Bicep Module Documentation
← Back to Overview
Module app-service
appService
| Property | Value | Description |
|---|---|---|
| general (required) | general | |
| kind (required) | string | Kind of resource, must be the same as the ASP (asp.outputs.appServicePlanKind) |
| identity | identity | Managed service identity |
| clientAffinityEnabled | bool | true to enable client affinity; false to stop sending session affinity cookies, which route client requests in the same session to the same instance. Default is true. |
| clientCertEnabled | bool | true to enable client certificate authentication (TLS mutual authentication); otherwise, false. Default is false. |
| clientCertExclusionPaths | string | client certificate authentication comma-separated exclusion paths |
| clientCertMode | 'Optional' 'OptionalInteractiveUser' 'Required' |
This composes with ClientCertEnabled setting. ClientCertEnabled: false means ClientCert is ignored. ClientCertEnabled: true and ClientCertMode: Required means ClientCert is required. ClientCertEnabled: true and ClientCertMode: Optional means ClientCert is optional or accepted. |
| containerSize | int | Size of the function container. |
| dailyMemoryTimeQuota | int | Maximum allowed daily memory-time quota (applicable on dynamic apps only). |
| enabled | bool | true if the app is enabled; otherwise, false. Setting this value to false disables the app (takes the app offline). |
| hostingEnvironmentProfileId | string | App Service Environment to use for the app. Resource ID of the App Service Environment. |
| hostNamesDisabled | bool | true to disable the public hostnames of the app; otherwise, false. If true, the app is only accessible via API management process. |
| hostNameSslStates | appServiceHostNameSslStates[] | Hostname SSL states are used to manage the SSL bindings for apps hostnames. |
| httpsOnly | bool | HttpsOnly: configures a web site to accept only https requests. Issues redirect for http requests |
| hyperV | bool | Hyper-V sandbox |
| keyVaultReferenceIdentity | string | Identity to use for Key Vault Reference authentication. |
| managedEnvironmentId | string | Azure Resource Manager ID of the customers selected Managed Environment on which to host this app. This must be of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.App/managedEnvironments/{managedEnvironmentName} |
| publicNetworkAccess | 'Disabled' 'Enabled' |
Property to allow or block all public traffic. Allowed Values: Enabled, Disabled or an empty string. (default: Disabled) |
| redundancyMode | 'ActiveActive' 'Failover' 'GeoRedundant' 'Manual' 'None' |
Site redundancy mode |
| reserved | bool | true if reserved; otherwise, false |
| scmSiteAlsoStopped | bool | true to stop SCM (KUDU) site when the app is stopped; otherwise, false. The default is false. |
| serverFarmId (required) | string | Resource ID of the associated App Service plan, formatted as: "/subscriptions/{subscriptionID}/resourceGroups/{groupName}/providers/Microsoft.Web/serverfarms/{appServicePlanName}". |
| siteConfig | siteConfig | Configuration of the app. |
| storageAccountRequired | bool | Checks if Customer provided storage account is required |
| virtualNetworkSubnetId | string | Azure Resource Manager ID of the Virtual network and subnet to be joined by Regional VNET Integration. This must be of the form /subscriptions/{subscriptionName}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{vnetName}/subnets/{subnetName} |
| outboundVnetRouting | outboundVnetRouting | Property to configure various outbound traffic routing options over virtual network for a site. |
| privateLink | privateLink | Settings for the private endpoint and private link for this resource |
| hostNameBindings | appServiceHostNameBinding[] | Add hostname(s) to app service |
| sourceControls | sourceControl | Source Controls in the app service |
identity
| Property | Value | Description |
|---|---|---|
| type | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' |
The types of identities associated with this resource. (default: none) |
| userAssignedIdentities | string[] | Resource IDs of User Assigned Identities to associate with this resource |
apiDefinition
| Property | Value | Description |
|---|---|---|
| url (required) | string |
apiManagementConfig
| Property | Value | Description |
|---|---|---|
| id (required) | string |
autoHealRules
| Property | Value | Description |
|---|---|---|
| actions | appServiceAutoHealRuleActions | Actions to be executed when a rule is triggered. |
