Data Source: azurermWindowsFunctionApp
Use this data source to access information about an existing Windows Function App.
Example Usage
import * as cdktf from "cdktf";
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const dataAzurermWindowsFunctionAppExample =
new azurerm.dataAzurermWindowsFunctionApp.DataAzurermWindowsFunctionApp(
this,
"example",
{
name: "existing",
resource_group_name: "existing",
}
);
new cdktf.TerraformOutput(this, "id", {
value: dataAzurermWindowsFunctionAppExample.id,
});
Arguments Reference
The following arguments are supported:
-
name
- (Required) The name of this Windows Function App. -
resourceGroupName
- (Required) The name of the Resource Group where the Windows Function App exists.
Attributes Reference
In addition to the Arguments listed above - the following Attributes are exported:
-
id
- The ID of the Windows Function App. -
appSettings
- A `map of key-value pairs for App Settings and custom values. -
authSettings
- AauthSettings
block as defined below. -
authSettingsV2
- AauthSettingsV2
block as defined below. -
backup
- Abackup
block as defined below. -
builtinLoggingEnabled
- Is the built-in logging enabled? -
clientCertificateEnabled
- Is the use of Client Certificates enabled? -
clientCertificateMode
- The mode of the Function App's client certificates requirement for incoming requests. -
clientCertificateExclusionPaths
- Paths to exclude when using client certificates, separated by ; -
connectionString
- One or moreconnectionString
blocks as defined below. -
contentShareForceDisabled
- Are Content Share Settings disabled? -
customDomainVerificationId
- The identifier used by App Service to perform domain ownership verification via DNS TXT record. -
dailyMemoryTimeQuota
- The amount of memory in gigabyte-seconds that your application is allowed to consume per day. -
defaultHostname
- The default hostname of the Windows Function App. -
enabled
- Is the Function App enabled? -
functionsExtensionVersion
- The runtime version associated with the Function App. -
httpsOnly
- Is the Function App only accessible via HTTPS? -
identity
- Aidentity
block as defined below. -
kind
- The Kind value for this Windows Function App. -
location
- The Azure Region where the Windows Function App exists. -
outboundIpAddressList
- A list of outbound IP addresses. -
outboundIpAddresses
- A comma separated list of outbound IP addresses as a string. For example5223253,521434312
. -
possibleOutboundIpAddressList
- AA list of possible outbound IP addresses, not all of which are necessarily in use. -
possibleOutboundIpAddresses
- A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset ofoutboundIpAddressList
. For example["5223253", "521434312"]
. -
servicePlanId
- The ID of the App Service Plan. -
siteConfig
- AsiteConfig
block as defined below. -
siteCredential
- AsiteCredential
block as defined below. -
stickySettings
- AstickySettings
block as defined below. -
storageAccountAccessKey
- The access key which is used to access the backend storage account for the Function App. -
storageAccountName
- The backend storage account name which is used by this Function App. -
storageKeyVaultSecretId
- The Key Vault Secret ID, including version, that contains the Connection String used to connect to the storage account for this Function App. -
storageUsesManagedIdentity
- Is the Function App using a Managed Identity to access the storage account? -
tags
- A mapping of tags assigned to the Windows Function App. -
virtualNetworkSubnetId
- The subnet id which the Windows Function App is vNet Integrated with.
An activeDirectory
block exports the following:
-
allowedAudiences
- A list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory. -
clientId
- The ID of the Client to use to authenticate with Azure Active Directory. -
clientSecret
- The Client Secret for the Client ID. -
clientSecretSettingName
- The App Setting name that contains the client secret of the Client.
An appServiceLogs
block exports the following:
-
diskQuotaMb
- The amount of disk space to use for logs. -
retentionPeriodDays
- The retention period for logs in days.
An applicationStack
block exports the following:
-
dotnetVersion
- The version of .Net to use. -
javaVersion
- The version of Java to use. -
nodeVersion
- The version of Node to use. -
powershellCoreVersion
- The version of PowerShell Core to use. -
useCustomRuntime
- Is the Windows Function App using a custom runtime?.
