diff --git a/internal/services/appservice/helpers/function_app_schema.go b/internal/services/appservice/helpers/function_app_schema.go index 7ac62f2b6655..e8063c08604f 100644 --- a/internal/services/appservice/helpers/function_app_schema.go +++ b/internal/services/appservice/helpers/function_app_schema.go @@ -634,6 +634,172 @@ func SiteConfigSchemaWindowsFunctionApp() *pluginsdk.Schema { } } +func SiteConfigSchemaWindowsFunctionAppComputed() *pluginsdk.Schema { + return &pluginsdk.Schema{ + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Resource{ + Schema: map[string]*pluginsdk.Schema{ + "always_on": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "api_management_api_id": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "api_definition_url": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "app_command_line": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "app_scale_limit": { + Type: pluginsdk.TypeInt, + Computed: true, + }, + + "application_insights_key": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "application_insights_connection_string": { + Type: pluginsdk.TypeString, + Computed: true, + Sensitive: true, + }, + + "application_stack": windowsFunctionAppStackSchemaComputed(), + + "app_service_logs": FunctionAppAppServiceLogsSchemaComputed(), + + "default_documents": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + }, + }, + + "elastic_instance_minimum": { + Type: pluginsdk.TypeInt, + Computed: true, + }, + + "http2_enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "ip_restriction": IpRestrictionSchemaComputed(), + + "scm_use_main_ip_restriction": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "scm_ip_restriction": IpRestrictionSchemaComputed(), + + "load_balancing_mode": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "managed_pipeline_mode": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "pre_warmed_instance_count": { + Type: pluginsdk.TypeInt, + Computed: true, + }, + + "remote_debugging_enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "remote_debugging_version": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "runtime_scale_monitoring_enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "scm_type": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "use_32_bit_worker": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "websockets_enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "ftps_state": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "health_check_path": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "health_check_eviction_time_in_min": { + Type: pluginsdk.TypeInt, + Computed: true, + }, + + "worker_count": { + Type: pluginsdk.TypeInt, + Computed: true, + }, + + "minimum_tls_version": { + Type: pluginsdk.TypeString, + Computed: true}, + + "scm_minimum_tls_version": { + Type: pluginsdk.TypeString, + Computed: true}, + + "cors": CorsSettingsSchemaComputed(), + + "vnet_route_all_enabled": { + Type: pluginsdk.TypeBool, + Computed: true}, + + "detailed_error_logging_enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "windows_fx_version": { + Type: pluginsdk.TypeString, + Computed: true, + }, + }, + }, + } +} + type ApplicationStackLinuxFunctionApp struct { // Note - Function Apps differ to Web Apps here. They do not use the named properties in the SiteConfig block and exclusively use the app_settings map DotNetVersion string `tfschema:"dotnet_version"` // Supported values `3.1`. Version 6 is in preview on Windows Only @@ -926,6 +1092,41 @@ func windowsFunctionAppStackSchema() *pluginsdk.Schema { } } +func windowsFunctionAppStackSchemaComputed() *pluginsdk.Schema { + return &pluginsdk.Schema{ + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Resource{ + Schema: map[string]*pluginsdk.Schema{ + "dotnet_version": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "node_version": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "java_version": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "powershell_core_version": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "use_custom_runtime": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + }, + }, + } +} + type FunctionAppAppServiceLogs struct { DiskQuotaMB int `tfschema:"disk_quota_mb"` RetentionPeriodDays int `tfschema:"retention_period_days"` @@ -954,6 +1155,25 @@ func FunctionAppAppServiceLogsSchema() *pluginsdk.Schema { } } +func FunctionAppAppServiceLogsSchemaComputed() *pluginsdk.Schema { + return &pluginsdk.Schema{ + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Resource{ + Schema: map[string]*schema.Schema{ + "disk_quota_mb": { + Type: pluginsdk.TypeInt, + Computed: true, + }, + "retention_period_days": { + Type: pluginsdk.TypeInt, + Computed: true, + }, + }, + }, + } +} + func ExpandSiteConfigLinuxFunctionApp(siteConfig []SiteConfigLinuxFunctionApp, existing *web.SiteConfig, metadata sdk.ResourceMetaData, version string, storageString string, storageUsesMSI bool) (*web.SiteConfig, error) { if len(siteConfig) == 0 { return nil, nil diff --git a/internal/services/appservice/registration.go b/internal/services/appservice/registration.go index c4c174c607ed..08cf20477ccf 100644 --- a/internal/services/appservice/registration.go +++ b/internal/services/appservice/registration.go @@ -27,6 +27,7 @@ func (r Registration) DataSources() []sdk.DataSource { AppServiceSourceControlTokenDataSource{}, LinuxWebAppDataSource{}, ServicePlanDataSource{}, + WindowsFunctionAppDataSource{}, WindowsWebAppDataSource{}, } } diff --git a/internal/services/appservice/windows_function_app_data_source.go b/internal/services/appservice/windows_function_app_data_source.go new file mode 100644 index 000000000000..b54e685ff6d1 --- /dev/null +++ b/internal/services/appservice/windows_function_app_data_source.go @@ -0,0 +1,383 @@ +package appservice + +import ( + "context" + "fmt" + "strconv" + "strings" + "time" + + "github.com/Azure/azure-sdk-for-go/services/web/mgmt/2021-02-01/web" + "github.com/hashicorp/terraform-provider-azurerm/helpers/azure" + "github.com/hashicorp/terraform-provider-azurerm/internal/location" + "github.com/hashicorp/terraform-provider-azurerm/internal/sdk" + "github.com/hashicorp/terraform-provider-azurerm/internal/services/appservice/helpers" + "github.com/hashicorp/terraform-provider-azurerm/internal/services/appservice/parse" + "github.com/hashicorp/terraform-provider-azurerm/internal/services/appservice/validate" + "github.com/hashicorp/terraform-provider-azurerm/internal/tags" + "github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk" + "github.com/hashicorp/terraform-provider-azurerm/utils" +) + +type WindowsFunctionAppDataSource struct{} + +type WindowsFunctionAppDataSourceModel struct { + Name string `tfschema:"name"` + ResourceGroup string `tfschema:"resource_group_name"` + Location string `tfschema:"location"` + ServicePlanId string `tfschema:"service_plan_id"` + StorageAccountName string `tfschema:"storage_account_name"` + + StorageAccountKey string `tfschema:"storage_account_access_key"` + StorageUsesMSI bool `tfschema:"storage_uses_managed_identity"` + + AppSettings map[string]string `tfschema:"app_settings"` + AuthSettings []helpers.AuthSettings `tfschema:"auth_settings"` + Backup []helpers.Backup `tfschema:"backup"` + BuiltinLogging bool `tfschema:"builtin_logging_enabled"` + ClientCertEnabled bool `tfschema:"client_certificate_enabled"` + ClientCertMode string `tfschema:"client_certificate_mode"` + ConnectionStrings []helpers.ConnectionString `tfschema:"connection_string"` + DailyMemoryTimeQuota int `tfschema:"daily_memory_time_quota"` + Enabled bool `tfschema:"enabled"` + FunctionExtensionsVersion string `tfschema:"functions_extension_version"` + ForceDisableContentShare bool `tfschema:"content_share_force_disabled"` + HttpsOnly bool `tfschema:"https_only"` + Identity []helpers.Identity `tfschema:"identity"` + SiteConfig []helpers.SiteConfigWindowsFunctionApp `tfschema:"site_config"` + Tags map[string]string `tfschema:"tags"` + + CustomDomainVerificationId string `tfschema:"custom_domain_verification_id"` + DefaultHostname string `tfschema:"default_hostname"` + Kind string `tfschema:"kind"` + OutboundIPAddresses string `tfschema:"outbound_ip_addresses"` + OutboundIPAddressList []string `tfschema:"outbound_ip_address_list"` + PossibleOutboundIPAddresses string `tfschema:"possible_outbound_ip_addresses"` + PossibleOutboundIPAddressList []string `tfschema:"possible_outbound_ip_address_list"` + + SiteCredentials []helpers.SiteCredential `tfschema:"site_credential"` +} + +var _ sdk.DataSource = WindowsFunctionAppDataSource{} + +func (d WindowsFunctionAppDataSource) ModelObject() interface{} { + return &WindowsFunctionAppDataSourceModel{} +} + +func (d WindowsFunctionAppDataSource) ResourceType() string { + return "azurerm_windows_function_app" +} + +func (d WindowsFunctionAppDataSource) Arguments() map[string]*pluginsdk.Schema { + return map[string]*pluginsdk.Schema{ + "name": { + Type: pluginsdk.TypeString, + Required: true, + ValidateFunc: validate.WebAppName, + }, + + "resource_group_name": azure.SchemaResourceGroupNameForDataSource(), + } +} + +func (d WindowsFunctionAppDataSource) Attributes() map[string]*pluginsdk.Schema { + return map[string]*pluginsdk.Schema{ + "location": location.SchemaComputed(), + + "service_plan_id": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "storage_account_name": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "storage_account_access_key": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "storage_uses_managed_identity": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "app_settings": { + Type: pluginsdk.TypeMap, + Computed: true, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + }, + }, + + "auth_settings": helpers.AuthSettingsSchemaComputed(), + + "backup": helpers.BackupSchemaComputed(), + + "builtin_logging_enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "client_certificate_enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "client_certificate_mode": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "connection_string": helpers.ConnectionStringSchemaComputed(), + + "daily_memory_time_quota": { + Type: