How to deploy App Service + Certificate + hostbinding at the same time with bicep?

Question

I'm having trouble deployed an hostNameBinding with a certificate at the same time with this code:

param appserviceplanId string
param location string
param appservicename string
param domain string

resource appservice 'Microsoft.Web/sites@2020-12-01' = {
  name: appservicename
  location: location
  properties: {
    serverFarmId: appserviceplanId
    enabled: true
    httpsOnly: true
    siteConfig: {
      use32BitWorkerProcess: false
      webSocketsEnabled: true
      alwaysOn: true
      http20Enabled: true
      autoHealEnabled: true
      netFrameworkVersion: 'v5.0'
    }
    clientAffinityEnabled: false
  }
}

resource certificate 'Microsoft.Web/certificates@2021-01-01' = {
  name: '${domain}-certificate'
  location: location
  properties: {
    canonicalName: domain
    serverFarmId: appserviceplanId
    domainValidationMethod: 'http-token'
  }
}

resource hostbinding 'Microsoft.Web/sites/hostNameBindings@2021-01-01' = {
  parent: appservice
  name: domain
  properties: {
    siteName: appservicename
    customHostNameDnsRecordType: 'CName'
    hostNameType: 'Verified'
    sslState: 'SniEnabled'
    thumbprint: certificate.properties.thumbprint
  }
}

It only works if i deploy it in steps by commenting out the certificate:

param appserviceplanId string
param location string
param appservicename string
param domain string

resource appservice 'Microsoft.Web/sites@2020-12-01' = {
  name: appservicename
  location: location
  properties: {
    serverFarmId: appserviceplanId
    customDomainVerificationId: 'DNS Record verification'
    enabled: true
    httpsOnly: true
    siteConfig: {
      use32BitWorkerProcess: false
      webSocketsEnabled: true
      alwaysOn: true
      http20Enabled: true
      autoHealEnabled: true
      netFrameworkVersion: 'v5.0'
    }
    clientAffinityEnabled: false
  }
}

// resource certificate 'Microsoft.Web/certificates@2021-01-01' = {
//   name: '${domain}-certificate'
//   location: location
//   properties: {
//     canonicalName: domain
//     serverFarmId: appserviceplanId
//     domainValidationMethod: 'http-token'
//   }
// }

resource hostbinding 'Microsoft.Web/sites/hostNameBindings@2021-01-01' = {
  parent: appservice
  name: domain
  properties: {
    siteName: appservicename
    customHostNameDnsRecordType: 'CName'
    hostNameType: 'Verified'
    // sslState: 'SniEnabled'
    // thumbprint: certificate.properties.thumbprint
  }
}

After this i can run the whole thing because the Hostbinding exists.

How can i make it go in one go?

So, the Hostbinding cant be made without certificate, the certificate cant be made without a hostbinding, loop di loop.

If i specify the HostBinding before the certificate resource and then again after the certificate with the properties, i get 'HostName is specified more then once'.

score 3 · Accepted Answer · edited Apr 25 '23 at 13:09

3

you need to use module.

There's example with function app: https://github.com/Azure/bicep/tree/main/src/Bicep.Core.Samples/Files/user_submitted/301/function-app-with-custom-domain-managed-certificate

(perma link)

edited Apr 25 '23 at 13:09

Good Night Nerd Pride

8,245
4
49
65

answered Jun 12 '21 at 12:21

Miq

3,931
2
18
32

An example would be great, the specified resource no longer exists. – JasonTaylorDev Sep 23 '22 at 13:35
I’ve updated the url – Miq Sep 25 '22 at 15:04

How to deploy App Service + Certificate + hostbinding at the same time with bicep?

1 Answers1