Data Source: azurermWindowsFunctionApp

Use this data source to access information about an existing Windows Function App.

Example Usage

import * as cdktf from "cdktf";
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const dataAzurermWindowsFunctionAppExample =
  new azurerm.dataAzurermWindowsFunctionApp.DataAzurermWindowsFunctionApp(
    this,
    "example",
    {
      name: "existing",
      resource_group_name: "existing",
    }
  );
new cdktf.TerraformOutput(this, "id", {
  value: dataAzurermWindowsFunctionAppExample.id,
});

Arguments Reference

The following arguments are supported:

name - (Required) The name of this Windows Function App.
resourceGroupName - (Required) The name of the Resource Group where the Windows Function App exists.

Attributes Reference

In addition to the Arguments listed above - the following Attributes are exported:

id - The ID of the Windows Function App.
appSettings - A `map of key-value pairs for App Settings and custom values.
authSettings - A authSettings block as defined below.
authSettingsV2 - A authSettingsV2 block as defined below.
backup - A backup block as defined below.
builtinLoggingEnabled - Is the built-in logging enabled?
clientCertificateEnabled - Is the use of Client Certificates enabled?
clientCertificateMode - The mode of the Function App's client certificates requirement for incoming requests.
clientCertificateExclusionPaths - Paths to exclude when using client certificates, separated by ;
connectionString - One or more connectionString blocks as defined below.
contentShareForceDisabled - Are Content Share Settings disabled?
customDomainVerificationId - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
dailyMemoryTimeQuota - The amount of memory in gigabyte-seconds that your application is allowed to consume per day.
defaultHostname - The default hostname of the Windows Function App.
enabled - Is the Function App enabled?
functionsExtensionVersion - The runtime version associated with the Function App.
httpsOnly - Is the Function App only accessible via HTTPS?
identity - A identity block as defined below.
kind - The Kind value for this Windows Function App.
location - The Azure Region where the Windows Function App exists.
outboundIpAddressList - A list of outbound IP addresses.
outboundIpAddresses - A comma separated list of outbound IP addresses as a string. For example 5223253,521434312.
possibleOutboundIpAddressList - AA list of possible outbound IP addresses, not all of which are necessarily in use.
possibleOutboundIpAddresses - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of outboundIpAddressList. For example ["5223253", "521434312"].
servicePlanId - The ID of the App Service Plan.
siteConfig - A siteConfig block as defined below.
siteCredential - A siteCredential block as defined below.
stickySettings - A stickySettings block as defined below.
storageAccountAccessKey - The access key which is used to access the backend storage account for the Function App.
storageAccountName - The backend storage account name which is used by this Function App.
storageKeyVaultSecretId - The Key Vault Secret ID, including version, that contains the Connection String used to connect to the storage account for this Function App.
storageUsesManagedIdentity - Is the Function App using a Managed Identity to access the storage account?
tags - A mapping of tags assigned to the Windows Function App.
virtualNetworkSubnetId - The subnet id which the Windows Function App is vNet Integrated with.

An activeDirectory block exports the following:

allowedAudiences - A list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
clientId - The ID of the Client to use to authenticate with Azure Active Directory.
clientSecret - The Client Secret for the Client ID.
clientSecretSettingName - The App Setting name that contains the client secret of the Client.

An appServiceLogs block exports the following:

diskQuotaMb - The amount of disk space to use for logs.
retentionPeriodDays - The retention period for logs in days.

An applicationStack block exports the following:

dotnetVersion - The version of .Net to use.
javaVersion - The version of Java to use.
nodeVersion - The version of Node to use.
powershellCoreVersion - The version of PowerShell Core to use.
useCustomRuntime - Is the Windows Function App using a custom runtime?.

