Created
January 20, 2025 17:14
-
-
Save jwlin/67a31ee0aa7a5792a80355773d2bbc4d to your computer and use it in GitHub Desktop.
ARM template creating a linux function app with secure storage
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "functionAppName": { | |
| "defaultValue": "YourFunctionAppName", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The name of the Azure Function app." | |
| } | |
| }, | |
| "location": { | |
| "defaultValue": "[resourceGroup().location]", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The location into which the resources should be deployed." | |
| } | |
| }, | |
| "functionWorkerRuntime": { | |
| "defaultValue": "node", | |
| "allowedValues": [ | |
| "dotnet", | |
| "node", | |
| "python", | |
| "java" | |
| ], | |
| "type": "String", | |
| "metadata": { | |
| "description": "The language worker runtime to load in the function app." | |
| } | |
| }, | |
| "functionPlanOS": { | |
| "defaultValue": "Linux", | |
| "allowedValues": [ | |
| "Windows", | |
| "Linux" | |
| ], | |
| "type": "String", | |
| "metadata": { | |
| "description": "Specifies the OS used for the Azure Function hosting plan." | |
| } | |
| }, | |
| "functionAppPlanSku": { | |
| "defaultValue": "EP1", | |
| "allowedValues": [ | |
| "EP1", | |
| "EP2", | |
| "EP3" | |
| ], | |
| "type": "String", | |
| "metadata": { | |
| "description": "Specifies the Azure Function hosting plan SKU." | |
| } | |
| }, | |
| "functionAppPlanName": { | |
| "defaultValue": "[format('plan-{0}', uniqueString(resourceGroup().id))]", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The name of the Azure Function hosting plan." | |
| } | |
| }, | |
| "functionStorageAccountName": { | |
| "defaultValue": "YourStorageName", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The name of the backend Azure storage account used by the Azure Function app." | |
| } | |
| }, | |
| "vnetName": { | |
| "defaultValue": "YourVNetName", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The name of the virtual network for virtual network integration." | |
| } | |
| }, | |
| "functionSubnetName": { | |
| "defaultValue": "YourSubnetName", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The name of the virtual network subnet to be associated with the Azure Function app." | |
| } | |
| }, | |
| "linuxFxVersion": { | |
| "defaultValue": "", | |
| "type": "String", | |
| "metadata": { | |
| "description": "Only required for Linux app to represent runtime stack in the format of 'runtime|runtimeVersion'. For example: 'python|3.9'" | |
| } | |
| } | |
| }, | |
| "variables": { | |
| "applicationInsightsName": "[format('appi-{0}', uniqueString(resourceGroup().id))]", | |
| "functionContentShareName": "function-content-share", | |
| "isReserved": "[if(equals(parameters('functionPlanOS'), 'Linux'), true(), false())]" | |
| }, | |
| "resources": [ | |
| { | |
| "type": "Microsoft.Storage/storageAccounts/fileServices/shares", | |
| "apiVersion": "2022-05-01", | |
| "name": "[format('{0}/default/{1}', parameters('functionStorageAccountName'), variables('functionContentShareName'))]" | |
| }, | |
| { | |
| "type": "Microsoft.Insights/components", | |
| "apiVersion": "2020-02-02", | |
| "name": "[variables('applicationInsightsName')]", | |
| "location": "[parameters('location')]", | |
| "kind": "web", | |
| "properties": { | |
| "Application_Type": "web" | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Web/serverfarms", | |
| "apiVersion": "2022-03-01", | |
| "name": "[parameters('functionAppPlanName')]", | |
| "location": "[parameters('location')]", | |
| "sku": { | |
| "tier": "ElasticPremium", | |
| "name": "[parameters('functionAppPlanSku')]", | |
| "size": "[parameters('functionAppPlanSku')]", | |
| "family": "EP" | |
| }, | |
| "kind": "elastic", | |
| "properties": { | |
| "maximumElasticWorkerCount": 20, | |
| "reserved": "[variables('isReserved')]" | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Web/sites", | |
| "apiVersion": "2022-03-01", | |
| "name": "[parameters('functionAppName')]", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Insights/components', variables('applicationInsightsName'))]", | |
| "[resourceId('Microsoft.Web/serverfarms', parameters('functionAppPlanName'))]" | |
| ], | |
| "kind": "[if(variables('isReserved'), 'functionapp,linux', 'functionapp')]", | |
| "properties": { | |
| "reserved": "[variables('isReserved')]", | |
| "serverFarmId": "[resourceId('Microsoft.Web/serverfarms', parameters('functionAppPlanName'))]", | |
| "siteConfig": { | |
| "functionsRuntimeScaleMonitoringEnabled": true, | |
| "linuxFxVersion": "[if(variables('isReserved'), parameters('linuxFxVersion'), json('null'))]", | |
| "appSettings": [ | |
| { | |
| "name": "APPINSIGHTS_INSTRUMENTATIONKEY", | |
| "value": "[reference(resourceId('Microsoft.Insights/components', variables('applicationInsightsName')), '2020-02-02').InstrumentationKey]" | |
| }, | |
| { | |
| "name": "AzureWebJobsStorage", | |
| "value": "[format('DefaultEndpointsProtocol=https;AccountName={0};AccountKey={1}', parameters('functionStorageAccountName'), listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('functionStorageAccountName')), '2022-05-01').keys[0].value)]" | |
| }, | |
| { | |
| "name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING", | |
| "value": "[format('DefaultEndpointsProtocol=https;AccountName={0};AccountKey={1}', parameters('functionStorageAccountName'), listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('functionStorageAccountName')), '2022-05-01').keys[0].value)]" | |
| }, | |
| { | |
| "name": "WEBSITE_CONTENTSHARE", | |
| "value": "[variables('functionContentShareName')]" | |
| }, | |
| { | |
| "name": "FUNCTIONS_EXTENSION_VERSION", | |
| "value": "~4" | |
| }, | |
| { | |
| "name": "FUNCTIONS_WORKER_RUNTIME", | |
| "value": "[parameters('functionWorkerRuntime')]" | |
| }, | |
| { | |
| "name": "WEBSITE_NODE_DEFAULT_VERSION", | |
| "value": "~14" | |
| }, | |
| { | |
| "name": "WEBSITE_VNET_ROUTE_ALL", | |
| "value": "1" | |
| }, | |
| { | |
| "name": "WEBSITE_CONTENTOVERVNET", | |
| "value": "1" | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Web/sites/networkConfig", | |
| "apiVersion": "2022-03-01", | |
| "name": "[format('{0}/{1}', parameters('functionAppName'), 'virtualNetwork')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Web/sites', parameters('functionAppName'))]" | |
| ], | |
| "properties": { | |
| "subnetResourceId": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('functionSubnetName'))]", | |
| "swiftSupported": true | |
| } | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Deploy Azure Functions with a Secured Storage
With an existing Subnet and secure storage, the template below creates:
(Note: The existing subnet need to delegate to Microsoft.Web/serverFarms)