Microsoft.App managedEnvironments 2023-11-02-preview
Bicep resource definition
The managedEnvironments resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.App/managedEnvironments resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.App/managedEnvironments@2023-11-02-preview' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
kind: 'string'
identity: {
type: 'string'
userAssignedIdentities: {
{customized property}: {}
}
}
properties: {
appInsightsConfiguration: {
connectionString: 'string'
}
appLogsConfiguration: {
destination: 'string'
logAnalyticsConfiguration: {
customerId: 'string'
dynamicJsonColumns: bool
sharedKey: 'string'
}
}
customDomainConfiguration: {
certificateKeyVaultProperties: {
identity: 'string'
keyVaultUrl: 'string'
}
certificatePassword: 'string'
certificateValue: any()
dnsSuffix: 'string'
}
daprAIConnectionString: 'string'
daprAIInstrumentationKey: 'string'
daprConfiguration: {}
infrastructureResourceGroup: 'string'
kedaConfiguration: {}
openTelemetryConfiguration: {
destinationsConfiguration: {
dataDogConfiguration: {
key: 'string'
site: 'string'
}
otlpConfigurations: [
{
endpoint: 'string'
headers: [
{
key: 'string'
value: 'string'
}
]
insecure: bool
name: 'string'
}
]
}
logsConfiguration: {
destinations: [
'string'
]
}
metricsConfiguration: {
destinations: [
'string'
]
}
tracesConfiguration: {
destinations: [
'string'
]
}
}
peerAuthentication: {
mtls: {
enabled: bool
}
}
vnetConfiguration: {
dockerBridgeCidr: 'string'
infrastructureSubnetId: 'string'
internal: bool
platformReservedCidr: 'string'
platformReservedDnsIP: 'string'
}
workloadProfiles: [
{
maximumCount: int
minimumCount: int
name: 'string'
workloadProfileType: 'string'
}
]
zoneRedundant: bool
}
}
Property values
managedEnvironments
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| location | The geo-location where the resource lives | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| kind | Kind of the Environment. | string |
| identity | Managed identities for the Managed Environment to interact with other Azure services without maintaining any secrets or credentials in code. | ManagedServiceIdentity |
| properties | Managed environment resource specific properties | ManagedEnvironmentProperties |
ManagedServiceIdentity
| Name | Description | Value |
|---|---|---|
| type | Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed). | 'None' 'SystemAssigned' 'SystemAssigned,UserAssigned' 'UserAssigned' (required) |
| userAssignedIdentities | The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests. | UserAssignedIdentities |
UserAssignedIdentities
| Name | Description | Value |
|---|---|---|
| {customized property} | UserAssignedIdentity |
UserAssignedIdentity
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
ManagedEnvironmentProperties
| Name | Description | Value |
|---|---|---|
| appInsightsConfiguration | Environment level Application Insights configuration | AppInsightsConfiguration |
| appLogsConfiguration | Cluster configuration which enables the log daemon to export app logs to a destination. Currently only "log-analytics" is supported |
AppLogsConfiguration |
| customDomainConfiguration | Custom domain configuration for the environment | CustomDomainConfiguration |
| daprAIConnectionString | Application Insights connection string used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| daprAIInstrumentationKey | Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| daprConfiguration | The configuration of Dapr component. | DaprConfiguration |
| infrastructureResourceGroup | Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources. If a subnet ID is provided, this resource group will be created in the same subscription as the subnet. | string |
| kedaConfiguration | The configuration of Keda component. | KedaConfiguration |
| openTelemetryConfiguration | Environment Open Telemetry configuration | OpenTelemetryConfiguration |
| peerAuthentication | Peer authentication settings for the Managed Environment | ManagedEnvironmentPropertiesPeerAuthentication |
| vnetConfiguration | Vnet configuration for the environment | VnetConfiguration |
| workloadProfiles | Workload profiles configured for the Managed Environment. | WorkloadProfile[] |
| zoneRedundant | Whether or not this Managed Environment is zone-redundant. | bool |
AppInsightsConfiguration
| Name | Description | Value |
|---|---|---|
| connectionString | Application Insights connection string | string Constraints: Sensitive value. Pass in as a secure parameter. |
AppLogsConfiguration
| Name | Description | Value |
|---|---|---|
| destination | Logs destination, can be 'log-analytics', 'azure-monitor' or 'none' | string |
| logAnalyticsConfiguration | Log Analytics configuration, must only be provided when destination is configured as 'log-analytics' | LogAnalyticsConfiguration |
LogAnalyticsConfiguration
| Name | Description | Value |
|---|---|---|
| customerId | Log analytics customer id | string |
| dynamicJsonColumns | Boolean indicating whether to parse json string log into dynamic json columns | bool |