pluginsdk.TypeInt, + Computed: true, + }, + + "enabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "content_share_force_disabled": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "functions_extension_version": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "https_only": { + Type: pluginsdk.TypeBool, + Computed: true, + }, + + "custom_domain_verification_id": { + Type: pluginsdk.TypeString, + Computed: true, + Sensitive: true, + }, + + "default_hostname": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "kind": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "outbound_ip_addresses": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "outbound_ip_address_list": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + }, + }, + + "possible_outbound_ip_addresses": { + Type: pluginsdk.TypeString, + Computed: true, + }, + + "possible_outbound_ip_address_list": { + Type: pluginsdk.TypeList, + Computed: true, + Elem: &pluginsdk.Schema{ + Type: pluginsdk.TypeString, + }, + }, + + "site_credential": helpers.SiteCredentialSchema(), + + "site_config": helpers.SiteConfigSchemaWindowsFunctionAppComputed(), + + "identity": helpers.IdentitySchemaComputed(), + + "tags": tags.SchemaDataSource(), + } +} + +func (d WindowsFunctionAppDataSource) Read() sdk.ResourceFunc { + return sdk.ResourceFunc{ + Timeout: 10 * time.Minute, + Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error { + client := metadata.Client.AppService.WebAppsClient + subscriptionId := metadata.Client.Account.SubscriptionId + + var functionApp WindowsFunctionAppDataSourceModel + if err := metadata.Decode(&functionApp); err != nil { + return err + } + + id := parse.NewFunctionAppID(subscriptionId, functionApp.ResourceGroup, functionApp.Name) + + existing, err := client.Get(ctx, id.ResourceGroup, id.SiteName) + if err != nil { + if utils.ResponseWasNotFound(existing.Response) { + return fmt.Errorf("Windows %s not found", id) + } + return fmt.Errorf("checking for presence of existing Windows %s: %+v", id, err) + } + + if existing.SiteProperties == nil { + return fmt.Errorf("reading properties of Windows %s", id) + } + props := *existing.SiteProperties + + functionApp.Name = id.SiteName + functionApp.ResourceGroup = id.ResourceGroup + functionApp.ServicePlanId = utils.NormalizeNilableString(props.ServerFarmID) + functionApp.Location = location.NormalizeNilable(existing.Location) + functionApp.Enabled = utils.NormaliseNilableBool(existing.Enabled) + functionApp.ClientCertMode = string(existing.ClientCertMode) + functionApp.DailyMemoryTimeQuota = int(utils.NormaliseNilableInt32(props.DailyMemoryTimeQuota)) + functionApp.Tags = tags.ToTypedObject(existing.Tags) + functionApp.Kind = utils.NormalizeNilableString(existing.Kind) + + appSettingsResp, err := client.ListApplicationSettings(ctx, id.ResourceGroup, id.SiteName) + if err != nil { + return fmt.Errorf("reading App Settings for Windows %s: %+v", id, err) + } + + connectionStrings, err := client.ListConnectionStrings(ctx, id.ResourceGroup, id.SiteName) + if err != nil { + return fmt.Errorf("reading Connection String information for Windows %s: %+v", id, err) + } + + siteCredentialsFuture, err := client.ListPublishingCredentials(ctx, id.ResourceGroup, id.SiteName) + if err != nil { + return fmt.Errorf("listing Site Publishing Credential information for Windows %s: %+v", id, err) + } + + if err := siteCredentialsFuture.WaitForCompletionRef(ctx, client.Client); err != nil { + return fmt.Errorf("waiting for Site Publishing Credential information for Windows %s: %+v", id, err) + } + siteCredentials, err := siteCredentialsFuture.Result(*client) + if err != nil { + return fmt.Errorf("reading Site Publishing Credential information for Windows %s: %+v", id, err) + } + + auth, err := client.GetAuthSettings(ctx, id.ResourceGroup, id.SiteName) + if err != nil { + return fmt.Errorf("reading Auth Settings for Windows %s: %+v", id, err) + } + + backup, err := client.GetBackupConfiguration(ctx, id.ResourceGroup, id.SiteName) + if err != nil { + if !utils.ResponseWasNotFound(backup.Response) { + return fmt.Errorf("reading Backup Settings for Windows %s: %+v", id, err) + } + } + + logs, err := client.GetDiagnosticLogsConfiguration(ctx, id.ResourceGroup, id.SiteName) + if err != nil { + return fmt.Errorf("reading logs configuration for Windows %s: %+v", id, err) + } + + if identity := helpers.FlattenIdentity(existing.Identity); identity != nil { + functionApp.Identity = identity + } + + configResp, err := client.GetConfiguration(ctx, id.ResourceGroup, id.SiteName) + if err != nil { + return fmt.Errorf("making Read request on AzureRM Function App Configuration %q: %+v", id.SiteName, err) + } + + siteConfig, err := helpers.FlattenSiteConfigWindowsFunctionApp(configResp.SiteConfig) + if err != nil { + return fmt.Errorf("reading Site Config for Windows %s: %+v", id, err) + } + + functionApp.SiteConfig = []helpers.SiteConfigWindowsFunctionApp{*siteConfig} + + functionApp.unpackWindowsFunctionAppSettings(appSettingsResp) + + functionApp.ConnectionStrings = helpers.FlattenConnectionStrings(connectionStrings) + + functionApp.SiteCredentials = helpers.FlattenSiteCredentials(siteCredentials) + + functionApp.AuthSettings = helpers.FlattenAuthSettings(auth) + + functionApp.Backup = helpers.FlattenBackupConfig(backup) + + functionApp.SiteConfig[0].AppServiceLogs = helpers.FlattenFunctionAppAppServiceLogs(logs) + + functionApp.HttpsOnly = utils.NormaliseNilableBool(existing.HTTPSOnly) + + functionApp.ClientCertEnabled = utils.NormaliseNilableBool(existing.ClientCertEnabled) + + metadata.SetID(id) + + return metadata.Encode(&functionApp) + }, + } +} + +func (m *WindowsFunctionAppDataSourceModel) unpackWindowsFunctionAppSettings(input web.StringDictionary) { + if input.Properties == nil { + return + } + + appSettings := make(map[string]string) + var dockerSettings helpers.ApplicationStackDocker + m.BuiltinLogging = false + + for k, v := range input.Properties { + switch k { + case "FUNCTIONS_EXTENSION_VERSION": + m.FunctionExtensionsVersion = utils.NormalizeNilableString(v) + + case "WEBSITE_NODE_DEFAULT_VERSION": // Note - This is only set if it's not the default of 12, but we collect it from WindowsFxVersion so can discard it here + case "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING": + case "WEBSITE_CONTENTSHARE": + case "WEBSITE_HTTPLOGGING_RETENTION_DAYS": + case "FUNCTIONS_WORKER_RUNTIME": + if len(m.SiteConfig) > 0 && len(m.SiteConfig[0].ApplicationStack) > 0 { + m.SiteConfig[0].ApplicationStack[0].CustomHandler = strings.EqualFold(*v, "custom") + } + + case "DOCKER_REGISTRY_SERVER_URL": + dockerSettings.RegistryURL = utils.NormalizeNilableString(v) + + case "DOCKER_REGISTRY_SERVER_USERNAME": + dockerSettings.RegistryUsername = utils.NormalizeNilableString(v) + + case "DOCKER_REGISTRY_SERVER_PASSWORD": + dockerSettings.RegistryPassword = utils.NormalizeNilableString(v) + + case "APPINSIGHTS_INSTRUMENTATIONKEY": + m.SiteConfig[0].AppInsightsInstrumentationKey = utils.NormalizeNilableString(v) + + case "APPLICATIONINSIGHTS_CONNECTION_STRING": + m.SiteConfig[0].AppInsightsConnectionString = utils.NormalizeNilableString(v) + + case "AzureWebJobsStorage": + m.StorageAccountName, m.StorageAccountKey = helpers.ParseWebJobsStorageString(v) + + case "AzureWebJobsDashboard": + m.BuiltinLogging = true + + case "WEBSITE_HEALTHCHECK_MAXPINGFAILURES": + i, _ := strconv.Atoi(utils.NormalizeNilableString(v)) + m.SiteConfig[0].HealthCheckEvictionTime = utils.NormaliseNilableInt(&i) + + default: + appSettings[k] = utils.NormalizeNilableString(v) + } + } + + m.AppSettings = appSettings +} diff --git a/internal/services/appservice/windows_function_app_data_source_test.go b/internal/services/appservice/windows_function_app_data_source_test.go new file mode 100644 index 000000000000..ea762ce65d59 --- /dev/null +++ b/internal/services/appservice/windows_function_app_data_source_test.go @@ -0,0 +1,36 @@ +package appservice_test + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance" + "github.com/hashicorp/terraform-provider-azurerm/internal/acceptance/check" +) + +type WindowsFunctionAppDataSource struct{} + +func TestAccWindowsFunctionAppDataSource_complete(t *testing.T) { + data := acceptance.BuildTestData(t, "data.azurerm_windows_function_app", "test") + d := WindowsFunctionAppDataSource{} + + data.DataSourceTest(t, []acceptance.TestStep{ + { + Config: d.complete(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).Key("location").HasValue(data.Locations.Primary), + ), + }, + }) +} + +func (WindowsFunctionAppDataSource) complete(data acceptance.TestData) string { + return fmt.Sprintf(` +%s + +data azurerm_windows_function_app test { + name = azurerm_windows_function_app.test.name + resource_group_name = azurerm_windows_function_app.test.resource_group_name +} +`, WindowsFunctionAppResource{}.standardComplete(data)) +} diff --git a/internal/services/appservice/windows_function_app_resource.go b/internal/services/appservice/windows_function_app_resource.go index e979acf004f0..c6bde3e76f9d 100644 --- a/internal/services/appservice/windows_function_app_resource.go +++ b/internal/services/appservice/windows_function_app_resource.go @@ -833,7 +833,7 @@ func (m *WindowsFunctionAppModel) unpackWindowsFunctionAppSettings(input web.Str case "WEBSITE_CONTENTSHARE": case "WEBSITE_HTTPLOGGING_RETENTION_DAYS": case "FUNCTIONS_WORKER_RUNTIME": - if m.SiteConfig[0].ApplicationStack != nil { + if len(m.SiteConfig) > 0 && len(m.SiteConfig[0].ApplicationStack) > 0 { m.SiteConfig[0].ApplicationStack[0].CustomHandler = strings.EqualFold(*v, "custom") } diff --git a/website/docs/d/windows_function_app.html.markdown b/website/docs/d/windows_function_app.html.markdown new file mode 100644 index 000000000000..f172a1c2357c --- /dev/null +++ b/website/docs/d/windows_function_app.html.markdown @@ -0,0 +1,364 @@ +--- +subcategory: "App Service (Web Apps)" +layout: "azurerm" +page_title: "Azure Resource Manager: Data Source: azurerm_windows_function_app" +description: |- + Gets information about an existing Windows Function App. +--- + +# Data Source: azurerm_windows_function_app + +Use this data source to access information about an existing Windows Function App. + +!