A authSettings block exports the following:

activeDirectory - A activeDirectory block as defined above.
additionalLoginParameters - A map of Login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
allowedExternalRedirectUrls - A list of External URLs that can be redirected to as part of logging in or logging out of the Windows Function App.
defaultProvider - The default authentication provider to use when multiple providers are configured.
enabled - Is the Authentication / Authorization feature for the Windows Function enabled?
facebook - A facebook block as defined below.
github - A github block as defined below.
google - A google block as defined below.
issuer - The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Windows Function App.
microsoft - A microsoft block as defined below.
runtimeVersion - The Runtime Version of the Authentication / Authorization feature in use for the Windows Function App.
tokenRefreshExtensionHours - The number of hours after session token expiration that a session token can be used to call the token refresh API.
tokenStoreEnabled - Is the durable storing of platform-specific security token that are obtained during login flows enabled?
twitter - A twitter block as defined below.
unauthenticatedClientAction - The action to take when an unauthenticated client attempts to access the app.

An authSettingsV2 block exports the following:

authEnabled - Are the AuthV2 Settings enabled.
runtimeVersion - The Runtime Version of the Authentication and Authorisation feature of this App.
configFilePath - The path to the App Auth settings.
requireAuthentication - Is the authentication flow used for all requests.
unauthenticatedAction - The action to take for requests made without authentication.
defaultProvider -The Default Authentication Provider used when more than one Authentication Provider is configured and the unauthenticatedAction is set to redirectToLoginPage.
excludedPaths - The paths which should be excluded from the unauthenticatedAction when it is set to redirectToLoginPage.
requireHttps -Is HTTPS required on connections?
httpRouteApiPrefix - The prefix that should precede all the authentication and authorisation paths.
forwardProxyConvention - The convention used to determine the url of the request made.
forwardProxyCustomHostHeaderName -The name of the custom header containing the host of the request.
forwardProxyCustomSchemeHeaderName - The name of the custom header containing the scheme of the request.
appleV2 - An appleV2 block as defined below.
activeDirectoryV2 - An activeDirectoryV2 block as defined below.
azureStaticWebAppV2 - An azureStaticWebAppV2 block as defined below.
customOidcV2 - Zero or more customOidcV2 blocks as defined below.
facebookV2 - A facebookV2 block as defined below.
githubV2 - A githubV2 block as defined below.
googleV2 - A googleV2 block as defined below.
microsoftV2 - A microsoftV2 block as defined below.
twitterV2 - A twitterV2 block as defined below.
login - A login block as defined below.

An appleV2 block supports the following:

clientId - The OpenID Connect Client ID for the Apple web application.
clientSecretSettingName - The app setting name that contains the clientSecret value used for Apple Login.
loginScopes - A list of Login Scopes provided by this Authentication Provider.

An activeDirectoryV2 block supports the following:

clientId - The ID of the Client used to authenticate with Azure Active Directory.
tenantAuthEndpoint - The Azure Tenant Endpoint for the Authenticating Tenant. e.g. https://loginMicrosoftonlineCom/v20/{tenantGuid}/
clientSecretSettingName - The App Setting name that contains the client secret of the Client.
clientSecretCertificateThumbprint - The thumbprint of the certificate used for signing purposes.
jwtAllowedGroups - The list of Allowed Groups in the JWT Claim.
jwtAllowedClientApplications - The list of Allowed Client Applications in the JWT Claim.
wwwAuthenticationDisabled - Is the www-authenticate provider omitted from the request?
allowedGroups -The list of allowed Group Names for the Default Authorisation Policy.
allowedIdentities - The list of allowed Identities for the Default Authorisation Policy.
allowedApplications - The list of allowed Applications for the Default Authorisation Policy.
loginParameters - A map of key-value pairs sent to the Authorisation Endpoint when a user logs in.
allowedAudiences - Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.

An azureStaticWebAppV2 block supports the following:

clientId - The ID of the Client to use to authenticate with Azure Static Web App Authentication.

