Data Source: azurermWindowsWebApp

Use this data source to access information about an existing Windows Web App.

Example Usage

import * as cdktf from "cdktf";
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const dataAzurermWindowsWebAppExample =
  new azurerm.dataAzurermWindowsWebApp.DataAzurermWindowsWebApp(
    this,
    "example",
    {
      name: "existing",
      resource_group_name: "existing",
    }
  );
new cdktf.TerraformOutput(this, "id", {
  value: dataAzurermWindowsWebAppExample.id,
});

Arguments Reference

The following arguments are supported:

name - (Required) The name of this Windows Web App.
resourceGroupName - (Required) The name of the Resource Group where the Windows Web App exists.

Attributes Reference

In addition to the Arguments listed above - the following Attributes are exported:

id - The ID of the Windows Web App.
appSettings - A map of key-value pairs of App Settings.
authSettings - A authSettings block as defined below.
authSettingsV2 - An authSettingsV2 block as defined below.
backup - A backup block as defined below.
clientAffinityEnabled - Is Client Affinity enabled?
clientCertificateEnabled - Are Client Certificates enabled?
clientCertificateMode - The Client Certificate mode.
clientCertificateExclusionPaths - Paths to exclude when using client certificates, separated by ;
connectionString - A connectionString block as defined below.
customDomainVerificationId - The identifier used by App Service to perform domain ownership verification via DNS TXT record.
defaultHostname - The Default Hostname of the Windows Web App.
enabled - Is the Windows Web App enabled?
httpsOnly - Does the Windows Web App require HTTPS connections.
identity - A identity block as defined below.
kind - The string representation of the Windows Web App Kind.
location - The Azure Region where the Windows Web App exists.
logs - A logs block as defined below.
outboundIpAddressList - The list of Outbound IP Addresses for this Windows Web App.
outboundIpAddresses - A string representation of the list of Outbound IP Addresses for this Windows Web App.
possibleOutboundIpAddressList - The list of Possible Outbound IP Addresses that could be used by this Windows Web App.
possibleOutboundIpAddresses - The string representation of the list of Possible Outbound IP Addresses that could be used by this Windows Web App.
servicePlanId - The ID of the Service Plan in which this Windows Web App resides.
siteConfig - A siteConfig block as defined below.
siteCredential - A siteCredential block as defined below.
stickySettings - A stickySettings block as defined below.
storageAccount - A storageAccount block as defined below.
tags - A mapping of tags assigned to the Windows Web App.
virtualNetworkSubnetId - The subnet id which the Windows Web App is vNet Integrated with.

A action block exports the following:

actionType - The predefined action to be taken to an Auto Heal trigger.
customAction - A customAction block as defined below.
minimumProcessExecutionTime - The minimum amount of time in hh:mm:ss the Windows Web App must have been running before the defined action will be run in the event of a trigger.

An activeDirectory block exports the following:

allowedAudiences - An allowedAudiences block as defined below.
clientId - The ID of the Client used to authenticate with Azure Active Directory.
clientSecret - The Client Secret for the Client ID.
clientSecretSettingName - The App Setting name that contains the client secret of the Client.

An applicationLogs block exports the following:

azureBlobStorage - An azureBlobStorage block as defined below.
fileSystemLevel - The logging level.

An applicationStack block exports the following:

currentStack - The Current Stack value of the Windows Web App.
dockerContainerName - The name of the Docker Container in used.
dockerContainerRegistry - The Container Registry where the Docker Container is pulled from.
dockerContainerTag - The Docker Container Tag of the Container in use.
dotnetVersion - The version of .NET in use.
javaContainer - The Java Container in use.
javaContainerVersion - The Version of the Java Container in use.
javaVersion - The Version of Java in use.
nodeVersion - The Version of Node in use.
phpVersion - The Version of the PHP in use.
pythonVersion - The Version of Python in use.

A authSettings block exports the following:

activeDirectory - A activeDirectory block as defined above.
additionalLoginParameters - A additionalLoginParameters block as defined above.
allowedExternalRedirectUrls - A allowedExternalRedirectUrls block as defined above.
defaultProvider - The default authentication provider in use when multiple providers are configured.
enabled - Is the Authentication / Authorization feature is enabled for the Windows Web App?
facebook - A facebook block as defined below.
github - A github block as defined below.
google - A google block as defined below.
issuer - The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Windows Web App.
microsoft - A microsoft block as defined below.
runtimeVersion - The RuntimeVersion of the Authentication / Authorization feature in use for the Windows Web App.
tokenRefreshExtensionHours - The number of hours after session token expiration that a session token can be used to call the token refresh API.
tokenStoreEnabled - Does Windows Web App durably store platform-specific security tokens that are obtained during login flows enabled?
twitter - A twitter block as defined below.
unauthenticatedClientAction - The action to take when an unauthenticated client attempts to access the app.

