Microsoft.App managedEnvironments
Article 12/09/2024
2 contributors
Feedback
In this article
Bicep resource definition
The managedEnvironments resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log .
To create a Microsoft.App/managedEnvironments resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.App/managedEnvironments@2024-10-02-preview' = {
identity: {
type: 'string'
userAssignedIdentities: {
{customized property}: {}
}
}
kind: 'string'
location: 'string'
name: 'string'
properties: {
appInsightsConfiguration: {
connectionString: 'string'
}
appLogsConfiguration: {
destination: 'string'
logAnalyticsConfiguration: {
customerId: 'string'
dynamicJsonColumns: bool
sharedKey: 'string'
}
}
availabilityZones: [
'string'
]
customDomainConfiguration: {
certificateKeyVaultProperties: {
identity: 'string'
keyVaultUrl: 'string'
}
certificatePassword: 'string'
certificateValue: any(Azure.Bicep.Types.Concrete.AnyType)
dnsSuffix: 'string'
}
daprAIConnectionString: 'string'
daprAIInstrumentationKey: 'string'
daprConfiguration: {}
infrastructureResourceGroup: 'string'
kedaConfiguration: {}
openTelemetryConfiguration: {
destinationsConfiguration: {
dataDogConfiguration: {
key: 'string'
site: 'string'
}
otlpConfigurations: [
{
endpoint: 'string'
headers: [
{
key: 'string'
value: 'string'
}
]
insecure: bool
name: 'string'
}
]
}
logsConfiguration: {
destinations: [
'string'
]
}
metricsConfiguration: {
destinations: [
'string'
]
includeKeda: bool
}
tracesConfiguration: {
destinations: [
'string'
]
includeDapr: bool
}
}
peerAuthentication: {
mtls: {
enabled: bool
}
}
peerTrafficConfiguration: {
encryption: {
enabled: bool
}
}
publicNetworkAccess: 'string'
vnetConfiguration: {
dockerBridgeCidr: 'string'
infrastructureSubnetId: 'string'
internal: bool
platformReservedCidr: 'string'
platformReservedDnsIP: 'string'
}
workloadProfiles: [
{
enableFips: bool
maximumCount: int
minimumCount: int
name: 'string'
workloadProfileType: 'string'
}
]
zoneRedundant: bool
}
tags: {
{customized property}: 'string'
}
}
Property values
AppInsightsConfiguration
Name
Description
Value
connectionString
Application Insights connection string
string Constraints: Sensitive value. Pass in as a secure parameter.
AppLogsConfiguration
Name
Description
Value
destination
Logs destination, can be 'log-analytics', 'azure-monitor' or 'none'
string
logAnalyticsConfiguration
Log Analytics configuration, must only be provided when destination is configured as 'log-analytics'
LogAnalyticsConfiguration
CertificateKeyVaultProperties
Name
Description
Value
identity
Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity.
string
keyVaultUrl
URL pointing to the Azure Key Vault secret that holds the certificate.
string
CustomDomainConfiguration
Name
Description
Value
certificateKeyVaultProperties
Certificate stored in Azure Key Vault.
CertificateKeyVaultProperties
certificatePassword
Certificate password
string Constraints: Sensitive value. Pass in as a secure parameter.
certificateValue
PFX or PEM blob
any
dnsSuffix
Dns suffix for the environment domain
string
DaprConfiguration
DataDogConfiguration
Name
Description
Value
key
The data dog api key
string Constraints: Sensitive value. Pass in as a secure parameter.
site
The data dog site
string
DestinationsConfiguration
Name
Description
Value
dataDogConfiguration
Open telemetry datadog destination configuration
DataDogConfiguration
otlpConfigurations
Open telemetry otlp configurations
OtlpConfiguration []
Name
Description
Value
key
The key of otlp configuration header
string
value
The value of otlp configuration header
string
KedaConfiguration
LogAnalyticsConfiguration
Name
Description
Value
customerId
Log analytics customer id
string
dynamicJsonColumns
Boolean indicating whether to parse json string log into dynamic json columns
bool
sharedKey
Log analytics customer key
string Constraints: Sensitive value. Pass in as a secure parameter.