| triggers | appServiceAutoHealRuleTriggers | Conditions that describe when to execute the auto-heal actions. |
cors
| Property | Value | Description |
|---|---|---|
| allowedOrigins | string[] | Cross-Origin Resource Sharing (CORS) settings. Gets or sets the list of origins that should be allowed to make cross-origincalls (for example: http://example.com:12345). Use "*" to allow all. |
| supportCredentials | bool | Gets or sets whether CORS requests with credentials are allowed. See https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Requests_with_credentials for more details. |
limits
| Property | Value | Description |
|---|---|---|
| maxDiskSizeInMb | int | |
| maxMemoryInMb | int | |
| maxPercentageCpu | int |
metadata
| Property | Value | Description |
|---|---|---|
| name (required) | string | Pair name |
| value (required) | string | Pair value |
siteConfig
| Property | Value | Description |
|---|---|---|
| acrUseManagedIdentityCreds | bool | Flag to use Managed Identity Creds for ACR pull |
| acrUserManagedIdentityID | string | If using user managed identity, the user managed identity ClientId |
| alwaysOn | bool | true if Always On is enabled; otherwise, false |
| apiDefinition | apiDefinition | Information about the formal API definition for the app. The URL of the API definition. |
| apiManagementConfig | apiManagementConfig | Azure API management settings linked to the app. APIM-Api Identifier. |
| appCommandLine | string | App command line to launch. |
| appSettings | appServiceAppSettings[] | Application settings |
| autoHealEnabled | bool | true if Auto Heal is enabled; otherwise, false. |
| autoHealRules | autoHealRules | Auto Heal rules. |
| autoSwapSlotName | string | Auto-swap slot name. |
| azureStorageAccounts | object | List o Azure Storage Accounts. |
| connectionStrings | appServiceConnStringInfo[] | Connection strings. |
| cors | cors | Cross-Origin Resource Sharing (CORS) settings. |
| defaultDocuments | string[] | Default Documents. |
| detailedErrorLoggingEnabled | bool | true if detailed error logging is enabled; otherwise, false. |
| documentRoot | string | Document root |
| elasticWebAppScaleLimit | int | Maximum number of workers that a site can scale out to. This setting only applies to apps in plans where ElasticScaleEnabled is true |
| ftpsState | 'AllAllowed' 'Disabled' 'FtpsOnly' |
State of FTP / FTPS service (default: disabled) |
| functionAppScaleLimit | int | Maximum number of workers that a site can scale out to. This setting only applies to the Consumption and Elastic Premium Plans |
| functionsRuntimeScaleMonitoringEnabled | bool | Gets or sets a value indicating whether functions runtime scale monitoring is enabled. When enabled, the ScaleController will not monitor event sources directly, but will instead call to the runtime to get scale status. |
| handlerMappings | appServiceHandlerMappings[] | Handler mappings. |
| healthCheckPath | string | Health check path |
| http20Enabled | bool | Http20Enabled: configures a web site to allow clients to connect over http2.0 |
| httpLoggingEnabled | bool | true if HTTP logging is enabled; otherwise, false. |
| ipSecurityRestrictions | appServiceIpSecurityRestrictions[] | IP security restrictions for main. |
| ipSecurityRestrictionsDefaultAction | 'allow' 'deny' |
Default action for main access restriction if no rules are matched. |
| javaContainer | string | Java container |
| javaContainerVersion | string | Java container version |
| javaVersion | string | Java version |
| keyVaultReferenceIdentity | string | Identity to use for Key Vault Reference authentication |
| limits | limits | Limits |
| linuxFxVersion | string | Linux App Framework and version |
| loadBalancing | 'LeastRequests' 'LeastResponseTime' 'PerSiteRoundRobin' 'RequestHash' 'WeightedRoundRobin' 'WeightedTotalTraffic' |
Site load balancing |
| localMySqlEnabled | bool | true to enable local MySQL; otherwise, false. |
| logsDirectorySizeLimit | int | HTTP logs directory size limit. |
| managedPipelineMode | 'Classic' 'Integrated' |
Managed pipeline mode. |
| managedServiceIdentityId | int | Managed Service Identity Id |
| metadata | metadata[] | Application metadata. This property cannot be retrieved, since it may contain secrets. |
| minimumElasticInstanceCount | int | Number of minimum instance count for a site. This setting only applies to the Elastic Plans |
| minTlsVersion | '1.0' '1.1' '1.2' '1.3' |