> **Note:** This Data Source is coming in version 3.0 of the Azure Provider and is available **as an opt-in Beta** - more information can be found in [the upcoming version 3.0 of the Azure Provider](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/3.0-overview). + +## Example Usage + +```hcl +data "azurerm_windows_function_app" "example" { + name = "existing" + resource_group_name = "existing" +} + +output "id" { + value = data.azurerm_windows_function_app.example.id +} +``` + +## Arguments Reference + +The following arguments are supported: + +* `name` - (Required) The name of this Windows Function App. + +* `resource_group_name` - (Required) The name of the Resource Group where the Windows Function App exists. + +## Attributes Reference + +In addition to the Arguments listed above - the following Attributes are exported: + +* `id` - The ID of the Windows Function App. + +* `app_settings` - A `map of key-value pairs for App Settings and custom values. + +* `auth_settings` - A `auth_settings` block as defined below. + +* `backup` - A `backup` block as defined below. + +* `builtin_logging_enabled` - Is the built-in logging enabled? + +* `client_certificate_enabled` - Is the use of Client Certificates enabled? + +* `client_certificate_mode` - The mode of the Function App's client certificates requirement for incoming requests. + +* `connection_string` - One or more `connection_string` blocks as defined below. + +* `content_share_force_disabled` - Are Content Share Settings disabled? + +* `custom_domain_verification_id` - The identifier used by App Service to perform domain ownership verification via DNS TXT record. + +* `daily_memory_time_quota` - The amount of memory in gigabyte-seconds that your application is allowed to consume per day. + +* `default_hostname` - The default hostname of the Windows Function App. + +* `enabled` - Is the Function App enabled? + +* `functions_extension_version` - The runtime version associated with the Function App. + +* `https_only` - Is the Function App only accessible via HTTPS? + +* `identity` - A `identity` block as defined below. + +* `kind` - The Kind value for this Windows Function App. + +* `location` - The Azure Region where the Windows Function App exists. + +* `outbound_ip_address_list` - A list of outbound IP addresses. + +* `outbound_ip_addresses` - A comma separated list of outbound IP addresses as a string. For example `52.23.25.3,52.143.43.12`. + +* `possible_outbound_ip_address_list` - AA list of possible outbound IP addresses, not all of which are necessarily in use. + +* `possible_outbound_ip_addresses` - A list of possible outbound IP addresses, not all of which are necessarily in use. This is a superset of `outbound_ip_address_list`. For example `["52.23.25.3", "52.143.43.12"]`. + +* `service_plan_id` - The ID of the App Service Plan. + +* `site_config` - A `site_config` block as defined below. + +* `site_credential` - A `site_credential` block as defined below. + +* `storage_account_access_key` - The access key which is used to access the backend storage account for the Function App. + +* `storage_account_name` - The backend storage account name which is used by this Function App. + +* `storage_uses_managed_identity` - Is the Function App using a Managed Identity to access the storage account? + +* `tags` - A mapping of tags assigned to the Windows Function App. + +--- + +A `active_directory` block exports the following: + +* `allowed_audiences` - A list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory. + +* `client_id` - The ID of the Client to use to authenticate with Azure Active Directory. + +* `client_secret` - The Client Secret for the Client ID. + +* `client_secret_setting_name` - The App Setting name that contains the client secret of the Client. + +--- + +A `app_service_logs` block exports the following: + +* `disk_quota_mb` - The amount of disk space to use for logs. + +* `retention_period_days` - The retention period for logs in days. + +--- + +A `application_stack` block exports the following: + +* `dotnet_version` - The version of .Net to use. + +* `java_version` - The version of Java to use. + +* `node_version` - The version of Node to use. + +* `powershell_core_version` - The version of PowerShell Core to use. + +* `use_custom_runtime` - Is the Windows Function App using a custom runtime?. + +--- + +A `auth_settings` block exports the following: + +* `active_directory` - A `active_directory` block as defined above. + +* `additional_login_parameters` - A