| sharedKey | Log analytics customer key | string Constraints: Sensitive value. Pass in as a secure parameter. |
CustomDomainConfiguration
| Name | Description | Value |
|---|---|---|
| certificateKeyVaultProperties | Certificate stored in Azure Key Vault. | CertificateKeyVaultProperties |
| certificatePassword | Certificate password | string Constraints: Sensitive value. Pass in as a secure parameter. |
| certificateValue | PFX or PEM blob | For Bicep, you can use the any() function. |
| dnsSuffix | Dns suffix for the environment domain | string |
CertificateKeyVaultProperties
| Name | Description | Value |
|---|---|---|
| identity | Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity. | string |
| keyVaultUrl | URL pointing to the Azure Key Vault secret that holds the certificate. | string |
DaprConfiguration
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
KedaConfiguration
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
OpenTelemetryConfiguration
| Name | Description | Value |
|---|---|---|
| destinationsConfiguration | Open telemetry destinations configuration | DestinationsConfiguration |
| logsConfiguration | Open telemetry logs configuration | LogsConfiguration |
| metricsConfiguration | Open telemetry metrics configuration | MetricsConfiguration |
| tracesConfiguration | Open telemetry trace configuration | TracesConfiguration |
DestinationsConfiguration
| Name | Description | Value |
|---|---|---|
| dataDogConfiguration | Open telemetry datadog destination configuration | DataDogConfiguration |
| otlpConfigurations | Open telemetry otlp configurations | OtlpConfiguration[] |
DataDogConfiguration
| Name | Description | Value |
|---|---|---|
| key | The data dog api key | string Constraints: Sensitive value. Pass in as a secure parameter. |
| site | The data dog site | string |
OtlpConfiguration
| Name | Description | Value |
|---|---|---|
| endpoint | The endpoint of otlp configuration | string |
| headers | Headers of otlp configurations | Header[] |
| insecure | Boolean indicating if otlp configuration is insecure | bool |
| name | The name of otlp configuration | string |
Header
| Name | Description | Value |
|---|---|---|
| key | The key of otlp configuration header | string |
| value | The value of otlp configuration header | string |
LogsConfiguration
| Name | Description | Value |
|---|---|---|
| destinations | Open telemetry logs destinations | string[] |
MetricsConfiguration
| Name | Description | Value |
|---|---|---|
| destinations | Open telemetry metrics destinations | string[] |
TracesConfiguration
| Name | Description | Value |
|---|---|---|
| destinations | Open telemetry traces destinations | string[] |
ManagedEnvironmentPropertiesPeerAuthentication
| Name | Description | Value |
|---|---|---|
| mtls | Mutual TLS authentication settings for the Managed Environment | Mtls |
Mtls
| Name | Description | Value |
|---|---|---|
| enabled | Boolean indicating whether the mutual TLS authentication is enabled | bool |
VnetConfiguration
| Name | Description | Value |
|---|---|---|
| dockerBridgeCidr | CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges. | string |
| infrastructureSubnetId | Resource ID of a subnet for infrastructure components. Must not overlap with any other provided IP ranges. | string |
| internal | Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide infrastructureSubnetId if enabling this property | bool |
| platformReservedCidr | IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges. | string |
| platformReservedDnsIP | An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server. | string |
WorkloadProfile
| Name | Description | Value |
|---|---|---|
| maximumCount | The maximum capacity. | int |
| minimumCount | The minimum capacity. | int |
| name | Workload profile type for the workloads to run on. | string (required) |
| workloadProfileType | Workload profile type for the workloads to run on. | string (required) |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Creates a Container App and Environment with Registry |
Create a Container App Environment with a basic Container App from an Azure Container Registry. It also deploys a Log Analytics Workspace to store logs. |
| Creates a two Container App with a Container App Environment |
Create a two Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App within a Container App Environment |
Create a Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App with a defined HTTP scaling rule |
Create a Container App Environment with a basic Container App that scales based on HTTP traffic. |
| Creates an external Container App environment with a VNET |
Creates an external Container App environment with a VNET. |
| Creates an internal Container App environment with a VNET |
Creates an internal Container App environment with a VNET. |
ARM template resource definition
The managedEnvironments resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.App/managedEnvironments resource, add the following JSON to your template.