A authSettings
block exports the following:
-
activeDirectory
- AactiveDirectory
block as defined above. -
additionalLoginParameters
- A map of Login Parameters to send to the OpenID Connect authorization endpoint when a user logs in. -
allowedExternalRedirectUrls
- A list of External URLs that can be redirected to as part of logging in or logging out of the Windows Function App. -
defaultProvider
- The default authentication provider to use when multiple providers are configured. -
enabled
- Is the Authentication / Authorization feature for the Windows Function enabled? -
facebook
- Afacebook
block as defined below. -
github
- Agithub
block as defined below. -
google
- Agoogle
block as defined below. -
issuer
- The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Windows Function App. -
microsoft
- Amicrosoft
block as defined below. -
runtimeVersion
- The Runtime Version of the Authentication / Authorization feature in use for the Windows Function App. -
tokenRefreshExtensionHours
- The number of hours after session token expiration that a session token can be used to call the token refresh API. -
tokenStoreEnabled
- Is the durable storing of platform-specific security token that are obtained during login flows enabled? -
twitter
- Atwitter
block as defined below. -
unauthenticatedClientAction
- The action to take when an unauthenticated client attempts to access the app.
An authSettingsV2
block exports the following:
-
authEnabled
- Are the AuthV2 Settings enabled. -
runtimeVersion
- The Runtime Version of the Authentication and Authorisation feature of this App. -
configFilePath
- The path to the App Auth settings. -
requireAuthentication
- Is the authentication flow used for all requests. -
unauthenticatedAction
- The action to take for requests made without authentication. -
defaultProvider
-The Default Authentication Provider used when more than one Authentication Provider is configured and theunauthenticatedAction
is set toredirectToLoginPage
. -
excludedPaths
- The paths which should be excluded from theunauthenticatedAction
when it is set toredirectToLoginPage
. -
requireHttps
-Is HTTPS required on connections? -
httpRouteApiPrefix
- The prefix that should precede all the authentication and authorisation paths. -
forwardProxyConvention
- The convention used to determine the url of the request made. -
forwardProxyCustomHostHeaderName
-The name of the custom header containing the host of the request. -
forwardProxyCustomSchemeHeaderName
- The name of the custom header containing the scheme of the request. -
appleV2
- AnappleV2
block as defined below. -
activeDirectoryV2
- AnactiveDirectoryV2
block as defined below. -
azureStaticWebAppV2
- AnazureStaticWebAppV2
block as defined below. -
customOidcV2
- Zero or morecustomOidcV2
blocks as defined below. -
facebookV2
- AfacebookV2
block as defined below. -
githubV2
- AgithubV2
block as defined below. -
googleV2
- AgoogleV2
block as defined below. -
microsoftV2
- AmicrosoftV2
block as defined below. -
twitterV2
- AtwitterV2
block as defined below. -
login
- Alogin
block as defined below.
An appleV2
block supports the following:
-
clientId
- The OpenID Connect Client ID for the Apple web application. -
clientSecretSettingName
- The app setting name that contains theclientSecret
value used for Apple Login. -
loginScopes
- A list of Login Scopes provided by this Authentication Provider.
An activeDirectoryV2
block supports the following:
-
clientId
- The ID of the Client used to authenticate with Azure Active Directory. -
tenantAuthEndpoint
- The Azure Tenant Endpoint for the Authenticating Tenant. e.g.https://loginMicrosoftonlineCom/v20/{tenantGuid}/
-
clientSecretSettingName
- The App Setting name that contains the client secret of the Client. -
clientSecretCertificateThumbprint
- The thumbprint of the certificate used for signing purposes. -
jwtAllowedGroups
- The list of Allowed Groups in the JWT Claim. -
jwtAllowedClientApplications
- The list of Allowed Client Applications in the JWT Claim. -
wwwAuthenticationDisabled
- Is the www-authenticate provider omitted from the request? -
allowedGroups
-The list of allowed Group Names for the Default Authorisation Policy. -
allowedIdentities
- The list of allowed Identities for the Default Authorisation Policy. -
allowedApplications
- The list of allowed Applications for the Default Authorisation Policy. -
loginParameters
- A map of key-value pairs sent to the Authorisation Endpoint when a user logs in. -
allowedAudiences
- Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
An azureStaticWebAppV2
block supports the following:
clientId
- The ID of the Client to use to authenticate with Azure Static Web App Authentication.
