Menu
How to enable app-service-authentication and logging into a blob via ARM-Template?
hello everybody, i have a question i want to activate the app-service-authentication for anonymous requests and also the logging of everything that could happen in the website into a blob of a storageaccount via the resource template. what should i add to the template-json-file to do that?
thanks for every help
Edit:
I found out something. with this snippet it work but that are not the correct settings
"properties": {
"name": "<#= website.Name #>",
"siteConfig": {
"alwaysOn": true,
"siteAuthEnabled": true,
"siteAuthSettings": null,
"httpLoggingEnabled": true,
"logsDirectorySizeLimit": 35,
"detailedErrorLoggingEnabled": true
},
now it looks like so:
but that is how it should be looking for:
997
The Authorize document will help you in authorizing the OAuth connections. Manually authorize OAuth connections by opening your logic app in Logic App Designer, either in the Azure portal or in Visual Studio. When you authorize your connection, a confirmation page might appear for you to allow access.
In Overview, select your app's management page. On your app's left menu, select Authentication, and then click Add identity provider. In the Add an identity provider page, select Microsoft as the Identity provider to sign in Microsoft and Azure AD identities.
To modify existing resources using ARM templates, export the template for the resource from within the Azure Portal. Then download it locally. You can then modify it to update settings for Cosmos resources. ARM templates have api-versions.
According to your scenario, I have deployed my ARM template to enable Application Logging and Web server logging against Blob Storage, enable App Service Authentication and allow Anonymous requests for my Web App. Here are some detailed steps, you could refer to them.
1.Create Azure Resource Group project and add the Web App template;
2.Add "MONITORING > Diagnostic logs" configuration as follows:
3.Add "SETTINGS > Authentication/Authorization" configuration as follows:
4.Deploy the Web App and check it on Azure Portal:
Here is my website.json, you could refer to it.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"hostingPlanName": {
"type": "string",
"minLength": 1
},
"skuName": {
"type": "string",
"defaultValue": "F1",
"allowedValues": [
"F1",
"D1",
"B1",
"B2",
"B3",
"S1",
"S2",
"S3",
"P1",
"P2",
"P3",
"P4"
],
"metadata": {
"description": "Describes plan's pricing tier and capacity. Check details at https://azure.microsoft.com/en-us/pricing/details/app-service/"
}
},
"skuCapacity": {
"type": "int",
"defaultValue": 1,
"minValue": 1,
"metadata": {
"description": "Describes plan's instance count"
}
}
},
"variables": {
"webSiteName": "[concat('webSite', uniqueString(resourceGroup().id))]"
},
"resources": [
{
"apiVersion": "2015-08-01",
"name": "[parameters('hostingPlanName')]",
"type": "Microsoft.Web/serverfarms",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "HostingPlan"
},
"sku": {
"name": "[parameters('skuName')]",
"capacity": "[parameters('skuCapacity')]"
},
"properties": {
"name": "[parameters('hostingPlanName')]"
}
},
{
"apiVersion": "2015-08-01",
"name": "[variables('webSiteName')]",
"type": "Microsoft.Web/sites",
"location": "[resourceGroup().location]",
"tags": {
"[concat('hidden-related:', resourceGroup().id, '/providers/Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]": "Resource",
"displayName": "Website"
},
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms/', parameters('hostingPlanName'))]"
],
"properties": {
"name": "[variables('webSiteName')]",
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', parameters('hostingPlanName'))]"
},
"resources": [
{
"name": "logs",
"type": "config",
"apiVersion": "2015-08-01",
"dependsOn": [ "[resourceId('Microsoft.Web/sites/', variables('webSiteName'))]" ],
"tags": {
"displayName": "websiteLogs"
},
"properties": {
"applicationLogs": {
"fileSystem": {
"level": "Off"
},
"azureTableStorage": {
"level": "Off",
"sasUrl": null
},
"azureBlobStorage": {
"level": "Error",
"sasUrl": "https://{your-storageaccount-name}.blob.core.windows.net/{container-name}?{sasToken}",
"retentionInDays": null
}
},
"httpLogs": {
"fileSystem": {
"retentionInMb": 35,
"retentionInDays": null,
"enabled": false
},
"azureBlobStorage": {
"sasUrl":"https://{your-storageaccount-name}.blob.core.windows.net/{container-name}?{sasToken}",
"retentionInDays": null,
"enabled": true
}
},
"failedRequestsTracing": {
"enabled": true
},
"detailedErrorMessages": {
"enabled": true
}
}
},
{
"name": "authsettings",
"type": "config",
"apiVersion": "2015-08-01",
"dependsOn": [ "[resourceId('Microsoft.Web/sites/', variables('webSiteName'))]" ],
"tags": {
"displayName": "websiteAuthSettings"
},
"properties": {
"enabled": true,
"httpApiPrefixPath": null,
"unauthenticatedClientAction": 1,
"tokenStoreEnabled": true,
"allowedExternalRedirectUrls": null,
"defaultProvider": 0,
"clientId": null,
"clientSecret": null,
"issuer": null,
"allowedAudiences": null,
"additionalLoginParams": null,
"isAadAutoProvisioned": false,
"googleClientId": null,
"googleClientSecret": null,
"googleOAuthScopes": null,
"facebookAppId": null,
"facebookAppSecret": null,
"facebookOAuthScopes": [
""
],
"twitterConsumerKey": null,
"twitterConsumerSecret": null,
"microsoftAccountClientId": null,
"microsoftAccountClientSecret": null,
"microsoftAccountOAuthScopes": [
""
]
}
}
]
}
]
}
Additionally, you could retrieve the configurations from resources.azure.com. Here is the screenshot for you to have a better understanding of the ARM template:
152
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