{
"type": "Microsoft.App/managedEnvironments",
"apiVersion": "2023-11-02-preview",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"kind": "string",
"identity": {
"type": "string",
"userAssignedIdentities": {
"{customized property}": {}
}
},
"properties": {
"appInsightsConfiguration": {
"connectionString": "string"
},
"appLogsConfiguration": {
"destination": "string",
"logAnalyticsConfiguration": {
"customerId": "string",
"dynamicJsonColumns": "bool",
"sharedKey": "string"
}
},
"customDomainConfiguration": {
"certificateKeyVaultProperties": {
"identity": "string",
"keyVaultUrl": "string"
},
"certificatePassword": "string",
"certificateValue": {},
"dnsSuffix": "string"
},
"daprAIConnectionString": "string",
"daprAIInstrumentationKey": "string",
"daprConfiguration": {},
"infrastructureResourceGroup": "string",
"kedaConfiguration": {},
"openTelemetryConfiguration": {
"destinationsConfiguration": {
"dataDogConfiguration": {
"key": "string",
"site": "string"
},
"otlpConfigurations": [
{
"endpoint": "string",
"headers": [
{
"key": "string",
"value": "string"
}
],
"insecure": "bool",
"name": "string"
}
]
},
"logsConfiguration": {
"destinations": [ "string" ]
},
"metricsConfiguration": {
"destinations": [ "string" ]
},
"tracesConfiguration": {
"destinations": [ "string" ]
}
},
"peerAuthentication": {
"mtls": {
"enabled": "bool"
}
},
"vnetConfiguration": {
"dockerBridgeCidr": "string",
"infrastructureSubnetId": "string",
"internal": "bool",
"platformReservedCidr": "string",
"platformReservedDnsIP": "string"
},
"workloadProfiles": [
{
"maximumCount": "int",
"minimumCount": "int",
"name": "string",
"workloadProfileType": "string"
}
],
"zoneRedundant": "bool"
}
}
Property values
managedEnvironments
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.App/managedEnvironments' |
| apiVersion | The resource api version | '2023-11-02-preview' |
| name | The resource name | string (required) |
| location | The geo-location where the resource lives | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| kind | Kind of the Environment. | string |
| identity | Managed identities for the Managed Environment to interact with other Azure services without maintaining any secrets or credentials in code. | ManagedServiceIdentity |
| properties | Managed environment resource specific properties | ManagedEnvironmentProperties |
ManagedServiceIdentity
| Name | Description | Value |
|---|---|---|
| type | Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed). | 'None' 'SystemAssigned' 'SystemAssigned,UserAssigned' 'UserAssigned' (required) |
| userAssignedIdentities | The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests. | UserAssignedIdentities |
UserAssignedIdentities
| Name | Description | Value |
|---|---|---|
| {customized property} | UserAssignedIdentity |
UserAssignedIdentity
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
ManagedEnvironmentProperties
| Name | Description | Value |
|---|---|---|
| appInsightsConfiguration | Environment level Application Insights configuration | AppInsightsConfiguration |
| appLogsConfiguration | Cluster configuration which enables the log daemon to export app logs to a destination. Currently only "log-analytics" is supported |
AppLogsConfiguration |
| customDomainConfiguration | Custom domain configuration for the environment | CustomDomainConfiguration |
| daprAIConnectionString | Application Insights connection string used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| daprAIInstrumentationKey | Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| daprConfiguration | The configuration of Dapr component. | DaprConfiguration |
| infrastructureResourceGroup | Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources. If a subnet ID is provided, this resource group will be created in the same subscription as the subnet. | string |
| kedaConfiguration | The configuration of Keda component. | KedaConfiguration |
| openTelemetryConfiguration | Environment Open Telemetry configuration | OpenTelemetryConfiguration |
| peerAuthentication | Peer authentication settings for the Managed Environment | ManagedEnvironmentPropertiesPeerAuthentication |
| vnetConfiguration | Vnet configuration for the environment | VnetConfiguration |
| workloadProfiles | Workload profiles configured for the Managed Environment. | WorkloadProfile[] |
| zoneRedundant | Whether or not this Managed Environment is zone-redundant. | bool |
AppInsightsConfiguration
| Name | Description | Value |
|---|---|---|
| connectionString | Application Insights connection string | string Constraints: Sensitive value. Pass in as a secure parameter. |
AppLogsConfiguration
| Name | Description | Value |
|---|---|---|
| destination | Logs destination, can be 'log-analytics', 'azure-monitor' or 'none' | string |
