The managedEnvironments resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
To create a Microsoft.App/managedEnvironments resource, add the following JSON to your template.
{
"type": "Microsoft.App/managedEnvironments",
"apiVersion": "2023-11-02-preview",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"kind": "string",
"identity": {
"type": "string",
"userAssignedIdentities": {
"{customized property}": {}
}
},
"properties": {
"appInsightsConfiguration": {
"connectionString": "string"
},
"appLogsConfiguration": {
"destination": "string",
"logAnalyticsConfiguration": {
"customerId": "string",
"dynamicJsonColumns": "bool",
"sharedKey": "string"
}
},
"customDomainConfiguration": {
"certificateKeyVaultProperties": {
"identity": "string",
"keyVaultUrl": "string"
},
"certificatePassword": "string",
"certificateValue": {},
"dnsSuffix": "string"
},
"daprAIConnectionString": "string",
"daprAIInstrumentationKey": "string",
"daprConfiguration": {},
"infrastructureResourceGroup": "string",
"kedaConfiguration": {},
"openTelemetryConfiguration": {
"destinationsConfiguration": {
"dataDogConfiguration": {
"key": "string",
"site": "string"
},
"otlpConfigurations": [
{
"endpoint": "string",
"headers": [
{
"key": "string",
"value": "string"
}
],
"insecure": "bool",
"name": "string"
}
]
},
"logsConfiguration": {
"destinations": [ "string" ]
},
"metricsConfiguration": {
"destinations": [ "string" ]
},
"tracesConfiguration": {
"destinations": [ "string" ]
}
},
"peerAuthentication": {
"mtls": {
"enabled": "bool"
}
},
"vnetConfiguration": {
"dockerBridgeCidr": "string",
"infrastructureSubnetId": "string",
"internal": "bool",
"platformReservedCidr": "string",
"platformReservedDnsIP": "string"
},
"workloadProfiles": [
{
"maximumCount": "int",
"minimumCount": "int",
"name": "string",
"workloadProfileType": "string"
}
],
"zoneRedundant": "bool"
}
}
Name | Description | Value |
---|---|---|
type | The resource type | 'Microsoft.App/managedEnvironments' |
apiVersion | The resource api version | '2023-11-02-preview' |
name | The resource name | string (required) |
location | The geo-location where the resource lives | string (required) |
tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
kind | Kind of the Environment. | string |
identity | Managed identities for the Managed Environment to interact with other Azure services without maintaining any secrets or credentials in code. | ManagedServiceIdentity |
properties | Managed environment resource specific properties | ManagedEnvironmentProperties |
Name | Description | Value |
---|---|---|
type | Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed). | 'None' 'SystemAssigned' 'SystemAssigned,UserAssigned' 'UserAssigned' (required) |
userAssignedIdentities | The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests. | UserAssignedIdentities |
Name | Description | Value |
---|---|---|
{customized property} | UserAssignedIdentity |
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Name | Description | Value |
---|---|---|
appInsightsConfiguration | Environment level Application Insights configuration | AppInsightsConfiguration |
appLogsConfiguration | Cluster configuration which enables the log daemon to export app logs to a destination. Currently only "log-analytics" is supported |
AppLogsConfiguration |
customDomainConfiguration | Custom domain configuration for the environment | CustomDomainConfiguration |
daprAIConnectionString | Application Insights connection string used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
daprAIInstrumentationKey | Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry | string Constraints: Sensitive value. Pass in as a secure parameter. |
daprConfiguration | The configuration of Dapr component. | DaprConfiguration |
infrastructureResourceGroup | Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources. If a subnet ID is provided, this resource group will be created in the same subscription as the subnet. | string |
kedaConfiguration | The configuration of Keda component. | KedaConfiguration |
openTelemetryConfiguration | Environment Open Telemetry configuration | OpenTelemetryConfiguration |
peerAuthentication | Peer authentication settings for the Managed Environment | ManagedEnvironmentPropertiesPeerAuthentication |
vnetConfiguration | Vnet configuration for the environment | VnetConfiguration |
workloadProfiles | Workload profiles configured for the Managed Environment. | WorkloadProfile[] |
zoneRedundant | Whether or not this Managed Environment is zone-redundant. | bool |
Name | Description | Value |
---|---|---|
connectionString | Application Insights connection string | string Constraints: Sensitive value. Pass in as a secure parameter. |
Name | Description | Value |
---|---|---|
