnet
Image BooleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish BooleanBasic Authentication Enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
Outputs
All input properties are implicitly available as output properties. Additionally, the LinuxFunctionAppSlot resource produces the following output properties:
- Custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- Default
Hostname string - The default hostname of the Linux Function App Slot.
- Hosting
Environment stringId - The ID of the App Service Environment used by Function App Slot.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kind string
- The Kind value for this Linux Function App Slot.
- Outbound
Ip List<string>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- Outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - Possible
Outbound List<string>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - Possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - Site
Credentials List<LinuxFunction App Slot Site Credential> - A
site_credential
block as defined below.
- Custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- Default
Hostname string - The default hostname of the Linux Function App Slot.
- Hosting
Environment stringId - The ID of the App Service Environment used by Function App Slot.
- Id string
- The provider-assigned unique ID for this managed resource.
- Kind string
- The Kind value for this Linux Function App Slot.
- Outbound
Ip []stringAddress Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- Outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - Possible
Outbound []stringIp Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - Possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - Site
Credentials []LinuxFunction App Slot Site Credential - A
site_credential
block as defined below.
- custom
Domain StringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- default
Hostname String - The default hostname of the Linux Function App Slot.
- hosting
Environment StringId - The ID of the App Service Environment used by Function App Slot.
- id String
- The provider-assigned unique ID for this managed resource.
- kind String
- The Kind value for this Linux Function App Slot.
- outbound
Ip List<String>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip StringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound List<String>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound StringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - site
Credentials List<LinuxFunction App Slot Site Credential> - A
site_credential
block as defined below.
- custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- default
Hostname string - The default hostname of the Linux Function App Slot.
- hosting
Environment stringId - The ID of the App Service Environment used by Function App Slot.
- id string
- The provider-assigned unique ID for this managed resource.
- kind string
- The Kind value for this Linux Function App Slot.
- outbound
Ip string[]Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound string[]Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - site
Credentials LinuxFunction App Slot Site Credential[] - A
site_credential
block as defined below.
- custom_
domain_ strverification_ id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- default_
hostname str - The default hostname of the Linux Function App Slot.
- hosting_
environment_ strid - The ID of the App Service Environment used by Function App Slot.
- id str
- The provider-assigned unique ID for this managed resource.
- kind str
- The Kind value for this Linux Function App Slot.
- outbound_
ip_ Sequence[str]address_ lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound_
ip_ straddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible_
outbound_ Sequence[str]ip_ address_ lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible_
outbound_ strip_ addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - site_
credentials Sequence[LinuxFunction App Slot Site Credential] - A
site_credential
block as defined below.
- custom
Domain StringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- default
Hostname String - The default hostname of the Linux Function App Slot.
- hosting
Environment StringId - The ID of the App Service Environment used by Function App Slot.
- id String
- The provider-assigned unique ID for this managed resource.
- kind String
- The Kind value for this Linux Function App Slot.
- outbound
Ip List<String>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip StringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound List<String>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound StringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - site
Credentials List<Property Map> - A
site_credential
block as defined below.
Look up Existing LinuxFunctionAppSlot Resource
Get an existing LinuxFunctionAppSlot resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: LinuxFunctionAppSlotState, opts?: CustomResourceOptions): LinuxFunctionAppSlot
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
app_settings: Optional[Mapping[str, str]] = None,
auth_settings: Optional[LinuxFunctionAppSlotAuthSettingsArgs] = None,
auth_settings_v2: Optional[LinuxFunctionAppSlotAuthSettingsV2Args] = None,
backup: Optional[LinuxFunctionAppSlotBackupArgs] = None,
builtin_logging_enabled: Optional[bool] = None,
client_certificate_enabled: Optional[bool] = None,
client_certificate_exclusion_paths: Optional[str] = None,
client_certificate_mode: Optional[str] = None,
connection_strings: Optional[Sequence[LinuxFunctionAppSlotConnectionStringArgs]] = None,
content_share_force_disabled: Optional[bool] = None,
custom_domain_verification_id: Optional[str] = None,
daily_memory_time_quota: Optional[int] = None,
default_hostname: Optional[str] = None,
enabled: Optional[bool] = None,
ftp_publish_basic_authentication_enabled: Optional[bool] = None,
function_app_id: Optional[str] = None,
functions_extension_version: Optional[str] = None,
hosting_environment_id: Optional[str] = None,
https_only: Optional[bool] = None,
identity: Optional[LinuxFunctionAppSlotIdentityArgs] = None,
key_vault_reference_identity_id: Optional[str] = None,
kind: Optional[str] = None,
name: Optional[str] = None,
outbound_ip_address_lists: Optional[Sequence[str]] = None,
outbound_ip_addresses: Optional[str] = None,
possible_outbound_ip_address_lists: Optional[Sequence[str]] = None,
possible_outbound_ip_addresses: Optional[str] = None,
public_network_access_enabled: Optional[bool] = None,
service_plan_id: Optional[str] = None,
site_config: Optional[LinuxFunctionAppSlotSiteConfigArgs] = None,
site_credentials: Optional[Sequence[LinuxFunctionAppSlotSiteCredentialArgs]] = None,
storage_account_access_key: Optional[str] = None,
storage_account_name: Optional[str] = None,
storage_accounts: Optional[Sequence[LinuxFunctionAppSlotStorageAccountArgs]] = None,
storage_key_vault_secret_id: Optional[str] = None,
storage_uses_managed_identity: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
virtual_network_subnet_id: Optional[str] = None,
vnet_image_pull_enabled: Optional[bool] = None,
webdeploy_publish_basic_authentication_enabled: Optional[bool] = None) -> LinuxFunctionAppSlot
func GetLinuxFunctionAppSlot(ctx *Context, name string, id IDInput, state *LinuxFunctionAppSlotState, opts ...ResourceOption) (*LinuxFunctionAppSlot, error)
public static LinuxFunctionAppSlot Get(string name, Input<string> id, LinuxFunctionAppSlotState? state, CustomResourceOptions? opts = null)
public static LinuxFunctionAppSlot get(String name, Output<String> id, LinuxFunctionAppSlotState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- App
Settings Dictionary<string, string> - A map of key-value pairs for App Settings and custom values.
- Auth
Settings LinuxFunction App Slot Auth Settings - an
auth_settings
block as detailed below. - Auth
Settings LinuxV2 Function App Slot Auth Settings V2 - an
auth_settings_v2
block as detailed below. - Backup
Linux
Function App Slot Backup - a
backup
block as detailed below. - Builtin
Logging boolEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - Client
Certificate boolEnabled - Should the Function App Slot use Client Certificates.
- Client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- Client
Certificate stringMode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - Connection
Strings List<LinuxFunction App Slot Connection String> - a
connection_string
block as detailed below. - bool
- Force disable the content share settings.
- Custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- Daily
Memory intTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - Default
Hostname string - The default hostname of the Linux Function App Slot.
- Enabled bool
- Is the Linux Function App Slot enabled. Defaults to
true
. - Ftp
Publish boolBasic Authentication Enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - Function
App stringId - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- Functions
Extension stringVersion - The runtime version associated with the Function App Slot. Defaults to
~4
. - Hosting
Environment stringId - The ID of the App Service Environment used by Function App Slot.
- Https
Only bool - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - Identity
Linux
Function App Slot Identity - An
identity
block as detailed below. - Key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - Kind string
- The Kind value for this Linux Function App Slot.
- Name string
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- Outbound
Ip List<string>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- Outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - Possible
Outbound List<string>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - Possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - Public
Network boolAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - Service
Plan stringId - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- Site
Config LinuxFunction App Slot Site Config - a
site_config
block as detailed below. - Site
Credentials List<LinuxFunction App Slot Site Credential> - A
site_credential
block as defined below. - Storage
Account stringAccess Key - The access key which will be used to access the storage account for the Function App Slot.
- Storage
Account stringName - The backend storage account name which will be used by this Function App Slot.
- Storage
Accounts List<LinuxFunction App Slot Storage Account> - One or more
storage_account
blocks as defined below. - Storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- Storage
Uses boolManaged Identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Dictionary<string, string>
- A mapping of tags which should be assigned to the Linux Function App.
- Virtual
Network stringSubnet Id - Vnet
Image boolPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - Webdeploy
Publish boolBasic Authentication Enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
- App
Settings map[string]string - A map of key-value pairs for App Settings and custom values.