map of Login Parameters to send to the OpenID Connect authorization endpoint when a user logs in. + +* `allowed_external_redirect_urls` - A list of External URLs that can be redirected to as part of logging in or logging out of the Windows Function App. + +* `default_provider` - The default authentication provider to use when multiple providers are configured. + +* `enabled` - Is the Authentication / Authorization feature for the Windows Function enabled? + +* `facebook` - A `facebook` block as defined below. + +* `github` - A `github` block as defined below. + +* `google` - A `google` block as defined below. + +* `issuer` - The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Windows Function App. + +* `microsoft` - A `microsoft` block as defined below. + +* `runtime_version` - The Runtime Version of the Authentication / Authorization feature in use for the Windows Function App. + +* `token_refresh_extension_hours` - The number of hours after session token expiration that a session token can be used to call the token refresh API. + +* `token_store_enabled` - Is the durable storing of platform-specific security token that are obtained during login flows enabled? + +* `twitter` - A `twitter` block as defined below. + +* `unauthenticated_client_action` - The action to take when an unauthenticated client attempts to access the app. + +--- + +A `backup` block exports the following: + +* `enabled` - Is the Backup Job enabled? + +* `name` - The name of this Backup. + +* `schedule` - A `schedule` block as defined below. + +* `storage_account_url` - The SAS URL to the container. + +--- + +A `connection_string` block exports the following: + +* `name` - The name of this Connection. + +* `type` - Type of database. + +* `value` - The connection string value. + +--- + +A `cors` block exports the following: + +* `allowed_origins` - A list of origins that should be allowed to make cross-origin calls. + +* `support_credentials` - Are credentials allows in CORS requests?. + +--- + +A `facebook` block exports the following: + +* `app_id` - The App ID of the Facebook app used for login. + +* `app_secret` - The App Secret of the Facebook app used for Facebook Login. + +* `app_secret_setting_name` - The app setting name that contains the `app_secret` value used for Facebook Login. + +* `oauth_scopes` - A list of OAuth 2.0 scopes to be requested as part of Facebook Login authentication. + +--- + +A `github` block exports the following: + +* `client_id` - The ID of the GitHub app used for login. + +* `client_secret` - The Client Secret of the GitHub app used for GitHub Login. + +* `client_secret_setting_name` - The app setting name that contains the `client_secret` value used for GitHub Login. + +* `oauth_scopes` - A list of OAuth 2.0 scopes that will be requested as part of GitHub Login authentication. + +--- + +A `google` block exports the following: + +* `client_id` - The OpenID Connect Client ID for the Google web application. + +* `client_secret` - The client secret associated with the Google web application. + +* `client_secret_setting_name` - The app setting name that contains the `client_secret` value used for Google Login. + +* `oauth_scopes` - A list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. + +--- + +A `identity` block exports the following: + +* `identity_ids` - A list of User Assigned Identity IDs. + +* `principal_id` - The ID of the Service Principal. + +* `tenant_id` - The ID of the tenant. + +* `type` - The type of managed service identity. + +--- + +A `microsoft` block exports the following: + +* `client_id` - The OAuth 2.0 client ID that was created for the app used for authentication. + +* `client_secret` - The OAuth 2.0 client secret that was created for the app used for authentication. + +* `client_secret_setting_name` - The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. + +* `oauth_scopes` - A list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. + +--- + +A `schedule` block exports the following: + +* `frequency_interval` - How often the backup is executed. + +* `frequency_unit` - The unit of time the backup should take place. + +* `keep_at_least_one_backup` - Should the service keep at least one backup. + +* `retention_period_days` - After how many days backups is deleted. + +* `start_time` - When the schedule should start working in RFC-3339 format. + +--- + +A `site_config` block exports the following: + +* `always_on` - Is this Windows Function App Always On?. + +* `api_definition_url` - The URL of the API definition that describes this Windows Function App. + +* `api_management_api_id` - The ID of the API Management API for this Windows Function App. + +* `app_command_line` - The App command line to launch. + +* `app_scale_limit` - The number of workers this function app can scale out to. + +* `app_service_logs` - A `app_service_logs` block as defined above. + +* `application_insights_connection_string` - The Connection String for linking the