Terraform module to create app-service resource on AZURE.
We eat, drink, sleep and most importantly love DevOps. We are working towards strategies for standardizing architecture while ensuring security for the infrastructure. We are strong believer of the philosophy Bigger problems are always solved by breaking them into smaller manageable problems. Resonating with microservices architecture, it is considered best-practice to run database, cluster, storage in smaller connected yet manageable pieces within the infrastructure.
This module is basically combination of Terraform open source and includes automatation tests and examples. It also helps to create and improve your infrastructure with minimalistic code instead of maintaining the whole infrastructure code yourself.
We have fifty plus terraform modules. A few of them are comepleted and are available for open source usage while a few others are in progress.
This module has a few dependencies:
- Terraform 1.x.x
- Go
- github.com/stretchr/testify/assert
- github.com/gruntwork-io/terratest/modules/terraform
IMPORTANT: Since the master
branch used in source
varies based on new modifications, we suggest that you use the release versions here.
Here is an example of how you can use this module in your inventory structure:
module "key_vault" {
source = "clouddrove/app-service/azure"
version = "1.0.0"
enabled = true
name = "app"
environment = "test"
label_order = ["name", "environment", ]
resource_group_name = module.resource_group.resource_group_name
location = module.resource_group.resource_group_location
service_plan = {
kind = "Windows"
size = "S1"
tier = "Free"
}
app_service_name = "test-app-service"
enable_client_affinity = true
enable_https = true
site_config = {
use_32_bit_worker_process = true
windows_fx_version = "node|18-lts"
}
app_settings = {
WEBSITE_NODE_DEFAULT_VERSION = "~16"
}
}
Name | Description | Type | Default | Required |
---|---|---|---|---|
active_directory_auth_setttings | Acitve directory authentication provider settings for app service | any |
{} |
no |
addon_resource_group_name | The name of the addon vnet resource group | string |
"" |
no |
addon_vent_link | The name of the addon vnet | bool |
false |
no |
addon_virtual_network_id | The name of the addon vnet link vnet id | string |
"" |
no |
app_insights_name | The Name of the application insights | string |
"" |
no |
app_service_name | Specifies the name of the App Service. | string |
"" |
no |
app_settings | A key-value pair of App Settings. | map(string) |
{} |
no |
application_insights_enabled | Specify the Application Insights use for this App Service | bool |
true |
no |
application_insights_id | Resource ID of the existing Application Insights | any |
null |
no |
application_insights_type | Specifies the type of Application Insights to create. Valid values are ios for iOS, java for Java web, MobileCenter for App Center, Node.JS for Node.js, other for General, phone for Windows Phone, store for Windows Store and web for ASP.NET. |
string |
"web" |
no |
connection_strings | Connection strings for App Service | list(map(string)) |
[] |
no |
default_auth_provider | The default provider to use when multiple providers have been set up. Possible values are AzureActiveDirectory , Facebook , Google , MicrosoftAccount and Twitter |
string |
"AzureActiveDirectory" |
no |
disable_ip_masking | By default the real client ip is masked as 0.0.0.0 in the logs. Use this argument to disable masking and log the real client ip |
bool |
false |
no |
enable_auth_settings | Specifies the Authenication enabled or not | bool |
false |
no |
enable_client_affinity | Should the App Service send session affinity cookies, which route client requests in the same session to the same instance? | bool |
false |
no |
enable_client_certificate | Does the App Service require client certificates for incoming requests | bool |
false |
no |
enable_https | Can the App Service only be accessed via HTTPS? | bool |
false |
no |
enable_private_endpoint | enable or disable private endpoint to storage account | bool |
false |
no |
enable_vnet_integration | Manages an App Service Virtual Network Association | bool |
false |
no |
enabled | Set to false to prevent the module from creating any resources. | bool |
true |
no |
environment | Environment (e.g. prod , dev , staging ). |
string |
"" |
no |
existing_private_dns_zone | Name of the existing private DNS zone | string |