A customOidcV2
block supports the following:
-
name
- The name of the Custom OIDC Authentication Provider. -
clientId
- The ID of the Client to use to authenticate with the Custom OIDC. -
openidConfigurationEndpoint
- The app setting name that contains theclientSecret
value used for the Custom OIDC Login. -
nameClaimType
- The name of the claim that contains the users name. -
scopes
- The list of the scopes that are requested while authenticating. -
clientCredentialMethod
- The Client Credential Method used. -
clientSecretSettingName
- The App Setting name that contains the secret for this Custom OIDC Client. This is generated fromname
above and suffixed withproviderAuthenticationSecret
. -
authorisationEndpoint
- The endpoint to make the Authorisation Request as supplied byopenidConfigurationEndpoint
response. -
tokenEndpoint
- The endpoint used to request a Token as supplied byopenidConfigurationEndpoint
response. -
issuerEndpoint
- The endpoint that issued the Token as supplied byopenidConfigurationEndpoint
response. -
certificationUri
- The endpoint that provides the keys necessary to validate the token as supplied byopenidConfigurationEndpoint
response.
A facebookV2
block supports the following:
-
appId
- The App ID of the Facebook app used for login. -
appSecretSettingName
- The app setting name that contains theappSecret
value used for Facebook Login. -
graphApiVersion
- The version of the Facebook API to be used while logging in. -
loginScopes
- The list of scopes that are requested as part of Facebook Login authentication.
A githubV2
block supports the following:
-
clientId
- The ID of the GitHub app used for login.. -
clientSecretSettingName
- The app setting name that contains theclientSecret
value used for GitHub Login. -
loginScopes
- The list of OAuth 2.0 scopes that are requested as part of GitHub Login authentication.
A googleV2
block supports the following:
-
clientId
- The OpenID Connect Client ID for the Google web application. -
clientSecretSettingName
- The app setting name that contains theclientSecret
value used for Google Login. -
allowedAudiences
- The list of Allowed Audiences that are requested as part of Google Sign-In authentication. -
loginScopes
- (Optional) The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.
A microsoftV2
block supports the following:
-
clientId
- The OAuth 2.0 client ID that was created for the app used for authentication. -
clientSecretSettingName
- The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. -
allowedAudiences
- The list of Allowed Audiences that are be requested as part of Microsoft Sign-In authentication. -
loginScopes
- The list of Login scopes that are requested as part of Microsoft Account authentication.
A twitterV2
block supports the following:
-
consumerKey
- The OAuth 1.0a consumer key of the Twitter application used for sign-in. -
consumerSecretSettingName
- The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
A login
block supports the following:
-
logoutEndpoint
- The endpoint to which logout requests are made. -
tokenStoreEnabled
- Is the Token Store configuration Enabled. -
tokenRefreshExtensionTime
- The number of hours after session token expiration that a session token can be used to call the token refresh API. -
tokenStorePath
- The directory path in the App Filesystem in which the tokens are stored. -
tokenStoreSasSettingName
- The name of the app setting which contains the SAS URL of the blob storage containing the tokens. -
preserveUrlFragmentsForLogins
- Are the fragments from the request preserved after the login request is made. -
allowedExternalRedirectUrls
- External URLs that can be redirected to as part of logging in or logging out of the app. -
cookieExpirationConvention
- The method by which cookies expire. -
cookieExpirationTime
- The time after the request is made when the session cookie should expire. -
validateNonce
- Is the nonce validated while completing the login flow. -
nonceExpirationTime
- The time after the request is made when the nonce should expire.
A backup
block exports the following:
-
enabled
- Is the Backup Job enabled? -
name
- The name of this Backup. -
schedule
- Aschedule
block as defined below. -
storageAccountUrl
- The SAS URL to the container.
A connectionString
block exports the following:
-
name
- The name of this Connection. -
type
- Type of database. -
value
- The connection string value.
A cors
block exports the following:
-
allowedOrigins
- A list of origins that should be allowed to make cross-origin calls. -
supportCredentials
- Are credentials allows in CORS requests?.
A facebook
block exports the following:
-
appId
- The App ID of the Facebook app used for login. -
appSecret
- The App Secret of the Facebook app used for Facebook Login. -
appSecretSettingName
- The app setting name that contains theappSecret
value used for Facebook Login. -
oauthScopes
- A list of OAuth 2.0 scopes to be requested as part of Facebook Login authentication.
A github
block exports the following:
-
clientId
- The ID of the GitHub app used for login. -
clientSecret
- The Client Secret of the GitHub app used for GitHub Login. -
clientSecretSettingName
- The app setting name that contains theclientSecret
value used for GitHub Login. -
oauthScopes
- A list of OAuth 2.0 scopes that will be requested as part of GitHub Login authentication.
A google
block exports the following:
-
clientId
- The OpenID Connect Client ID for the Google web application. -
clientSecret
- The client secret associated with the Google web application. -
clientSecretSettingName
- The app setting name that contains theclientSecret
value used for Google Login. -
oauthScopes
- A list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication.
