Microsoft.App managedEnvironments 2022-10-01
Bicep resource definition
The managedEnvironments resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.App/managedEnvironments resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.App/managedEnvironments@2022-10-01' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
sku: {
name: 'string'
}
kind: 'string'
properties: {
appLogsConfiguration: {
destination: 'string'
logAnalyticsConfiguration: {
customerId: 'string'
sharedKey: 'string'
}
}
customDomainConfiguration: {
certificatePassword: 'string'
certificateValue: any()
dnsSuffix: 'string'
}
daprAIConnectionString: 'string'
daprAIInstrumentationKey: 'string'
vnetConfiguration: {
dockerBridgeCidr: 'string'
infrastructureSubnetId: 'string'
internal: bool
outboundSettings: {
outBoundType: 'string'
virtualNetworkApplianceIp: 'string'
}
platformReservedCidr: 'string'
platformReservedDnsIP: 'string'
runtimeSubnetId: 'string'
}
workloadProfiles: [
{
maximumCount: int
minimumCount: int
workloadProfileType: 'string'
}
]
zoneRedundant: bool
}
}
Property values
managedEnvironments
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| location | The geo-location where the resource lives | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| sku | SKU properties of the Environment. | EnvironmentSkuProperties |
| kind | Kind of the Environment. | string |
| properties | Managed environment resource specific properties | ManagedEnvironmentProperties |
ManagedEnvironmentProperties
| Name | Description | Value |
|---|---|---|
| appLogsConfiguration | Cluster configuration which enables the log daemon to export app logs to a destination. Currently only "log-analytics" is supported |
AppLogsConfiguration |
| customDomainConfiguration | Custom domain configuration for the environment | CustomDomainConfiguration |
| daprAIConnectionString | Application Insights connection string used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| daprAIInstrumentationKey | Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| vnetConfiguration | Vnet configuration for the environment | VnetConfiguration |
| workloadProfiles | Workload profiles configured for the Managed Environment. | WorkloadProfile[] |
| zoneRedundant | Whether or not this Managed Environment is zone-redundant. | bool |
AppLogsConfiguration
| Name | Description | Value |
|---|---|---|
| destination | Logs destination, can be 'log-analytics', 'azure-monitor' or 'none' | string |
| logAnalyticsConfiguration | Log Analytics configuration, must only be provided when destination is configured as 'log-analytics' | LogAnalyticsConfiguration |
LogAnalyticsConfiguration
| Name | Description | Value |
|---|---|---|
| customerId | Log analytics customer id | string |
| sharedKey | Log analytics customer key | string Constraints: Sensitive value. Pass in as a secure parameter. |
CustomDomainConfiguration
| Name | Description | Value |
|---|---|---|
| certificatePassword | Certificate password | string Constraints: Sensitive value. Pass in as a secure parameter. |
| certificateValue | PFX or PEM blob | For Bicep, you can use the any() function. |
| dnsSuffix | Dns suffix for the environment domain | string |
VnetConfiguration
| Name | Description | Value |
|---|---|---|
| dockerBridgeCidr | CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges. | string |
| infrastructureSubnetId | Resource ID of a subnet for infrastructure components. This subnet must be in the same VNET as the subnet defined in runtimeSubnetId. Must not overlap with any other provided IP ranges. | string |
| internal | Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide runtimeSubnetId and infrastructureSubnetId if enabling this property | bool |
| outboundSettings | Configuration used to control the Environment Egress outbound traffic | ManagedEnvironmentOutboundSettings |
| platformReservedCidr | IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges. | string |
| platformReservedDnsIP | An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server. | string |
| runtimeSubnetId | This field is deprecated and not used. If you wish to provide your own subnet that Container App containers are injected into, then you should leverage the infrastructureSubnetId. | string |
ManagedEnvironmentOutboundSettings
| Name | Description | Value |
|---|---|---|
| outBoundType | Outbound type for the cluster | 'LoadBalancer' 'UserDefinedRouting' |
| virtualNetworkApplianceIp | Virtual Appliance IP used as the Egress controller for the Environment | string |
WorkloadProfile
| Name | Description | Value |
|---|---|---|
| maximumCount | The maximum capacity. | int (required) |
| minimumCount | The minimum capacity. | int (required) |
| workloadProfileType | Workload profile type for the workloads to run on. | string (required) |
EnvironmentSkuProperties
| Name | Description | Value |
|---|---|---|
| name | Name of the Sku. | 'Consumption' 'Premium' (required) |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Creates a Container App and Environment with Registry |
Create a Container App Environment with a basic Container App from an Azure Container Registry. It also deploys a Log Analytics Workspace to store logs. |
| Creates a two Container App with a Container App Environment |
Create a two Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App within a Container App Environment |
Create a Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App with a defined HTTP scaling rule |
Create a Container App Environment with a basic Container App that scales based on HTTP traffic. |
| Creates an external Container App environment with a VNET |
Creates an external Container App environment with a VNET. |
| Creates an internal Container App environment with a VNET |
Creates an internal Container App environment with a VNET. |
ARM template resource definition
The managedEnvironments resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.App/managedEnvironments resource, add the following JSON to your template.
