azurermAppServiceConnection
Manages a service connector for app service.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "example-resources",
}
);
const azurermServicePlanExample = new azurerm.servicePlan.ServicePlan(
this,
"example_1",
{
location: azurermResourceGroupExample.location,
name: "example-serviceplan",
os_type: "Linux",
resource_group_name: azurermResourceGroupExample.name,
sku_name: "P1v2",
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermServicePlanExample.overrideLogicalId("example");
const azurermCosmosdbAccountExample =
new azurerm.cosmosdbAccount.CosmosdbAccount(this, "example_2", {
consistency_policy: [
{
consistency_level: "BoundedStaleness",
max_interval_in_seconds: 10,
max_staleness_prefix: 200,
},
],
geo_location: [
{
failover_priority: 0,
location: azurermResourceGroupExample.location,
},
],
kind: "GlobalDocumentDB",
location: azurermResourceGroupExample.location,
name: "example-cosmosdb-account",
offer_type: "Standard",
resource_group_name: azurermResourceGroupExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermCosmosdbAccountExample.overrideLogicalId("example");
const azurermCosmosdbSqlDatabaseExample =
new azurerm.cosmosdbSqlDatabase.CosmosdbSqlDatabase(this, "example_3", {
account_name: azurermCosmosdbAccountExample.name,
name: "cosmos-sql-db",
resource_group_name: azurermCosmosdbAccountExample.resourceGroupName,
throughput: 400,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermCosmosdbSqlDatabaseExample.overrideLogicalId("example");
const azurermLinuxWebAppExample = new azurerm.linuxWebApp.LinuxWebApp(
this,
"example_4",
{
location: azurermResourceGroupExample.location,
name: "example-linuxwebapp",
resource_group_name: azurermResourceGroupExample.name,
service_plan_id: azurermServicePlanExample.id,
site_config: [{}],
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLinuxWebAppExample.overrideLogicalId("example");
const azurermAppServiceConnectionExample =
new azurerm.appServiceConnection.AppServiceConnection(this, "example_5", {
app_service_id: azurermLinuxWebAppExample.id,
authentication: [
{
type: "systemAssignedIdentity",
},
],
name: "example-serviceconnector",
target_resource_id: azurermCosmosdbSqlDatabaseExample.id,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermAppServiceConnectionExample.overrideLogicalId("example");
const azurermCosmosdbSqlContainerExample =
new azurerm.cosmosdbSqlContainer.CosmosdbSqlContainer(this, "example_6", {
account_name: azurermCosmosdbAccountExample.name,
database_name: azurermCosmosdbSqlDatabaseExample.name,
name: "example-container",
partition_key_path: "/definition",
resource_group_name: azurermCosmosdbAccountExample.resourceGroupName,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermCosmosdbSqlContainerExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
-
name
- (Required) The name of the service connection. Changing this forces a new resource to be created. -
appServiceId
- (Required) The ID of the data source web app. Changing this forces a new resource to be created. -
targetResourceId
- (Required) The ID of the target resource. Changing this forces a new resource to be created. Possible values arepostgres
,postgresFlexible
,mysql
,sql
,redis
,redisEnterprise
,cosmosCassandra
,cosmosGremlin
,cosmosMongo
,cosmosSql
,cosmosTable
,storageBlob
,storageQueue
,storageFile
,storageTable
,appConfig
,eventHub
,serviceBus
,signalR
,webPubSub
,confluentKafka
. -
authentication
- (Required) The authentication info. Anauthentication
block as defined below.
An authentication
block supports the following:
-
type
- (Required) The authentication type. Possible values aresystemAssignedIdentity
,userAssignedIdentity
,servicePrincipalSecret
,servicePrincipalCertificate
,secret
. Changing this forces a new resource to be created. -
name
- (Optional) Username or account name for secret auth.name
andsecret
should be either both specified or both not specified whentype
is set tosecret
. -
secret
- (Optional) Password or account key for secret auth.secret
andname
should be either both specified or both not specified whentype
is set tosecret
. -
clientId
- (Optional) Client ID foruserAssignedIdentity
orservicePrincipal
auth. Should be specified whentype
is set toservicePrincipalSecret
orservicePrincipalCertificate
. Whentype
is set touserAssignedIdentity
,clientId
andsubscriptionId
should be either both specified or both not specified. -
subscriptionId
- (Optional) Subscription ID foruserAssignedIdentity
.subscriptionId
andclientId
should be either both specified or both not specified. -
principalId
- (Optional) Principal ID forservicePrincipal
auth. Should be specified whentype
is set toservicePrincipalSecret
orservicePrincipalCertificate
. -
certificate
- (Optional) Service principal certificate forservicePrincipal
auth. Should be specified whentype
is set toservicePrincipalCertificate
.
-
clientType
- (Optional) The application client type. Possible values arenone
,dotnet
,java
,python
,go
,php
,ruby
,django
,nodejs
andspringBoot
. -
vnetSolution
- (Optional) The type of the VNet solution. Possible values areserviceEndpoint
,privateLink
. -
secretStore
- (Optional) An option to store secret value in secure place. AnsecretStore
block as defined below.
An secretStore
block supports the following:
keyVaultId
- (required) The key vault id to store secret.
Attribute Reference
In addition to the Arguments listed above - the following Attributes are exported:
id
- The ID of the service connector.
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 30 minutes) Used when creating the Service Connector for app service.read
- (Defaults to 5 minutes) Used when retrieving the Service Connector for app service.update
- (Defaults to 30 minutes) Used when updating the Service Connector for app service.delete
- (Defaults to 30 minutes) Used when deleting the Service Connector for app service.
Import
Service Connector for app service can be imported using the resourceId
, e.g.