- Auth
Settings LinuxFunction App Slot Auth Settings Args - an
auth_settings
block as detailed below. - Auth
Settings LinuxV2 Function App Slot Auth Settings V2Args - an
auth_settings_v2
block as detailed below. - Backup
Linux
Function App Slot Backup Args - a
backup
block as detailed below. - Builtin
Logging boolEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - Client
Certificate boolEnabled - Should the Function App Slot use Client Certificates.
- Client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- Client
Certificate stringMode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - Connection
Strings []LinuxFunction App Slot Connection String Args - a
connection_string
block as detailed below. - bool
- Force disable the content share settings.
- Custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- Daily
Memory intTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - Default
Hostname string - The default hostname of the Linux Function App Slot.
- Enabled bool
- Is the Linux Function App Slot enabled. Defaults to
true
. - Ftp
Publish boolBasic Authentication Enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - Function
App stringId - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- Functions
Extension stringVersion - The runtime version associated with the Function App Slot. Defaults to
~4
. - Hosting
Environment stringId - The ID of the App Service Environment used by Function App Slot.
- Https
Only bool - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - Identity
Linux
Function App Slot Identity Args - An
identity
block as detailed below. - Key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - Kind string
- The Kind value for this Linux Function App Slot.
- Name string
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- Outbound
Ip []stringAddress Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- Outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - Possible
Outbound []stringIp Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - Possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - Public
Network boolAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - Service
Plan stringId - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- Site
Config LinuxFunction App Slot Site Config Args - a
site_config
block as detailed below. - Site
Credentials []LinuxFunction App Slot Site Credential Args - A
site_credential
block as defined below. - Storage
Account stringAccess Key - The access key which will be used to access the storage account for the Function App Slot.
- Storage
Account stringName - The backend storage account name which will be used by this Function App Slot.
- Storage
Accounts []LinuxFunction App Slot Storage Account Args - One or more
storage_account
blocks as defined below. - Storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- Storage
Uses boolManaged Identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- map[string]string
- A mapping of tags which should be assigned to the Linux Function App.
- Virtual
Network stringSubnet Id - Vnet
Image boolPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - Webdeploy
Publish boolBasic Authentication Enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
- app
Settings Map<String,String> - A map of key-value pairs for App Settings and custom values.
- auth
Settings LinuxFunction App Slot Auth Settings - an
auth_settings
block as detailed below. - auth
Settings LinuxV2 Function App Slot Auth Settings V2 - an
auth_settings_v2
block as detailed below. - backup
Linux
Function App Slot Backup - a
backup
block as detailed below. - builtin
Logging BooleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate BooleanEnabled - Should the Function App Slot use Client Certificates.
- client
Certificate StringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate StringMode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings List<LinuxFunction App Slot Connection String> - a
connection_string
block as detailed below. - Boolean
- Force disable the content share settings.
- custom
Domain StringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- daily
Memory IntegerTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - default
Hostname String - The default hostname of the Linux Function App Slot.
- enabled Boolean
- Is the Linux Function App Slot enabled. Defaults to
true
. - ftp
Publish BooleanBasic Authentication Enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - function
App StringId - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- functions
Extension StringVersion - The runtime version associated with the Function App Slot. Defaults to
~4
. - hosting
Environment StringId - The ID of the App Service Environment used by Function App Slot.
- https
Only Boolean - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - identity
Linux
Function App Slot Identity - An
identity
block as detailed below. - key
Vault StringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - kind String
- The Kind value for this Linux Function App Slot.
- name String
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- outbound
Ip List<String>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip StringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound List<String>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound StringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - public
Network BooleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - service
Plan StringId - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- site
Config LinuxFunction App Slot Site Config - a
site_config
block as detailed below. - site
Credentials List<LinuxFunction App Slot Site Credential> - A
site_credential
block as defined below. - storage
Account StringAccess Key - The access key which will be used to access the storage account for the Function App Slot.
- storage
Account StringName - The backend storage account name which will be used by this Function App Slot.
- storage
Accounts List<LinuxFunction App Slot Storage Account> - One or more
storage_account
blocks as defined below. - storage
Key StringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses BooleanManaged Identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Map<String,String>
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network StringSubnet Id - vnet
Image BooleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish BooleanBasic Authentication Enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
- app
Settings {[key: string]: string} - A map of key-value pairs for App Settings and custom values.
- auth
Settings LinuxFunction App Slot Auth Settings - an
auth_settings
block as detailed below. - auth
Settings LinuxV2 Function App Slot Auth Settings V2 - an
auth_settings_v2
block as detailed below. - backup
Linux
Function App Slot Backup - a
backup
block as detailed below. - builtin
Logging booleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate booleanEnabled - Should the Function App Slot use Client Certificates.
- client
Certificate stringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate stringMode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings LinuxFunction App Slot Connection String[] - a
connection_string
block as detailed below. - boolean
- Force disable the content share settings.
- custom
Domain stringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- daily
Memory numberTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - default
Hostname string - The default hostname of the Linux Function App Slot.
- enabled boolean
- Is the Linux Function App Slot enabled. Defaults to
true
. - ftp
Publish booleanBasic Authentication Enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - function
App stringId - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- functions
Extension stringVersion - The runtime version associated with the Function App Slot. Defaults to
~4
. - hosting
Environment stringId - The ID of the App Service Environment used by Function App Slot.
- https
Only boolean - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - identity
Linux
Function App Slot Identity - An
identity
block as detailed below. - key
Vault stringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - kind string
- The Kind value for this Linux Function App Slot.
- name string
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- outbound
Ip string[]Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip stringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound string[]Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound stringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - public
Network booleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - service
Plan stringId - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- site
Config LinuxFunction App Slot Site Config - a
site_config
block as detailed below. - site
Credentials LinuxFunction App Slot Site Credential[] - A
site_credential
block as defined below. - storage
Account stringAccess Key - The access key which will be used to access the storage account for the Function App Slot.
- storage
Account stringName - The backend storage account name which will be used by this Function App Slot.
- storage
Accounts LinuxFunction App Slot Storage Account[] - One or more
storage_account
blocks as defined below. - storage
Key stringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses booleanManaged Identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- {[key: string]: string}
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network stringSubnet Id - vnet
Image booleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish booleanBasic Authentication Enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
- app_
settings Mapping[str, str] - A map of key-value pairs for App Settings and custom values.
- auth_
settings LinuxFunction App Slot Auth Settings Args - an
auth_settings
block as detailed below. - auth_
settings_ Linuxv2 Function App Slot Auth Settings V2Args - an
auth_settings_v2
block as detailed below. - backup
Linux
Function App Slot Backup Args - a
backup
block as detailed below. - builtin_
logging_ boolenabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client_
certificate_ boolenabled - Should the Function App Slot use Client Certificates.
- client_
certificate_ strexclusion_ paths - Paths to exclude when using client certificates, separated by ;
- client_
certificate_ strmode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection_
strings Sequence[LinuxFunction App Slot Connection String Args] - a
connection_string
block as detailed below. - bool
- Force disable the content share settings.
- custom_
domain_ strverification_ id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- daily_
memory_ inttime_ quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - default_
hostname str - The default hostname of the Linux Function App Slot.
- enabled bool
- Is the Linux Function App Slot enabled. Defaults to
true
. - ftp_
publish_ boolbasic_ authentication_ enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - function_
app_ strid - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- functions_
extension_ strversion - The runtime version associated with the Function App Slot. Defaults to
~4
. - hosting_
environment_ strid - The ID of the App Service Environment used by Function App Slot.
- https_
only bool - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - identity
Linux
Function App Slot Identity Args - An
identity
block as detailed below. - key_
vault_ strreference_ identity_ id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - kind str
- The Kind value for this Linux Function App Slot.
- name str
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- outbound_
ip_ Sequence[str]address_ lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound_
ip_ straddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible_
outbound_ Sequence[str]ip_ address_ lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible_
outbound_ strip_ addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - public_
network_ boolaccess_ enabled - Should public network access be enabled for the Function App. Defaults to
true
. - service_
plan_ strid - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- site_
config LinuxFunction App Slot Site Config Args - a
site_config
block as detailed below. - site_
credentials Sequence[LinuxFunction App Slot Site Credential Args] - A
site_credential
block as defined below. - storage_
account_ straccess_ key - The access key which will be used to access the storage account for the Function App Slot.
- storage_
account_ strname - The backend storage account name which will be used by this Function App Slot.
- storage_
accounts Sequence[LinuxFunction App Slot Storage Account Args] - One or more
storage_account
blocks as defined below. - storage_
key_ strvault_ secret_ id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage_
uses_ boolmanaged_ identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Mapping[str, str]
- A mapping of tags which should be assigned to the Linux Function App.