{
"type": "Microsoft.App/managedEnvironments",
"apiVersion": "2022-10-01",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"sku": {
"name": "string"
},
"kind": "string",
"properties": {
"appLogsConfiguration": {
"destination": "string",
"logAnalyticsConfiguration": {
"customerId": "string",
"sharedKey": "string"
}
},
"customDomainConfiguration": {
"certificatePassword": "string",
"certificateValue": {},
"dnsSuffix": "string"
},
"daprAIConnectionString": "string",
"daprAIInstrumentationKey": "string",
"vnetConfiguration": {
"dockerBridgeCidr": "string",
"infrastructureSubnetId": "string",
"internal": "bool",
"outboundSettings": {
"outBoundType": "string",
"virtualNetworkApplianceIp": "string"
},
"platformReservedCidr": "string",
"platformReservedDnsIP": "string",
"runtimeSubnetId": "string"
},
"workloadProfiles": [
{
"maximumCount": "int",
"minimumCount": "int",
"workloadProfileType": "string"
}
],
"zoneRedundant": "bool"
}
}
Property values
managedEnvironments
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.App/managedEnvironments' |
| apiVersion | The resource api version | '2022-10-01' |
| name | The resource name | string (required) |
| location | The geo-location where the resource lives | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| sku | SKU properties of the Environment. | EnvironmentSkuProperties |
| kind | Kind of the Environment. | string |
| properties | Managed environment resource specific properties | ManagedEnvironmentProperties |
ManagedEnvironmentProperties
| Name | Description | Value |
|---|---|---|
| appLogsConfiguration | Cluster configuration which enables the log daemon to export app logs to a destination. Currently only "log-analytics" is supported |
AppLogsConfiguration |
| customDomainConfiguration | Custom domain configuration for the environment | CustomDomainConfiguration |
| daprAIConnectionString | Application Insights connection string used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| daprAIInstrumentationKey | Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| vnetConfiguration | Vnet configuration for the environment | VnetConfiguration |
| workloadProfiles | Workload profiles configured for the Managed Environment. | WorkloadProfile[] |
| zoneRedundant | Whether or not this Managed Environment is zone-redundant. | bool |
AppLogsConfiguration
| Name | Description | Value |
|---|---|---|
| destination | Logs destination, can be 'log-analytics', 'azure-monitor' or 'none' | string |
| logAnalyticsConfiguration | Log Analytics configuration, must only be provided when destination is configured as 'log-analytics' | LogAnalyticsConfiguration |
LogAnalyticsConfiguration
| Name | Description | Value |
|---|---|---|
| customerId | Log analytics customer id | string |
| sharedKey | Log analytics customer key | string Constraints: Sensitive value. Pass in as a secure parameter. |
CustomDomainConfiguration
| Name | Description | Value |
|---|---|---|
| certificatePassword | Certificate password | string Constraints: Sensitive value. Pass in as a secure parameter. |
| certificateValue | PFX or PEM blob | |
| dnsSuffix | Dns suffix for the environment domain | string |
VnetConfiguration
| Name | Description | Value |
|---|---|---|
| dockerBridgeCidr | CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges. | string |
| infrastructureSubnetId | Resource ID of a subnet for infrastructure components. This subnet must be in the same VNET as the subnet defined in runtimeSubnetId. Must not overlap with any other provided IP ranges. | string |
| internal | Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide runtimeSubnetId and infrastructureSubnetId if enabling this property | bool |
| outboundSettings | Configuration used to control the Environment Egress outbound traffic | ManagedEnvironmentOutboundSettings |
| platformReservedCidr | IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges. | string |
| platformReservedDnsIP | An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server. | string |
| runtimeSubnetId | This field is deprecated and not used. If you wish to provide your own subnet that Container App containers are injected into, then you should leverage the infrastructureSubnetId. | string |
ManagedEnvironmentOutboundSettings
| Name | Description | Value |
|---|---|---|
| outBoundType | Outbound type for the cluster | 'LoadBalancer' 'UserDefinedRouting' |
| virtualNetworkApplianceIp | Virtual Appliance IP used as the Egress controller for the Environment | string |
WorkloadProfile
| Name | Description | Value |
|---|---|---|
| maximumCount | The maximum capacity. | int (required) |
| minimumCount | The minimum capacity. | int (required) |
| workloadProfileType | Workload profile type for the workloads to run on. | string (required) |
EnvironmentSkuProperties
| Name | Description | Value |
|---|---|---|
| name | Name of the Sku. | 'Consumption' 'Premium' (required) |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
| Creates a Container App and Environment with Registry |
Create a Container App Environment with a basic Container App from an Azure Container Registry. It also deploys a Log Analytics Workspace to store logs. |
| Creates a two Container App with a Container App Environment |
Create a two Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App within a Container App Environment |
Create a Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App with a defined HTTP scaling rule |
