Microsoft.Web sites/slots/config 'web' 2021-02-01
The sites/slots/config resource type can be deployed to: Resource groups.
To learn about resource group deployments, see Bicep or ARM template.
Options for name property
The sites/slots/config resource accepts different properties based on the value of the name property.
This article shows the properties that are available when you set name: 'web'.
For other options, see:
- appsettings
- authsettings
- authsettingsV2
- azurestorageaccounts
- backup
- connectionstrings
- logs
- metadata
- pushsettings
Template format
To create a Microsoft.Web/sites/slots/config resource, add the following Bicep or JSON to your template.
resource symbolicname 'Microsoft.Web/sites/slots/config@2021-02-01' = {
name: 'web'
kind: 'string'
parent: resourceSymbolicName
properties: {
acrUseManagedIdentityCreds: bool
acrUserManagedIdentityID: 'string'
alwaysOn: bool
apiDefinition: {
url: 'string'
}
apiManagementConfig: {
id: 'string'
}
appCommandLine: 'string'
appSettings: [
{
name: 'string'
value: 'string'
}
]
autoHealEnabled: bool
autoHealRules: {
actions: {
actionType: 'string'
customAction: {
exe: 'string'
parameters: 'string'
}
minProcessExecutionTime: 'string'
}
triggers: {
privateBytesInKB: int
requests: {
count: int
timeInterval: 'string'
}
slowRequests: {
count: int
path: 'string'
timeInterval: 'string'
timeTaken: 'string'
}
slowRequestsWithPath: [
{
count: int
path: 'string'
timeInterval: 'string'
timeTaken: 'string'
}
]
statusCodes: [
{
count: int
path: 'string'
status: int
subStatus: int
timeInterval: 'string'
win32Status: int
}
]
statusCodesRange: [
{
count: int
path: 'string'
statusCodes: 'string'
timeInterval: 'string'
}
]
}
}
autoSwapSlotName: 'string'
azureStorageAccounts: {}
connectionStrings: [
{
connectionString: 'string'
name: 'string'
type: 'string'
}
]
cors: {
allowedOrigins: [
'string'
]
supportCredentials: bool
}
defaultDocuments: [
'string'
]
detailedErrorLoggingEnabled: bool
documentRoot: 'string'
experiments: {
rampUpRules: [
{
actionHostName: 'string'
changeDecisionCallbackUrl: 'string'
changeIntervalInMinutes: int
changeStep: int
maxReroutePercentage: int
minReroutePercentage: int
name: 'string'
reroutePercentage: int
}
]
}
ftpsState: 'string'
functionAppScaleLimit: int
functionsRuntimeScaleMonitoringEnabled: bool
handlerMappings: [
{
arguments: 'string'
extension: 'string'
scriptProcessor: 'string'
}
]
healthCheckPath: 'string'
http20Enabled: bool
httpLoggingEnabled: bool
ipSecurityRestrictions: [
{
action: 'string'
description: 'string'
headers: {}
ipAddress: 'string'
name: 'string'
priority: int
subnetMask: 'string'
subnetTrafficTag: int
tag: 'string'
vnetSubnetResourceId: 'string'
vnetTrafficTag: int
}
]
javaContainer: 'string'
javaContainerVersion: 'string'
javaVersion: 'string'
keyVaultReferenceIdentity: 'string'
limits: {
maxDiskSizeInMb: int
maxMemoryInMb: int
maxPercentageCpu: int
}
linuxFxVersion: 'string'
loadBalancing: 'string'
localMySqlEnabled: bool
logsDirectorySizeLimit: int
managedPipelineMode: 'string'
managedServiceIdentityId: int
minimumElasticInstanceCount: int
minTlsVersion: 'string'
netFrameworkVersion: 'string'
nodeVersion: 'string'
numberOfWorkers: int
phpVersion: 'string'
powerShellVersion: 'string'
preWarmedInstanceCount: int
publicNetworkAccess: 'string'
publishingUsername: 'string'
push: {
kind: 'string'
properties: {
dynamicTagsJson: 'string'
isPushEnabled: bool
tagsRequiringAuth: 'string'
tagWhitelistJson: 'string'
}
}
pythonVersion: 'string'
remoteDebuggingEnabled: bool
remoteDebuggingVersion: 'string'
requestTracingEnabled: bool
requestTracingExpirationTime: 'string'
scmIpSecurityRestrictions: [
{
action: 'string'
description: 'string'
headers: {}
ipAddress: 'string'
name: 'string'
priority: int
subnetMask: 'string'
subnetTrafficTag: int
tag: 'string'
vnetSubnetResourceId: 'string'
vnetTrafficTag: int
}
]
scmIpSecurityRestrictionsUseMain: bool
scmMinTlsVersion: 'string'
