Data Source: azurermLinuxWebApp
Use this data source to access information about an existing Linux Web App.
Example Usage
import * as cdktf from "cdktf";
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const dataAzurermLinuxWebAppExample =
new azurerm.dataAzurermLinuxWebApp.DataAzurermLinuxWebApp(this, "example", {
name: "existing",
resource_group_name: "existing",
});
new cdktf.TerraformOutput(this, "id", {
value: dataAzurermLinuxWebAppExample.id,
});
Arguments Reference
The following arguments are supported:
-
name
- (Required) The name of this Linux Web App. -
resourceGroupName
- (Required) The name of the Resource Group where the Linux Web App exists.
Attributes Reference
In addition to the Arguments listed above - the following Attributes are exported:
-
id
- The ID of the Linux Web App. -
appMetadata
- AnappMetadata
block as defined below. -
appSettings
- AnappSettings
block as defined below. -
authSettings
- AnauthSettings
block as defined below. -
authSettingsV2
- AnauthSettingsV2
block as defined below. -
backup
- Abackup
block as defined below. -
clientAffinityEnabled
- Is Client Affinity enabled? -
clientCertificateEnabled
- Are Client Certificates enabled? -
clientCertificateMode
- The Client Certificate mode. -
clientCertificateExclusionPaths
- Paths to exclude when using client certificates, separated by ; -
connectionString
- AconnectionString
block as defined below. -
customDomainVerificationId
- The identifier used by App Service to perform domain ownership verification via DNS TXT record. -
defaultHostname
- The default hostname of the Linux Web App. -
enabled
- Is the Linux Web App enabled? -
httpsOnly
- Should the Linux Web App require HTTPS connections. -
identity
- Aidentity
block as defined below. -
kind
- The Kind value for this Linux Web App. -
location
- The Azure Region where the Linux Web App exists. -
logs
- Alogs
block as defined below. -
outboundIpAddressList
- AoutboundIpAddressList
block as defined below. -
outboundIpAddresses
- A comma separated list of outbound IP addresses - such as5223253,521434312
. -
possibleOutboundIpAddressList
- ApossibleOutboundIpAddressList
block as defined below. -
possibleOutboundIpAddresses
- A comma separated list of outbound IP addresses - such as5223253,521434312,521434317
- not all of which are necessarily in use. Superset ofoutboundIpAddresses
. -
servicePlanId
- The ID of the Service Plan that this Linux Web App exists in. -
siteConfig
- AsiteConfig
block as defined below. -
siteCredential
- AsiteCredential
block as defined below. -
stickySettings
- AstickySettings
block as defined below. -
storageAccount
- AstorageAccount
block as defined below. -
virtualNetworkSubnetId
- The subnet id which the Linux Web App is vNet Integrated with. -
tags
- A mapping of tags assigned to the Linux Web App.
A action
block exports the following:
-
actionType
- The predefined action to be taken to an Auto Heal trigger. -
minimumProcessExecutionTime
- The minimum amount of time inhh:mm:ss
the Linux Web App must have been running before the defined action will be run in the event of a trigger.
An activeDirectory
block exports the following:
-
allowedAudiences
- AnallowedAudiences
block as defined below. -
clientId
- The ID of the Client used to authenticate with Azure Active Directory. -
clientSecret
- The Client Secret for the Client ID. -
clientSecretSettingName
- The App Setting name that contains the client secret of the Client.
An applicationLogs
block exports the following:
-
azureBlobStorage
- AnazureBlobStorage
block as defined below. -
fileSystemLevel
- The logging level.
An applicationStack
block exports the following:
-
dockerImage
- The Docker image reference, including repository. -
dockerImageTag
- The image Tag. -
dotnetVersion
- The version of .NET in use. -
javaServer
- The Java server type. -
javaServerVersion
- The Version of thejavaServer
in use. -
javaVersion
- The Version of Java in use. -
nodeVersion
- The version of Node in use. -
phpVersion
- The version of PHP in use. -
pythonVersion
- The version of Python in use. -
rubyVersion
- The version of Ruby in use.