LogsConfiguration
Name
Description
Value
destinations
Open telemetry logs destinations
string[]
ManagedEnvironmentProperties
Name
Description
Value
appInsightsConfiguration
Environment level Application Insights configuration
AppInsightsConfiguration
appLogsConfiguration
Cluster configuration which enables the log daemon to export app logs to configured destination
AppLogsConfiguration
availabilityZones
The list of availability zones to use for managed environment
string[]
customDomainConfiguration
Custom domain configuration for the environment
CustomDomainConfiguration
daprAIConnectionString
Application Insights connection string used by Dapr to export Service to Service communication telemetry
string Constraints: Sensitive value. Pass in as a secure parameter.
daprAIInstrumentationKey
Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry
string Constraints: Sensitive value. Pass in as a secure parameter.
daprConfiguration
The configuration of Dapr component.
DaprConfiguration
infrastructureResourceGroup
Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources. If a subnet ID is provided, this resource group will be created in the same subscription as the subnet.
string
kedaConfiguration
The configuration of Keda component.
KedaConfiguration
openTelemetryConfiguration
Environment Open Telemetry configuration
OpenTelemetryConfiguration
peerAuthentication
Peer authentication settings for the Managed Environment
ManagedEnvironmentPropertiesPeerAuthentication
peerTrafficConfiguration
Peer traffic settings for the Managed Environment
ManagedEnvironmentPropertiesPeerTrafficConfiguration
publicNetworkAccess
Property to allow or block all public traffic. Allowed Values: 'Enabled', 'Disabled'.
'Disabled' 'Enabled'
vnetConfiguration
Vnet configuration for the environment
VnetConfiguration
workloadProfiles
Workload profiles configured for the Managed Environment.
WorkloadProfile []
zoneRedundant
Whether or not this Managed Environment is zone-redundant.
bool
ManagedEnvironmentPropertiesPeerAuthentication
Name
Description
Value
mtls
Mutual TLS authentication settings for the Managed Environment
Mtls
ManagedEnvironmentPropertiesPeerTrafficConfiguration
ManagedEnvironmentPropertiesPeerTrafficConfigurationEncryption
Name
Description
Value
enabled
Boolean indicating whether the peer traffic encryption is enabled
bool
ManagedServiceIdentity
Name
Description
Value
type
Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
'None' 'SystemAssigned' 'SystemAssigned,UserAssigned' 'UserAssigned' (required)
userAssignedIdentities
The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.
UserAssignedIdentities
MetricsConfiguration
Name
Description
Value
destinations
Open telemetry metrics destinations
string[]
includeKeda
Boolean indicating if including keda metrics
bool
Microsoft.App/managedEnvironments
Name
Description
Value
identity
Managed identities for the Managed Environment to interact with other Azure services without maintaining any secrets or credentials in code.
ManagedServiceIdentity
kind
Kind of the Environment.
string
location
The geo-location where the resource lives
string (required)
name
The resource name
string (required)
properties
Managed environment resource specific properties
ManagedEnvironmentProperties
tags
Resource tags
Dictionary of tag names and values. See Tags in templates
Mtls
Name
Description
Value
enabled
Boolean indicating whether the mutual TLS authentication is enabled
bool
OpenTelemetryConfiguration
OtlpConfiguration
Name
Description
Value
endpoint
The endpoint of otlp configuration
string
headers
Headers of otlp configurations
Header []
insecure
Boolean indicating if otlp configuration is insecure
bool
name
The name of otlp configuration
string
TracesConfiguration
Name
Description
Value
destinations
Open telemetry traces destinations
string[]
includeDapr
Boolean indicating if including dapr traces
bool
UserAssignedIdentities
UserAssignedIdentity
VnetConfiguration
Name
Description
Value
dockerBridgeCidr
CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges.
string
infrastructureSubnetId
Resource ID of a subnet for infrastructure components. Must not overlap with any other provided IP ranges.
string
internal
Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide infrastructureSubnetId if enabling this property
bool
platformReservedCidr
IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges.
string
platformReservedDnsIP
An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server.
string
WorkloadProfile
Name
Description
Value
enableFips
Whether to use a FIPS-enabled OS. Supported only for dedicated workload profiles.
bool
maximumCount
The maximum capacity.
int
minimumCount
The minimum capacity.
int
name
Workload profile type for the workloads to run on.
string (required)
workloadProfileType
Workload profile type for the workloads to run on.
string (required)
Quickstart samples
The following quickstart samples deploy this resource type.
