0

I have an ARM template in which I am configuring a Function App.

Here is a sample of my ARM template that deals with the Function App:

{
    "apiVersion": "2015-08-01",
    "type": "Microsoft.Web/sites",
    "name": "MyAzureFunctionName",
    "location": "[resourceGroup().location]",
    "kind": "functionapp",
    "dependsOn": [
         "[resourceId('Microsoft.Web/serverfarms', variables('nameWithDashes'))]",
         "[resourceId('Microsoft.Storage/storageAccounts', variables('storageName'))]"
    ],
    "properties": {
         "serverFarmId": "[resourceId('Microsoft.Web/serverfarms', 'MyAzureFunctionName')]",
         "httpsOnly": true,
         "siteConfig": {
             "appSettings": [
                 {
                     ...
                 }]
         }
     }
}

I have successfully configured a custom domain 'mydomain.ca' in my Function App using the following configuration:

{
    "apiVersion": "2020-06-01",
    "type": "Microsoft.Web/sites/hostNameBindings",
    "name": "[concat('MyFunctionApp', '/', 'mydomain.ca')]",
    "location": "[resourceGroup().location]",
    "scale": null,
    "properties": {
    },
    "dependsOn": [
        "[resourceId('Microsoft.Web/sites', variables('nameWithDashes'))]"
    ]
}

The next step in securing my Function App is to bind the custom domain to an SSL certificate. I am trying to find a way to use the App Service Managed Certificate so that Azure will create and manage the certificate itself (See the option Create App Service Managed Certificate below).

App Service Managed Certificate

Question

How can I configure an App Service Managed Certificate for the custom domain of my Function App in an Azure Resource Manager Template?

Kzryzstof
  • 7,688
  • 10
  • 61
  • 108
  • 2
    Take a look at this: https://dotnetdevlife.wordpress.com/2019/11/12/arm-app-service-managed-certificate/ – Alex AIT Aug 30 '20 at 20:54

1 Answers1

2

The comment Alex made helped a lot ; it had all the important pieces. However I was not able to make it work using the linked template.

Instead of using a linked template, I fell back to using a nested template and it worked immediately.

{
    "apiVersion": "2020-06-01",
    "name": "nestedTemplate",
    "type": "Microsoft.Resources/deployments",
    "dependsOn": [
        "[resourceId('Microsoft.Web/sites', variables('siteName'))]",
        "[resourceId('Microsoft.Web/certificates', variables('certificateName'))]"
    ],
    "properties": {
         "mode": "Incremental",
         "template": {
             "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
             "contentVersion": "1.0.0.0",
             "resources": [{
                 "apiVersion": "2019-08-01",
                 "type": "Microsoft.Web/sites/hostnameBindings",
                 "name": "[variables('hostNameBindingsName')]",
                 "location": "[resourceGroup().location)]",
                 "properties": {
                      "sslState": "SniEnabled",
                      "thumbprint": "[reference(resourceId('Microsoft.Web/certificates', variables('certificateName'))).Thumbprint]"
                  }
             }]
         }
     }
}
Kzryzstof
  • 7,688
  • 10
  • 61
  • 108