An authSettingsV2 block exports the following:

authEnabled - Are the AuthV2 Settings enabled.
runtimeVersion - The Runtime Version of the Authentication and Authorisation feature of this App.
configFilePath - The path to the App Auth settings.
requireAuthentication - Is the authentication flow used for all requests.
unauthenticatedAction - The action to take for requests made without authentication.
defaultProvider -The Default Authentication Provider used when more than one Authentication Provider is configured and the unauthenticatedAction is set to redirectToLoginPage.
excludedPaths - The paths which should be excluded from the unauthenticatedAction when it is set to redirectToLoginPage.
requireHttps -Is HTTPS required on connections?
httpRouteApiPrefix - The prefix that should precede all the authentication and authorisation paths.
forwardProxyConvention - The convention used to determine the url of the request made.
forwardProxyCustomHostHeaderName -The name of the custom header containing the host of the request.
forwardProxyCustomSchemeHeaderName - The name of the custom header containing the scheme of the request.
appleV2 - An appleV2 block as defined below.
activeDirectoryV2 - An activeDirectoryV2 block as defined below.
azureStaticWebAppV2 - An azureStaticWebAppV2 block as defined below.
customOidcV2 - Zero or more customOidcV2 blocks as defined below.
facebookV2 - A facebookV2 block as defined below.
githubV2 - A githubV2 block as defined below.
googleV2 - A googleV2 block as defined below.
microsoftV2 - A microsoftV2 block as defined below.
twitterV2 - A twitterV2 block as defined below.
login - A login block as defined below.

An appleV2 block supports the following:

clientId - The OpenID Connect Client ID for the Apple web application.
clientSecretSettingName - The app setting name that contains the clientSecret value used for Apple Login.
loginScopes - A list of Login Scopes provided by this Authentication Provider.

An activeDirectoryV2 block supports the following:

clientId - The ID of the Client used to authenticate with Azure Active Directory.
tenantAuthEndpoint - The Azure Tenant Endpoint for the Authenticating Tenant. e.g. https://loginMicrosoftonlineCom/v20/{tenantGuid}/
clientSecretSettingName - The App Setting name that contains the client secret of the Client.
clientSecretCertificateThumbprint - The thumbprint of the certificate used for signing purposes.
jwtAllowedGroups - The list of Allowed Groups in the JWT Claim.
jwtAllowedClientApplications - The list of Allowed Client Applications in the JWT Claim.
wwwAuthenticationDisabled - Is the www-authenticate provider omitted from the request?
allowedGroups -The list of allowed Group Names for the Default Authorisation Policy.
allowedIdentities - The list of allowed Identities for the Default Authorisation Policy.
allowedApplications - The list of allowed Applications for the Default Authorisation Policy.
loginParameters - A map of key-value pairs sent to the Authorisation Endpoint when a user logs in.
allowedAudiences - Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.

An azureStaticWebAppV2 block supports the following:

clientId - The ID of the Client to use to authenticate with Azure Static Web App Authentication.

A customOidcV2 block supports the following:

name - The name of the Custom OIDC Authentication Provider.
clientId - The ID of the Client to use to authenticate with the Custom OIDC.
openidConfigurationEndpoint - The app setting name that contains the clientSecret value used for the Custom OIDC Login.
nameClaimType - The name of the claim that contains the users name.
scopes - The list of the scopes that are requested while authenticating.
clientCredentialMethod - The Client Credential Method used.
clientSecretSettingName - The App Setting name that contains the secret for this Custom OIDC Client. This is generated from name above and suffixed with providerAuthenticationSecret.
authorisationEndpoint - The endpoint to make the Authorisation Request as supplied by openidConfigurationEndpoint response.
tokenEndpoint - The endpoint used to request a Token as supplied by openidConfigurationEndpoint response.
issuerEndpoint - The endpoint that issued the Token as supplied by openidConfigurationEndpoint response.
certificationUri - The endpoint that provides the keys necessary to validate the token as supplied by openidConfigurationEndpoint response.

A facebookV2 block supports the following:

appId - The App ID of the Facebook app used for login.
appSecretSettingName - The app setting name that contains the appSecret value used for Facebook Login.
graphApiVersion - The version of the Facebook API to be used while logging in.
loginScopes - The list of scopes that are requested as part of Facebook Login authentication.

A githubV2 block supports the following:

clientId - The ID of the GitHub app used for login..
clientSecretSettingName - The app setting name that contains the clientSecret value used for GitHub Login.
loginScopes - The list of OAuth 2.0 scopes that are requested as part of GitHub Login authentication.