ARM template resource definition
The managedEnvironments resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log .
To create a Microsoft.App/managedEnvironments resource, add the following JSON to your template.
{
"type": "Microsoft.App/managedEnvironments",
"apiVersion": "2024-10-02-preview",
"name": "string",
"identity": {
"type": "string",
"userAssignedIdentities": {
"{customized property}": {
}
}
},
"kind": "string",
"location": "string",
"properties": {
"appInsightsConfiguration": {
"connectionString": "string"
},
"appLogsConfiguration": {
"destination": "string",
"logAnalyticsConfiguration": {
"customerId": "string",
"dynamicJsonColumns": "bool",
"sharedKey": "string"
}
},
"availabilityZones": [ "string" ],
"customDomainConfiguration": {
"certificateKeyVaultProperties": {
"identity": "string",
"keyVaultUrl": "string"
},
"certificatePassword": "string",
"certificateValue": {},
"dnsSuffix": "string"
},
"daprAIConnectionString": "string",
"daprAIInstrumentationKey": "string",
"daprConfiguration": {
},
"infrastructureResourceGroup": "string",
"kedaConfiguration": {
},
"openTelemetryConfiguration": {
"destinationsConfiguration": {
"dataDogConfiguration": {
"key": "string",
"site": "string"
},
"otlpConfigurations": [
{
"endpoint": "string",
"headers": [
{
"key": "string",
"value": "string"
}
],
"insecure": "bool",
"name": "string"
}
]
},
"logsConfiguration": {
"destinations": [ "string" ]
},
"metricsConfiguration": {
"destinations": [ "string" ],
"includeKeda": "bool"
},
"tracesConfiguration": {
"destinations": [ "string" ],
"includeDapr": "bool"
}
},
"peerAuthentication": {
"mtls": {
"enabled": "bool"
}
},
"peerTrafficConfiguration": {
"encryption": {
"enabled": "bool"
}
},
"publicNetworkAccess": "string",
"vnetConfiguration": {
"dockerBridgeCidr": "string",
"infrastructureSubnetId": "string",
"internal": "bool",
"platformReservedCidr": "string",
"platformReservedDnsIP": "string"
},
"workloadProfiles": [
{
"enableFips": "bool",
"maximumCount": "int",
"minimumCount": "int",
"name": "string",
"workloadProfileType": "string"
}
],
"zoneRedundant": "bool"
},
"tags": {
"{customized property}": "string"
}
}
Property values
AppInsightsConfiguration
Name
Description
Value
connectionString
Application Insights connection string
string Constraints: Sensitive value. Pass in as a secure parameter.
AppLogsConfiguration
Name
Description
Value
destination
Logs destination, can be 'log-analytics', 'azure-monitor' or 'none'
string
logAnalyticsConfiguration
Log Analytics configuration, must only be provided when destination is configured as 'log-analytics'
LogAnalyticsConfiguration
CertificateKeyVaultProperties
Name
Description
Value
identity
Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity.
string
keyVaultUrl
URL pointing to the Azure Key Vault secret that holds the certificate.
string
CustomDomainConfiguration
Name
Description
Value
certificateKeyVaultProperties
Certificate stored in Azure Key Vault.
CertificateKeyVaultProperties
certificatePassword
Certificate password
string Constraints: Sensitive value. Pass in as a secure parameter.
certificateValue
PFX or PEM blob
any
dnsSuffix
Dns suffix for the environment domain
string
DaprConfiguration
DataDogConfiguration
Name
Description
Value
key
The data dog api key
string Constraints: Sensitive value. Pass in as a secure parameter.
site
The data dog site
string
DestinationsConfiguration
Name
Description
Value
dataDogConfiguration
Open telemetry datadog destination configuration
DataDogConfiguration
otlpConfigurations
Open telemetry otlp configurations
OtlpConfiguration []
Name
Description
Value
key
The key of otlp configuration header
string
value
The value of otlp configuration header
string
KedaConfiguration
LogAnalyticsConfiguration
Name
Description
Value
customerId
Log analytics customer id
string
dynamicJsonColumns
Boolean indicating whether to parse json string log into dynamic json columns
bool
sharedKey
Log analytics customer key
string Constraints: Sensitive value. Pass in as a secure parameter.