- virtual_
network_ strsubnet_ id - vnet_
image_ boolpull_ enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy_
publish_ boolbasic_ authentication_ enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
- app
Settings Map<String> - A map of key-value pairs for App Settings and custom values.
- auth
Settings Property Map - an
auth_settings
block as detailed below. - auth
Settings Property MapV2 - an
auth_settings_v2
block as detailed below. - backup Property Map
- a
backup
block as detailed below. - builtin
Logging BooleanEnabled - Should built in logging be enabled. Configures
AzureWebJobsDashboard
app setting based on the configured storage setting. Defaults totrue
. - client
Certificate BooleanEnabled - Should the Function App Slot use Client Certificates.
- client
Certificate StringExclusion Paths - Paths to exclude when using client certificates, separated by ;
- client
Certificate StringMode - The mode of the Function App Slot's client certificates requirement for incoming requests. Possible values are
Required
,Optional
, andOptionalInteractiveUser
. Defaults toOptional
. - connection
Strings List<Property Map> - a
connection_string
block as detailed below. - Boolean
- Force disable the content share settings.
- custom
Domain StringVerification Id - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
- daily
Memory NumberTime Quota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps in Consumption Plans. Defaults to
0
. - default
Hostname String - The default hostname of the Linux Function App Slot.
- enabled Boolean
- Is the Linux Function App Slot enabled. Defaults to
true
. - ftp
Publish BooleanBasic Authentication Enabled - Are the default FTP Basic Authentication publishing credentials enabled. Defaults to
true
. - function
App StringId - The ID of the Linux Function App this Slot is a member of. Changing this forces a new resource to be created.
- functions
Extension StringVersion - The runtime version associated with the Function App Slot. Defaults to
~4
. - hosting
Environment StringId - The ID of the App Service Environment used by Function App Slot.
- https
Only Boolean - Can the Function App Slot only be accessed via HTTPS?. Defaults to
false
. - identity Property Map
- An
identity
block as detailed below. - key
Vault StringReference Identity Id - The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the
identity
block. For more information see - Access vaults with a user-assigned identity - kind String
- The Kind value for this Linux Function App Slot.
- name String
- Specifies the name of the Function App Slot. Changing this forces a new resource to be created.
- outbound
Ip List<String>Address Lists - A list of outbound IP addresses. For example
["52.23.25.3", "52.143.43.12"]
- outbound
Ip StringAddresses - A comma separated list of outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12
. - possible
Outbound List<String>Ip Address Lists - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of
outbound_ip_address_list
. For example["52.23.25.3", "52.143.43.12"]
. - possible
Outbound StringIp Addresses - A comma separated list of possible outbound IP addresses as a string. For example
52.23.25.3,52.143.43.12,52.143.43.17
. This is a superset ofoutbound_ip_addresses
. For example["52.23.25.3", "52.143.43.12","52.143.43.17"]
. - public
Network BooleanAccess Enabled - Should public network access be enabled for the Function App. Defaults to
true
. - service
Plan StringId - The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Function App will be used.
- site
Config Property Map - a
site_config
block as detailed below. - site
Credentials List<Property Map> - A
site_credential
block as defined below. - storage
Account StringAccess Key - The access key which will be used to access the storage account for the Function App Slot.
- storage
Account StringName - The backend storage account name which will be used by this Function App Slot.
- storage
Accounts List<Property Map> - One or more
storage_account
blocks as defined below. - storage
Key StringVault Secret Id The Key Vault Secret ID, optionally including version, that contains the Connection String to connect to the storage account for this Function App.
NOTE:
storage_key_vault_secret_id
cannot be used withstorage_account_name
.NOTE:
storage_key_vault_secret_id
used without a version will use the latest version of the secret, however, the service can take up to 24h to pick up a rotation of the latest version. See the official docs for more information.- storage
Uses BooleanManaged Identity Should the Function App Slot use its Managed Identity to access storage.
NOTE: One of
storage_account_access_key
orstorage_uses_managed_identity
must be specified when usingstorage_account_name
.- Map<String>
- A mapping of tags which should be assigned to the Linux Function App.
- virtual
Network StringSubnet Id - vnet
Image BooleanPull Enabled - Is container image pull over virtual network enabled? Defaults to
false
. - webdeploy
Publish BooleanBasic Authentication Enabled - Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to
true
.
Supporting Types
LinuxFunctionAppSlotAuthSettings, LinuxFunctionAppSlotAuthSettingsArgs
- Enabled bool
- Should the Authentication / Authorization feature be enabled?
- Active
Directory LinuxFunction App Slot Auth Settings Active Directory - an
active_directory
block as detailed below. - Additional
Login Dictionary<string, string>Parameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- Allowed
External List<string>Redirect Urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Web App.
- Default
Provider string The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
.NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- Facebook
Linux
Function App Slot Auth Settings Facebook - a
facebook
block as detailed below. - Github
Linux
Function App Slot Auth Settings Github - a
github
block as detailed below. - Google
Linux
Function App Slot Auth Settings Google - a
google
block as detailed below. - Issuer string
The OpenID Connect Issuer URI that represents the entity which issues access tokens.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- Microsoft
Linux
Function App Slot Auth Settings Microsoft - a
microsoft
block as detailed below. - Runtime
Version string - The RuntimeVersion of the Authentication / Authorization feature in use.
- Token
Refresh doubleExtension Hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - Token
Store boolEnabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - Twitter
Linux
Function App Slot Auth Settings Twitter - a
twitter
block as detailed below. - Unauthenticated
Client stringAction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
- Enabled bool
- Should the Authentication / Authorization feature be enabled?
- Active
Directory LinuxFunction App Slot Auth Settings Active Directory - an
active_directory
block as detailed below. - Additional
Login map[string]stringParameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- Allowed
External []stringRedirect Urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Web App.
- Default
Provider string The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
.NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- Facebook
Linux
Function App Slot Auth Settings Facebook - a
facebook
block as detailed below. - Github
Linux
Function App Slot Auth Settings Github - a
github
block as detailed below. - Google
Linux
Function App Slot Auth Settings Google - a
google
block as detailed below. - Issuer string
The OpenID Connect Issuer URI that represents the entity which issues access tokens.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- Microsoft
Linux
Function App Slot Auth Settings Microsoft - a
microsoft
block as detailed below. - Runtime
Version string - The RuntimeVersion of the Authentication / Authorization feature in use.
- Token
Refresh float64Extension Hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - Token
Store boolEnabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - Twitter
Linux
Function App Slot Auth Settings Twitter - a
twitter
block as detailed below. - Unauthenticated
Client stringAction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
- enabled Boolean
- Should the Authentication / Authorization feature be enabled?
- active
Directory LinuxFunction App Slot Auth Settings Active Directory - an
active_directory
block as detailed below. - additional
Login Map<String,String>Parameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- allowed
External List<String>Redirect Urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Web App.
- default
Provider String The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
.NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- facebook
Linux
Function App Slot Auth Settings Facebook - a
facebook
block as detailed below. - github
Linux
Function App Slot Auth Settings Github - a
github
block as detailed below. - google
Linux
Function App Slot Auth Settings Google - a
google
block as detailed below. - issuer String
The OpenID Connect Issuer URI that represents the entity which issues access tokens.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- microsoft
Linux
Function App Slot Auth Settings Microsoft - a
microsoft
block as detailed below. - runtime
Version String - The RuntimeVersion of the Authentication / Authorization feature in use.
- token
Refresh DoubleExtension Hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token
Store BooleanEnabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - twitter
Linux
Function App Slot Auth Settings Twitter - a
twitter
block as detailed below. - unauthenticated
Client StringAction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
- enabled boolean
- Should the Authentication / Authorization feature be enabled?
- active
Directory LinuxFunction App Slot Auth Settings Active Directory - an
active_directory
block as detailed below. - additional
Login {[key: string]: string}Parameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- allowed
External string[]Redirect Urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Web App.
- default
Provider string The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
.NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- facebook
Linux
Function App Slot Auth Settings Facebook - a
facebook
block as detailed below. - github
Linux
Function App Slot Auth Settings Github - a
github
block as detailed below. - google
Linux
Function App Slot Auth Settings Google - a
google
block as detailed below. - issuer string
The OpenID Connect Issuer URI that represents the entity which issues access tokens.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- microsoft
Linux
Function App Slot Auth Settings Microsoft - a
microsoft
block as detailed below. - runtime
Version string - The RuntimeVersion of the Authentication / Authorization feature in use.
