Azure App Service (Web Apps) Virtual Network Swift Connection
This page shows how to write Terraform and Azure Resource Manager for App Service (Web Apps) Virtual Network Swift Connection and write them securely.
azurerm_app_service_virtual_network_swift_connection (Terraform)
The Virtual Network Swift Connection in App Service (Web Apps) can be configured in Terraform with the resource name azurerm_app_service_virtual_network_swift_connection. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "azurerm_app_service_virtual_network_swift_connection" "webapp" {
app_service_id = module.webapp.webapp_service_id
subnet_id = azurerm_subnet.backend.id
}
resource "azurerm_app_service_virtual_network_swift_connection" "webapp" {
app_service_id = azurerm_app_service.website.id
subnet_id = azurerm_subnet.web_se.id
resource "azurerm_app_service_virtual_network_swift_connection" "webapp" {
app_service_id = azurerm_app_service.website.id
subnet_id = azurerm_subnet.web_se.id
resource "azurerm_app_service_virtual_network_swift_connection" "this" {
app_service_id = var.app_service_id
subnet_id = var.subnet_id
dynamic "timeouts" {
for_each = var.timeouts
resource "azurerm_app_service_virtual_network_swift_connection" "vnet_integration" {
app_service_id = azurerm_app_service.example.id
subnet_id = data.azurerm_subnet.web.id
}
resource "azurerm_app_service_virtual_network_swift_connection" "this" {
app_service_id = var.app_service_id
subnet_id = var.subnet_id
dynamic "timeouts" {
for_each = var.timeouts
resource "azurerm_app_service_virtual_network_swift_connection" "example" {
app_service_id = module.app_service.azurerm_app_service.example.id
subnet_id = module.subnet.azurerm_subnet.example.id
resource "azurerm_app_service_virtual_network_swift_connection" "main" {
for_each = var.func_apps
app_service_id = azurerm_function_app.main[each.key].id
subnet_id = each.value.subnet_id
}
resource "azurerm_app_service_virtual_network_swift_connection" "vnet" {
app_service_id = azurerm_app_service.appservice.id
subnet_id = azurerm_subnet.webapp.id
}
resource "azurerm_app_service_virtual_network_swift_connection" "vnetintegrationconnection" {
app_service_id = azurerm_app_service.frontwebapp.id
subnet_id = azurerm_subnet.integrationsubnet.id
}
resource "azurerm_app_service" "backwebapp" {
Parameters
-
app_service_idrequired - string -
idoptional computed - string -
subnet_idrequired - string -
timeoutssingle block
Explanation in Terraform Registry
Manages an App Service Virtual Network Association (this is for the Regional VNet Integration).
Note: This resource can be used for both
azurerm_app_serviceandazurerm_function_app.Note: There is a hard limit of one VNet integration per App Service Plan. Multiple apps in the same App Service plan can use the same VNet.
Tips: Best Practices for The Other Azure App Service (Web Apps) Resources
In addition to the azurerm_app_service, Azure App Service (Web Apps) has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_app_service
Ensure your App Service is accessible via HTTPS only
It is better to configure the App Service to be accessible via HTTPS only. By default, both HTTP and HTTPS are available.
azurerm_function_app
Ensure to enable authentication to prevent anonymous request being accepted
It is better to enable authentication to prevent anonymous requests and ensure all communications in the application are authenticated.
Microsoft.Web/sites/virtualNetworkConnections (Azure Resource Manager)
The sites/virtualNetworkConnections in Microsoft.Web can be configured in Azure Resource Manager with the resource name Microsoft.Web/sites/virtualNetworkConnections. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"apiVersion": "2016-08-01",
"name": "[concat(parameters('webapp'), '/',variables('vnet'))]",
"location": "[resourceGroup().location]",
"properties": {
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"existenceCondition": {
"field": "Microsoft.Web/sites/virtualnetworkconnections/vnetResourceId",
"exists": "true"
}
}
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"existenceCondition": {
"field": "Microsoft.Web/sites/virtualnetworkconnections/vnetResourceId",
"exists": "true"
}
}
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"existenceCondition": {
"field": "Microsoft.Web/sites/virtualnetworkconnections/vnetResourceId",
"exists": "true"
}
}
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"existenceCondition": {
"field": "Microsoft.Web/sites/virtualnetworkconnections/vnetResourceId",
"exists": "true"
}
}
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"existenceCondition": {
"field": "Microsoft.Web/sites/virtualnetworkconnections/vnetResourceId",
"exists": "true"
}
}
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"existenceCondition": {
"field": "Microsoft.Web/sites/virtualnetworkconnections/vnetResourceId",
"exists": "true"
}
}
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"apiVersion": "2018-11-01",
"kind": "string",
"properties": {
"vnetResourceId": "string",
"certBlob": "string",
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"existenceCondition": {
"field": "Microsoft.Web/sites/virtualnetworkconnections/vnetResourceId",
"exists": "true"
}
}
"type": "Microsoft.Web/sites/virtualNetworkConnections",
"existenceCondition": {
"field": "Microsoft.Web/sites/virtualnetworkconnections/vnetResourceId",
"exists": "true"
}
}
Parameters
apiVersionrequired - stringkindoptional - stringKind of resource.
namerequired - stringName of an existing Virtual Network.
propertiesrequiredcertBloboptional - stringA certificate file (.cer) blob containing the public key of the private key used to authenticate a Point-To-Site VPN connection.
dnsServersoptional - stringDNS servers to be used by this Virtual Network. This should be a comma-separated list of IP addresses.
isSwiftoptional - booleanFlag that is used to denote if this is VNET injection
vnetResourceIdoptional - stringThe Virtual Network's resource ID.
typerequired - string
Frequently asked questions
What is Azure App Service (Web Apps) Virtual Network Swift Connection?
Azure App Service (Web Apps) Virtual Network Swift Connection is a resource for App Service (Web Apps) of Microsoft Azure. Settings can be wrote in Terraform.
Where can I find the example code for the Azure App Service (Web Apps) Virtual Network Swift Connection?
For Terraform, the nhs-digital-gp-it-futures/GPITBuyingCatalogue, fortunkam/asev3-firewall-appgateway and fortunkam/webapp-privatelink source code examples are useful. See the Terraform Example section for further details.
For Azure Resource Manager, the scoutzfiction/arm-templates, Prathyusha-91/azure-policy and induxsi/Test source code examples are useful. See the Azure Resource Manager Example section for further details.