LogsConfiguration
Name
Description
Value
destinations
Open telemetry logs destinations
string[]
ManagedEnvironmentProperties
Name
Description
Value
appInsightsConfiguration
Environment level Application Insights configuration
AppInsightsConfiguration
appLogsConfiguration
Cluster configuration which enables the log daemon to export app logs to configured destination
AppLogsConfiguration
availabilityZones
The list of availability zones to use for managed environment
string[]
customDomainConfiguration
Custom domain configuration for the environment
CustomDomainConfiguration
daprAIConnectionString
Application Insights connection string used by Dapr to export Service to Service communication telemetry
string Constraints: Sensitive value. Pass in as a secure parameter.
daprAIInstrumentationKey
Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry
string Constraints: Sensitive value. Pass in as a secure parameter.
daprConfiguration
The configuration of Dapr component.
DaprConfiguration
infrastructureResourceGroup
Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources. If a subnet ID is provided, this resource group will be created in the same subscription as the subnet.
string
kedaConfiguration
The configuration of Keda component.
KedaConfiguration
openTelemetryConfiguration
Environment Open Telemetry configuration
OpenTelemetryConfiguration
peerAuthentication
Peer authentication settings for the Managed Environment
ManagedEnvironmentPropertiesPeerAuthentication
peerTrafficConfiguration
Peer traffic settings for the Managed Environment
ManagedEnvironmentPropertiesPeerTrafficConfiguration
publicNetworkAccess
Property to allow or block all public traffic. Allowed Values: 'Enabled', 'Disabled'.
'Disabled' 'Enabled'
vnetConfiguration
Vnet configuration for the environment
VnetConfiguration
workloadProfiles
Workload profiles configured for the Managed Environment.
WorkloadProfile []
zoneRedundant
Whether or not this Managed Environment is zone-redundant.
bool
ManagedEnvironmentPropertiesPeerAuthentication
Name
Description
Value
mtls
Mutual TLS authentication settings for the Managed Environment
Mtls
ManagedEnvironmentPropertiesPeerTrafficConfiguration
ManagedEnvironmentPropertiesPeerTrafficConfigurationEncryption
Name
Description
Value
enabled
Boolean indicating whether the peer traffic encryption is enabled
bool
ManagedServiceIdentity
Name
Description
Value
type
Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
'None' 'SystemAssigned' 'SystemAssigned,UserAssigned' 'UserAssigned' (required)
userAssignedIdentities
The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.
UserAssignedIdentities
MetricsConfiguration
Name
Description
Value
destinations
Open telemetry metrics destinations
string[]
includeKeda
Boolean indicating if including keda metrics
bool
Microsoft.App/managedEnvironments
Name
Description
Value
apiVersion
The api version
'2024-10-02-preview'
identity
Managed identities for the Managed Environment to interact with other Azure services without maintaining any secrets or credentials in code.
ManagedServiceIdentity
kind
Kind of the Environment.
string
location
The geo-location where the resource lives
string (required)
name
The resource name
string (required)
properties
Managed environment resource specific properties
ManagedEnvironmentProperties
tags
Resource tags
Dictionary of tag names and values. See Tags in templates
type
The resource type
'Microsoft.App/managedEnvironments'
Mtls
Name
Description
Value
enabled
Boolean indicating whether the mutual TLS authentication is enabled
bool
OpenTelemetryConfiguration
OtlpConfiguration
Name
Description
Value
endpoint
The endpoint of otlp configuration
string
headers
Headers of otlp configurations
Header []
insecure
Boolean indicating if otlp configuration is insecure
bool
name
The name of otlp configuration
string
TracesConfiguration
Name
Description
Value
destinations
Open telemetry traces destinations
string[]
includeDapr
Boolean indicating if including dapr traces
bool
UserAssignedIdentities
UserAssignedIdentity
VnetConfiguration
Name
Description
Value
dockerBridgeCidr
CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges.
string
infrastructureSubnetId
Resource ID of a subnet for infrastructure components. Must not overlap with any other provided IP ranges.
string
internal
Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide infrastructureSubnetId if enabling this property
bool
platformReservedCidr
IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges.
string
platformReservedDnsIP
An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server.
string
WorkloadProfile
Name
Description
Value
enableFips
Whether to use a FIPS-enabled OS. Supported only for dedicated workload profiles.
bool
maximumCount
The maximum capacity.
int
minimumCount
The minimum capacity.
int
name
Workload profile type for the workloads to run on.
string (required)
workloadProfileType
Workload profile type for the workloads to run on.
string (required)
Quickstart templates
The following quickstart templates deploy this resource type.