Create a Container App Environment with a basic Container App that scales based on HTTP traffic. |
| Creates an external Container App environment with a VNET |
Creates an external Container App environment with a VNET. |
| Creates an internal Container App environment with a VNET |
Creates an internal Container App environment with a VNET. |
Terraform (AzAPI provider) resource definition
The managedEnvironments resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.App/managedEnvironments resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.App/managedEnvironments@2022-10-01"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
body = jsonencode({
properties = {
appLogsConfiguration = {
destination = "string"
logAnalyticsConfiguration = {
customerId = "string"
sharedKey = "string"
}
}
customDomainConfiguration = {
certificatePassword = "string"
dnsSuffix = "string"
}
daprAIConnectionString = "string"
daprAIInstrumentationKey = "string"
vnetConfiguration = {
dockerBridgeCidr = "string"
infrastructureSubnetId = "string"
internal = bool
outboundSettings = {
outBoundType = "string"
virtualNetworkApplianceIp = "string"
}
platformReservedCidr = "string"
platformReservedDnsIP = "string"
runtimeSubnetId = "string"
}
workloadProfiles = [
{
maximumCount = int
minimumCount = int
workloadProfileType = "string"
}
]
zoneRedundant = bool
}
sku = {
name = "string"
}
kind = "string"
})
}
Property values
managedEnvironments
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.App/managedEnvironments@2022-10-01" |
| name | The resource name | string (required) |
| location | The geo-location where the resource lives | string (required) |
| parent_id | To deploy to a resource group, use the ID of that resource group. | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. |
| sku | SKU properties of the Environment. | EnvironmentSkuProperties |
| kind | Kind of the Environment. | string |
| properties | Managed environment resource specific properties | ManagedEnvironmentProperties |
ManagedEnvironmentProperties
| Name | Description | Value |
|---|---|---|
| appLogsConfiguration | Cluster configuration which enables the log daemon to export app logs to a destination. Currently only "log-analytics" is supported |
AppLogsConfiguration |
| customDomainConfiguration | Custom domain configuration for the environment | CustomDomainConfiguration |
| daprAIConnectionString | Application Insights connection string used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| daprAIInstrumentationKey | Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| vnetConfiguration | Vnet configuration for the environment | VnetConfiguration |
| workloadProfiles | Workload profiles configured for the Managed Environment. | WorkloadProfile[] |
| zoneRedundant | Whether or not this Managed Environment is zone-redundant. | bool |
AppLogsConfiguration
| Name | Description | Value |
|---|---|---|
| destination | Logs destination, can be 'log-analytics', 'azure-monitor' or 'none' | string |
| logAnalyticsConfiguration | Log Analytics configuration, must only be provided when destination is configured as 'log-analytics' | LogAnalyticsConfiguration |
LogAnalyticsConfiguration
| Name | Description | Value |
|---|---|---|
| customerId | Log analytics customer id | string |
| sharedKey | Log analytics customer key | string Constraints: Sensitive value. Pass in as a secure parameter. |
CustomDomainConfiguration
| Name | Description | Value |
|---|---|---|
| certificatePassword | Certificate password | string Constraints: Sensitive value. Pass in as a secure parameter. |
| certificateValue | PFX or PEM blob | |
| dnsSuffix | Dns suffix for the environment domain | string |
VnetConfiguration
| Name | Description | Value |
|---|---|---|
| dockerBridgeCidr | CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges. | string |
| infrastructureSubnetId | Resource ID of a subnet for infrastructure components. This subnet must be in the same VNET as the subnet defined in runtimeSubnetId. Must not overlap with any other provided IP ranges. | string |
| internal | Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide runtimeSubnetId and infrastructureSubnetId if enabling this property | bool |
| outboundSettings | Configuration used to control the Environment Egress outbound traffic | ManagedEnvironmentOutboundSettings |
| platformReservedCidr | IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges. | string |
| platformReservedDnsIP | An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server. | string |
| runtimeSubnetId | This field is deprecated and not used. If you wish to provide your own subnet that Container App containers are injected into, then you should leverage the infrastructureSubnetId. | string |
ManagedEnvironmentOutboundSettings
| Name | Description | Value |
|---|---|---|
| outBoundType | Outbound type for the cluster | "LoadBalancer" "UserDefinedRouting" |
| virtualNetworkApplianceIp | Virtual Appliance IP used as the Egress controller for the Environment | string |
WorkloadProfile
| Name | Description | Value |
|---|---|---|
| maximumCount | The maximum capacity. | int (required) |
| minimumCount | The minimum capacity. | int (required) |
| workloadProfileType | Workload profile type for the workloads to run on. | string (required) |
EnvironmentSkuProperties
| Name | Description | Value |
|---|---|---|
| name | Name of the Sku. | "Consumption" "Premium" (required) |