- token
Refresh numberExtension Hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token
Store booleanEnabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - twitter
Linux
Function App Slot Auth Settings Twitter - a
twitter
block as detailed below. - unauthenticated
Client stringAction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
- enabled bool
- Should the Authentication / Authorization feature be enabled?
- active_
directory LinuxFunction App Slot Auth Settings Active Directory - an
active_directory
block as detailed below. - additional_
login_ Mapping[str, str]parameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- allowed_
external_ Sequence[str]redirect_ urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Web App.
- default_
provider str The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
.NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- facebook
Linux
Function App Slot Auth Settings Facebook - a
facebook
block as detailed below. - github
Linux
Function App Slot Auth Settings Github - a
github
block as detailed below. - google
Linux
Function App Slot Auth Settings Google - a
google
block as detailed below. - issuer str
The OpenID Connect Issuer URI that represents the entity which issues access tokens.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- microsoft
Linux
Function App Slot Auth Settings Microsoft - a
microsoft
block as detailed below. - runtime_
version str - The RuntimeVersion of the Authentication / Authorization feature in use.
- token_
refresh_ floatextension_ hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token_
store_ boolenabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - twitter
Linux
Function App Slot Auth Settings Twitter - a
twitter
block as detailed below. - unauthenticated_
client_ straction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
- enabled Boolean
- Should the Authentication / Authorization feature be enabled?
- active
Directory Property Map - an
active_directory
block as detailed below. - additional
Login Map<String>Parameters - Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
- allowed
External List<String>Redirect Urls - Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Web App.
- default
Provider String The default authentication provider to use when multiple providers are configured. Possible values include:
AzureActiveDirectory
,Facebook
,Google
,MicrosoftAccount
,Twitter
,Github
.NOTE: This setting is only needed if multiple providers are configured, and the
unauthenticated_client_action
is set to "RedirectToLoginPage".- facebook Property Map
- a
facebook
block as detailed below. - github Property Map
- a
github
block as detailed below. - google Property Map
- a
google
block as detailed below. - issuer String
The OpenID Connect Issuer URI that represents the entity which issues access tokens.
NOTE: When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/.
- microsoft Property Map
- a
microsoft
block as detailed below. - runtime
Version String - The RuntimeVersion of the Authentication / Authorization feature in use.
- token
Refresh NumberExtension Hours - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token
Store BooleanEnabled - Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to
false
. - twitter Property Map
- a
twitter
block as detailed below. - unauthenticated
Client StringAction - The action to take when an unauthenticated client attempts to access the app. Possible values include:
RedirectToLoginPage
,AllowAnonymous
.
LinuxFunctionAppSlotAuthSettingsActiveDirectory, LinuxFunctionAppSlotAuthSettingsActiveDirectoryArgs
- Client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- Allowed
Audiences List<string> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- Client
Secret string - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - Client
Secret stringSetting Name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
- Client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- Allowed
Audiences []string Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- Client
Secret string - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - Client
Secret stringSetting Name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
- client
Id String - The ID of the Client to use to authenticate with Azure Active Directory.
- allowed
Audiences List<String> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- client
Secret String - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - client
Secret StringSetting Name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
- client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- allowed
Audiences string[] Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- client
Secret string - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - client
Secret stringSetting Name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
- client_
id str - The ID of the Client to use to authenticate with Azure Active Directory.
- allowed_
audiences Sequence[str] Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- client_
secret str - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - client_
secret_ strsetting_ name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
- client
Id String - The ID of the Client to use to authenticate with Azure Active Directory.
- allowed
Audiences List<String> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
Note: The
client_id
value is always considered an allowed audience.- client
Secret String - The Client Secret for the Client ID. Cannot be used with
client_secret_setting_name
. - client
Secret StringSetting Name - The App Setting name that contains the client secret of the Client. Cannot be used with
client_secret
.
LinuxFunctionAppSlotAuthSettingsFacebook, LinuxFunctionAppSlotAuthSettingsFacebookArgs
- App
Id string - The App ID of the Facebook app used for login.
- App
Secret string - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - App
Secret stringSetting Name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - Oauth
Scopes List<string> - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
- App
Id string - The App ID of the Facebook app used for login.
- App
Secret string - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - App
Secret stringSetting Name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - Oauth
Scopes []string - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
- app
Id String - The App ID of the Facebook app used for login.
- app
Secret String - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - app
Secret StringSetting Name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
- app
Id string - The App ID of the Facebook app used for login.
- app
Secret string - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - app
Secret stringSetting Name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - oauth
Scopes string[] - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
- app_
id str - The App ID of the Facebook app used for login.
- app_
secret str - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - app_
secret_ strsetting_ name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - oauth_
scopes Sequence[str] - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
- app
Id String - The App ID of the Facebook app used for login.
- app
Secret String - The App Secret of the Facebook app used for Facebook login. Cannot be specified with
app_secret_setting_name
. - app
Secret StringSetting Name - The app setting name that contains the
app_secret
value used for Facebook login. Cannot be specified withapp_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook login authentication.
LinuxFunctionAppSlotAuthSettingsGithub, LinuxFunctionAppSlotAuthSettingsGithubArgs
- Client
Id string - The ID of the GitHub app used for login.
- Client
Secret string - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - Oauth
Scopes List<string> - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
- Client
Id string - The ID of the GitHub app used for login.
- Client
Secret string - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - Oauth
Scopes []string - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
- client
Id String - The ID of the GitHub app used for login.
- client
Secret String - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
- client
Id string - The ID of the GitHub app used for login.
- client
Secret string - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - oauth
Scopes string[] - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
- client_
id str - The ID of the GitHub app used for login.
- client_
secret str - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - client_
secret_ strsetting_ name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - oauth_
scopes Sequence[str] - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
- client
Id String - The ID of the GitHub app used for login.
- client
Secret String - The Client Secret of the GitHub app used for GitHub login. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name that contains the
client_secret
value used for GitHub login. Cannot be specified withclient_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub login authentication.
LinuxFunctionAppSlotAuthSettingsGoogle, LinuxFunctionAppSlotAuthSettingsGoogleArgs
- Client
Id string - The OpenID Connect Client ID for the Google web application.
- Client
Secret string - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - Oauth
Scopes List<string> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
- Client
Id string - The OpenID Connect Client ID for the Google web application.
- Client
Secret string - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - Oauth
Scopes []string - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
- client
Id String - The OpenID Connect Client ID for the Google web application.
- client
Secret String - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
- client
Id string - The OpenID Connect Client ID for the Google web application.
- client
Secret string - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - client
Secret stringSetting Name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - oauth
Scopes string[] - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
- client_
id str - The OpenID Connect Client ID for the Google web application.
- client_
secret str - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - client_
secret_ strsetting_ name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - oauth_
scopes Sequence[str] - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
- client
Id String - The OpenID Connect Client ID for the Google web application.
- client
Secret String - The client secret associated with the Google web application. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name that contains the
client_secret
value used for Google login. Cannot be specified withclient_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified,
openid
,profile
, andemail
are used as default scopes.
LinuxFunctionAppSlotAuthSettingsMicrosoft, LinuxFunctionAppSlotAuthSettingsMicrosoftArgs
- Client
Id string - The OAuth 2.0 client ID that was created for the app used for authentication.
- Client
Secret string - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - Oauth
Scopes List<string> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
- Client
Id string - The OAuth 2.0 client ID that was created for the app used for authentication.
- Client
Secret string - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - Client
Secret stringSetting Name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - Oauth
Scopes []string - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
- client
Id String - The OAuth 2.0 client ID that was created for the app used for authentication.
- client
Secret String - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
- client
Id string - The OAuth 2.0 client ID that was created for the app used for authentication.
- client
Secret string - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - client
Secret stringSetting Name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - oauth
Scopes string[] - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
- client_
id str - The OAuth 2.0 client ID that was created for the app used for authentication.
- client_
secret str - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - client_
secret_ strsetting_ name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - oauth_
scopes Sequence[str] - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
- client
Id String - The OAuth 2.0 client ID that was created for the app used for authentication.
- client
Secret String - The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret_setting_name
. - client
Secret StringSetting Name - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with
client_secret
. - oauth
Scopes List<String> - Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified,
wl.basic
is used as the default scope.