A customOidcV2 block supports the following:

name - The name of the Custom OIDC Authentication Provider.
clientId - The ID of the Client to use to authenticate with the Custom OIDC.
openidConfigurationEndpoint - The app setting name that contains the clientSecret value used for the Custom OIDC Login.
nameClaimType - The name of the claim that contains the users name.
scopes - The list of the scopes that are requested while authenticating.
clientCredentialMethod - The Client Credential Method used.
clientSecretSettingName - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from name above and suffixed with providerAuthenticationSecret.
authorisationEndpoint - The endpoint to make the Authorisation Request as supplied by openidConfigurationEndpoint response.
tokenEndpoint - The endpoint used to request a Token as supplied by openidConfigurationEndpoint response.
issuerEndpoint - The endpoint that issued the Token as supplied by openidConfigurationEndpoint response.
certificationUri - The endpoint that provides the keys necessary to validate the token as supplied by openidConfigurationEndpoint response.

A facebookV2 block supports the following:

appId - The App ID of the Facebook app used for login.
appSecretSettingName - The app setting name that contains the appSecret value used for Facebook Login.
graphApiVersion - The version of the Facebook API to be used while logging in.
loginScopes - The list of scopes that are requested as part of Facebook Login authentication.

A githubV2 block supports the following:

clientId - The ID of the GitHub app used for login..
clientSecretSettingName - The app setting name that contains the clientSecret value used for GitHub Login.
loginScopes - The list of OAuth 2.0 scopes that are requested as part of GitHub Login authentication.

A googleV2 block supports the following:

clientId - The OpenID Connect Client ID for the Google web application.
clientSecretSettingName - The app setting name that contains the clientSecret value used for Google Login.
allowedAudiences - The list of Allowed Audiences that are requested as part of Google Sign-In authentication.
loginScopes - (Optional) The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.

A microsoftV2 block supports the following:

clientId - The OAuth 2.0 client ID that was created for the app used for authentication.
clientSecretSettingName - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
allowedAudiences - The list of Allowed Audiences that are be requested as part of Microsoft Sign-In authentication.
loginScopes - The list of Login scopes that are requested as part of Microsoft Account authentication.

A twitterV2 block supports the following:

consumerKey - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
consumerSecretSettingName - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.

A login block supports the following:

logoutEndpoint - The endpoint to which logout requests are made.
tokenStoreEnabled - Is the Token Store configuration Enabled.
tokenRefreshExtensionTime - The number of hours after session token expiration that a session token can be used to call the token refresh API.
tokenStorePath - The directory path in the App Filesystem in which the tokens are stored.
tokenStoreSasSettingName - The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
preserveUrlFragmentsForLogins - Are the fragments from the request preserved after the login request is made.
allowedExternalRedirectUrls - External URLs that can be redirected to as part of logging in or logging out of the app.
cookieExpirationConvention - The method by which cookies expire.
cookieExpirationTime - The time after the request is made when the session cookie should expire.
validateNonce - Is the nonce validated while completing the login flow.
nonceExpirationTime - The time after the request is made when the nonce should expire.

A backup block exports the following:

enabled - Is the Backup Job enabled?
name - The name of this Backup.
schedule - A schedule block as defined below.
storageAccountUrl - The SAS URL to the container.

A connectionString block exports the following:

name - The name of this Connection.
type - Type of database.
value - The connection string value.

A cors block exports the following:

allowedOrigins - A list of origins that should be allowed to make cross-origin calls.
supportCredentials - Are credentials allows in CORS requests?.

A facebook block exports the following:

appId - The App ID of the Facebook app used for login.
appSecret - The App Secret of the Facebook app used for Facebook Login.
appSecretSettingName - The app setting name that contains the appSecret value used for Facebook Login.
oauthScopes - A list of OAuth 2.0 scopes to be requested as part of Facebook Login authentication.

A github block exports the following:

clientId - The ID of the GitHub app used for login.
clientSecret - The Client Secret of the GitHub app used for GitHub Login.
clientSecretSettingName - The app setting name that contains the clientSecret value used for GitHub Login.
oauthScopes - A list of OAuth 2.0 scopes that will be requested as part of GitHub Login authentication.

A google block exports the following:

clientId - The OpenID Connect Client ID for the Google web application.
clientSecret - The client secret associated with the Google web application.
clientSecretSettingName - The app setting name that contains the clientSecret value used for Google Login.
oauthScopes - A list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication.