A authSettings
block exports the following:
-
activeDirectory
- AactiveDirectory
block as defined above. -
additionalLoginParameters
- AadditionalLoginParameters
block as defined above. -
allowedExternalRedirectUrls
- AallowedExternalRedirectUrls
block as defined above. -
defaultProvider
- The default authentication provider in use when multiple providers are configured. -
enabled
- Is the Authentication / Authorization feature enabled for the Linux Web App? -
facebook
- Afacebook
block as defined below. -
github
- Agithub
block as defined below. -
google
- Agoogle
block as defined below. -
issuer
- The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Linux Web App. -
microsoft
- Amicrosoft
block as defined below. -
runtimeVersion
- The RuntimeVersion of the Authentication / Authorization feature in use for the Linux Web App. -
tokenRefreshExtensionHours
- The number of hours after session token expiration that a session token can be used to call the token refresh API. -
tokenStoreEnabled
- Does Linux Web App durably store platform-specific security tokens that are obtained during login flows enabled? -
twitter
- Atwitter
block as defined below. -
unauthenticatedClientAction
- The action to take when an unauthenticated client attempts to access the app.
An authSettingsV2
block exports the following:
-
authEnabled
- Are the AuthV2 Settings enabled. -
runtimeVersion
- The Runtime Version of the Authentication and Authorisation feature of this App. -
configFilePath
- The path to the App Auth settings. -
requireAuthentication
- Is the authentication flow used for all requests. -
unauthenticatedAction
- The action to take for requests made without authentication. -
defaultProvider
-The Default Authentication Provider used when more than one Authentication Provider is configured and theunauthenticatedAction
is set toredirectToLoginPage
. -
excludedPaths
- The paths which should be excluded from theunauthenticatedAction
when it is set toredirectToLoginPage
. -
requireHttps
-Is HTTPS required on connections? -
httpRouteApiPrefix
- The prefix that should precede all the authentication and authorisation paths. -
forwardProxyConvention
- The convention used to determine the url of the request made. -
forwardProxyCustomHostHeaderName
-The name of the custom header containing the host of the request. -
forwardProxyCustomSchemeHeaderName
- The name of the custom header containing the scheme of the request. -
appleV2
- AnappleV2
block as defined below. -
activeDirectoryV2
- AnactiveDirectoryV2
block as defined below. -
azureStaticWebAppV2
- AnazureStaticWebAppV2
block as defined below. -
customOidcV2
- Zero or morecustomOidcV2
blocks as defined below. -
facebookV2
- AfacebookV2
block as defined below. -
githubV2
- AgithubV2
block as defined below. -
googleV2
- AgoogleV2
block as defined below. -
microsoftV2
- AmicrosoftV2
block as defined below. -
twitterV2
- AtwitterV2
block as defined below. -
login
- Alogin
block as defined below.
An appleV2
block supports the following:
-
clientId
- The OpenID Connect Client ID for the Apple web application. -
clientSecretSettingName
- The app setting name that contains theclientSecret
value used for Apple Login. -
loginScopes
- A list of Login Scopes provided by this Authentication Provider.
An activeDirectoryV2
block supports the following:
-
clientId
- The ID of the Client used to authenticate with Azure Active Directory. -
tenantAuthEndpoint
- The Azure Tenant Endpoint for the Authenticating Tenant. e.g.https://loginMicrosoftonlineCom/v20/{tenantGuid}/
-
clientSecretSettingName
- The App Setting name that contains the client secret of the Client. -
clientSecretCertificateThumbprint
- The thumbprint of the certificate used for signing purposes. -
jwtAllowedGroups
- The list of Allowed Groups in the JWT Claim. -
jwtAllowedClientApplications
- The list of Allowed Client Applications in the JWT Claim. -
wwwAuthenticationDisabled
- Is the www-authenticate provider omitted from the request? -
allowedGroups
-The list of allowed Group Names for the Default Authorisation Policy. -
allowedIdentities
- The list of allowed Identities for the Default Authorisation Policy. -
allowedApplications
- The list of allowed Applications for the Default Authorisation Policy. -
loginParameters
- A map of key-value pairs sent to the Authorisation Endpoint when a user logs in. -
allowedAudiences
- Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
An azureStaticWebAppV2
block supports the following:
clientId
- The ID of the Client to use to authenticate with Azure Static Web App Authentication.