MinTlsVersion: configures the minimum version of TLS required for SSL requests |
| netFrameworkVersion | string | .NET Framework version. |
| nodeVersion | string | Version of Node.js |
| numberOfWorkers | int | Number of workers |
| phpVersion | string | Version of PHP |
| powerShellVersion | string | Version of PowerShell |
| preWarmedInstanceCount | int | Number of preWarmed instances. This setting only applies to the Consumption and Elastic Plans |
| publicNetworkAccess | string | Property to allow or block all public traffic |
| publishingUsername | string | Publishing user name |
| pythonVersion | string | Version of Python |
| remoteDebuggingEnabled | bool | true if remote debugging is enabled; otherwise, false |
| remoteDebuggingVersion | string | Remote debugging version |
| requestTracingEnabled | bool | true if request tracing is enabled; otherwise, false |
| requestTracingExpirationTime | string | Request tracing expiration time |
| scmIpSecurityRestrictions | appServiceScmIpSecurityRestrictions[] | IP security restrictions for scm. |
| scmIpSecurityRestrictionsDefaultAction | 'allow' 'deny' |
Default action for scm access restriction if no rules are matched |
| scmIpSecurityRestrictionsUseMain | bool | IP security restrictions for scm to use main |
| scmMinTlsVersion | '1.0' '1.1' '1.2' '1.3' |
ScmMinTlsVersion: configures the minimum version of TLS required for SSL requests for SCM site |
| scmType | 'BitBucketGit' 'BitbucketHg' 'CodePlexGit' 'CodePlexHg' 'Dropbox' 'ExternalGit' 'ExternalHg' 'GitHub' 'LocalGit' 'None' 'OneDrive' 'Tfs' 'VSO' 'VSTSRM' |
SCM type |
| tracingOptions | string | Tracing options |
| use32BitWorkerProcess | bool | true to use 32-bit worker process; otherwise, false |
| virtualApplications | appServiceVirtualApplications[] | Virtual applications. |
| vnetName | string | Virtual Network name |
| vnetPrivatePortsCount | int | The number of private ports assigned to this app. These will be assigned dynamically on runtime |
| vnetRouteAllEnabled | bool | Virtual Network Route All enabled. This causes all outbound traffic to have Virtual Network Security Groups and User Defined Routes applied |
| websiteTimeZone | string | Sets the time zone a site uses for generating timestamps. Compatible with Linux and Windows App Service. Setting the WEBSITE_TIME_ZONE app setting takes precedence over this config. For Linux, expects tz database values https://www.iana.org/time-zones (for a quick reference see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). For Windows, expects one of the time zones listed under HKEY_LOCAL_MACHINE-SOFTWARE-Microsoft-Windows NT-CurrentVersion-Time Zones |
| webSocketsEnabled | bool | true if WebSocket is enabled; otherwise, false |
| windowsFxVersion | string | Xenon App Framework and version |
| xManagedServiceIdentityId | int | Explicit Managed Service Identity Id |
outboundVnetRouting
| Property | Value | Description |
|---|---|---|
| allTraffic | bool | Enables all other routing options defined in OutboundVnetRouting if this setting is set to true. |
| applicationTraffic | bool | This causes all outbound traffic to have Virtual Network Security Groups and User Defined Routes applied. Previously called VnetRouteAllEnabled. |
| backupRestoreTraffic | bool | Enables Backup and Restore operations over virtual network. Previously called VnetBackupRestoreEnabled |
| contentShareTraffic | bool | Enables accessing content over virtual network. Previously called VnetContentShareEnabled |
| imagePullTraffic | bool | Enables pulling image over Virtual Network. Previously called VnetImagePullEnabled. |
appServiceHostNameSslStates
| Property | Value | Description |
|---|---|---|
| hostType | 'Repository' 'Standard' |
Indicates whether the hostname is a standard or repository hostname. |
| name (required) | string | Hostname |
| sslState (required) | 'Disabled' 'IpBasedEnabled' 'SniEnabled' |
SSL type. |
| thumbprint | string | SSL certificate thumbprint. |
| toUpdate | bool | Set to true to update existing hostname. |
| virtualIP | string | Virtual IP address assigned to the hostname if IP based SSL is enabled. |
appServiceVirtualApplications
| Property | Value | Description |
|---|---|---|
| physicalPath | string | Physical path. |
| preloadEnabled | bool | true if preloading is enabled; otherwise, false. |
| virtualDirectories | appServiceVirtualDirectory[] | Virtual directories for virtual application. |
| virtualPath | string | Virtual path. |
appServiceVirtualDirectory
| Property | Value | Description |