null |
no |
existing_private_dns_zone_resource_group_name | The name of the existing resource group | string |
"" |
no |
identity_ids | Specifies a list of user managed identity ids to be assigned | any |
null |
no |
integration_subnet_id | The resource ID of the subnet | string |
null |
no |
ips_allowed | IPs restriction for App Service to allow specific IP addresses or ranges | list(string) |
[] |
no |
label_order | Label order, e.g. sequence of application name and environment name ,environment ,'attribute' [webserver ,qa ,devops ,public ,] . |
list(any) |
[] |
no |
location | Location where resource group will be created. | string |
null |
no |
managedby | ManagedBy, eg ''. | string |
"" |
no |
name | Name (e.g. app or cluster ). |
string |
"" |
no |
repository | Terraform current module repo | string |
"" |
no |
resource_group_name | A container that holds related resources for an Azure solution | string |
"" |
no |
retention_in_days | Specifies the retention period in days. Possible values are 30 , 60 , 90 , 120 , 180 , 270 , 365 , 550 or 730 |
number |
90 |
no |
service_plan | Definition of the dedicated plan to use | object({ |
n/a | yes |
site_config | Site configuration for Application Service | any |
{} |
no |
storage_mounts | Storage account mount points for App Service | list(map(string)) |
[] |
no |
subnet_id | The resource ID of the subnet | string |
null |
no |
subnet_ids_allowed | Allow Specific Subnets for App Service | list(string) |
[] |
no |
tags | A map of tags to add to all resources | map(string) |
{} |
no |
token_store_enabled | If enabled the module will durably store platform-specific security tokens that are obtained during login flows | bool |
false |
no |
unauthenticated_client_action | The action to take when an unauthenticated client attempts to access the app. Possible values are AllowAnonymous and RedirectToLoginPage |
string |
"RedirectToLoginPage" |
no |
virtual_network_id | The name of the virtual network | string |
null |
no |
Name | Description |
---|---|
custom_domain_verification_id | An identifier used by App Service to perform domain ownership verification via DNS TXT record. |
default_site_hostname | The Default Hostname associated with the App Service - such as mysite.azurewebsites.net |
id | The ID of the App Service. |
maximum_number_of_workers | The maximum number of workers supported with the App Service Plan's sku. |
outbound_ip_address_list | A list of outbound IP addresses - such as ['52.23.25.3', '52.143.43.12'] |
outbound_ip_addresses | A comma separated list of outbound IP addresses - such as 52.23.25.3,52.143.43.12 |
possible_outbound_ip_address_list | A list of outbound IP addresses - such as ['52.23.25.3', '52.143.43.12', '52.143.43.17'] - not all of which are necessarily in use. Superset of outbound_ip_address_list |
possible_outbound_ip_addresses | A comma separated list of outbound IP addresses - such as 52.23.25.3,52.143.43.12,52.143.43.17 - not all of which are necessarily in use. Superset of outbound_ip_addresses |
service_plan_id | The ID of the App Service Plan component. |
site_credential | A site_credential block as defined below, which contains the site-level credentials used to publish to this App Service. |
source_control | A source_control block as defined below, which contains the Source Control information when scm_type is set to LocalGit. |
In this module testing is performed with terratest and it creates a small piece of infrastructure, matches the output like ARN, ID and Tags name etc and destroy infrastructure in your AWS account. This testing is written in GO, so you need a GO environment in your system.
You need to run the following command in the testing folder:
go test -run Test
If you come accross a bug or have any feedback, please log it in our issue tracker, or feel free to drop us an email at [email protected].
If you have found it worth your time, go ahead and give us a ★ on our GitHub!
At CloudDrove, we offer expert guidance, implementation support and services to help organisations accelerate their journey to the cloud. Our services include docker and container orchestration, cloud migration and adoption, infrastructure automation, application modernisation and remediation, and performance engineering.
We are The Cloud Experts!
We ❤️ Open Source and you can check out our other modules to get help with your new Cloud ideas.