Windows Function App to Application Insights. + +* `application_insights_key` - The Instrumentation Key for connecting the Windows Function App to Application Insights. + +* `application_stack` - A `application_stack` block as defined above. + +* `cors` - A `cors` block as defined above. + +* `default_documents` - A list of Default Documents for the Windows Web App. + +* `detailed_error_logging_enabled` - Is detailed error logging enabled? + +* `elastic_instance_minimum` - The number of minimum instances for this Windows Function App. + +* `ftps_state` - State of FTP / FTPS service for this Windows Function App. + +* `health_check_eviction_time_in_min` - The amount of time in minutes that a node can be unhealthy before being removed from the load balancer. + +* `health_check_path` - The path to be checked for this Windows Function App health. + +* `http2_enabled` - Is the http2 protocol enabled? + +* `ip_restriction` - One or more `ip_restriction` blocks as defined above. + +* `load_balancing_mode` - The Site load balancing mode. + +* `managed_pipeline_mode` - The Managed pipeline mode. + +* `minimum_tls_version` - The minimum version of TLS required for SSL requests. + +* `pre_warmed_instance_count` - The number of pre-warmed instances for this Windows Function App. + +* `remote_debugging_enabled` - Is Remote Debugging enabled? + +* `remote_debugging_version` - The Remote Debugging Version. + +* `runtime_scale_monitoring_enabled` - Is Scale Monitoring of the Functions Runtime enabled? + +* `scm_ip_restriction` - One or more `scm_ip_restriction` blocks as defined above. + +* `scm_minimum_tls_version` - The minimum version of TLS required for SSL requests to the SCM site. + +* `scm_type` - The SCM type. + +* `scm_use_main_ip_restriction` - Is the `ip_restriction` configuration used for the SCM?. + +* `use_32_bit_worker` - Is the Windows Function App using a 32-bit worker process? + +* `vnet_route_all_enabled` - Are all outbound traffic to Virtual Network Security Groups and User Defined Routes applied? + +* `websockets_enabled` - Are Web Sockets enabled? + +* `windows_fx_version` - The Windows FX version. + +* `worker_count` - The number of Workers for this Windows Function App. + +--- + +A `site_credential` block exports the following: + +* `name` - The Site Credentials Username used for publishing. + +* `password` - The Site Credentials Password used for publishing. + +--- + +A `twitter` block exports the following: + +* `consumer_key` - The OAuth 1.0a consumer key of the Twitter application used for sign-in. + +* `consumer_secret` - The OAuth 1.0a consumer secret of the Twitter application used for sign-in. + +* `consumer_secret_setting_name` - The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. + +## Timeouts + +The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions: + +* `read` - (Defaults to 10 minutes) Used when retrieving the Windows Function App. diff --git a/website/docs/r/windows_function_app.html.markdown b/website/docs/r/windows_function_app.html.markdown index e78f7a319c45..02f695d06bc3 100644 --- a/website/docs/r/windows_function_app.html.markdown +++ b/website/docs/r/windows_function_app.html.markdown @@ -84,12 +84,12 @@ The following arguments are supported: * `connection_string` - (Optional) One or more `connection_string` blocks as defined below. +* `content_share_force_disabled` - (Optional) Should Content Share Settings be disabled. Defaults to `false`. + * `daily_memory_time_quota` - (Optional) The amount of memory in gigabyte-seconds that your application is allowed to consume per day. Setting this value only affects function apps under the consumption plan. Defaults to `0`. * `enabled` - (Optional) Is the Function App enabled? -* `force_disable_content_share` - (Optional) Should the settings for linking the Function App to storage be suppressed. - * `functions_extension_version` - (Optional) The runtime version associated with the Function App. Defaults to `~4`. * `https_only` - (Optional) Can the Function App only be accessed via HTTPS? Defaults to `false`. @@ -146,13 +146,13 @@ An `app_service_logs` block supports the following: An `auth_settings` block supports the following: -* `enabled` - (Required) Should the Authentication / Authorization feature be enabled for the Windows Web App? +* `enabled` - (Required) Should the Authentication / Authorization feature be enabled for the Windows Function App? * `active_directory` - (Optional) An `active_directory` block as defined above. * `additional_login_params` - (Optional) Specifies a map of Login Parameters to send to the OpenID Connect authorization endpoint when a user logs in. -* `allowed_external_redirect_urls` - (Optional) Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Web App. +* `allowed_external_redirect_urls` - (Optional) Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Function App. * `default_provider` - (Optional) The default authentication provider to use when multiple providers