LinuxFunctionAppSlotAuthSettingsTwitter, LinuxFunctionAppSlotAuthSettingsTwitterArgs
- Consumer
Key string - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- Consumer
Secret string - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - Consumer
Secret stringSetting Name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
- Consumer
Key string - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- Consumer
Secret string - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - Consumer
Secret stringSetting Name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
- consumer
Key String - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- consumer
Secret String - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - consumer
Secret StringSetting Name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
- consumer
Key string - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- consumer
Secret string - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - consumer
Secret stringSetting Name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
- consumer_
key str - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- consumer_
secret str - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - consumer_
secret_ strsetting_ name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
- consumer
Key String - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
- consumer
Secret String - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret_setting_name
. - consumer
Secret StringSetting Name - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with
consumer_secret
.
LinuxFunctionAppSlotAuthSettingsV2, LinuxFunctionAppSlotAuthSettingsV2Args
- Login
Linux
Function App Slot Auth Settings V2Login - A
login
block as defined below. - Active
Directory LinuxV2 Function App Slot Auth Settings V2Active Directory V2 - An
active_directory_v2
block as defined below. - Apple
V2 LinuxFunction App Slot Auth Settings V2Apple V2 - An
apple_v2
block as defined below. - Auth
Enabled bool - Should the AuthV2 Settings be enabled. Defaults to
false
. - Azure
Static LinuxWeb App V2 Function App Slot Auth Settings V2Azure Static Web App V2 - An
azure_static_web_app_v2
block as defined below. - Config
File stringPath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- Custom
Oidc List<LinuxV2s Function App Slot Auth Settings V2Custom Oidc V2> - Zero or more
custom_oidc_v2
blocks as defined below. - Default
Provider string The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- Excluded
Paths List<string> The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- Facebook
V2 LinuxFunction App Slot Auth Settings V2Facebook V2 - A
facebook_v2
block as defined below. - Forward
Proxy stringConvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - Forward
Proxy stringCustom Host Header Name - The name of the custom header containing the host of the request.
- Forward
Proxy stringCustom Scheme Header Name - The name of the custom header containing the scheme of the request.
- Github
V2 LinuxFunction App Slot Auth Settings V2Github V2 - A
github_v2
block as defined below. - Google
V2 LinuxFunction App Slot Auth Settings V2Google V2 - A
google_v2
block as defined below. - Http
Route stringApi Prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - Microsoft
V2 LinuxFunction App Slot Auth Settings V2Microsoft V2 - A
microsoft_v2
block as defined below. - Require
Authentication bool - Should the authentication flow be used for all requests.
- Require
Https bool - Should HTTPS be required on connections? Defaults to
true
. - Runtime
Version string - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - Twitter
V2 LinuxFunction App Slot Auth Settings V2Twitter V2 - A
twitter_v2
block as defined below. - Unauthenticated
Action string - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
- Login
Linux
Function App Slot Auth Settings V2Login - A
login
block as defined below. - Active
Directory LinuxV2 Function App Slot Auth Settings V2Active Directory V2 - An
active_directory_v2
block as defined below. - Apple
V2 LinuxFunction App Slot Auth Settings V2Apple V2 - An
apple_v2
block as defined below. - Auth
Enabled bool - Should the AuthV2 Settings be enabled. Defaults to
false
. - Azure
Static LinuxWeb App V2 Function App Slot Auth Settings V2Azure Static Web App V2 - An
azure_static_web_app_v2
block as defined below. - Config
File stringPath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- Custom
Oidc []LinuxV2s Function App Slot Auth Settings V2Custom Oidc V2 - Zero or more
custom_oidc_v2
blocks as defined below. - Default
Provider string The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- Excluded
Paths []string The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- Facebook
V2 LinuxFunction App Slot Auth Settings V2Facebook V2 - A
facebook_v2
block as defined below. - Forward
Proxy stringConvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - Forward
Proxy stringCustom Host Header Name - The name of the custom header containing the host of the request.
- Forward
Proxy stringCustom Scheme Header Name - The name of the custom header containing the scheme of the request.
- Github
V2 LinuxFunction App Slot Auth Settings V2Github V2 - A
github_v2
block as defined below. - Google
V2 LinuxFunction App Slot Auth Settings V2Google V2 - A
google_v2
block as defined below. - Http
Route stringApi Prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - Microsoft
V2 LinuxFunction App Slot Auth Settings V2Microsoft V2 - A
microsoft_v2
block as defined below. - Require
Authentication bool - Should the authentication flow be used for all requests.
- Require
Https bool - Should HTTPS be required on connections? Defaults to
true
. - Runtime
Version string - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - Twitter
V2 LinuxFunction App Slot Auth Settings V2Twitter V2 - A
twitter_v2
block as defined below. - Unauthenticated
Action string - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
- login
Linux
Function App Slot Auth Settings V2Login - A
login
block as defined below. - active
Directory LinuxV2 Function App Slot Auth Settings V2Active Directory V2 - An
active_directory_v2
block as defined below. - apple
V2 LinuxFunction App Slot Auth Settings V2Apple V2 - An
apple_v2
block as defined below. - auth
Enabled Boolean - Should the AuthV2 Settings be enabled. Defaults to
false
. - azure
Static LinuxWeb App V2 Function App Slot Auth Settings V2Azure Static Web App V2 - An
azure_static_web_app_v2
block as defined below. - config
File StringPath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- custom
Oidc List<LinuxV2s Function App Slot Auth Settings V2Custom Oidc V2> - Zero or more
custom_oidc_v2
blocks as defined below. - default
Provider String The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- excluded
Paths List<String> The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- facebook
V2 LinuxFunction App Slot Auth Settings V2Facebook V2 - A
facebook_v2
block as defined below. - forward
Proxy StringConvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - forward
Proxy StringCustom Host Header Name - The name of the custom header containing the host of the request.
- forward
Proxy StringCustom Scheme Header Name - The name of the custom header containing the scheme of the request.
- github
V2 LinuxFunction App Slot Auth Settings V2Github V2 - A
github_v2
block as defined below. - google
V2 LinuxFunction App Slot Auth Settings V2Google V2 - A
google_v2
block as defined below. - http
Route StringApi Prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - microsoft
V2 LinuxFunction App Slot Auth Settings V2Microsoft V2 - A
microsoft_v2
block as defined below. - require
Authentication Boolean - Should the authentication flow be used for all requests.
- require
Https Boolean - Should HTTPS be required on connections? Defaults to
true
. - runtime
Version String - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - twitter
V2 LinuxFunction App Slot Auth Settings V2Twitter V2 - A
twitter_v2
block as defined below. - unauthenticated
Action String - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
- login
Linux
Function App Slot Auth Settings V2Login - A
login
block as defined below. - active
Directory LinuxV2 Function App Slot Auth Settings V2Active Directory V2 - An
active_directory_v2
block as defined below. - apple
V2 LinuxFunction App Slot Auth Settings V2Apple V2 - An
apple_v2
block as defined below. - auth
Enabled boolean - Should the AuthV2 Settings be enabled. Defaults to
false
. - azure
Static LinuxWeb App V2 Function App Slot Auth Settings V2Azure Static Web App V2 - An
azure_static_web_app_v2
block as defined below. - config
File stringPath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- custom
Oidc LinuxV2s Function App Slot Auth Settings V2Custom Oidc V2[] - Zero or more
custom_oidc_v2
blocks as defined below. - default
Provider string The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- excluded
Paths string[] The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- facebook
V2 LinuxFunction App Slot Auth Settings V2Facebook V2 - A
facebook_v2
block as defined below. - forward
Proxy stringConvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - forward
Proxy stringCustom Host Header Name - The name of the custom header containing the host of the request.
- forward
Proxy stringCustom Scheme Header Name - The name of the custom header containing the scheme of the request.
- github
V2 LinuxFunction App Slot Auth Settings V2Github V2 - A
github_v2
block as defined below. - google
V2 LinuxFunction App Slot Auth Settings V2Google V2 - A
google_v2
block as defined below. - http
Route stringApi Prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - microsoft
V2 LinuxFunction App Slot Auth Settings V2Microsoft V2 - A
microsoft_v2
block as defined below. - require
Authentication boolean - Should the authentication flow be used for all requests.