| logAnalyticsConfiguration | Log Analytics configuration, must only be provided when destination is configured as 'log-analytics' | LogAnalyticsConfiguration |
LogAnalyticsConfiguration
| Name | Description | Value |
|---|---|---|
| customerId | Log analytics customer id | string |
| dynamicJsonColumns | Boolean indicating whether to parse json string log into dynamic json columns | bool |
| sharedKey | Log analytics customer key | string Constraints: Sensitive value. Pass in as a secure parameter. |
CustomDomainConfiguration
| Name | Description | Value |
|---|---|---|
| certificateKeyVaultProperties | Certificate stored in Azure Key Vault. | CertificateKeyVaultProperties |
| certificatePassword | Certificate password | string Constraints: Sensitive value. Pass in as a secure parameter. |
| certificateValue | PFX or PEM blob | |
| dnsSuffix | Dns suffix for the environment domain | string |
CertificateKeyVaultProperties
| Name | Description | Value |
|---|---|---|
| identity | Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity. | string |
| keyVaultUrl | URL pointing to the Azure Key Vault secret that holds the certificate. | string |
DaprConfiguration
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
KedaConfiguration
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
OpenTelemetryConfiguration
| Name | Description | Value |
|---|---|---|
| destinationsConfiguration | Open telemetry destinations configuration | DestinationsConfiguration |
| logsConfiguration | Open telemetry logs configuration | LogsConfiguration |
| metricsConfiguration | Open telemetry metrics configuration | MetricsConfiguration |
| tracesConfiguration | Open telemetry trace configuration | TracesConfiguration |
DestinationsConfiguration
| Name | Description | Value |
|---|---|---|
| dataDogConfiguration | Open telemetry datadog destination configuration | DataDogConfiguration |
| otlpConfigurations | Open telemetry otlp configurations | OtlpConfiguration[] |
DataDogConfiguration
| Name | Description | Value |
|---|---|---|
| key | The data dog api key | string Constraints: Sensitive value. Pass in as a secure parameter. |
| site | The data dog site | string |
OtlpConfiguration
| Name | Description | Value |
|---|---|---|
| endpoint | The endpoint of otlp configuration | string |
| headers | Headers of otlp configurations | Header[] |
| insecure | Boolean indicating if otlp configuration is insecure | bool |
| name | The name of otlp configuration | string |
Header
| Name | Description | Value |
|---|---|---|
| key | The key of otlp configuration header | string |
| value | The value of otlp configuration header | string |
LogsConfiguration
| Name | Description | Value |
|---|---|---|
| destinations | Open telemetry logs destinations | string[] |
MetricsConfiguration
| Name | Description | Value |
|---|---|---|
| destinations | Open telemetry metrics destinations | string[] |
TracesConfiguration
| Name | Description | Value |
|---|---|---|
| destinations | Open telemetry traces destinations | string[] |
ManagedEnvironmentPropertiesPeerAuthentication
| Name | Description | Value |
|---|---|---|
| mtls | Mutual TLS authentication settings for the Managed Environment | Mtls |
Mtls
| Name | Description | Value |
|---|---|---|
| enabled | Boolean indicating whether the mutual TLS authentication is enabled | bool |
VnetConfiguration
| Name | Description | Value |
|---|---|---|
| dockerBridgeCidr | CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges. | string |
| infrastructureSubnetId | Resource ID of a subnet for infrastructure components. Must not overlap with any other provided IP ranges. | string |
| internal | Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide infrastructureSubnetId if enabling this property | bool |
| platformReservedCidr | IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges. | string |
| platformReservedDnsIP | An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server. | string |
WorkloadProfile
| Name | Description | Value |
|---|---|---|
| maximumCount | The maximum capacity. | int |
| minimumCount | The minimum capacity. | int |
| name | Workload profile type for the workloads to run on. | string (required) |
| workloadProfileType | Workload profile type for the workloads to run on. | string (required) |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
| Creates a Container App and Environment with Registry |
Create a Container App Environment with a basic Container App from an Azure Container Registry. It also deploys a Log Analytics Workspace to store logs. |
| Creates a two Container App with a Container App Environment |
Create a two Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App within a Container App Environment |
Create a Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