scmType: 'string'
tracingOptions: 'string'
use32BitWorkerProcess: bool
virtualApplications: [
{
physicalPath: 'string'
preloadEnabled: bool
virtualDirectories: [
{
physicalPath: 'string'
virtualPath: 'string'
}
]
virtualPath: 'string'
}
]
vnetName: 'string'
vnetPrivatePortsCount: int
vnetRouteAllEnabled: bool
websiteTimeZone: 'string'
webSocketsEnabled: bool
windowsFxVersion: 'string'
xManagedServiceIdentityId: int
}
}
Property values
sites/slots/config-web
| Name | Description | Value |
|---|---|---|
| type | The resource type For Bicep, set this value in the resource declaration. |
'Microsoft.Web/sites/slots/config' |
| apiVersion | The resource api version For Bicep, set this value in the resource declaration. |
'2021-02-01' |
| name | The resource name See how to set names and types for child resources in Bicep or JSON ARM templates. |
'web' |
| kind | Kind of resource. | string |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: slots |
| properties | Configuration of an App Service app. | SiteConfig |
SiteConfig
| Name | Description | Value |
|---|---|---|
| acrUseManagedIdentityCreds | Flag to use Managed Identity Creds for ACR pull | bool |
| acrUserManagedIdentityID | If using user managed identity, the user managed identity ClientId | string |
| alwaysOn | true if Always On is enabled; otherwise, false. |
bool |
| apiDefinition | Information about the formal API definition for the app. | ApiDefinitionInfo |
| apiManagementConfig | Azure API management (APIM) configuration linked to the app. | ApiManagementConfig |
| appCommandLine | App command line to launch. | string |
| appSettings | Application settings. | NameValuePair[] |
| autoHealEnabled | true if Auto Heal is enabled; otherwise, false. |
bool |
| autoHealRules | Rules that can be defined for auto-heal. | AutoHealRules |
| autoSwapSlotName | Auto-swap slot name. | string |
| azureStorageAccounts | List of Azure Storage Accounts. | object |
| connectionStrings | Connection strings. | ConnStringInfo[] |
| cors | Cross-Origin Resource Sharing (CORS) settings for the app. | CorsSettings |
| defaultDocuments | Default documents. | string[] |
| detailedErrorLoggingEnabled | true if detailed error logging is enabled; otherwise, false. |
bool |
| documentRoot | Document root. | string |
| experiments | Routing rules in production experiments. | Experiments |
| ftpsState | State of FTP / FTPS service | 'AllAllowed' 'Disabled' 'FtpsOnly' |
| functionAppScaleLimit | Maximum number of workers that a site can scale out to. This setting only applies to the Consumption and Elastic Premium Plans |
int |
| functionsRuntimeScaleMonitoringEnabled | Gets or sets a value indicating whether functions runtime scale monitoring is enabled. When enabled, the ScaleController will not monitor event sources directly, but will instead call to the runtime to get scale status. |
bool |
| handlerMappings | Handler mappings. | HandlerMapping[] |
| healthCheckPath | Health check path | string |
| http20Enabled | Http20Enabled: configures a web site to allow clients to connect over http2.0 | bool |
| httpLoggingEnabled | true if HTTP logging is enabled; otherwise, false. |
bool |
| ipSecurityRestrictions | IP security restrictions for main. | IpSecurityRestriction[] |
| javaContainer | Java container. | string |
| javaContainerVersion | Java container version. | string |
| javaVersion | Java version. | string |
| keyVaultReferenceIdentity | Identity to use for Key Vault Reference authentication. | string |
| limits | Metric limits set on an app. | SiteLimits |
| linuxFxVersion | Linux App Framework and version | string |
| loadBalancing | Site load balancing. | 'LeastRequests' 'LeastResponseTime' 'PerSiteRoundRobin' 'RequestHash' 'WeightedRoundRobin' 'WeightedTotalTraffic' |
| localMySqlEnabled | true to enable local MySQL; otherwise, false. |
bool |
| logsDirectorySizeLimit | HTTP logs directory size limit. | int |