A customOidcV2
block supports the following:
-
name
- The name of the Custom OIDC Authentication Provider. -
clientId
- The ID of the Client to use to authenticate with the Custom OIDC. -
openidConfigurationEndpoint
- The app setting name that contains theclientSecret
value used for the Custom OIDC Login. -
nameClaimType
- The name of the claim that contains the users name. -
scopes
- The list of the scopes that are requested while authenticating. -
clientCredentialMethod
- The Client Credential Method used. -
clientSecretSettingName
- The App Setting name that contains the secret for this Custom OIDC Client. This is generated fromname
above and suffixed withproviderAuthenticationSecret
. -
authorisationEndpoint
- The endpoint to make the Authorisation Request as supplied byopenidConfigurationEndpoint
response. -
tokenEndpoint
- The endpoint used to request a Token as supplied byopenidConfigurationEndpoint
response. -
issuerEndpoint
- The endpoint that issued the Token as supplied byopenidConfigurationEndpoint
response. -
certificationUri
- The endpoint that provides the keys necessary to validate the token as supplied byopenidConfigurationEndpoint
response.
A facebookV2
block supports the following:
-
appId
- The App ID of the Facebook app used for login. -
appSecretSettingName
- The app setting name that contains theappSecret
value used for Facebook Login. -
graphApiVersion
- The version of the Facebook API to be used while logging in. -
loginScopes
- The list of scopes that are requested as part of Facebook Login authentication.
A githubV2
block supports the following:
-
clientId
- The ID of the GitHub app used for login.. -
clientSecretSettingName
- The app setting name that contains theclientSecret
value used for GitHub Login. -
loginScopes
- The list of OAuth 2.0 scopes that are requested as part of GitHub Login authentication.
A googleV2
block supports the following:
-
clientId
- The OpenID Connect Client ID for the Google web application. -
clientSecretSettingName
- The app setting name that contains theclientSecret
value used for Google Login. -
allowedAudiences
- The list of Allowed Audiences that are requested as part of Google Sign-In authentication. -
loginScopes
- (Optional) The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
A microsoftV2
block supports the following:
-
clientId
- The OAuth 2.0 client ID that was created for the app used for authentication. -
clientSecretSettingName
- The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. -
allowedAudiences
- The list of Allowed Audiences that are be requested as part of Microsoft Sign-In authentication. -
loginScopes
- The list of Login scopes that are requested as part of Microsoft Account authentication.
A twitterV2
block supports the following:
-
consumerKey
- The OAuth 1.0a consumer key of the Twitter application used for sign-in. -
consumerSecretSettingName
- The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
A login
block supports the following:
-
logoutEndpoint
- The endpoint to which logout requests are made. -
tokenStoreEnabled
- Is the Token Store configuration Enabled. -
tokenRefreshExtensionTime
- The number of hours after session token expiration that a session token can be used to call the token refresh API. -
tokenStorePath
- The directory path in the App Filesystem in which the tokens are stored. -
tokenStoreSasSettingName
- The name of the app setting which contains the SAS URL of the blob storage containing the tokens. -
preserveUrlFragmentsForLogins
- Are the fragments from the request preserved after the login request is made. -
allowedExternalRedirectUrls
- External URLs that can be redirected to as part of logging in or logging out of the app. -
cookieExpirationConvention
- The method by which cookies expire. -
cookieExpirationTime
- The time after the request is made when the session cookie should expire. -
validateNonce
- Is the nonce validated while completing the login flow. -
nonceExpirationTime
- The time after the request is made when the nonce should expire.
A autoHealSetting
block exports the following:
-
action
- Aaction
block as defined above. -
trigger
- Atrigger
block as defined below.
A azureBlobStorage
block exports the following:
-
level
- The level at which to log. Possible values includeerror
,warning
,information
,verbose
andoff
. NOTE: this field is not available forhttpLogs
-
retentionInDays
- The time in days after which to remove blobs. A value of0
means no retention. -
sasUrl
- The SAS url to an Azure blob container.