A googleV2 block supports the following:

clientId - The OpenID Connect Client ID for the Google web application.
clientSecretSettingName - The app setting name that contains the clientSecret value used for Google Login.
allowedAudiences - The list of Allowed Audiences that are requested as part of Google Sign-In authentication.
loginScopes - (Optional) The list of OAuth 2.0 scopes that should be requested as part of Google Sign-In authentication.

A microsoftV2 block supports the following:

clientId - The OAuth 2.0 client ID that was created for the app used for authentication.
clientSecretSettingName - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
allowedAudiences - The list of Allowed Audiences that are be requested as part of Microsoft Sign-In authentication.
loginScopes - The list of Login scopes that are requested as part of Microsoft Account authentication.

A twitterV2 block supports the following:

consumerKey - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
consumerSecretSettingName - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.

A login block supports the following:

logoutEndpoint - The endpoint to which logout requests are made.
tokenStoreEnabled - Is the Token Store configuration Enabled.
tokenRefreshExtensionTime - The number of hours after session token expiration that a session token can be used to call the token refresh API.
tokenStorePath - The directory path in the App Filesystem in which the tokens are stored.
tokenStoreSasSettingName - The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
preserveUrlFragmentsForLogins - Are the fragments from the request preserved after the login request is made.
allowedExternalRedirectUrls - External URLs that can be redirected to as part of logging in or logging out of the app.
cookieExpirationConvention - The method by which cookies expire.
cookieExpirationTime - The time after the request is made when the session cookie should expire.
validateNonce - Is the nonce validated while completing the login flow.
nonceExpirationTime - The time after the request is made when the nonce should expire.

A autoHealSetting block exports the following:

action - A action block as defined above.
trigger - A trigger block as defined below.

A azureBlobStorage block exports the following:

level - The level at which to log. Possible values include error, warning, information, verbose and off. NOTE: this field is not available for httpLogs
retentionInDays - The time in days after which blobs will be removed.
sasUrl - The SAS url to the Azure Blob container.

A backup block exports the following:

enabled - Is the Backup enabled?
name - The name of this Backup.
schedule - A schedule block as defined below.
storageAccountUrl - The SAS URL to the container.

A connectionString block exports the following:

name - The name of this Connection String.
type - The type of Database.
value - The Connection String value.

A cors block exports the following:

allowedOrigins - A allowedOrigins block as defined above.
supportCredentials - Whether CORS requests with credentials are allowed.

A customAction block exports the following:

executable - The command run when this autoHeal action is triggered.
parameters - The parameters passed to the executable.

A facebook block exports the following:

appId - The App ID of the Facebook app used for login.
appSecret - The App Secret of the Facebook app used for Facebook login.
appSecretSettingName - The app setting name that contains the appSecret value used for Facebook login.
oauthScopes - A list of OAuth 2.0 scopes that are part of Facebook login authentication.

A fileSystem block exports the following:

retentionInDays - The retention period in days.
retentionInMb - The maximum size in megabytes that log files can use.

A github block exports the following:

clientId - The ID of the GitHub app used for login.
clientSecret - The Client Secret of the GitHub app used for GitHub login.
clientSecretSettingName - The app setting name that contains the clientSecret value used for GitHub login.
oauthScopes - A list of OAuth 2.0 scopes in the GitHub login authentication.

A google block exports the following:

clientId - The OpenID Connect Client ID for the Google web application.
clientSecret - The client secret associated with the Google web application.
clientSecretSettingName - The app setting name that contains the clientSecret value used for Google login.
oauthScopes - A list of OAuth 2.0 scopes that are part of Google Sign-In authentication.

A httpLogs block exports the following:

azureBlobStorage - A azureBlobStorage block as defined above.
fileSystem - A fileSystem block as defined above.

A identity block exports the following:

identityIds - A identityIds block as defined below.
principalId - The Principal ID Managed Service Identity.
tenantId - The Tenant ID of the Managed Service Identity.
type - The type of Managed Service Identity.

A logs block exports the following:

applicationLogs - A applicationLogs block as defined above.
detailedErrorMessages - Is Detailed Error Messaging enabled.
failedRequestTracing - Is Failed Request Tracing enabled.
httpLogs - An httpLogs block as defined above.

A microsoft block exports the following:

clientId - The OAuth 2.0 client ID used by the app for authentication.
clientSecret - The OAuth 2.0 client secret used by the app for authentication.
clientSecretSettingName - The app setting name containing the OAuth 2.0 client secret used by the app for authentication.
oauthScopes - A list of OAuth 2.0 scopes requested as part of Microsoft Account authentication.

A requests block exports the following:

count - The number of requests in the specified interval to trigger this rule.
interval - The interval in hh:mm:ss.

A schedule block exports the following:

frequencyInterval - How often the backup will be executed.
frequencyUnit - The unit of time for how often the backup should take place.
keepAtLeastOneBackup - Will the service keep at least one backup, regardless of age of backup.
lastExecutionTime - The time of the last backup attempt.
retentionPeriodDays - After how many days backups should be deleted.
startTime - When the schedule should start in RFC-3339 format.

