/terraform-azurerm-function-app-single

[Deprecated] Terraform module for Azure Function App V2

Primary LanguageHCLApache License 2.0Apache-2.0

Azure Function App

Changelog Notice Apache V2 License TF Registry

This Terraform feature creates an Azure Function App. A Storage Account and an Application Insights are required and are created if not provided. An App Service Plan must be provided for hosting. This module also support Diagnostics Settings activation.

Version compatibility

Module version Terraform version AzureRM version
>= 4.x.x 0.13.x >= 2.42
>= 3.x.x 0.12.x >= 2.0
>= 2.x.x 0.12.x < 2.0
< 2.x.x 0.11.x < 2.0

Usage

This module is optimized to work with the Claranet terraform-wrapper tool which set some terraform variables in the environment needed by this module.

More details about variables set by the terraform-wrapper available in the documentation.

Here's 2 examples combined with the function-app-with-plan feature in order to have 2 functions on a dedicated App Service Plan.

Windows

module "azure-region" {
  source  = "claranet/regions/azurerm"
  version = "x.x.x"

  azure_region = var.azure_region
}

module "rg" {
  source  = "claranet/rg/azurerm"
  version = "x.x.x"

  azure_region = module.azure-region.location
  client_name  = var.client_name
  environment  = var.environment
  stack        = var.stack
}

module "function-plan" {
  source  = "claranet/app-service-plan/azurerm"
  version = "x.x.x"

  location       = module.azure-region.location
  location_short = module.azure-region.location_short
  client_name    = var.client_name
  environment    = var.environment
  stack          = var.stack

  resource_group_name = module.rg.resource_group_name

  kind = "Windows"

  sku = {
    size = "S1"
    tier = "Standard"
  }

}

module "function1" {
  source  = "claranet/function-app-single/azurerm"
  version = "x.x.x"

  location       = module.azure-region.location
  location_short = module.azure-region.location_short
  client_name    = var.client_name
  environment    = var.environment
  stack          = var.stack

  resource_group_name = module.rg.resource_group_name

  function_app_name_prefix = "function2"

  app_service_plan_id = module.function-plan.app_service_plan_id

  function_app_application_settings = {
    "tracker_id"      = "AJKGDFJKHFDS"
    "backend_api_url" = "https://backend.domain.tld/api"
  }
}

Linux

module "azure-region" {
  source  = "claranet/regions/azurem"
  version = "x.x.x"

  azure_region = var.azure_region
}

module "rg" {
  source = "claranet/rg/azurerm"
  version = "x.x.x"

  azure_region = module.azure-region.location
  client_name  = var.client_name
  environment  = var.environment

  stack        = var.stack
}

module "function-plan" {
  source  = "claranet/app-service-plan/azurerm"
  version = "x.x.x"

  location       = module.azure-region.location
  location_short = module.azure-region.location_short
  client_name    = var.client_name
  environment    = var.environment
  stack          = var.stack

  resource_group_name = module.rg.resource_group_name

  kind         = "Linux"
  
  sku = {
    size = "S1"
    tier = "Standard"
  }

}

module "function1" {
  source = "claranet/function-app-single/azurerm"

  location       = module.azure-region.location
  location_short = module.azure-region.location_short
  client_name    = var.client_name
  environment    = var.environment
  stack          = var.stack

  resource_group_name = module.rg.resource_group_name

  function_app_name_suffix = "function2"

  function_language_for_linux = "python"

  app_service_plan_id = module.function-plan.app_service_plan_id


}

module "function-app" {
  source  = "claranet/function-app-single/azurerm"
  version = "x.x.x"

  location       = module.azure-region.location
  location_short = module.azure-region.location_short
  client_name    = var.client_name
  environment    = var.environment
  stack          = var.stack

  resource_group_name = module.rg.resource_group_name

  function_app_name_prefix = "armv2"
  storage_account_name     = "MyStorageName"

  app_service_plan_id = module.function-plan.app_service_plan_id
  identity_type       = "UserAssigned"
  identity_ids        = [azurerm_user_assigned_identity.myIdentity.id]

  function_app_application_settings = {
    "tracker_id"      = "AJKGDFJKHFDS"
    "backend_api_url" = "https://backend.domain.tld/api"
  }
  
  logs_destinations_ids = [
    data.terraform_remote_state.run.outputs.logs_storage_account_id,
    data.terraform_remote_state.run.outputs.log_analytics_workspace_id
  ]
}

resource "azurerm_user_assigned_identity" "myIdentity" {
  resource_group_name = module.rg.resource_group_name
  location            = module.azure-region.location
  