The managedEnvironments resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log .
To create a Microsoft.App/managedEnvironments resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.App/managedEnvironments@2024-10-02-preview"
name = "string"
identity = {
type = "string"
userAssignedIdentities = {
{customized property} = {
}
}
}
kind = "string"
location = "string"
tags = {
{customized property} = "string"
}
body = jsonencode({
properties = {
appInsightsConfiguration = {
connectionString = "string"
}
appLogsConfiguration = {
destination = "string"
logAnalyticsConfiguration = {
customerId = "string"
dynamicJsonColumns = bool
sharedKey = "string"
}
}
availabilityZones = [
"string"
]
customDomainConfiguration = {
certificateKeyVaultProperties = {
identity = "string"
keyVaultUrl = "string"
}
certificatePassword = "string"
certificateValue = ?
dnsSuffix = "string"
}
daprAIConnectionString = "string"
daprAIInstrumentationKey = "string"
daprConfiguration = {
}
infrastructureResourceGroup = "string"
kedaConfiguration = {
}
openTelemetryConfiguration = {
destinationsConfiguration = {
dataDogConfiguration = {
key = "string"
site = "string"
}
otlpConfigurations = [
{
endpoint = "string"
headers = [
{
key = "string"
value = "string"
}
]
insecure = bool
name = "string"
}
]
}
logsConfiguration = {
destinations = [
"string"
]
}
metricsConfiguration = {
destinations = [
"string"
]
includeKeda = bool
}
tracesConfiguration = {
destinations = [
"string"
]
includeDapr = bool
}
}
peerAuthentication = {
mtls = {
enabled = bool
}
}
peerTrafficConfiguration = {
encryption = {
enabled = bool
}
}
publicNetworkAccess = "string"
vnetConfiguration = {
dockerBridgeCidr = "string"
infrastructureSubnetId = "string"
internal = bool
platformReservedCidr = "string"
platformReservedDnsIP = "string"
}
workloadProfiles = [
{
enableFips = bool
maximumCount = int
minimumCount = int
name = "string"
workloadProfileType = "string"
}
]
zoneRedundant = bool
}
})
}
Property values
AppInsightsConfiguration
Name
Description
Value
connectionString
Application Insights connection string
string Constraints: Sensitive value. Pass in as a secure parameter.
AppLogsConfiguration
Name
Description
Value
destination
Logs destination, can be 'log-analytics', 'azure-monitor' or 'none'
string
logAnalyticsConfiguration
Log Analytics configuration, must only be provided when destination is configured as 'log-analytics'
LogAnalyticsConfiguration
CertificateKeyVaultProperties
Name
Description
Value
identity
Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity.
string
keyVaultUrl
URL pointing to the Azure Key Vault secret that holds the certificate.
string
CustomDomainConfiguration
Name
Description
Value
certificateKeyVaultProperties
Certificate stored in Azure Key Vault.
CertificateKeyVaultProperties
certificatePassword
Certificate password
string Constraints: Sensitive value. Pass in as a secure parameter.
certificateValue
PFX or PEM blob
any
dnsSuffix
Dns suffix for the environment domain
string
DaprConfiguration
DataDogConfiguration
Name
Description
Value
key
The data dog api key
string Constraints: Sensitive value. Pass in as a secure parameter.
site
The data dog site
string
DestinationsConfiguration
Name
Description
Value
dataDogConfiguration
Open telemetry datadog destination configuration
DataDogConfiguration
otlpConfigurations
Open telemetry otlp configurations
OtlpConfiguration []
Name
Description
Value
key
The key of otlp configuration header
string
value
The value of otlp configuration header
string
KedaConfiguration
LogAnalyticsConfiguration
Name
Description
Value
customerId
Log analytics customer id
string
dynamicJsonColumns
Boolean indicating whether to parse json string log into dynamic json columns
bool
sharedKey
Log analytics customer key
string Constraints: Sensitive value. Pass in as a secure parameter.