destination | Logs destination, can be 'log-analytics', 'azure-monitor' or 'none' | string |
logAnalyticsConfiguration | Log Analytics configuration, must only be provided when destination is configured as 'log-analytics' | LogAnalyticsConfiguration |
Name | Description | Value |
---|---|---|
customerId | Log analytics customer id | string |
dynamicJsonColumns | Boolean indicating whether to parse json string log into dynamic json columns | bool |
sharedKey | Log analytics customer key | string Constraints: Sensitive value. Pass in as a secure parameter. |
Name | Description | Value |
---|---|---|
certificateKeyVaultProperties | Certificate stored in Azure Key Vault. | CertificateKeyVaultProperties |
certificatePassword | Certificate password | string Constraints: Sensitive value. Pass in as a secure parameter. |
certificateValue | PFX or PEM blob | |
dnsSuffix | Dns suffix for the environment domain | string |
Name | Description | Value |
---|---|---|
identity | Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity. | string |
keyVaultUrl | URL pointing to the Azure Key Vault secret that holds the certificate. | string |
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Name | Description | Value |
---|---|---|
destinationsConfiguration | Open telemetry destinations configuration | DestinationsConfiguration |
logsConfiguration | Open telemetry logs configuration | LogsConfiguration |
metricsConfiguration | Open telemetry metrics configuration | MetricsConfiguration |
tracesConfiguration | Open telemetry trace configuration | TracesConfiguration |
Name | Description | Value |
---|---|---|
dataDogConfiguration | Open telemetry datadog destination configuration | DataDogConfiguration |
otlpConfigurations | Open telemetry otlp configurations | OtlpConfiguration[] |
Name | Description | Value |
---|---|---|
key | The data dog api key | string Constraints: Sensitive value. Pass in as a secure parameter. |
site | The data dog site | string |
Name | Description | Value |
---|---|---|
endpoint | The endpoint of otlp configuration | string |
headers | Headers of otlp configurations | Header[] |
insecure | Boolean indicating if otlp configuration is insecure | bool |
name | The name of otlp configuration | string |
Name | Description | Value |
---|---|---|
key | The key of otlp configuration header | string |
value | The value of otlp configuration header | string |
Name | Description | Value |
---|---|---|
destinations | Open telemetry logs destinations | string[] |
Name | Description | Value |
---|---|---|
destinations | Open telemetry metrics destinations | string[] |
Name | Description | Value |
---|---|---|
destinations | Open telemetry traces destinations | string[] |
Name | Description | Value |
---|---|---|
mtls | Mutual TLS authentication settings for the Managed Environment | Mtls |
Name | Description | Value |
---|---|---|
enabled | Boolean indicating whether the mutual TLS authentication is enabled | bool |
Name | Description | Value |
---|---|---|
dockerBridgeCidr | CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges. | string |
infrastructureSubnetId | Resource ID of a subnet for infrastructure components. Must not overlap with any other provided IP ranges. | string |
internal | Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide infrastructureSubnetId if enabling this property | bool |
platformReservedCidr | IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges. | string |
platformReservedDnsIP | An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server. | string |
Name | Description | Value |
---|---|---|
maximumCount | The maximum capacity. | int |
minimumCount | The minimum capacity. | int |
name | Workload profile type for the workloads to run on. | string (required) |
workloadProfileType | Workload profile type for the workloads to run on. | string (required) |
The following quickstart templates deploy this resource type.
Template | Description |
---|---|
Creates a Container App and Environment with Registry |
Create a Container App Environment with a basic Container App from an Azure Container Registry. It also deploys a Log Analytics Workspace to store logs. |
Creates a two Container App with a Container App Environment |
Create a two Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
Creates a Container App within a Container App Environment |
Create a Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs. |
Creates a Container App with a defined HTTP scaling rule |
Create a Container App Environment with a basic Container App that scales based on HTTP traffic. |
Creates an external Container App environment with a VNET |
Creates an external Container App environment with a VNET. |
Creates an internal Container App environment with a VNET |
Creates an internal Container App environment with a VNET. |