Terraform module to create a Linux Web App along with a deployment slot and management lock.
- Azure Resource Naming Convention
- lifecycle-block
- ip_restriction-block
- App Settings
- Requirements
- Providers
- Modules
- Resources
- Inputs
- Outputs
Resource names should clearly indicate their type, workload, environment, and region. Using a consistent naming convention ensures clarity, uniformity, and easy identification across all repositories.
<resource_prefix>-<app_or_project>-<environment>-<region>-<optional_unique_suffix>
| Component | Description | Example |
|---|---|---|
resource_prefix |
Short abbreviation for the resource type. | rg (Resource Group) |
app_or_project |
Identifier for the application or project. | qoh |
environment |
Environment where the resource is deployed (prod, dev, test, etc.). |
prod |
region |
Azure region where the resource resides (e.g., cus for centralus). |
cus |
optional_unique_suffix |
Optional unique string for ensuring name uniqueness, often random or incremental. | abcd, a42n |
- To add the lifecycle block to your configuration, use the following code:
site_config[0].application_stackip_restriction = {
AzureFrontDoor = {
name = "AzureFrontDoor"
action = "Allow"
service_tag = "AzureFrontDoor.Backend"
headers = {
x_azure_fdid = ["XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"]
}
},
Onpremproxy = {
name = "Onpremproxy"
action = "Allow"
ip_address = "XXX.XXX.XX.XX/XX"
}
}- Attempts to import these values will fail.
WEBSITE_HEALTHCHECK_MAXPINGFAILURES = "5"
WEBSITE_HTTPLOGGING_RETENTION_DAYS = "5"| Name | Version |
|---|---|
| terraform | >=0.13 |
| azurerm | >=4.0.0 |
| Name | Version |
|---|---|
| azurerm | >=4.0.0 |
No modules.
| Name | Type |
|---|---|
| azurerm_linux_web_app.linux_web_app | resource |
| azurerm_linux_web_app_slot.linux_web_app_staging_slot | resource |
| azurerm_management_lock.management_lock | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app_settings | (Optional) A map of key-value pairs for App Settings and custom values. | any |
{} |
no |
| auth_settings | (Optional) A auth_settings block. | any |
{} |
no |
| auth_settings_v2 | (Optional) A auth_settings_v2 block. | any |
{} |
no |
| backup | (Optional) A backup block. | any |
{} |
no |
| client_affinity_enabled | (Optional) Should Client Affinity be enabled? | bool |
null |
no |
| client_certificate_enabled | (Optional) Should Client Certificates be enabled? | bool |
null |
no |
| client_certificate_exclusion_paths | (Optional) Paths to exclude when using client certificates, separated by ; | any |
null |
no |
| client_certificate_mode | (Optional) The Client Certificate mode. Possible values are Required, Optional, and OptionalInteractiveUser. This property has no effect when client_certificate_enabled is false. Defaults to Required. | string |
"Required" |
no |
| connection_string | (Optional) One or more connection_string blocks. | any |
{} |
no |
| enable_management_lock | (Optional) Should the Linux Web App Management Lock be enabled? Defaults to false | bool |
false |
no |
| enable_staging_slot | (Optional) Should the Linux Web App Staging Slot be enabled? Defaults to false | bool |
false |
no |
| enabled | (Optional) Should the Linux Web App be enabled? Defaults to true | bool |
true |
no |
| ftp_publish_basic_authentication_enabled | (Optional) Should the default FTP Basic Authentication publishing profile be enabled. Defaults to true. | bool |
true |
no |
| https_only | (Optional) Should the Linux Web App require HTTPS connections. Defaults to false. | bool |
false |
no |
| identity | (Optional) An identity block | any |
{} |
no |
| key_vault_reference_identity_id | (Optional) The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the identity block. | string |
null |
no |
| location | (Required) The Azure Region where the Linux Web App should exist. Changing this forces a new Linux Web App to be created. | string |
n/a | yes |
| logs | (Optional) A logs block. | any |
{} |
no |
| name | (Required) The name which should be used for this Linux Web App. Changing this forces a new Linux Web App to be created. | string |
n/a | yes |
| public_network_access_enabled | (Optional) Should public network access be enabled for the Web App. Defaults to true. | bool |
true |
no |
| resource_group_name | (Required) The name of the Resource Group where the Linux Web App should exist. Changing this forces a new Linux Web App to be created. | string |
n/a | yes |
| service_plan_id | (Required) The ID of the Service Plan that this Linux App Service will be created in. | string |
n/a | yes |
| site_config | (Required) A site_config block. | any |
n/a | yes |
| slot_app_settings | (Optional) A map of key-value pairs for App Settings and custom values. | any |
{} |
no |
| slot_https_only | (Optional) Should the Linux Web App Staging Slot require HTTPS connections. Defaults to false. | bool |
false |
no |
| staging_slot_service_plan_id | (Optional) The ID of the Service Plan in which to run this slot. If not specified the same Service Plan as the Linux Web App will be used. | string |
null |
no |
| sticky_settings | (Optional) A sticky_settings block. | any |
{} |
no |
| storage_account | (Optional) One or more storage_account blocks. | any |
{} |
no |
| tags | (Optional) A mapping of tags to assign to the resource. | map(any) |
{} |
no |
| virtual_network_subnet_id | (Optional) The subnet id which will be used by this Web App for regional virtual network integration. | string |
null |
no |
| webdeploy_publish_basic_authentication_enabled | (Optional) Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to true. | bool |
true |
no |
| zip_deploy_file | (Optional) The local path and filename of the Zip packaged application to deploy to this Linux Web App. | any |
null |
no |
| Name | Description |
|---|---|
| custom_domain_verification_id | The identifier used by App Service to perform domain ownership verification via DNS TXT record. |
| default_hostname | The default hostname of the Linux Web App. |
| hosting_environment_id | The ID of the App Service Environment used by App Service. |
| id | The ID of the Linux Web App. |
| identity | An identity block |
| kind | The Kind value for this Linux Web App. |
| name | The Name of the Linux Web App. |
| outbound_ip_address_list | A list of outbound IP addresses - such as ['52.23.25.3', '52.143.43.12'] |
| outbound_ip_addresses | A comma separated list of outbound IP addresses - such as 52.23.25.3,52.143.43.12. |
| possible_outbound_ip_address_list | A list of possible outbound ip address. |
| possible_outbound_ip_addresses | A comma-separated list of outbound IP addresses - such as 52.23.25.3,52.143.43.12,52.143.43.17 - not all of which are necessarily in use. Superset of outbound_ip_addresses. |
| site_credential | A site_credential block as defined below. |