are configured. Possible values include: `AzureActiveDirectory`, `Facebook`, `Google`, `MicrosoftAccount`, `Twitter`, `Github` @@ -164,17 +164,17 @@ An `auth_settings` block supports the following: * `google` - (Optional) A `google` block as defined below. -* `issuer` - (Optional) The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Windows Web App. +* `issuer` - (Optional) The OpenID Connect Issuer URI that represents the entity which issues access tokens for this Windows Function App. ~> **NOTE:** When using Azure Active Directory, this value is the URI of the directory tenant, e.g. https://sts.windows.net/{tenant-guid}/. * `microsoft` - (Optional) A `microsoft` block as defined below. -* `runtime_version` - (Optional) The RuntimeVersion of the Authentication / Authorization feature in use for the Windows Web App. +* `runtime_version` - (Optional) The Runtime Version of the Authentication / Authorization feature in use for the Windows Function App. * `token_refresh_extension_hours` - (Optional) The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to `72` hours. -* `token_store_enabled` - (Optional) Should the Windows Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to `false`. +* `token_store_enabled` - (Optional) Should the Windows Function App durably store platform-specific security tokens that are obtained during login flows? Defaults to `false`. * `twitter` - (Optional) A `twitter` block as defined below. @@ -341,7 +341,7 @@ A `scm_ip_restriction` block supports the following: A `site_config` block supports the following: -* `always_on` - (Optional) If this Windows Web App is Always On enabled. Defaults to `false`. +* `always_on` - (Optional) If this Windows Function App is Always On enabled. Defaults to `false`. * `api_definition_url` - (Optional) The URL of the API definition that describes this Windows Function App. @@ -363,13 +363,13 @@ A `site_config` block supports the following: * `cors` - (Optional) A `cors` block as defined above. -* `default_documents` - (Optional) Specifies a list of Default Documents for the Windows Web App. +* `default_documents` - (Optional) Specifies a list of Default Documents for the Windows Function App. * `elastic_instance_minimum` - (Optional) The number of minimum instances for this Windows Function App. Only affects apps on Elastic Premium plans. -* `ftps_state` - (Optional) State of FTP / FTPS service for this function app. Possible values include: `AllAllowed`, `FtpsOnly` and `Disabled`. Defaults to `Disabled`. +* `ftps_state` - (Optional) State of FTP / FTPS service for this Windows Function App. Possible values include: `AllAllowed`, `FtpsOnly` and `Disabled`. Defaults to `Disabled`. -* `health_check_path` - (Optional) The path to be checked for this function app health. +* `health_check_path` - (Optional) The path to be checked for this Windows Function App health. * `health_check_eviction_time_in_min` - (Optional) The amount of time in minutes that a node can be unhealthy before being removed from the load balancer. Possible values are between `2` and `10`. Only valid in conjunction with `health_check_path`. @@ -381,9 +381,9 @@ A `site_config` block supports the following: * `managed_pipeline_mode` - (Optional) Managed pipeline mode. Possible values include: `Integrated`, `Classic`. Defaults to `Integrated`. -* `minimum_tls_version` - (Optional) The configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`. +* `minimum_tls_version` - (Optional) Configures the minimum version of TLS required for SSL requests. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`. -* `pre_warmed_instance_count` - (Optional) The number of pre-warmed instances for this function app. Only affects apps on an Elastic Premium plan. +* `pre_warmed_instance_count` - (Optional) The number of pre-warmed instances for this Windows Function App. Only affects apps on an Elastic Premium plan. * `remote_debugging_enabled` - (Optional) Should Remote Debugging be enabled. Defaults to `false`. @@ -393,11 +393,11 @@ A `site_config` block supports the following: * `scm_ip_restriction` - (Optional) One or more `scm_ip_restriction` blocks as defined above. -* `scm_minimum_tls_version` - (Optional) Configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`. +* `scm_minimum_tls_version` - (Optional) Configures the minimum version of TLS required for SSL requests to the SCM site. Possible values include: `1.0`, `1.1`, and `1.2`. Defaults to `1.2`. * `scm_use_main_ip_restriction` - (Optional) Should the Windows Function App `ip_restriction` configuration be used for the SCM also. -* `use_32_bit_worker` - (Optional) Should the Windows Web App use a 32-bit worker process. Defaults to `true`. +* `use_32_bit_worker` - (Optional) Should the Windows Function App use a 32-bit worker process. Defaults to `true`. * `vnet_route_all_enabled` - (Optional) Should all outbound traffic to have Virtual Network Security Groups and User Defined Routes applied? Defaults to `false`.