| Creates a Container App with a defined HTTP scaling rule |
Create a Container App Environment with a basic Container App that scales based on HTTP traffic. |
| Creates an external Container App environment with a VNET |
Creates an external Container App environment with a VNET. |
| Creates an internal Container App environment with a VNET |
Creates an internal Container App environment with a VNET. |
Terraform (AzAPI provider) resource definition
The managedEnvironments resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.App/managedEnvironments resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.App/managedEnvironments@2023-11-02-preview"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
identity {
type = "string"
identity_ids = []
}
body = jsonencode({
properties = {
appInsightsConfiguration = {
connectionString = "string"
}
appLogsConfiguration = {
destination = "string"
logAnalyticsConfiguration = {
customerId = "string"
dynamicJsonColumns = bool
sharedKey = "string"
}
}
customDomainConfiguration = {
certificateKeyVaultProperties = {
identity = "string"
keyVaultUrl = "string"
}
certificatePassword = "string"
dnsSuffix = "string"
}
daprAIConnectionString = "string"
daprAIInstrumentationKey = "string"
daprConfiguration = {}
infrastructureResourceGroup = "string"
kedaConfiguration = {}
openTelemetryConfiguration = {
destinationsConfiguration = {
dataDogConfiguration = {
key = "string"
site = "string"
}
otlpConfigurations = [
{
endpoint = "string"
headers = [
{
key = "string"
value = "string"
}
]
insecure = bool
name = "string"
}
]
}
logsConfiguration = {
destinations = [
"string"
]
}
metricsConfiguration = {
destinations = [
"string"
]
}
tracesConfiguration = {
destinations = [
"string"
]
}
}
peerAuthentication = {
mtls = {
enabled = bool
}
}
vnetConfiguration = {
dockerBridgeCidr = "string"
infrastructureSubnetId = "string"
internal = bool
platformReservedCidr = "string"
platformReservedDnsIP = "string"
}
workloadProfiles = [
{
maximumCount = int
minimumCount = int
name = "string"
workloadProfileType = "string"
}
]
zoneRedundant = bool
}
kind = "string"
})
}
Property values
managedEnvironments
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.App/managedEnvironments@2023-11-02-preview" |
| name | The resource name | string (required) |
| location | The geo-location where the resource lives | string (required) |
| parent_id | To deploy to a resource group, use the ID of that resource group. | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. |
| kind | Kind of the Environment. | string |
| identity | Managed identities for the Managed Environment to interact with other Azure services without maintaining any secrets or credentials in code. | ManagedServiceIdentity |
| properties | Managed environment resource specific properties | ManagedEnvironmentProperties |
ManagedServiceIdentity
| Name | Description | Value |
|---|---|---|
| type | Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed). | "SystemAssigned" "SystemAssigned,UserAssigned" "UserAssigned" (required) |
| identity_ids | The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests. | Array of user identity IDs. |
UserAssignedIdentities
| Name | Description | Value |
|---|---|---|
| {customized property} | UserAssignedIdentity |
UserAssignedIdentity
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
ManagedEnvironmentProperties
| Name | Description | Value |
|---|---|---|
| appInsightsConfiguration | Environment level Application Insights configuration | AppInsightsConfiguration |
| appLogsConfiguration | Cluster configuration which enables the log daemon to export app logs to a destination. Currently only "log-analytics" is supported |
AppLogsConfiguration |
| customDomainConfiguration | Custom domain configuration for the environment | CustomDomainConfiguration |
| daprAIConnectionString | Application Insights connection string used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| daprAIInstrumentationKey | Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
| daprConfiguration | The configuration of Dapr component. | DaprConfiguration |
| infrastructureResourceGroup | Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources. If a subnet ID is provided, this resource group will be created in the same subscription as the subnet. | string |
| kedaConfiguration | The configuration of Keda component. | KedaConfiguration |
| openTelemetryConfiguration | Environment Open Telemetry configuration | OpenTelemetryConfiguration |
| peerAuthentication | Peer authentication settings for the Managed Environment | ManagedEnvironmentPropertiesPeerAuthentication |
| vnetConfiguration | Vnet configuration for the environment | VnetConfiguration |
| workloadProfiles | Workload profiles configured for the Managed Environment. | WorkloadProfile[] |