- require
Https boolean - Should HTTPS be required on connections? Defaults to
true
. - runtime
Version string - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - twitter
V2 LinuxFunction App Slot Auth Settings V2Twitter V2 - A
twitter_v2
block as defined below. - unauthenticated
Action string - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
- login
Linux
Function App Slot Auth Settings V2Login - A
login
block as defined below. - active_
directory_ Linuxv2 Function App Slot Auth Settings V2Active Directory V2 - An
active_directory_v2
block as defined below. - apple_
v2 LinuxFunction App Slot Auth Settings V2Apple V2 - An
apple_v2
block as defined below. - auth_
enabled bool - Should the AuthV2 Settings be enabled. Defaults to
false
. - azure_
static_ Linuxweb_ app_ v2 Function App Slot Auth Settings V2Azure Static Web App V2 - An
azure_static_web_app_v2
block as defined below. - config_
file_ strpath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- custom_
oidc_ Sequence[Linuxv2s Function App Slot Auth Settings V2Custom Oidc V2] - Zero or more
custom_oidc_v2
blocks as defined below. - default_
provider str The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- excluded_
paths Sequence[str] The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- facebook_
v2 LinuxFunction App Slot Auth Settings V2Facebook V2 - A
facebook_v2
block as defined below. - forward_
proxy_ strconvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - forward_
proxy_ strcustom_ host_ header_ name - The name of the custom header containing the host of the request.
- forward_
proxy_ strcustom_ scheme_ header_ name - The name of the custom header containing the scheme of the request.
- github_
v2 LinuxFunction App Slot Auth Settings V2Github V2 - A
github_v2
block as defined below. - google_
v2 LinuxFunction App Slot Auth Settings V2Google V2 - A
google_v2
block as defined below. - http_
route_ strapi_ prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - microsoft_
v2 LinuxFunction App Slot Auth Settings V2Microsoft V2 - A
microsoft_v2
block as defined below. - require_
authentication bool - Should the authentication flow be used for all requests.
- require_
https bool - Should HTTPS be required on connections? Defaults to
true
. - runtime_
version str - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - twitter_
v2 LinuxFunction App Slot Auth Settings V2Twitter V2 - A
twitter_v2
block as defined below. - unauthenticated_
action str - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
- login Property Map
- A
login
block as defined below. - active
Directory Property MapV2 - An
active_directory_v2
block as defined below. - apple
V2 Property Map - An
apple_v2
block as defined below. - auth
Enabled Boolean - Should the AuthV2 Settings be enabled. Defaults to
false
. - azure
Static Property MapWeb App V2 - An
azure_static_web_app_v2
block as defined below. - config
File StringPath The path to the App Auth settings.
Note: Relative Paths are evaluated from the Site Root directory.
- custom
Oidc List<Property Map>V2s - Zero or more
custom_oidc_v2
blocks as defined below. - default
Provider String The Default Authentication Provider to use when the
unauthenticated_action
is set toRedirectToLoginPage
. Possible values include:apple
,azureactivedirectory
,facebook
,github
,google
,twitter
and thename
of yourcustom_oidc_v2
provider.NOTE: Whilst any value will be accepted by the API for
default_provider
, it can leave the app in an unusable state if this value does not correspond to the name of a known provider (either built-in value, or custom_oidc name) as it is used to build the auth endpoint URI.- excluded
Paths List<String> The paths which should be excluded from the
unauthenticated_action
when it is set toRedirectToLoginPage
.NOTE: This list should be used instead of setting
WEBSITE_WARMUP_PATH
inapp_settings
as it takes priority.- facebook
V2 Property Map - A
facebook_v2
block as defined below. - forward
Proxy StringConvention - The convention used to determine the url of the request made. Possible values include
NoProxy
,Standard
,Custom
. Defaults toNoProxy
. - forward
Proxy StringCustom Host Header Name - The name of the custom header containing the host of the request.
- forward
Proxy StringCustom Scheme Header Name - The name of the custom header containing the scheme of the request.
- github
V2 Property Map - A
github_v2
block as defined below. - google
V2 Property Map - A
google_v2
block as defined below. - http
Route StringApi Prefix - The prefix that should precede all the authentication and authorisation paths. Defaults to
/.auth
. - microsoft
V2 Property Map - A
microsoft_v2
block as defined below. - require
Authentication Boolean - Should the authentication flow be used for all requests.
- require
Https Boolean - Should HTTPS be required on connections? Defaults to
true
. - runtime
Version String - The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to
~1
. - twitter
V2 Property Map - A
twitter_v2
block as defined below. - unauthenticated
Action String - The action to take for requests made without authentication. Possible values include
RedirectToLoginPage
,AllowAnonymous
,Return401
, andReturn403
. Defaults toRedirectToLoginPage
.
LinuxFunctionAppSlotAuthSettingsV2ActiveDirectoryV2, LinuxFunctionAppSlotAuthSettingsV2ActiveDirectoryV2Args
- Client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- Tenant
Auth stringEndpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- Allowed
Applications List<string> - The list of allowed Applications for the Default Authorisation Policy.
- Allowed
Audiences List<string> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- Allowed
Groups List<string> - The list of allowed Group Names for the Default Authorisation Policy.
- Allowed
Identities List<string> - The list of allowed Identities for the Default Authorisation Policy.
- Client
Secret stringCertificate Thumbprint - The thumbprint of the certificate used for signing purposes.
- Client
Secret stringSetting Name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Jwt
Allowed List<string>Client Applications - A list of Allowed Client Applications in the JWT Claim.
- Jwt
Allowed List<string>Groups - A list of Allowed Groups in the JWT Claim.
- Login
Parameters Dictionary<string, string> - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- Www
Authentication boolDisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
- Client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- Tenant
Auth stringEndpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- Allowed
Applications []string - The list of allowed Applications for the Default Authorisation Policy.
- Allowed
Audiences []string Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- Allowed
Groups []string - The list of allowed Group Names for the Default Authorisation Policy.
- Allowed
Identities []string - The list of allowed Identities for the Default Authorisation Policy.
- Client
Secret stringCertificate Thumbprint - The thumbprint of the certificate used for signing purposes.
- Client
Secret stringSetting Name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Jwt
Allowed []stringClient Applications - A list of Allowed Client Applications in the JWT Claim.
- Jwt
Allowed []stringGroups - A list of Allowed Groups in the JWT Claim.
- Login
Parameters map[string]string - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- Www
Authentication boolDisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
- client
Id String - The ID of the Client to use to authenticate with Azure Active Directory.
- tenant
Auth StringEndpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- allowed
Applications List<String> - The list of allowed Applications for the Default Authorisation Policy.
- allowed
Audiences List<String> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- allowed
Groups List<String> - The list of allowed Group Names for the Default Authorisation Policy.
- allowed
Identities List<String> - The list of allowed Identities for the Default Authorisation Policy.
- client
Secret StringCertificate Thumbprint - The thumbprint of the certificate used for signing purposes.
- client
Secret StringSetting Name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- jwt
Allowed List<String>Client Applications - A list of Allowed Client Applications in the JWT Claim.
- jwt
Allowed List<String>Groups - A list of Allowed Groups in the JWT Claim.
- login
Parameters Map<String,String> - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- www
Authentication BooleanDisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
- client
Id string - The ID of the Client to use to authenticate with Azure Active Directory.
- tenant
Auth stringEndpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- allowed
Applications string[] - The list of allowed Applications for the Default Authorisation Policy.
- allowed
Audiences string[] Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- allowed
Groups string[] - The list of allowed Group Names for the Default Authorisation Policy.
- allowed
Identities string[] - The list of allowed Identities for the Default Authorisation Policy.
- client
Secret stringCertificate Thumbprint - The thumbprint of the certificate used for signing purposes.
- client
Secret stringSetting Name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- jwt
Allowed string[]Client Applications - A list of Allowed Client Applications in the JWT Claim.
- jwt
Allowed string[]Groups - A list of Allowed Groups in the JWT Claim.
- login
Parameters {[key: string]: string} - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- www
Authentication booleanDisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
- client_
id str - The ID of the Client to use to authenticate with Azure Active Directory.
- tenant_
auth_ strendpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- allowed_
applications Sequence[str] - The list of allowed Applications for the Default Authorisation Policy.
- allowed_
audiences Sequence[str] Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- allowed_
groups Sequence[str] - The list of allowed Group Names for the Default Authorisation Policy.
- allowed_
identities Sequence[str] - The list of allowed Identities for the Default Authorisation Policy.
- client_
secret_ strcertificate_ thumbprint - The thumbprint of the certificate used for signing purposes.
- client_
secret_ strsetting_ name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- jwt_
allowed_ Sequence[str]client_ applications - A list of Allowed Client Applications in the JWT Claim.
- jwt_
allowed_ Sequence[str]groups - A list of Allowed Groups in the JWT Claim.