An identity block exports the following:

type - The type of Managed Service Identity that is configured on this Windows Function App.
principalId - The Principal ID of the System Assigned Managed Service Identity that is configured on this Windows Function App.
tenantId - The Tenant ID of the System Assigned Managed Service Identity that is configured on this Windows Function App.
identityIds - The list of User Assigned Managed Identity IDs assigned to this Windows Function App.

A microsoft block exports the following:

clientId - The OAuth 2.0 client ID that was created for the app used for authentication.
clientSecret - The OAuth 2.0 client secret that was created for the app used for authentication.
clientSecretSettingName - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
oauthScopes - A list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication.

A schedule block exports the following:

frequencyInterval - How often the backup is executed.
frequencyUnit - The unit of time the backup should take place.
keepAtLeastOneBackup - Should the service keep at least one backup.
retentionPeriodDays - After how many days backups is deleted.
startTime - When the schedule should start working in RFC-3339 format.

A siteConfig block exports the following:

alwaysOn - Is this Windows Function App Always On?.
apiDefinitionUrl - The URL of the API definition that describes this Windows Function App.
apiManagementApiId - The ID of the API Management API for this Windows Function App.
appCommandLine - The App command line to launch.
appScaleLimit - The number of workers this function app can scale out to.
appServiceLogs - A appServiceLogs block as defined above.
applicationInsightsConnectionString - The Connection String for linking the Windows Function App to Application Insights.
applicationInsightsKey - The Instrumentation Key for connecting the Windows Function App to Application Insights.
applicationStack - A applicationStack block as defined above.
cors - A cors block as defined above.
defaultDocuments - A list of Default Documents for the Windows Web App.
detailedErrorLoggingEnabled - Is detailed error logging enabled?
elasticInstanceMinimum - The number of minimum instances for this Windows Function App.
ftpsState - State of FTP / FTPS service for this Windows Function App.
healthCheckEvictionTimeInMin - The amount of time in minutes that a node can be unhealthy before being removed from the load balancer.
healthCheckPath - The path to be checked for this Windows Function App health.
http2Enabled - Is the HTTP2 protocol enabled?
ipRestriction - One or more ipRestriction blocks as defined above.
loadBalancingMode - The Site load balancing mode.
managedPipelineMode - The Managed pipeline mode.
minimumTlsVersion - The minimum version of TLS required for SSL requests.
preWarmedInstanceCount - The number of pre-warmed instances for this Windows Function App.
remoteDebuggingEnabled - Is Remote Debugging enabled?
remoteDebuggingVersion - The Remote Debugging Version.
runtimeScaleMonitoringEnabled - Is Scale Monitoring of the Functions Runtime enabled?
scmIpRestriction - One or more scmIpRestriction blocks as defined above.
scmMinimumTlsVersion - The minimum version of TLS required for SSL requests to the SCM site.
scmType - The SCM type.
scmUseMainIpRestriction - Is the ipRestriction configuration used for the SCM?.
use32BitWorker - Is the Windows Function App using a 32-bit worker process?
vnetRouteAllEnabled - Are all outbound traffic to NAT Gateways, Network Security Groups and User Defined Routes applied?
websocketsEnabled - Are Web Sockets enabled?
windowsFxVersion - The Windows FX version.
workerCount - The number of Workers for this Windows Function App.

A siteCredential block exports the following:

name - The Site Credentials Username used for publishing.
password - The Site Credentials Password used for publishing.

A stickySettings block exports the following:

appSettingNames - A list of appSetting names that the Windows Function App will not swap between Slots when a swap operation is triggered.
connectionStringNames - A list of connectionString names that the Windows Function App will not swap between Slots when a swap operation is triggered.

A twitter block exports the following:

consumerKey - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
consumerSecret - The OAuth 1.0a consumer secret of the Twitter application used for sign-in.
consumerSecretSettingName - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

read - (Defaults to 10 minutes) Used when retrieving the Windows Function App.