A siteConfig block exports the following:

alwaysOn - Is this Windows Web App is Always On enabled.
apiDefinitionUrl - The ID of the APIM configuration for this Windows Web App.
apiManagementApiId - The ID of the API Management setting linked to the Windows Web App.
appCommandLine - The command line used to launch this app.
applicationStack - A applicationStack block as defined above.
autoHealEnabled - Are Auto heal rules to be enabled.
autoHealSetting - A autoHealSetting block as defined above.
autoSwapSlotName - The Windows Web App Slot Name to automatically swap to when deployment to that slot is successfully completed.
containerRegistryManagedIdentityClientId - The Client ID of the Managed Service Identity used for connections to the Azure Container Registry.
containerRegistryUseManagedIdentity - Do connections for Azure Container Registry use Managed Identity.
cors - A cors block as defined above.
defaultDocuments - The list of Default Documents for the Windows Web App.
detailedErrorLoggingEnabled - Is Detailed Error Logging enabled.
ftpsState - The State of FTP / FTPS service.
healthCheckPath - The path to the Health Check endpoint.
healthCheckEvictionTimeInMin - (Optional) The amount of time in minutes that a node can be unhealthy before being removed from the load balancer. Possible values are between 2 and 10. Only valid in conjunction with healthCheckPath.
http2Enabled - Is HTTP2.0 enabled.
ipRestriction - A ipRestriction block as defined above.
loadBalancingMode - The site Load Balancing Mode.
localMysqlEnabled - Is the Local MySQL enabled.
managedPipelineMode - The Managed Pipeline Mode.
minimumTlsVersion - The Minimum version of TLS for requests.
remoteDebugging - Is Remote Debugging enabled.
remoteDebuggingVersion - The Remote Debugging Version.
scmIpRestriction - A scmIpRestriction block as defined above.
scmMinimumTlsVersion - The Minimum version of TLS for requests to SCM.
scmType - The Source Control Management Type in use.
scmUseMainIpRestriction - Is the Windows Web App ipRestriction configuration used for the SCM also.
use32BitWorker - Does the Windows Web App use a 32-bit worker.
virtualApplication - A virtualApplication block as defined below.
vnetRouteAllEnabled - Are all outbound traffic to NAT Gateways, Network Security Groups and User Defined Routes applied?
websocketsEnabled - Are Web Sockets enabled?
windowsFxVersion - The string representation of the Windows FX Version.
workerCount - The number of Workers for this Windows App Service.

A siteCredential block exports the following:

name - The Site Credentials Username used for publishing.
password - The Site Credentials Password used for publishing.

A slowRequest block exports the following:

count - The number of requests within the interval at which to trigger.
interval - The time interval.
path - The App Path for which this rule applies.
timeTaken - The amount of time that qualifies as slow for this rule.

A statusCode block exports the following:

count - The number of occurrences of the defined statusCode in the specified interval on which to trigger this rule.
interval - The time interval in the form hh:mm:ss.
path - The path to which this rule status code applies.
statusCodeRange - The status code or range for this rule.
subStatus - The Request Sub Status of the Status Code.
win32Status - The Win32 Status Code of the Request.

A stickySettings block exports the following:

appSettingNames - A list of appSetting names that the Windows Web App will not swap between Slots when a swap operation is triggered.
connectionStringNames - A list of connectionString names that the Windows Web App will not swap between Slots when a swap operation is triggered.

A storageAccount block exports the following:

accessKey - The Access key for the storage account.
accountName - The Name of the Storage Account.
mountPath - The path at which to mount the Storage Share.
name - The name of this Storage Account.
shareName - The Name of the File Share.
type - The Azure Storage Type.

A trigger block exports the following:

privateMemoryKb - The amount of Private Memory used.
requests - A requests block as defined above.
slowRequest - A slowRequest block as defined above.
statusCode - A statusCode block as defined above.

A twitter block exports the following:

consumerKey - The OAuth 1.0a consumer key of the Twitter application used for sign-in.
consumerSecret - The OAuth 1.0a consumer secret of the Twitter application used for sign-in.
consumerSecretSettingName - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.

A virtualApplication block exports the following:

physicalPath - The path on disk to the Virtual Application.
preload - Is this Application Pre-loaded at startup.
virtualDirectory - A virtualDirectory block as defined below.
virtualPath - The Virtual Path of the Virtual Application on the service.

A virtualDirectory block exports the following:

physicalPath - The path on disk to the Virtual Directory
virtualPath - The Virtual Path of the Virtual Directory.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

read - (Defaults to 10 minutes) Used when retrieving the Windows Web App.