  name                = "MyManagedIdentity"
}

Inputs

Name Description Type Default Required
app_service_plan_id Id of the App Service Plan for Function App hosting string n/a yes
application_insights_custom_name Custom name for application insights string "" no
application_insights_enabled Enable or disable the Application Insights deployment bool true no
application_insights_extra_tags Extra tags to add to Application Insights map(string) {} no
application_insights_id ID of the existing Application Insights to use instead of deploying a new one. string null no
application_insights_name_prefix Application Insights name prefix string "" no
application_insights_type Application Insights type if need to be generated string "web" no
authorized_ips IPs restriction for Function. See documentation https://www.terraform.io/docs/providers/azurerm/r/function_app.html#ip_restriction list(string) [] no
authorized_service_tags Service Tags restriction for Function. See documentation https://www.terraform.io/docs/providers/azurerm/r/function_app.html#ip_restriction list(string) [] no
authorized_subnet_ids Subnets restriction for Function. See documentation https://www.terraform.io/docs/providers/azurerm/r/function_app.html#ip_restriction list(string) [] no
client_name Client name/account used in naming string n/a yes
environment Project environment string n/a yes
extra_tags Extra tags to add map(string) {} no
function_app_application_settings Function App application settings map(string) {} no
function_app_custom_name Custom name for function app string "" no
function_app_extra_tags Extra tags to add to Function App map(string) {} no
function_app_name_prefix Function App name prefix string "" no
function_app_version Version of function app to use number 2 no
function_language_for_linux Language of the Function App on Linux hosting, can be "dotnet", "node" or "python" string "dotnet" no
https_only Disable http procotol and keep only https bool true no
identity_ids UserAssigned Identities ID to add to Function App. Mandatory if type is UserAssigned list(string) null no
identity_type Add an Identity (MSI) to the function app. Possible values are SystemAssigned or UserAssigned string "SystemAssigned" no
location Azure location. string n/a yes
location_short Short string for Azure location. string n/a yes
log_retention_days Number of days to keep logs number 31 no
logs_destinations_ids List of destination resources Ids for logs diagnostics destination. Can be Storage Account, Log Analytics Workspace and Event Hub. No more than one of each can be set. Empty list to disable logging. list(string) [] no
logs_logs_categories Logs categories to send to destinations list(string)
[
"FunctionAppLogs"
]
no
logs_metrics_categories Metrics categories to send to destinations. list(string)
[
"AllMetrics"
]
no
name_prefix Name prefix for all resources generated name string "" no
os_type A string indicating the Operating System type for this function app. string null no
resource_group_name Resource group name string n/a yes
site_config Site config for App Service. See documentation https://www.terraform.io/docs/providers/azurerm/r/app_service.html#site_config. IP restriction attribute is not managed in this block. any {} no
stack Project stack name string n/a yes
storage_account_enable_advanced_threat_protection Boolean flag which controls if advanced threat protection is enabled, see here for more information. bool false no
storage_account_enable_https_traffic_only Boolean flag which controls if https traffic only is enabled. bool true no
storage_account_extra_tags Extra tags to add to Storage Account map(string) {} no
storage_account_kind Storage Account Kind string "StorageV2" no
storage_account_min_tls_version Storage Account minimal TLS version string "TLS1_2" no
storage_account_name Name of the Storage account to attach to function string null no
storage_account_name_prefix Storage Account name prefix string "" no
storage_account_primary_access_key Primary access key the storage account to use. If null a new storage account is created string null no

Outputs

Name Description
app_insights_application_type Application Type of the associated Application Insights
app_service_plan_id Id of the created App Service Plan
application_insights_app_id App id of the associated Application Insights
application_insights_id Id of the associated Application Insights
application_insights_instrumentation_key Instrumentation key of the associated Application Insights
application_insights_name Name of the associated Application Insights
function_app_connection_string Connection string of the created Function App
function_app_id Id of the created Function App
function_app_identity Identity block output of the Function App
function_app_name Name of the created Function App
function_app_outbound_ip_addresses Outbound IP adresses of the created Function App
function_app_possible_outbound_ip_addresses All possible outbound IP adresses of the created Function App
storage_account_id Id of the associated Storage Account, empty if connection string provided
storage_account_name Name of the associated Storage Account, empty if connection string provided
storage_account_primary_access_key Primary connection string of the associated Storage Account, empty if connection string provided
storage_account_primary_connection_string Primary connection string of the associated Storage Account, empty if connection string provided
storage_account_secondary_access_key Secondary connection string of the associated Storage Account, empty if connection string provided
storage_account_secondary_connection_string Secondary connection string of the associated Storage Account, empty if connection string provided

Related documentation