- login_
parameters Mapping[str, str] - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- www_
authentication_ booldisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
- client
Id String - The ID of the Client to use to authenticate with Azure Active Directory.
- tenant
Auth StringEndpoint The Azure Tenant Endpoint for the Authenticating Tenant. e.g.
https://login.microsoftonline.com/{tenant-guid}/v2.0/
NOTE: Here is a list of possible authentication endpoints based on the cloud environment. Here is more information to better understand how to configure authentication for Azure App Service or Azure Functions.
- allowed
Applications List<String> - The list of allowed Applications for the Default Authorisation Policy.
- allowed
Audiences List<String> Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- allowed
Groups List<String> - The list of allowed Group Names for the Default Authorisation Policy.
- allowed
Identities List<String> - The list of allowed Identities for the Default Authorisation Policy.
- client
Secret StringCertificate Thumbprint - The thumbprint of the certificate used for signing purposes.
- client
Secret StringSetting Name The App Setting name that contains the client secret of the Client.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- jwt
Allowed List<String>Client Applications - A list of Allowed Client Applications in the JWT Claim.
- jwt
Allowed List<String>Groups - A list of Allowed Groups in the JWT Claim.
- login
Parameters Map<String> - A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
- www
Authentication BooleanDisabled - Should the www-authenticate provider should be omitted from the request? Defaults to
false
.
LinuxFunctionAppSlotAuthSettingsV2AppleV2, LinuxFunctionAppSlotAuthSettingsV2AppleV2Args
- Client
Id string - The OpenID Connect Client ID for the Apple web application.
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Login
Scopes List<string> A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- Client
Id string - The OpenID Connect Client ID for the Apple web application.
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Login
Scopes []string A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- client
Id String - The OpenID Connect Client ID for the Apple web application.
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes List<String> A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- client
Id string - The OpenID Connect Client ID for the Apple web application.
- client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes string[] A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- client_
id str - The OpenID Connect Client ID for the Apple web application.
- client_
secret_ strsetting_ name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login_
scopes Sequence[str] A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
- client
Id String - The OpenID Connect Client ID for the Apple web application.
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for Apple Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes List<String> A list of Login Scopes provided by this Authentication Provider.
NOTE: This is configured on the Authentication Provider side and is Read Only here.
LinuxFunctionAppSlotAuthSettingsV2AzureStaticWebAppV2, LinuxFunctionAppSlotAuthSettingsV2AzureStaticWebAppV2Args
- Client
Id string - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
- Client
Id string - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
- client
Id String - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
- client
Id string - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
- client_
id str - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
- client
Id String - The ID of the Client to use to authenticate with Azure Static Web App Authentication.
LinuxFunctionAppSlotAuthSettingsV2CustomOidcV2, LinuxFunctionAppSlotAuthSettingsV2CustomOidcV2Args
- Client
Id string - The ID of the Client to use to authenticate with the Custom OIDC.
- Name string
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- Openid
Configuration stringEndpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - string
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - Certification
Uri string - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - Client
Credential stringMethod - The Client Credential Method used.
- Client
Secret stringSetting Name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - Issuer
Endpoint string - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - Name
Claim stringType - The name of the claim that contains the users name.
- Scopes List<string>
- The list of the scopes that should be requested while authenticating.
- Token
Endpoint string - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
- Client
Id string - The ID of the Client to use to authenticate with the Custom OIDC.
- Name string
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- Openid
Configuration stringEndpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - string
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - Certification
Uri string - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - Client
Credential stringMethod - The Client Credential Method used.
- Client
Secret stringSetting Name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - Issuer
Endpoint string - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - Name
Claim stringType - The name of the claim that contains the users name.
- Scopes []string
- The list of the scopes that should be requested while authenticating.
- Token
Endpoint string - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
- client
Id String - The ID of the Client to use to authenticate with the Custom OIDC.
- name String
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- openid
Configuration StringEndpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - String
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - certification
Uri String - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - client
Credential StringMethod - The Client Credential Method used.
- client
Secret StringSetting Name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - issuer
Endpoint String - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - name
Claim StringType - The name of the claim that contains the users name.
- scopes List<String>
- The list of the scopes that should be requested while authenticating.
- token
Endpoint String - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
- client
Id string - The ID of the Client to use to authenticate with the Custom OIDC.
- name string
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- openid
Configuration stringEndpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - string
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - certification
Uri string - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - client
Credential stringMethod - The Client Credential Method used.
- client
Secret stringSetting Name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - issuer
Endpoint string - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - name
Claim stringType - The name of the claim that contains the users name.
- scopes string[]
- The list of the scopes that should be requested while authenticating.
- token
Endpoint string - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
- client_
id str - The ID of the Client to use to authenticate with the Custom OIDC.
- name str
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- openid_
configuration_ strendpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - str
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - certification_
uri str - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - client_
credential_ strmethod - The Client Credential Method used.
- client_
secret_ strsetting_ name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - issuer_
endpoint str - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - name_
claim_ strtype - The name of the claim that contains the users name.
- scopes Sequence[str]
- The list of the scopes that should be requested while authenticating.
- token_
endpoint str - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
- client
Id String - The ID of the Client to use to authenticate with the Custom OIDC.
- name String
The name of the Custom OIDC Authentication Provider.
NOTE: An
app_setting
matching this value in upper case with the suffix of_PROVIDER_AUTHENTICATION_SECRET
is required. e.g.MYOIDC_PROVIDER_AUTHENTICATION_SECRET
for a value ofmyoidc
.- openid
Configuration StringEndpoint - The app setting name that contains the
client_secret
value used for the Custom OIDC Login. - String
- The endpoint to make the Authorisation Request as supplied by
openid_configuration_endpoint
response. - certification
Uri String - The endpoint that provides the keys necessary to validate the token as supplied by
openid_configuration_endpoint
response. - client
Credential StringMethod - The Client Credential Method used.
- client
Secret StringSetting Name - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from
name
above and suffixed with_PROVIDER_AUTHENTICATION_SECRET
. - issuer
Endpoint String - The endpoint that issued the Token as supplied by
openid_configuration_endpoint
response. - name
Claim StringType - The name of the claim that contains the users name.
- scopes List<String>
- The list of the scopes that should be requested while authenticating.
- token
Endpoint String - The endpoint used to request a Token as supplied by
openid_configuration_endpoint
response.
LinuxFunctionAppSlotAuthSettingsV2FacebookV2, LinuxFunctionAppSlotAuthSettingsV2FacebookV2Args
- App
Id string - The App ID of the Facebook app used for login.
- App
Secret stringSetting Name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Graph
Api stringVersion - The version of the Facebook API to be used while logging in.
- Login
Scopes List<string> - The list of scopes that should be requested as part of Facebook Login authentication.
- App
Id string - The App ID of the Facebook app used for login.
- App
Secret stringSetting Name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Graph
Api stringVersion - The version of the Facebook API to be used while logging in.
- Login
Scopes []string - The list of scopes that should be requested as part of Facebook Login authentication.
- app
Id String - The App ID of the Facebook app used for login.
- app
Secret StringSetting Name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- graph
Api StringVersion - The version of the Facebook API to be used while logging in.
- login
Scopes List<String> - The list of scopes that should be requested as part of Facebook Login authentication.
- app
Id string - The App ID of the Facebook app used for login.
- app
Secret stringSetting Name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- graph
Api stringVersion - The version of the Facebook API to be used while logging in.
- login
Scopes string[] - The list of scopes that should be requested as part of Facebook Login authentication.
- app_
id str - The App ID of the Facebook app used for login.
- app_
secret_ strsetting_ name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- graph_
api_ strversion - The version of the Facebook API to be used while logging in.
- login_
scopes Sequence[str] - The list of scopes that should be requested as part of Facebook Login authentication.
- app
Id String - The App ID of the Facebook app used for login.
- app
Secret StringSetting Name The app setting name that contains the
app_secret
value used for Facebook Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- graph
Api StringVersion - The version of the Facebook API to be used while logging in.
- login
Scopes List<String> - The list of scopes that should be requested as part of Facebook Login authentication.
LinuxFunctionAppSlotAuthSettingsV2GithubV2, LinuxFunctionAppSlotAuthSettingsV2GithubV2Args
- Client
Id string - The ID of the GitHub app used for login..
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Login
Scopes List<string> - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
- Client
Id string - The ID of the GitHub app used for login..
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Login
Scopes []string - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
- client
Id String - The ID of the GitHub app used for login..
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes List<String> - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
- client
Id string - The ID of the GitHub app used for login..
