Created
January 20, 2025 17:16
-
-
Save jwlin/a15d5b86b8ea29ebcba2b872a95fbeab to your computer and use it in GitHub Desktop.
ARM template creating a linux function app with secure storage - less resources created
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "functionAppName": { | |
| "defaultValue": "", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The name of the Azure Function app." | |
| } | |
| }, | |
| "location": { | |
| "defaultValue": "West US 2", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The location into which the resources should be deployed." | |
| } | |
| }, | |
| "functionWorkerRuntime": { | |
| "defaultValue": "node", | |
| "allowedValues": [ | |
| "dotnet", | |
| "node", | |
| "python", | |
| "java" | |
| ], | |
| "type": "String", | |
| "metadata": { | |
| "description": "The language worker runtime to load in the function app." | |
| } | |
| }, | |
| "functionPlanOS": { | |
| "defaultValue": "Linux", | |
| "allowedValues": [ | |
| "Windows", | |
| "Linux" | |
| ], | |
| "type": "String", | |
| "metadata": { | |
| "description": "Specifies the OS used for the Azure Function hosting plan." | |
| } | |
| }, | |
| "functionStorageAccountName": { | |
| "defaultValue": "", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The name of the backend Azure storage account used by the Azure Function app." | |
| } | |
| }, | |
| "functionVnetName": { | |
| "defaultValue": "", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The name of the virtual network for virtual network integration." | |
| } | |
| }, | |
| "functionSubnetName": { | |
| "defaultValue": "", | |
| "type": "String", | |
| "metadata": { | |
| "description": "The name of the virtual network subnet to be associated with the Azure Function app." | |
| } | |
| }, | |
| "linuxFxVersion": { | |
| "defaultValue": "Node|20", | |
| "type": "String", | |
| "metadata": { | |
| "description": "Only required for Linux app to represent runtime stack in the format of 'runtime|runtimeVersion'. For example: 'python|3.9'" | |
| } | |
| }, | |
| "hostingPlanName": { | |
| "type": "string" | |
| } | |
| }, | |
| "variables": { | |
| "functionContentShareName": "function-content-share", | |
| "isReserved": "[if(equals(parameters('functionPlanOS'), 'Linux'), true(), false())]" | |
| }, | |
| "resources": [ | |
| { | |
| "type": "Microsoft.Storage/storageAccounts/fileServices/shares", | |
| "apiVersion": "2022-05-01", | |
| "name": "[format('{0}/default/{1}', parameters('functionStorageAccountName'), variables('functionContentShareName'))]" | |
| }, | |
| { | |
| "type": "Microsoft.Web/sites", | |
| "apiVersion": "2022-03-01", | |
| "name": "[parameters('functionAppName')]", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [], | |
| "kind": "[if(variables('isReserved'), 'functionapp,linux', 'functionapp')]", | |
| "properties": { | |
| "reserved": "[variables('isReserved')]", | |
| "publicNetworkAccess": "Enabled", | |
| "vnetRouteAllEnabled": true, | |
| "httpsOnly": true, | |
| "serverFarmId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]", | |
| "siteConfig": { | |
| "linuxFxVersion": "[if(variables('isReserved'), parameters('linuxFxVersion'), json('null'))]", | |
| "appSettings": [ | |
| { | |
| "name": "AzureWebJobsStorage", | |
| "value": "[format('DefaultEndpointsProtocol=https;AccountName={0};AccountKey={1}', parameters('functionStorageAccountName'), listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('functionStorageAccountName')), '2022-05-01').keys[0].value)]" | |
| }, | |
| { | |
| "name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING", | |
| "value": "[format('DefaultEndpointsProtocol=https;AccountName={0};AccountKey={1}', parameters('functionStorageAccountName'), listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('functionStorageAccountName')), '2022-05-01').keys[0].value)]" | |
| }, | |
| { | |
| "name": "WEBSITE_CONTENTSHARE", | |
| "value": "[variables('functionContentShareName')]" | |
| }, | |
| { | |
| "name": "FUNCTIONS_EXTENSION_VERSION", | |
| "value": "~4" | |
| }, | |
| { | |
| "name": "FUNCTIONS_WORKER_RUNTIME", | |
| "value": "[parameters('functionWorkerRuntime')]" | |
| }, | |
| { | |
| "name": "WEBSITE_NODE_DEFAULT_VERSION", | |
| "value": "~14" | |
| }, | |
| { | |
| "name": "WEBSITE_CONTENTOVERVNET", | |
| "value": "1" | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Web/sites/networkConfig", | |
| "apiVersion": "2022-03-01", | |
| "name": "[format('{0}/{1}', parameters('functionAppName'), 'virtualNetwork')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Web/sites', parameters('functionAppName'))]" | |
| ], | |
| "properties": { | |
| "subnetResourceId": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('functionVnetName'), parameters('functionSubnetName'))]", | |
| "swiftSupported": true | |
| } | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Deploy Azure Functions with a Secured Storage
Another example using a dedicated plan for the function app. With an existing dedicated app service plan, secure storage, and subnet, the template below creates:
(Note: The existing subnet need to delegate to Microsoft.Web/serverFarms)