| managedPipelineMode | Managed pipeline mode. | 'Classic' 'Integrated' |
| managedServiceIdentityId | Managed Service Identity Id | int |
| minimumElasticInstanceCount | Number of minimum instance count for a site This setting only applies to the Elastic Plans |
int |
| minTlsVersion | MinTlsVersion: configures the minimum version of TLS required for SSL requests | '1.0' '1.1' '1.2' |
| netFrameworkVersion | .NET Framework version. | string |
| nodeVersion | Version of Node.js. | string |
| numberOfWorkers | Number of workers. | int |
| phpVersion | Version of PHP. | string |
| powerShellVersion | Version of PowerShell. | string |
| preWarmedInstanceCount | Number of preWarmed instances. This setting only applies to the Consumption and Elastic Plans |
int |
| publicNetworkAccess | Property to allow or block all public traffic. | string |
| publishingUsername | Publishing user name. | string |
| push | Push settings for the App. | PushSettings |
| pythonVersion | Version of Python. | string |
| remoteDebuggingEnabled | true if remote debugging is enabled; otherwise, false. |
bool |
| remoteDebuggingVersion | Remote debugging version. | string |
| requestTracingEnabled | true if request tracing is enabled; otherwise, false. |
bool |
| requestTracingExpirationTime | Request tracing expiration time. | string |
| scmIpSecurityRestrictions | IP security restrictions for scm. | IpSecurityRestriction[] |
| scmIpSecurityRestrictionsUseMain | IP security restrictions for scm to use main. | bool |
| scmMinTlsVersion | MinTlsVersion: configures the minimum version of TLS required for SSL requests | '1.0' '1.1' '1.2' |
| scmType | SCM type. | 'BitbucketGit' 'BitbucketHg' 'CodePlexGit' 'CodePlexHg' 'Dropbox' 'ExternalGit' 'ExternalHg' 'GitHub' 'LocalGit' 'None' 'OneDrive' 'Tfs' 'VSO' 'VSTSRM' |
| tracingOptions | Tracing options. | string |
| use32BitWorkerProcess | true to use 32-bit worker process; otherwise, false. |
bool |
| virtualApplications | Virtual applications. | VirtualApplication[] |
| vnetName | Virtual Network name. | string |
| vnetPrivatePortsCount | The number of private ports assigned to this app. These will be assigned dynamically on runtime. | int |
| vnetRouteAllEnabled | Virtual Network Route All enabled. This causes all outbound traffic to have Virtual Network Security Groups and User Defined Routes applied. | bool |
| websiteTimeZone | Sets the time zone a site uses for generating timestamps. Compatible with Linux and Windows App Service. Setting the WEBSITE_TIME_ZONE app setting takes precedence over this config. For Linux, expects tz database values https://www.iana.org/time-zones (for a quick reference see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). For Windows, expects one of the time zones listed under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones | string |
| webSocketsEnabled | true if WebSocket is enabled; otherwise, false. |
bool |
| windowsFxVersion | Xenon App Framework and version | string |
| xManagedServiceIdentityId | Explicit Managed Service Identity Id | int |
ApiDefinitionInfo
| Name | Description | Value |
|---|---|---|
| url | The URL of the API definition. | string |
ApiManagementConfig
| Name | Description | Value |
|---|---|---|
| id | APIM-Api Identifier. | string |
NameValuePair
| Name | Description | Value |
|---|---|---|
| name | Pair name. | string |
| value | Pair value. | string |
AutoHealRules
| Name | Description | Value |
|---|---|---|
| actions | Actions which to take by the auto-heal module when a rule is triggered. | AutoHealActions |
| triggers | Triggers for auto-heal. | AutoHealTriggers |
AutoHealActions
| Name | Description | Value |
|---|---|---|
| actionType | Predefined action to be taken. | 'CustomAction' 'LogEvent' 'Recycle' |
| customAction | Custom action to be executed when an auto heal rule is triggered. |
AutoHealCustomAction |
| minProcessExecutionTime | Minimum time the process must execute before taking the action |