|---|---|---|
| physicalPath | string | Physical path. |
| virtualPath | string | Path to virtual application. |
appServiceConnStringInfo
| Property | Value | Description |
|---|---|---|
| connectionString (required) | string | Connection string value. |
| name (required) | string | Name of connection string. |
| type (required) | 'ApiHub' 'Custom' 'DocDb' 'EventHub' 'MySql' 'NotificationHub' 'PostgreSQL' 'RedisCache' 'SQLAzure' 'SQLServer' 'ServiceBus' |
Type of database. |
appServiceAppSettings
| Property | Value | Description |
|---|---|---|
| name (required) | string | Pair name. |
| value (required) | string | Pair value. |
appServiceAutoHealRuleActions
| Property | Value | Description |
|---|---|---|
| actionType (required) | 'CustomAction' 'LogEvent' 'Recycle' |
Predefined action to be taken. |
| customAction | appServiceAutoHealCustomAction | Custom action to be taken. |
| minProcessExecutionTime (required) | string | Minimum time the process must execute before taking the action |
appServiceAutoHealRuleTriggers
| Property | Value | Description |
|---|---|---|
| privateBytesInKB | int | A rule based on private bytes. |
| requests | requests | A rule based on total requests. |
| slowRequests | slowRequests | A rule based on request execution time. |
| slowRequestsWithPath | appServiceAutoHealTriggerSlowRequestsWithPath[] | A rule based on multiple Slow Requests Rule with path |
| statusCodes | appServiceAutoHealTriggerStatusCodes[] | A rule based on status codes. |
| statusCodesRange | appServiceAutoHealTriggerStatusCodesRange[] | A rule based on status codes ranges. |
requests
| Property | Value | Description |
|---|---|---|
| count (required) | int | Request Count. |
| timeInterval (required) | string | Time interval. |
slowRequests
| Property | Value | Description |
|---|---|---|
| count (required) | int | Request Count. |
| path (required) | string | Request Path. |
| timeInterval (required) | string | Time interval. |
| timeTaken (required) | string | Time taken. |
appServiceAutoHealCustomAction
| Property | Value | Description |
|---|---|---|
| exe (required) | string | Executable to be run. |
| parameters | string | Parameters for the executable. |
appServiceAutoHealTriggerSlowRequestsWithPath
| Property | Value | Description |
|---|---|---|
| count (required) | int | Request Count. |
| path (required) | string | Request path. |
| timeInterval (required) | string | Time interval. |
| timeTaken (required) | string | Time taken. |
appServiceAutoHealTriggerStatusCodes
| Property | Value | Description |
|---|---|---|
| count (required) | int | Request Count. |
| path (required) | string | Request path. |
| subStatus (required) | int | Request Sub Status. |
| timeInterval (required) | string | Time interval. |
| win32Status (required) | int | Win32 error code. |
appServiceAutoHealTriggerStatusCodesRange
| Property | Value | Description |
|---|---|---|
| count (required) | int | Request Count. |
| path (required) | string | Request path. |
| statusCodes (required) | string | HTTP status code. |
| timeInterval (required) | string | Time interval. |
appServiceHandlerMappings
| Property | Value | Description |
|---|---|---|
| arguments (required) | string | Command-line arguments to be passed to the script processor. |
| extension (required) | string | Requests with this extension will be handled using the specified FastCGI application. |
| scriptProcessor (required) | string | The absolute path to the FastCGI application. |
appServiceIpSecurityRestrictions
| Property | Value | Description |
|---|---|---|
| action | 'Allow' 'Deny' |
Allow or Deny access for this IP range. |
| description | string | Allow or Deny access for this IP range. |
| headers | object | IP restriction rule headers. |
| ipAddress | string | IP address the security restriction is valid for. It can be in form of pure ipv4 address (required SubnetMask property) or CIDR notation such as ipv4/mask (leading bit match). For CIDR, SubnetMask property must not be specified. |
| name | string | IP restriction rule name. |
| priority | int | Priority of IP restriction rule. |
| subnetMask | string | Subnet mask for the range of IP addresses the restriction is valid for. |
| subnetTrafficTag | int | (internal) Subnet traffic tag |
| tag | 'Default' 'ServiceTag' 'XffProxy' |
Defines what this IP filter will be used for. This is to support IP filtering on proxies. |
| vnetSubnetResourceId | string | Virtual network resource id |
