This Overlay terraform module can create a an Azure Service Plan with a an Azure App Service Web/Function (Linux or Windows) associated with an Application Insights component and manage related parameters (Private Endpoints, etc.) to be used in a SCCA compliant Network.
This module can be SCCA compliant and can be used in a SCCA compliant Network. Enable private endpoints and SCCA compliant network rules to make it SCCA compliant.
For more information, please read the SCCA documentation.
If you want to contribute to this repository, feel free to to contribute to our Terraform module.
More details are available in the CONTRIBUTING.md file.
- Azure App Service Plan
- Azure App Service Web (Linux or Windows)
- Azure App Service Function (Linux or Windows)
- Azure Application Insights
- Azure App Service Slot
- Private Endpoints
- Private DNS zone for
privatelinkA records - Azure Reource Locks
# Azurerm Provider configuration
provider "azurerm" {
features {}
}
module "app_service" {
source = "azurenoops/overlays-app-service/azurerm"
version = "x.x.x"
# By default, this module will create a resource group and
# provide a name for an existing resource group. If you wish
# to use an existing resource group, change the option
# to "create_sql_resource_group = false." The location of the group
# will remain the same if you use the current resource.
existing_resource_group_name = azurerm_resource_group.app-rg.name
location = module.mod_azure_region_lookup.location_cli
environment = "public"
deploy_environment = "dev"
org_name = "anoa"
workload_name = "lapp"
# App Service Plan Configuration
create_app_service_plan = true
app_service_name = "linux-app-service-anoa-dev"
app_service_plan_sku_name = "I1v2"
app_service_resource_type = "App"
app_service_plan_os_type = "Linux"
deployment_slot_count = 1
website_run_from_package = "1"
app_service_plan_worker_count = 1
# Key Vault Configuration
create_app_keyvault = true
# App Service Site Configuration
linux_app_site_config = {
always_on = true
application_stack = {
dotnet_version = "6.0"
}
ftps_state = "Disabled"
http2_enabled = true
http_logging_enabled = true
min_tls_version = "1.2"
remote_debugging_enabled = true
websockets_enabled = false
}
add_tags = {
foo = "basic deployment of app service"
}
}By default, this module will not create a resource group and the name of an existing resource group to be given in an argument existing_resource_group_name. If you want to create a new resource group, set the argument create_app_resource_group = true.
Note
If you are using an existing resource group, then this module uses the same resource group location to create all resources in this module.
Applying tags to your Azure resources, resource groups, and subscriptions to logically organize them into a taxonomy. Each tag consists of a name and a value pair. For example, you can apply the name Environment and the value Production to all the resources in production.
For recommendations on how to implement a tagging strategy, see Resource naming and tagging decision guide.
Important
Tag names are case-insensitive for operations. A tag with a tag name, regardless of the casing, is updated or retrieved. However, the resource provider might keep the casing you provide for the tag name. You'll see that casing in cost reports. Tag values are case-sensitive.
An effective naming convention assembles resource names by using important resource information as parts of a resource's name. For example, using these recommended naming conventions, a public IP resource for a production SharePoint workload is named like this: pip-sharepoint-prod-westus-001.