string |
AutoHealCustomAction
| Name | Description | Value |
|---|---|---|
| exe | Executable to be run. | string |
| parameters | Parameters for the executable. | string |
AutoHealTriggers
| Name | Description | Value |
|---|---|---|
| privateBytesInKB | A rule based on private bytes. | int |
| requests | Trigger based on total requests. | RequestsBasedTrigger |
| slowRequests | Trigger based on request execution time. | SlowRequestsBasedTrigger |
| slowRequestsWithPath | A rule based on multiple Slow Requests Rule with path | SlowRequestsBasedTrigger[] |
| statusCodes | A rule based on status codes. | StatusCodesBasedTrigger[] |
| statusCodesRange | A rule based on status codes ranges. | StatusCodesRangeBasedTrigger[] |
RequestsBasedTrigger
| Name | Description | Value |
|---|---|---|
| count | Request Count. | int |
| timeInterval | Time interval. | string |
SlowRequestsBasedTrigger
| Name | Description | Value |
|---|---|---|
| count | Request Count. | int |
| path | Request Path. | string |
| timeInterval | Time interval. | string |
| timeTaken | Time taken. | string |
StatusCodesBasedTrigger
| Name | Description | Value |
|---|---|---|
| count | Request Count. | int |
| path | Request Path | string |
| status | HTTP status code. | int |
| subStatus | Request Sub Status. | int |
| timeInterval | Time interval. | string |
| win32Status | Win32 error code. | int |
StatusCodesRangeBasedTrigger
| Name | Description | Value |
|---|---|---|
| count | Request Count. | int |
| path | string | |
| statusCodes | HTTP status code. | string |
| timeInterval | Time interval. | string |
ConnStringInfo
| Name | Description | Value |
|---|---|---|
| connectionString | Connection string value. | string |
| name | Name of connection string. | string |
| type | Type of database. | 'ApiHub' 'Custom' 'DocDb' 'EventHub' 'MySql' 'NotificationHub' 'PostgreSQL' 'RedisCache' 'SQLAzure' 'SQLServer' 'ServiceBus' |
CorsSettings
| Name | Description | Value |
|---|---|---|
| allowedOrigins | Gets or sets the list of origins that should be allowed to make cross-origin calls (for example: http://example.com:12345). Use "*" to allow all. |
string[] |
| supportCredentials | Gets or sets whether CORS requests with credentials are allowed. See https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Requests_with_credentials for more details. |
bool |
Experiments
| Name | Description | Value |
|---|---|---|
| rampUpRules | List of ramp-up rules. | RampUpRule[] |
RampUpRule
| Name | Description | Value |
|---|---|---|
| actionHostName | Hostname of a slot to which the traffic will be redirected if decided to. E.g. myapp-stage.azurewebsites.net. | string |
| changeDecisionCallbackUrl | Custom decision algorithm can be provided in TiPCallback site extension which URL can be specified. See TiPCallback site extension for the scaffold and contracts. https://www.siteextensions.net/packages/TiPCallback/ |
string |
| changeIntervalInMinutes | Specifies interval in minutes to reevaluate ReroutePercentage. | int |
| changeStep | In auto ramp up scenario this is the step to add/remove from ReroutePercentage until it reaches \nMinReroutePercentage or MaxReroutePercentage. Site metrics are checked every N minutes specified in ChangeIntervalInMinutes.\nCustom decision algorithm can be provided in TiPCallback site extension which URL can be specified in ChangeDecisionCallbackUrl. |
int |
| maxReroutePercentage | Specifies upper boundary below which ReroutePercentage will stay. | int |
| minReroutePercentage | Specifies lower boundary above which ReroutePercentage will stay. | int |
| name | Name of the routing rule. The recommended name would be to point to the slot which will receive the traffic in the experiment. | string |
| reroutePercentage | Percentage of the traffic which will be redirected to ActionHostName. |
int |
HandlerMapping
| Name | Description | Value |
|---|---|---|