| zoneRedundant | Whether or not this Managed Environment is zone-redundant. | bool |
AppInsightsConfiguration
| Name | Description | Value |
|---|---|---|
| connectionString | Application Insights connection string | string Constraints: Sensitive value. Pass in as a secure parameter. |
AppLogsConfiguration
| Name | Description | Value |
|---|---|---|
| destination | Logs destination, can be 'log-analytics', 'azure-monitor' or 'none' | string |
| logAnalyticsConfiguration | Log Analytics configuration, must only be provided when destination is configured as 'log-analytics' | LogAnalyticsConfiguration |
LogAnalyticsConfiguration
| Name | Description | Value |
|---|---|---|
| customerId | Log analytics customer id | string |
| dynamicJsonColumns | Boolean indicating whether to parse json string log into dynamic json columns | bool |
| sharedKey | Log analytics customer key | string Constraints: Sensitive value. Pass in as a secure parameter. |
CustomDomainConfiguration
| Name | Description | Value |
|---|---|---|
| certificateKeyVaultProperties | Certificate stored in Azure Key Vault. | CertificateKeyVaultProperties |
| certificatePassword | Certificate password | string Constraints: Sensitive value. Pass in as a secure parameter. |
| certificateValue | PFX or PEM blob | |
| dnsSuffix | Dns suffix for the environment domain | string |
CertificateKeyVaultProperties
| Name | Description | Value |
|---|---|---|
| identity | Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity. | string |
| keyVaultUrl | URL pointing to the Azure Key Vault secret that holds the certificate. | string |
DaprConfiguration
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
KedaConfiguration
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
OpenTelemetryConfiguration
| Name | Description | Value |
|---|---|---|
| destinationsConfiguration | Open telemetry destinations configuration | DestinationsConfiguration |
| logsConfiguration | Open telemetry logs configuration | LogsConfiguration |
| metricsConfiguration | Open telemetry metrics configuration | MetricsConfiguration |
| tracesConfiguration | Open telemetry trace configuration | TracesConfiguration |
DestinationsConfiguration
| Name | Description | Value |
|---|---|---|
| dataDogConfiguration | Open telemetry datadog destination configuration | DataDogConfiguration |
| otlpConfigurations | Open telemetry otlp configurations | OtlpConfiguration[] |
DataDogConfiguration
| Name | Description | Value |
|---|---|---|
| key | The data dog api key | string Constraints: Sensitive value. Pass in as a secure parameter. |
| site | The data dog site | string |
OtlpConfiguration
| Name | Description | Value |
|---|---|---|
| endpoint | The endpoint of otlp configuration | string |
| headers | Headers of otlp configurations | Header[] |
| insecure | Boolean indicating if otlp configuration is insecure | bool |
| name | The name of otlp configuration | string |
Header
| Name | Description | Value |
|---|---|---|
| key | The key of otlp configuration header | string |
| value | The value of otlp configuration header | string |
LogsConfiguration
| Name | Description | Value |
|---|---|---|
| destinations | Open telemetry logs destinations | string[] |
MetricsConfiguration
| Name | Description | Value |
|---|---|---|
| destinations | Open telemetry metrics destinations | string[] |
TracesConfiguration
| Name | Description | Value |
|---|---|---|
| destinations | Open telemetry traces destinations | string[] |
ManagedEnvironmentPropertiesPeerAuthentication
| Name | Description | Value |
|---|---|---|
| mtls | Mutual TLS authentication settings for the Managed Environment | Mtls |
Mtls
| Name | Description | Value |
|---|---|---|
| enabled | Boolean indicating whether the mutual TLS authentication is enabled | bool |
VnetConfiguration
| Name | Description | Value |
|---|---|---|
| dockerBridgeCidr | CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges. | string |
| infrastructureSubnetId | Resource ID of a subnet for infrastructure components. Must not overlap with any other provided IP ranges. | string |
| internal | Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide infrastructureSubnetId if enabling this property | bool |
| platformReservedCidr | IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges. | string |
| platformReservedDnsIP | An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server. | string |
WorkloadProfile
| Name | Description | Value |
|---|---|---|
| maximumCount | The maximum capacity. | int |
| minimumCount | The minimum capacity. | int |
| name | Workload profile type for the workloads to run on. | string (required) |
| workloadProfileType | Workload profile type for the workloads to run on. | string (required) |