| vnetTrafficTag | int | (internal) Vnet traffic tag |
appServiceScmIpSecurityRestrictions
| Property | Value | Description |
|---|---|---|
| action (required) | 'Allow' 'Deny' |
Allow or Deny access for this IP range. |
| description | string | Allow or Deny access for this IP range. |
| headers (required) | object | IP restriction rule headers. |
| ipAddress (required) | string | IP address the security restriction is valid for. It can be in form of pure ipv4 address (required SubnetMask property) or CIDR notation such as ipv4/mask (leading bit match). For CIDR, SubnetMask property must not be specified. |
| name (required) | string | IP restriction rule name. |
| priority (required) | int | Priority of IP restriction rule. |
| subnetMask (required) | string | Subnet mask for the range of IP addresses the restriction is valid for. |
| subnetTrafficTag | int | (internal) Subnet traffic tag |
| tag (required) | 'Default' 'ServiceTag' 'XffProxy' |
Defines what this IP filter will be used for. This is to support IP filtering on proxies. |
| vnetSubnetResourceId (required) | string | Virtual network resource id |
| vnetTrafficTag (required) | int | (internal) Vnet traffic tag |
appServiceHostNameBinding
| Property | Value | Description |
|---|---|---|
| hostName (required) | string | Hostname to add (example: www.customer.be) |
| hostNameType | 'Managed' 'Verified' |
Hostname type. (default: Verified) |
| customHostNameDnsRecordType | 'A' 'CName' |
Custom DNS record type. (default: CName) |
| sslState | 'Disabled' 'IpBasedEnabled' 'SniEnabled' |
SSL type |
| thumbprint | string | SSL certificate thumbprint |
| azureResourceType | 'TrafficManager' 'Website' |
Azure resource type |
sourceControl
| Property | Value | Description |
|---|---|---|
| kind | string | Kind of resource. |
| branch | string | Name of branch to use for deployment. |
| deploymentRollbackEnabled | bool | true to enable deployment rollback; otherwise, false. |
| gitHubActionConfiguration | gitHubActionConfiguration | If GitHub Action is selected, than the associated configuration. |
| isGitHubAction | bool | true if this is deployed via GitHub action. |
| isManualIntegration | bool | true to limit to manual integration; false to enable continuous integration (which configures webhooks into online repos like GitHub). |
| isMercurial | bool | true for a Mercurial repository; false for a Git repository. |
| repoUrl | string | Repository or source control URL. |
codeConfiguration
| Property | Value | Description |
|---|---|---|
| runtimeStack | string | Runtime stack is used to determine the workflow file content for code base apps. |
| runtimeVersion | string | Runtime version is used to determine what build version to set in the workflow file. |
containerConfiguration
| Property | Value | Description |
|---|---|---|
| imageName | string | The image name for the build. |
| password | string | The password used to upload the image to the container registry. |
| serverUrl | string | The server URL for the container registry where the build will be hosted. |
| username | string | The username used to upload the image to the container registry. |
gitHubActionConfiguration
| Property | Value | Description |
|---|---|---|
| codeConfiguration | codeConfiguration | GitHub Action code configuration. |
| containerConfiguration | containerConfiguration | GitHub Action container configuration. |
| generateWorkflowFile | bool | Workflow option to determine whether the workflow file should be generated and written to the repository. |
| isLinux | bool | This will help determine the workflow configuration to select. |
naming
| Property | Value | Description |
|---|---|---|
| forceFunctionAsFullName | bool | Use the function value as the full name of the resource |
| abbreviation | string | Override the abbreviation of this resource with this parameter |
| environment | string | The resource environment (for example: dev, tst, acc, prd) |
| location | string | The resource location (for example: weu, we, westeurope) |
| customer | string | The name of the customer |
| delimiter | string | The delimiter between resources (default: -) |
| nameFormat | Array containing any of: 'abbreviation' 'customer' 'environment' 'function' 'location' 'param1' 'param2' 'param3' 'useCaseName' |
The order of the array defines the order of elements in the naming scheme |
| param1 | string | Extra parameter self defined |
| param2 | string | Extra parameter self defined |
| param3 | string | Extra parameter self defined |