| arguments | Command-line arguments to be passed to the script processor. | string |
| extension | Requests with this extension will be handled using the specified FastCGI application. | string |
| scriptProcessor | The absolute path to the FastCGI application. | string |
IpSecurityRestriction
| Name | Description | Value |
|---|---|---|
| action | Allow or Deny access for this IP range. | string |
| description | IP restriction rule description. | string |
| headers | IP restriction rule headers. X-Forwarded-Host (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host#Examples). The matching logic is .. - If the property is null or empty (default), all hosts(or lack of) are allowed. - A value is compared using ordinal-ignore-case (excluding port number). - Subdomain wildcards are permitted but don't match the root domain. For example, *.contoso.com matches the subdomain foo.contoso.com but not the root domain contoso.com or multi-level foo.bar.contoso.com - Unicode host names are allowed but are converted to Punycode for matching. X-Forwarded-For (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For#Examples). The matching logic is .. - If the property is null or empty (default), any forwarded-for chains (or lack of) are allowed. - If any address (excluding port number) in the chain (comma separated) matches the CIDR defined by the property. X-Azure-FDID and X-FD-HealthProbe. The matching logic is exact match. |
object |
| ipAddress | IP address the security restriction is valid for. It can be in form of pure ipv4 address (required SubnetMask property) or CIDR notation such as ipv4/mask (leading bit match). For CIDR, SubnetMask property must not be specified. |
string |
| name | IP restriction rule name. | string |
| priority | Priority of IP restriction rule. | int |
| subnetMask | Subnet mask for the range of IP addresses the restriction is valid for. | string |
| subnetTrafficTag | (internal) Subnet traffic tag | int |
| tag | Defines what this IP filter will be used for. This is to support IP filtering on proxies. | 'Default' 'ServiceTag' 'XffProxy' |
| vnetSubnetResourceId | Virtual network resource id | string |
| vnetTrafficTag | (internal) Vnet traffic tag | int |
SiteLimits
| Name | Description | Value |
|---|---|---|
| maxDiskSizeInMb | Maximum allowed disk size usage in MB. | int |
| maxMemoryInMb | Maximum allowed memory usage in MB. | int |
| maxPercentageCpu | Maximum allowed CPU usage percentage. | int |
PushSettings
| Name | Description | Value |
|---|---|---|
| kind | Kind of resource. | string |
| properties | PushSettings resource specific properties | PushSettingsProperties |
PushSettingsProperties
| Name | Description | Value |
|---|---|---|
| dynamicTagsJson | Gets or sets a JSON string containing a list of dynamic tags that will be evaluated from user claims in the push registration endpoint. | string |
| isPushEnabled | Gets or sets a flag indicating whether the Push endpoint is enabled. | bool (required) |
| tagsRequiringAuth | Gets or sets a JSON string containing a list of tags that require user authentication to be used in the push registration endpoint. Tags can consist of alphanumeric characters and the following: '_', '@', '#', '.', ':', '-'. Validation should be performed at the PushRequestHandler. |
string |
| tagWhitelistJson | Gets or sets a JSON string containing a list of tags that are allowed for use by the push registration endpoint. | string |
VirtualApplication
| Name | Description | Value |
|---|---|---|
| physicalPath | Physical path. | string |
| preloadEnabled | true if preloading is enabled; otherwise, false. |
bool |
| virtualDirectories | Virtual directories for virtual application. | VirtualDirectory[] |
| virtualPath | Virtual path. | string |
VirtualDirectory
| Name | Description | Value |
|---|---|---|
| physicalPath | Physical path. | string |
| virtualPath | Path to virtual application. | string |