Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: In App Services (Web Apps) provide ability to set Certificate exclusion paths #8876

Open
ghost opened this issue Oct 14, 2020 · 1 comment
Open

Feature Request: In App Services (Web Apps) provide ability to set Certificate exclusion paths #8876

ghost opened this issue Oct 14, 2020 · 1 comment
Labels
enhancement service/app-service

Comments

@ghost
Copy link

ghost commented Oct 14, 2020

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

In Azure App Services (Web Apps), please provide ability to set Certificate exclusion paths.
This allows our Azure Traffic Manager Endpoint to communicate to our Web Apps without a certificate for health check endpoints.
Here is a screenshot from the Azure portal:
image
Here is an excerpt from the Azure App Service (Web App) Export Template:
"clientCertExclusionPaths": "/foo;/bar;/hello;/world",
Here is an example Azure CLI command that I tested out:
az webapp update --set clientCertExclusionPaths="/foo;/bar;/hello;/world" --name myWebapp --resource-group myResourceGroup

Note that the current work around my group uses to automate this setting is to use the above mentioned azure cli command after applying Terraform. Also we prefer to avoid using the ARM templates deployment resource script as much as possible. Thanks.

New or Affected Resource(s)

  • azurerm_app_service

Potential Terraform Configuration

resource "azurerm_app_service" "example" {
  name                = "example-app-service"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  app_service_plan_id = azurerm_app_service_plan.example.id

  client_affinity_enabled = false
  client_cert_enabled = true
  client_cert_exclusion_paths =  "/foo;/bar;/hello;/world"  # This is the property setting to add the certificate exclusion paths.

  app_settings = {
    "SOME_KEY" = "some-value"
  }
}

References

Below is a similar issue but for function apps only:

Related documentation below:
@kiazhi
Copy link

kiazhi commented Feb 7, 2021

azurerm_function_app needs something similar too.

@olofattemo olofattemo mentioned this issue Apr 29, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement service/app-service
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@manicminer @kiazhi