| function (required) | string | Function of the resource [can be app, db, security,...] |
| useCaseName | string | Name of the use case [can be hub, spoke,...] |
| suffix | string | Suffix for the resource, if empty non will be appended, otherwise will be added to the end [can be index, ...] |
| forceDefaultNaming | bool | Force the CAF naming instead of default company naming |
resourceLock
| Property | Value | Description |
|---|---|---|
| name | string | Character limit: 1-90. Valid characters: Alphanumerics, periods, underscores, hyphens, and parenthesis. Can't end in period. |
| level (required) | 'CanNotDelete' 'ReadOnly' |
The level of the lock. Possible values are: CanNotDelete and ReadOnly. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can't modify or delete it. Read-Only locks must be commented to be able to deploy again |
| notes | string | Notes about the lock. Maximum of 512 characters. |
| owners | resourceLockOwner[] | The owners of the lock |
resourceLockOwner
| Property | Value | Description |
|---|---|---|
| applicationId (required) | string | The application ID of the lock owner. |
roleAssignment
| Property | Value | Description |
|---|---|---|
| principalId (required) | string | The principal ID |
| roleDefinitionId (required) | string | The role definition ID, data file can be used for this |
| condition | string | Condition on the role assignment |
| conditionVersion | string | Version of the condition. Currently the only accepted value is "2.0" |
| delegatedManagedIdentityResourceId | string | Id of the delegated managed identity resource |
| description | string | Description of role assignment |
general
| Property | Value | Description |
|---|---|---|
| tags | object | Tags of the resource [hashtable] |
| location (required) | string | Location of the resource |
| naming (required) | naming | Naming module of the resource |
| resourceGroupName (required) | string | Name of the resource group where the resource should be located |
| sharedNaming (required) | naming | Reference to the default naming |
| roleAssignments | roleAssignment[] | Role assignments on the resource |
| resourceLocks | resourceLock[] | Resource Locks on the resource |
privateLink
| Property | Value | Description |
|---|---|---|
| pepNaming | naming | Name of the private endpoint |
| nicNaming | naming | Name of the network interface of the private endpoint |
| privateLinkNaming | naming | Name of the private link connection |
| subnets (required) | subnets[] | Id of the subnets and optionally the name of the resourcegroup in which the private endpoint should be created |
| dnsZoneIds (required) | string[] | List of DNS zone ids that need to be linked |
subnets
| Property | Value | Description |
|---|---|---|
| resourceGroupName | string | Resourcegroup (default: resourcegroup defined here => resourceGroup of pep resource => resourceGroup of subnet) |
| id (required) | string | Id of the subnet |
| location | string | Location if Vnet is in different location |
Changelog
11.0.0 (2025-10-06)
⚠ BREAKING CHANGES
- Update api version. Replaced vnetContentShareEnabled, vnetImagePullEnabled and vnetRouteAllEnabled properties by new outboundVnetRouting object
Features
- Update api version. Replaced vnetContentShareEnabled, vnetImagePullEnabled and vnetRouteAllEnabled properties by new outboundVnetRouting object
10.0.1 (2025-09-24)
Bug Fixes
- remove deployment name + cleanup
10.0.0 (2025-09-24)
⚠ BREAKING CHANGES
- remove deprecated outputs
Bug Fixes
- remove deprecated outputs
9.4.3 (2025-06-26)
Bug Fixes
- incorrect default value
9.4.2 (2025-06-16)
Bug Fixes
- make abbreviation changeable
9.4.1 (2025-06-12)
Bug Fixes
- make 'tag' param in ipSecurityRestrictions optional to allow unmatched rules
9.4.0 (2025-06-03)
Features
- add TLS version 1.3
9.3.0 (2025-05-26)
Features
- add sourcecontrols
9.2.0 (2025-05-14)
Features
- add output principalId
9.1.1 (2025-04-11)
Bug Fixes
- naming connected resources when forceFunctionAsFullName or forceDefaultNaming is true
9.1.0 (2025-03-26)
Features
- add resourceName output
9.0.0 (2025-03-17)
⚠ BREAKING CHANGES
- remove role-assignment principalType parameter
Features
- remove role-assignment principalType parameter
8.0.0 (2025-01-03)
⚠ BREAKING CHANGES
- use new toObject function for UserAssignedIdentities. Only breaking when using managed identities.
Features
- use new toObject function for UserAssignedIdentities. Only breaking when using managed identities.