azurermAppServiceCertificateBinding
Manages an App Service Certificate Binding.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "webapp",
}
);
const dataAzurermDnsZoneExample =
new azurerm.dataAzurermDnsZone.DataAzurermDnsZone(this, "example_1", {
name: "example.com",
resource_group_name: azurermResourceGroupExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
dataAzurermDnsZoneExample.overrideLogicalId("example");
const azurermAppServicePlanExample = new azurerm.appServicePlan.AppServicePlan(
this,
"example_2",
{
location: azurermResourceGroupExample.location,
name: "appserviceplan",
resource_group_name: azurermResourceGroupExample.name,
sku: [
{
size: "P1",
tier: "Premium",
},
],
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermAppServicePlanExample.overrideLogicalId("example");
const azurermAppServiceExample = new azurerm.appService.AppService(
this,
"example_3",
{
app_service_plan_id: azurermAppServicePlanExample.id,
location: azurermResourceGroupExample.location,
name: "mywebapp",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermAppServiceExample.overrideLogicalId("example");
const azurermDnsCnameRecordExample = new azurerm.dnsCnameRecord.DnsCnameRecord(
this,
"example_4",
{
name: "www",
record: azurermAppServiceExample.defaultSiteHostname,
resource_group_name: dataAzurermDnsZoneExample.resourceGroupName,
ttl: 300,
zone_name: dataAzurermDnsZoneExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermDnsCnameRecordExample.overrideLogicalId("example");
const azurermDnsTxtRecordExample = new azurerm.dnsTxtRecord.DnsTxtRecord(
this,
"example_5",
{
name: `asuid.\${${azurermDnsCnameRecordExample.name}}`,
record: [
{
value: azurermAppServiceExample.customDomainVerificationId,
},
],
resource_group_name: dataAzurermDnsZoneExample.resourceGroupName,
ttl: 300,
zone_name: dataAzurermDnsZoneExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermDnsTxtRecordExample.overrideLogicalId("example");
const azurermAppServiceCustomHostnameBindingExample =
new azurerm.appServiceCustomHostnameBinding.AppServiceCustomHostnameBinding(
this,
"example_6",
{
app_service_name: azurermAppServiceExample.name,
depends_on: [`\${${azurermDnsTxtRecordExample.fqn}}`],
hostname: `\${trim(${azurermDnsCnameRecordExample.fqdn}, ".")}`,
resource_group_name: azurermResourceGroupExample.name,
}
);
azurermAppServiceCustomHostnameBindingExample.addOverride("lifecycle", [
{
ignore_changes: ["${ssl_state}", "${thumbprint}"],
},
]);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermAppServiceCustomHostnameBindingExample.overrideLogicalId("example");
const azurermAppServiceManagedCertificateExample =
new azurerm.appServiceManagedCertificate.AppServiceManagedCertificate(
this,
"example_7",
{
custom_hostname_binding_id:
azurermAppServiceCustomHostnameBindingExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermAppServiceManagedCertificateExample.overrideLogicalId("example");
const azurermAppServiceCertificateBindingExample =
new azurerm.appServiceCertificateBinding.AppServiceCertificateBinding(
this,
"example_8",
{
certificate_id: azurermAppServiceManagedCertificateExample.id,
hostname_binding_id: azurermAppServiceCustomHostnameBindingExample.id,
ssl_state: "SniEnabled",
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermAppServiceCertificateBindingExample.overrideLogicalId("example");
Arguments Reference
The following arguments are supported:
-
certificateId
- (Required) The ID of the certificate to bind to the custom domain. Changing this forces a new App Service Certificate Binding to be created. -
hostnameBindingId
- (Required) The ID of the Custom Domain/Hostname Binding. Changing this forces a new App Service Certificate Binding to be created. -
sslState
- (Required) The type of certificate binding. Allowed values areipBasedEnabled
orsniEnabled
. Changing this forces a new App Service Certificate Binding to be created.
Attributes Reference
In addition to the arguments listed above - the following attributes are exported:
-
id
- The ID of the App Service Certificate Binding. -
appServiceName
- The name of the App Service to which the certificate was bound. -
hostname
- The hostname of the bound certificate. -
thumbprint
- The certificate thumbprint.
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
read
- (Defaults to 5 minutes) Used when retrieving the App Service Certificate Binding.create
- (Defaults to 30 minutes) Used when creating the App Service Certificate Binding.delete
- (Defaults to 30 minutes) Used when deleting the App Service Certificate Binding.
Import
App Service Certificate Bindings can be imported using the hostnameBindingId
and the appServiceCertificateId
, e.g.
terraform import azurerm_app_service_certificate_binding.example "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Web/sites/instance1/hostNameBindings/mywebsite.com|/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Web/certificates/mywebsite.com"