A backup
block exports the following:
-
enabled
- Is the Backup enabled? -
name
- The name of this Backup. -
schedule
- Aschedule
block as defined below. -
storageAccountUrl
- The SAS URL to the container.
A connectionString
block exports the following:
-
name
- The name of this Connection String. -
type
- The type of database. -
value
- The Connection String value.
A cors
block exports the following:
-
allowedOrigins
- A list of origins that should be allowed to make cross-origin calls. -
supportCredentials
- Whether CORS requests with credentials are allowed.
A facebook
block exports the following:
-
appId
- The App ID of the Facebook app used for login. -
appSecret
- The App Secret of the Facebook app used for Facebook login. -
appSecretSettingName
- The app setting name that contains theappSecret
value used for Facebook login. -
oauthScopes
- A list of OAuth 2.0 scopes that are part of Facebook login authentication.
A fileSystem
block exports the following:
-
retentionInDays
- The retention period in days. -
retentionInMb
- The maximum size in megabytes that log files can use.
A github
block exports the following:
-
clientId
- The ID of the GitHub app used for login. -
clientSecret
- The client secret of the GitHub app used for GitHub login. -
clientSecretSettingName
- The app setting name that contains theclientSecret
value used for GitHub login. -
oauthScopes
- A list of OAuth 2.0 scopes in the GitHub login authentication.
A google
block exports the following:
-
clientId
- The OpenID Connect Client ID for the Google web application. -
clientSecret
- The client secret associated with the Google web application. -
clientSecretSettingName
- The app setting name that contains theclientSecret
value used for Google login. -
oauthScopes
- A list of OAuth 2.0 scopes that are part of Google Sign-In authentication.
A httpLogs
block exports the following:
-
azureBlobStorage
- AazureBlobStorage
block as defined above. -
fileSystem
- AfileSystem
block as defined above.
An identity
block exports the following:
-
type
- The type of Managed Service Identity that is configured on this Linux Web App. -
principalId
- The Principal ID of the System Assigned Managed Service Identity that is configured on this Linux Web App. -
tenantId
- The Tenant ID of the System Assigned Managed Service Identity that is configured on this Linux Web App. -
identityIds
- The list of User Assigned Managed Identity IDs assigned to this Linux Web App.
A logs
block exports the following:
-
applicationLogs
- AapplicationLogs
block as defined above. -
detailedErrorMessages
- Is Detailed Error Messaging enabled. -
failedRequestTracing
- Is Failed Request Tracing enabled. -
httpLogs
- AnhttpLogs
block as defined above.
A microsoft
block exports the following:
-
clientId
- The OAuth 2.0 client ID used by the app for authentication. -
clientSecret
- The OAuth 2.0 client secret used by the app for authentication. -
clientSecretSettingName
- The app setting name containing the OAuth 2.0 client secret used by the app for authentication. -
oauthScopes
- A list of OAuth 2.0 scopes requested as part of Microsoft Account authentication.
A requests
block exports the following:
-
count
- The number of requests in the specifiedinterval
to trigger this rule. -
interval
- The interval inhh:mm:ss
.
A schedule
block exports the following:
-
frequencyInterval
- How often the backup will be executed. -
frequencyUnit
- The unit of time for how often the backup should take place. -
keepAtLeastOneBackup
- Will the service keep at least one backup, regardless of age of backup. -
lastExecutionTime
- The time of the last backup attempt. -
retentionPeriodDays
- After how many days backups should be deleted. -
startTime
- When the schedule should start in RFC-3339 format.
