-
-
Notifications
You must be signed in to change notification settings - Fork 60
/
azuredeploy.bicep
151 lines (141 loc) · 4.53 KB
/
azuredeploy.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
@description('The name of the function app that you wish to create.')
@maxLength(14)
param appNamePrefix string
@description('The location of the function app that you wish to create.')
param location string = resourceGroup().location
@description('Email address for ACME account.')
param mailAddress string
@description('Certification authority ACME Endpoint.')
@allowed([
'https://acme-v02.api.letsencrypt.org/directory'
'https://api.buypass.com/acme/directory'
'https://acme.zerossl.com/v2/DV90/'
'https://dv.acme-v02.api.pki.goog/directory'
])
param acmeEndpoint string = 'https://acme-v02.api.letsencrypt.org/directory'
var functionAppName = 'func-${appNamePrefix}-${substring(uniqueString(resourceGroup().id, deployment().name), 0, 4)}'
var appServicePlanName = 'plan-${appNamePrefix}-${substring(uniqueString(resourceGroup().id, deployment().name), 0, 4)}'
var appInsightsName = 'appi-${appNamePrefix}-${substring(uniqueString(resourceGroup().id, deployment().name), 0, 4)}'
var workspaceName = 'log-${appNamePrefix}-${substring(uniqueString(resourceGroup().id, deployment().name), 0, 4)}'
var storageAccountName = 'st${uniqueString(resourceGroup().id, deployment().name)}func'
var appInsightsEndpoints = {
AzureCloud: 'applicationinsights.azure.com'
AzureChinaCloud: 'applicationinsights.azure.cn'
AzureUSGovernment: 'applicationinsights.us'
}
resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = {
name: storageAccountName
location: location
kind: 'Storage'
sku: {
name: 'Standard_LRS'
}
properties: {
supportsHttpsTrafficOnly: true
allowBlobPublicAccess: false
minimumTlsVersion: 'TLS1_2'
}
}
resource appServicePlan 'Microsoft.Web/serverfarms@2023-12-01' = {
name: appServicePlanName
location: location
sku: {
name: 'Y1'
tier: 'Dynamic'
}
properties: {}
}
resource workspace 'Microsoft.OperationalInsights/workspaces@2023-09-01' = {
name: workspaceName
location: location
properties: {
sku: {
name: 'PerGB2018'
}
retentionInDays: 30
}
}
resource appInsights 'Microsoft.Insights/components@2020-02-02' = {
name: appInsightsName
location: location
kind: 'web'
tags: {
'hidden-link:${resourceGroup().id}/providers/Microsoft.Web/sites/${functionAppName}': 'Resource'
}
properties: {
Application_Type: 'web'
WorkspaceResourceId: workspace.id
}
}
resource functionApp 'Microsoft.Web/sites@2023-12-01' = {
name: functionAppName
location: location
kind: 'functionapp'
identity: {
type: 'SystemAssigned'
}
properties: {
clientAffinityEnabled: false
httpsOnly: true
serverFarmId: appServicePlan.id
siteConfig: {
appSettings: [
{
name: 'APPLICATIONINSIGHTS_CONNECTION_STRING'
value: 'InstrumentationKey=${appInsights.properties.InstrumentationKey};EndpointSuffix=${appInsightsEndpoints[environment().name]}'
}
{
name: 'AzureWebJobsStorage'
value: 'DefaultEndpointsProtocol=https;AccountName=${storageAccountName};AccountKey=${storageAccount.listKeys().keys[0].value};EndpointSuffix=${environment().suffixes.storage}'
}
{
name: 'WEBSITE_CONTENTAZUREFILECONNECTIONSTRING'
value: 'DefaultEndpointsProtocol=https;AccountName=${storageAccountName};AccountKey=${storageAccount.listKeys().keys[0].value};EndpointSuffix=${environment().suffixes.storage}'
}
{
name: 'WEBSITE_CONTENTSHARE'
value: toLower(functionAppName)
}
{
name: 'WEBSITE_RUN_FROM_PACKAGE'
value: 'https://stacmebotprod.blob.core.windows.net/appservice-acmebot/v4/latest.zip'
}
{
name: 'FUNCTIONS_EXTENSION_VERSION'
value: '~4'
}
{
name: 'FUNCTIONS_INPROC_NET8_ENABLED'
value: '1'
}
{
name: 'FUNCTIONS_WORKER_RUNTIME'
value: 'dotnet'
}
{
name: 'Acmebot:SubscriptionId'
value: subscription().subscriptionId
}
{
name: 'Acmebot:Contacts'
value: mailAddress
}
{
name: 'Acmebot:Endpoint'
value: acmeEndpoint
}
{
name: 'Acmebot:Environment'
value: environment().name
}
]
netFrameworkVersion: 'v8.0'
ftpsState: 'Disabled'
minTlsVersion: '1.2'
scmMinTlsVersion: '1.2'
}
}
}
output functionAppName string = functionApp.name
output principalId string = functionApp.identity.principalId
output tenantId string = functionApp.identity.tenantId