- client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes string[] - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
- client_
id str - The ID of the GitHub app used for login..
- client_
secret_ strsetting_ name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login_
scopes Sequence[str] - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
- client
Id String - The ID of the GitHub app used for login..
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for GitHub Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- login
Scopes List<String> - The list of OAuth 2.0 scopes that should be requested as part of GitHub Login authentication.
LinuxFunctionAppSlotAuthSettingsV2GoogleV2, LinuxFunctionAppSlotAuthSettingsV2GoogleV2Args
- Client
Id string - The OpenID Connect Client ID for the Google web application.
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Allowed
Audiences List<string> - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- Login
Scopes List<string> - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
- Client
Id string - The OpenID Connect Client ID for the Google web application.
- Client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Allowed
Audiences []string - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- Login
Scopes []string - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
- client
Id String - The OpenID Connect Client ID for the Google web application.
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- allowed
Audiences List<String> - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- login
Scopes List<String> - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
- client
Id string - The OpenID Connect Client ID for the Google web application.
- client
Secret stringSetting Name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- allowed
Audiences string[] - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- login
Scopes string[] - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
- client_
id str - The OpenID Connect Client ID for the Google web application.
- client_
secret_ strsetting_ name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- allowed_
audiences Sequence[str] - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- login_
scopes Sequence[str] - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
- client
Id String - The OpenID Connect Client ID for the Google web application.
- client
Secret StringSetting Name The app setting name that contains the
client_secret
value used for Google Login.!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- allowed
Audiences List<String> - Specifies a list of Allowed Audiences that should be requested as part of Google Sign-In authentication.
- login
Scopes List<String> - The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
LinuxFunctionAppSlotAuthSettingsV2Login, LinuxFunctionAppSlotAuthSettingsV2LoginArgs
- Allowed
External List<string>Redirect Urls External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
Note: URLs within the current domain are always implicitly allowed.
- string
- The method by which cookies expire. Possible values include:
FixedTime
, andIdentityProviderDerived
. Defaults toFixedTime
. - string
- The time after the request is made when the session cookie should expire. Defaults to
08:00:00
. - Logout
Endpoint string - The endpoint to which logout requests should be made.
- Nonce
Expiration stringTime - The time after the request is made when the nonce should expire. Defaults to
00:05:00
. - Preserve
Url boolFragments For Logins - Should the fragments from the request be preserved after the login request is made. Defaults to
false
. - Token
Refresh doubleExtension Time - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - Token
Store boolEnabled - Should the Token Store configuration Enabled. Defaults to
false
- Token
Store stringPath - The directory path in the App Filesystem in which the tokens will be stored.
- Token
Store stringSas Setting Name - The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
- Validate
Nonce bool - Should the nonce be validated while completing the login flow. Defaults to
true
.
- Allowed
External []stringRedirect Urls External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
Note: URLs within the current domain are always implicitly allowed.
- string
- The method by which cookies expire. Possible values include:
FixedTime
, andIdentityProviderDerived
. Defaults toFixedTime
. - string
- The time after the request is made when the session cookie should expire. Defaults to
08:00:00
. - Logout
Endpoint string - The endpoint to which logout requests should be made.
- Nonce
Expiration stringTime - The time after the request is made when the nonce should expire. Defaults to
00:05:00
. - Preserve
Url boolFragments For Logins - Should the fragments from the request be preserved after the login request is made. Defaults to
false
. - Token
Refresh float64Extension Time - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - Token
Store boolEnabled - Should the Token Store configuration Enabled. Defaults to
false
- Token
Store stringPath - The directory path in the App Filesystem in which the tokens will be stored.
- Token
Store stringSas Setting Name - The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
- Validate
Nonce bool - Should the nonce be validated while completing the login flow. Defaults to
true
.
- allowed
External List<String>Redirect Urls External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
Note: URLs within the current domain are always implicitly allowed.
- String
- The method by which cookies expire. Possible values include:
FixedTime
, andIdentityProviderDerived
. Defaults toFixedTime
. - String
- The time after the request is made when the session cookie should expire. Defaults to
08:00:00
. - logout
Endpoint String - The endpoint to which logout requests should be made.
- nonce
Expiration StringTime - The time after the request is made when the nonce should expire. Defaults to
00:05:00
. - preserve
Url BooleanFragments For Logins - Should the fragments from the request be preserved after the login request is made. Defaults to
false
. - token
Refresh DoubleExtension Time - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token
Store BooleanEnabled - Should the Token Store configuration Enabled. Defaults to
false
- token
Store StringPath - The directory path in the App Filesystem in which the tokens will be stored.
- token
Store StringSas Setting Name - The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
- validate
Nonce Boolean - Should the nonce be validated while completing the login flow. Defaults to
true
.
- allowed
External string[]Redirect Urls External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
Note: URLs within the current domain are always implicitly allowed.
- string
- The method by which cookies expire. Possible values include:
FixedTime
, andIdentityProviderDerived
. Defaults toFixedTime
. - string
- The time after the request is made when the session cookie should expire. Defaults to
08:00:00
. - logout
Endpoint string - The endpoint to which logout requests should be made.
- nonce
Expiration stringTime - The time after the request is made when the nonce should expire. Defaults to
00:05:00
. - preserve
Url booleanFragments For Logins - Should the fragments from the request be preserved after the login request is made. Defaults to
false
. - token
Refresh numberExtension Time - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token
Store booleanEnabled - Should the Token Store configuration Enabled. Defaults to
false
- token
Store stringPath - The directory path in the App Filesystem in which the tokens will be stored.
- token
Store stringSas Setting Name - The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
- validate
Nonce boolean - Should the nonce be validated while completing the login flow. Defaults to
true
.
- allowed_
external_ Sequence[str]redirect_ urls External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
Note: URLs within the current domain are always implicitly allowed.
- str
- The method by which cookies expire. Possible values include:
FixedTime
, andIdentityProviderDerived
. Defaults toFixedTime
. - str
- The time after the request is made when the session cookie should expire. Defaults to
08:00:00
. - logout_
endpoint str - The endpoint to which logout requests should be made.
- nonce_
expiration_ strtime - The time after the request is made when the nonce should expire. Defaults to
00:05:00
. - preserve_
url_ boolfragments_ for_ logins - Should the fragments from the request be preserved after the login request is made. Defaults to
false
. - token_
refresh_ floatextension_ time - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token_
store_ boolenabled - Should the Token Store configuration Enabled. Defaults to
false
- token_
store_ strpath - The directory path in the App Filesystem in which the tokens will be stored.
- token_
store_ strsas_ setting_ name - The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
- validate_
nonce bool - Should the nonce be validated while completing the login flow. Defaults to
true
.
- allowed
External List<String>Redirect Urls External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
Note: URLs within the current domain are always implicitly allowed.
- String
- The method by which cookies expire. Possible values include:
FixedTime
, andIdentityProviderDerived
. Defaults toFixedTime
. - String
- The time after the request is made when the session cookie should expire. Defaults to
08:00:00
. - logout
Endpoint String - The endpoint to which logout requests should be made.
- nonce
Expiration StringTime - The time after the request is made when the nonce should expire. Defaults to
00:05:00
. - preserve
Url BooleanFragments For Logins - Should the fragments from the request be preserved after the login request is made. Defaults to
false
. - token
Refresh NumberExtension Time - The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to
72
hours. - token
Store BooleanEnabled - Should the Token Store configuration Enabled. Defaults to
false
- token
Store StringPath - The directory path in the App Filesystem in which the tokens will be stored.
- token
Store StringSas Setting Name - The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
- validate
Nonce Boolean - Should the nonce be validated while completing the login flow. Defaults to
true
.
LinuxFunctionAppSlotAuthSettingsV2MicrosoftV2, LinuxFunctionAppSlotAuthSettingsV2MicrosoftV2Args
- Client
Id string - The OAuth 2.0 client ID that was created for the app used for authentication.
- Client
Secret stringSetting Name The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Allowed
Audiences List<string> - Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
- Login
Scopes List<string> - The list of Login scopes that should be requested as part of Microsoft Account authentication.
- Client
Id string - The OAuth 2.0 client ID that was created for the app used for authentication.
- Client
Secret stringSetting Name The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.- Allowed
Audiences []string - Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
- Login
Scopes []string - The list of Login scopes that should be requested as part of Microsoft Account authentication.
- client
Id String - The OAuth 2.0 client ID that was created for the app used for authentication.
- client
Secret StringSetting Name The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
!> NOTE: A setting with this name must exist in
app_settings
to function correctly.