An identity
block exports the following:
-
type
- The type of Managed Service Identity that is configured on this Windows Function App. -
principalId
- The Principal ID of the System Assigned Managed Service Identity that is configured on this Windows Function App. -
tenantId
- The Tenant ID of the System Assigned Managed Service Identity that is configured on this Windows Function App. -
identityIds
- The list of User Assigned Managed Identity IDs assigned to this Windows Function App.
A microsoft
block exports the following:
-
clientId
- The OAuth 2.0 client ID that was created for the app used for authentication. -
clientSecret
- The OAuth 2.0 client secret that was created for the app used for authentication. -
clientSecretSettingName
- The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. -
oauthScopes
- A list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication.
A schedule
block exports the following:
-
frequencyInterval
- How often the backup is executed. -
frequencyUnit
- The unit of time the backup should take place. -
keepAtLeastOneBackup
- Should the service keep at least one backup. -
retentionPeriodDays
- After how many days backups is deleted. -
startTime
- When the schedule should start working in RFC-3339 format.
A siteConfig
block exports the following:
-
alwaysOn
- Is this Windows Function App Always On?. -
apiDefinitionUrl
- The URL of the API definition that describes this Windows Function App. -
apiManagementApiId
- The ID of the API Management API for this Windows Function App. -
appCommandLine
- The App command line to launch. -
appScaleLimit
- The number of workers this function app can scale out to. -
appServiceLogs
- AappServiceLogs
block as defined above. -
applicationInsightsConnectionString
- The Connection String for linking the Windows Function App to Application Insights. -
applicationInsightsKey
- The Instrumentation Key for connecting the Windows Function App to Application Insights. -
applicationStack
- AapplicationStack
block as defined above. -
cors
- Acors
block as defined above. -
defaultDocuments
- A list of Default Documents for the Windows Web App. -
detailedErrorLoggingEnabled
- Is detailed error logging enabled? -
elasticInstanceMinimum
- The number of minimum instances for this Windows Function App. -
ftpsState
- State of FTP / FTPS service for this Windows Function App. -
healthCheckEvictionTimeInMin
- The amount of time in minutes that a node can be unhealthy before being removed from the load balancer. -
healthCheckPath
- The path to be checked for this Windows Function App health. -
http2Enabled
- Is the HTTP2 protocol enabled? -
ipRestriction
- One or moreipRestriction
blocks as defined above. -
loadBalancingMode
- The Site load balancing mode. -
managedPipelineMode
- The Managed pipeline mode. -
minimumTlsVersion
- The minimum version of TLS required for SSL requests. -
preWarmedInstanceCount
- The number of pre-warmed instances for this Windows Function App. -
remoteDebuggingEnabled
- Is Remote Debugging enabled? -
remoteDebuggingVersion
- The Remote Debugging Version. -
runtimeScaleMonitoringEnabled
- Is Scale Monitoring of the Functions Runtime enabled? -
scmIpRestriction
- One or morescmIpRestriction
blocks as defined above. -
scmMinimumTlsVersion
- The minimum version of TLS required for SSL requests to the SCM site. -
scmType
- The SCM type. -
scmUseMainIpRestriction
- Is theipRestriction
configuration used for the SCM?. -
use32BitWorker
- Is the Windows Function App using a 32-bit worker process? -
vnetRouteAllEnabled
- Are all outbound traffic to NAT Gateways, Network Security Groups and User Defined Routes applied? -
websocketsEnabled
- Are Web Sockets enabled? -
windowsFxVersion
- The Windows FX version. -
workerCount
- The number of Workers for this Windows Function App.
A siteCredential
block exports the following:
-
name
- The Site Credentials Username used for publishing. -
password
- The Site Credentials Password used for publishing.
A stickySettings
block exports the following:
-
appSettingNames
- A list ofappSetting
names that the Windows Function App will not swap between Slots when a swap operation is triggered. -
connectionStringNames
- A list ofconnectionString
names that the Windows Function App will not swap between Slots when a swap operation is triggered.
A twitter
block exports the following:
-
consumerKey
- The OAuth 1.0a consumer key of the Twitter application used for sign-in. -
consumerSecret
- The OAuth 1.0a consumer secret of the Twitter application used for sign-in. -
consumerSecretSettingName
- The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
read
- (Defaults to 10 minutes) Used when retrieving the Windows Function App.