Manages a Container App Custom Domain.
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_dns_zone" "example" {
name = "contoso.com"
resource_group_name = azurerm_resource_group.example.name
}
resource "azurerm_dns_txt_record" "example" {
name = "asuid.example"
resource_group_name = azurerm_dns_zone.example.resource_group_name
zone_name = azurerm_dns_zone.example.name
ttl = 300
record {
value = azurerm_container_app.example.custom_domain_verification_id
}
}
resource "azurerm_log_analytics_workspace" "example" {
name = "example"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
sku = "PerGB2018"
retention_in_days = 30
}
resource "azurerm_container_app_environment" "example" {
name = "Example-Environment"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
log_analytics_workspace_id = azurerm_log_analytics_workspace.example.id
}
resource "azurerm_container_app_environment_certificate" "example" {
name = "myfriendlyname"
container_app_environment_id = azurerm_container_app_environment.example.id
certificate_blob = filebase64("path/to/certificate_file.pfx")
certificate_password = "$3cretSqu1rreL"
}
resource "azurerm_container_app" "example" {
name = "example-app"
container_app_environment_id = azurerm_container_app_environment.example.id
resource_group_name = azurerm_resource_group.example.name
revision_mode = "Single"
template {
container {
name = "examplecontainerapp"
image = "mcr.microsoft.com/azuredocs/containerapps-helloworld:latest"
cpu = 0.25
memory = "0.5Gi"
}
}
ingress {
allow_insecure_connections = false
external_enabled = true
target_port = 5000
transport = "http"
traffic_weight {
latest_revision = true
percentage = 100
}
}
}
resource "azurerm_container_app_custom_domain" "example" {
name = trimprefix(azurerm_dns_txt_record.example.fqdn, "asuid.")
container_app_id = azurerm_container_app.example.id
container_app_environment_certificate_id = azurerm_container_app_environment_certificate.example.id
certificate_binding_type = "SniEnabled"
}
resource "azurerm_container_app_custom_domain" "example" {
name = trimprefix(azurerm_dns_txt_record.example.fqdn, "asuid.")
container_app_id = azurerm_container_app.example.id
lifecycle {
// When using an Azure created Managed Certificate these values must be added to ignore_changes to prevent resource recreation.
ignore_changes = [certificate_binding_type, container_app_environment_certificate_id]
}
}
The following arguments are supported:
name
- (Required) The fully qualified name of the Custom Domain. Must be the CN or a named SAN in the certificate specified by the container_app_environment_certificate_id
. Changing this forces a new resource to be created.container_app_id
- (Required) The ID of the Container App to which this Custom Domain should be bound. Changing this forces a new resource to be created.
container_app_environment_certificate_id
- (Optional) The ID of the Container App Environment Certificate to use. Changing this forces a new resource to be created.
certificate_binding_type
- (Optional) The Certificate Binding type. Possible values include Disabled
and SniEnabled
. Required with container_app_environment_certificate_id
. Changing this forces a new resource to be created.The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 30 minutes) Used when creating the Container App.update
- (Defaults to 30 minutes) Used when updating the Container App.read
- (Defaults to 5 minutes) Used when retrieving the Container App.delete
- (Defaults to 30 minutes) Used when deleting the Container App.A Container App Custom Domain can be imported using the resource id
, e.g.
terraform import azurerm_container_app_custom_domain.example "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resGroup1/providers/Microsoft.App/containerApps/myContainerApp/customDomainName/mycustomdomain.example.com"