A siteConfig
block exports the following:
-
alwaysOn
- Is this Linux Web App is Always On enabled. -
apiDefinitionUrl
- The ID of the APIM configuration for this Linux Web App. -
apiManagementApiId
- The ID of the API Management API for this Linux Web App. -
appCommandLine
- The command line used to launch this app. -
applicationStack
- AapplicationStack
block as defined above. -
autoHealEnabled
- Are Auto heal rules be enabled. -
autoHealSetting
- AautoHealSetting
block as defined above. -
autoSwapSlotName
- The Linux Web App Slot Name to automatically swap to when deployment to that slot is successfully completed. -
containerRegistryManagedIdentityClientId
- The Client ID of the Managed Service Identity used for connections to the Azure Container Registry. -
containerRegistryUseManagedIdentity
- Do connections for Azure Container Registry use Managed Identity. -
cors
- Acors
block as defined above. -
defaultDocuments
- The list of Default Documents for the Linux Web App. -
detailedErrorLoggingEnabled
- Is Detailed Error Logging enabled. -
ftpsState
- The State of FTP / FTPS service. -
healthCheckPath
- The path to the Health Check endpoint. -
healthCheckEvictionTimeInMin
- (Optional) The amount of time in minutes that a node can be unhealthy before being removed from the load balancer. Possible values are between2
and10
. Only valid in conjunction withhealthCheckPath
. -
http2Enabled
- Is HTTP2.0 enabled. -
ipRestriction
- AipRestriction
block as defined above. -
linuxFxVersion
- ThelinuxFxVersion
string. -
loadBalancingMode
- The site Load Balancing Mode. -
localMysqlEnabled
- Is the Local MySQL enabled. -
managedPipelineMode
- The Managed Pipeline Mode. -
minimumTlsVersion
- The Minimum version of TLS for requests. -
remoteDebuggingEnabled
- Is Remote Debugging enabled. -
remoteDebuggingVersion
- The Remote Debugging Version. -
scmIpRestriction
- AscmIpRestriction
block as defined above. -
scmMinimumTlsVersion
- The Minimum version of TLS for requests to SCM. -
scmType
- The Source Control Management Type in use. -
scmUseMainIpRestriction
- Is the Linux Web AppipRestriction
configuration used for the SCM also. -
use32BitWorker
- Does the Linux Web App use a 32-bit worker. -
vnetRouteAllEnabled
- Are all outbound traffic to NAT Gateways, Network Security Groups and User Defined Routes applied? -
websocketsEnabled
- Are Web Sockets enabled? -
workerCount
- The number of Workers for this Linux App Service.
A siteCredential
block exports the following:
-
name
- The Site Credentials Username used for publishing. -
password
- The Site Credentials Password used for publishing.
A slowRequest
block exports the following:
-
count
- The number of requests within the interval at which to trigger. -
interval
- The time interval. -
path
- The App Path for which this rule applies. -
timeTaken
- The amount of time that qualifies as slow for this rule.
A statusCode
block exports the following:
-
count
- The number of occurrences of the definedstatusCode
in the specifiedinterval
on which to trigger this rule. -
interval
- The time interval in the formhh:mm:ss
. -
path
- The path to which this rule status code applies. -
statusCodeRange
- The status code or range for this rule. -
subStatus
- The Request Sub Status of the Status Code. -
win32Status
- The Win32 Status Code of the Request.
A stickySettings
block exports the following:
-
appSettingNames
- A list ofappSetting
names that the Linux Web App will not swap between Slots when a swap operation is triggered. -
connectionStringNames
- A list ofconnectionString
names that the Linux Web App will not swap between Slots when a swap operation is triggered.
A storageAccount
block exports the following:
-
accessKey
- The Access key for the storage account. -
accountName
- The Name of the Storage Account. -
mountPath
- The path at which to mount the Storage Share. -
name
- The name of this Storage Account. -
shareName
- The Name of the File Share or Container Name for Blob storage. -
type
- The Azure Storage Type.
A trigger
block exports the following:
-
requests
- Arequests
block as defined above. -
slowRequest
- AslowRequest
block as defined above. -
statusCode
- AstatusCode
block as defined above.
A twitter
block exports the following:
-
consumerKey
- The OAuth 1.0a consumer key of the Twitter application used for sign-in. -
consumerSecret
- The OAuth 1.0a consumer secret of the Twitter application used for sign-in. -
consumerSecretSettingName
- The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
read
- (Defaults to 5 minutes) Used when retrieving the Linux Web App.