LogsConfiguration
Name
Description
Value
destinations
Open telemetry logs destinations
string[]
ManagedEnvironmentProperties
Name
Description
Value
appInsightsConfiguration
Environment level Application Insights configuration
AppInsightsConfiguration
appLogsConfiguration
Cluster configuration which enables the log daemon to export app logs to configured destination
AppLogsConfiguration
availabilityZones
The list of availability zones to use for managed environment
string[]
customDomainConfiguration
Custom domain configuration for the environment
CustomDomainConfiguration
daprAIConnectionString
Application Insights connection string used by Dapr to export Service to Service communication telemetry
string Constraints: Sensitive value. Pass in as a secure parameter.
daprAIInstrumentationKey
Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry
string Constraints: Sensitive value. Pass in as a secure parameter.
daprConfiguration
The configuration of Dapr component.
DaprConfiguration
infrastructureResourceGroup
Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources. If a subnet ID is provided, this resource group will be created in the same subscription as the subnet.
string
kedaConfiguration
The configuration of Keda component.
KedaConfiguration
openTelemetryConfiguration
Environment Open Telemetry configuration
OpenTelemetryConfiguration
peerAuthentication
Peer authentication settings for the Managed Environment
ManagedEnvironmentPropertiesPeerAuthentication
peerTrafficConfiguration
Peer traffic settings for the Managed Environment
ManagedEnvironmentPropertiesPeerTrafficConfiguration
publicNetworkAccess
Property to allow or block all public traffic. Allowed Values: 'Enabled', 'Disabled'.
'Disabled' 'Enabled'
vnetConfiguration
Vnet configuration for the environment
VnetConfiguration
workloadProfiles
Workload profiles configured for the Managed Environment.
WorkloadProfile []
zoneRedundant
Whether or not this Managed Environment is zone-redundant.
bool
ManagedEnvironmentPropertiesPeerAuthentication
Name
Description
Value
mtls
Mutual TLS authentication settings for the Managed Environment
Mtls
ManagedEnvironmentPropertiesPeerTrafficConfiguration
ManagedEnvironmentPropertiesPeerTrafficConfigurationEncryption
Name
Description
Value
enabled
Boolean indicating whether the peer traffic encryption is enabled
bool
ManagedServiceIdentity
Name
Description
Value
type
Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
'None' 'SystemAssigned' 'SystemAssigned,UserAssigned' 'UserAssigned' (required)
userAssignedIdentities
The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests.
UserAssignedIdentities
MetricsConfiguration
Name
Description
Value
destinations
Open telemetry metrics destinations
string[]
includeKeda
Boolean indicating if including keda metrics
bool
Microsoft.App/managedEnvironments
Name
Description
Value
identity
Managed identities for the Managed Environment to interact with other Azure services without maintaining any secrets or credentials in code.
ManagedServiceIdentity
kind
Kind of the Environment.
string
location
The geo-location where the resource lives
string (required)
name
The resource name
string (required)
properties
Managed environment resource specific properties
ManagedEnvironmentProperties
tags
Resource tags
Dictionary of tag names and values.
type
The resource type
"Microsoft.App/managedEnvironments@2024-10-02-preview"
Mtls
Name
Description
Value
enabled
Boolean indicating whether the mutual TLS authentication is enabled
bool
OpenTelemetryConfiguration
OtlpConfiguration
Name
Description
Value
endpoint
The endpoint of otlp configuration
string
headers
Headers of otlp configurations
Header []
insecure
Boolean indicating if otlp configuration is insecure
bool
name
The name of otlp configuration
string
TracesConfiguration
Name
Description
Value
destinations
Open telemetry traces destinations
string[]
includeDapr
Boolean indicating if including dapr traces
bool
UserAssignedIdentities
UserAssignedIdentity
VnetConfiguration
Name
Description
Value
dockerBridgeCidr
CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges.
string
infrastructureSubnetId
Resource ID of a subnet for infrastructure components. Must not overlap with any other provided IP ranges.
string
internal
Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide infrastructureSubnetId if enabling this property
bool
platformReservedCidr
IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges.
string
platformReservedDnsIP
An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server.
string
WorkloadProfile
Name
Description
Value
enableFips
Whether to use a FIPS-enabled OS. Supported only for dedicated workload profiles.
bool
maximumCount
The maximum capacity.
int
minimumCount
The minimum capacity.
int
name
Workload profile type for the workloads to run on.
string (required)
workloadProfileType
Workload profile type for the workloads to run on.
string (required)