Update readme

2022-10-25 10:23:04 +13:00 · 2022-10-25 10:23:04 +13:00 · 20eba75a88
commit 20eba75a88
parent 3226d364a8
1 changed files with 245 additions and 113 deletions
--- a/quickstart/101-front-door-standard-premium/readme.md
+++ b/quickstart/101-front-door-standard-premium/readme.md
@ -1,6 +1,6 @@
 # Azure Front Door Standard/Premium

-This template deploys an [Azure Front Door Standard/Premium profile](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_profile) with classic application and network rules.
+This template deploys an [Azure Front Door Standard/Premium profile](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_profile) with an App Service origin.

 ## Resources

@ -36,131 +36,263 @@ Terraform used the selected providers to generate the following execution plan.

 Terraform will perform the following actions:

-  # azurerm_firewall.fw will be created
-  + resource "azurerm_firewall" "fw" {
+  # azurerm_cdn_frontdoor_endpoint.my_endpoint will be created
+  + resource "azurerm_cdn_frontdoor_endpoint" "my_endpoint" {
+      + cdn_frontdoor_profile_id = (known after apply)
+      + enabled                  = true
+      + host_name                = (known after apply)
      + id                       = (known after apply)
-      + location            = "eastus"
-      + name                = "testfirewall"
-      + resource_group_name = "test-resources"
-      + sku_name            = (known after apply)
-      + sku_tier            = (known after apply)
-      + threat_intel_mode   = "Alert"
+      + name                     = (known after apply)
+    }

-      + ip_configuration {
-          + name                 = "configuration"
-          + private_ip_address   = (known after apply)
-          + public_ip_address_id = (known after apply)
-          + subnet_id            = (known after apply)
+  # azurerm_cdn_frontdoor_origin.my_app_service_origin will be created
+  + resource "azurerm_cdn_frontdoor_origin" "my_app_service_origin" {
+      + cdn_frontdoor_origin_group_id  = (known after apply)
+      + certificate_name_check_enabled = true
+      + enabled                        = true
+      + health_probes_enabled          = (known after apply)
+      + host_name                      = (known after apply)
+      + http_port                      = 80
+      + https_port                     = 443
+      + id                             = (known after apply)
+      + name                           = "MyAppServiceOrigin"
+      + origin_host_header             = (known after apply)
+      + priority                       = 1
+      + weight                         = 1000
+    }
+
+  # azurerm_cdn_frontdoor_origin_group.my_origin_group will be created
+  + resource "azurerm_cdn_frontdoor_origin_group" "my_origin_group" {
+      + cdn_frontdoor_profile_id                                  = (known after apply)
+      + id                                                        = (known after apply)
+      + name                                                      = "MyOriginGroup"
+      + restore_traffic_time_to_healed_or_new_endpoint_in_minutes = 10
+      + session_affinity_enabled                                  = true
+
+      + health_probe {
+          + interval_in_seconds = 100
+          + path                = "/"
+          + protocol            = "Https"
+          + request_type        = "HEAD"
+        }
+
+      + load_balancing {
+          + additional_latency_in_milliseconds = 50
+          + sample_size                        = 4
+          + successful_samples_required        = 3
        }
    }

-  # azurerm_firewall_application_rule_collection.app-rc will be created
-  + resource "azurerm_firewall_application_rule_collection" "app-rc" {
+  # azurerm_cdn_frontdoor_profile.my_front_door will be created
+  + resource "azurerm_cdn_frontdoor_profile" "my_front_door" {
+      + id                       = (known after apply)
+      + name                     = "MyFrontDoor"
+      + resource_group_name      = "FrontDoor"
+      + resource_guid            = (known after apply)
+      + response_timeout_seconds = 120
+      + sku_name                 = "Standard_AzureFrontDoor"
+    }
+
+  # azurerm_cdn_frontdoor_route.my_route will be created
+  + resource "azurerm_cdn_frontdoor_route" "my_route" {
+      + cdn_frontdoor_endpoint_id     = (known after apply)
+      + cdn_frontdoor_origin_group_id = (known after apply)
+      + cdn_frontdoor_origin_ids      = (known after apply)
+      + enabled                       = true
+      + forwarding_protocol           = "HttpsOnly"
+      + https_redirect_enabled        = true
+      + id                            = (known after apply)
+      + link_to_default_domain        = true
+      + name                          = "MyRoute"
+      + patterns_to_match             = [
+          + "/*",
+        ]
+      + supported_protocols           = [
+          + "Http",
+          + "Https",
+        ]
+    }
+
+  # azurerm_resource_group.my_resource_group will be created
+  + resource "azurerm_resource_group" "my_resource_group" {
+      + id       = (known after apply)
+      + location = "westus2"
+      + name     = "FrontDoor"
+    }
+
+  # azurerm_service_plan.app_service_plan will be created
+  + resource "azurerm_service_plan" "app_service_plan" {
+      + id                           = (known after apply)
+      + kind                         = (known after apply)
+      + location                     = "westus2"
+      + maximum_elastic_worker_count = (known after apply)
+      + name                         = "AppServicePlan"
+      + os_type                      = "Windows"
+      + per_site_scaling_enabled     = false
+      + reserved                     = (known after apply)
+      + resource_group_name          = "FrontDoor"
+      + sku_name                     = "S1"
+      + worker_count                 = 1
+    }
+
+  # azurerm_windows_web_app.app will be created
+  + resource "azurerm_windows_web_app" "app" {
+      + client_affinity_enabled           = false
+      + client_certificate_enabled        = false
+      + client_certificate_mode           = "Required"
+      + custom_domain_verification_id     = (sensitive value)
+      + default_hostname                  = (known after apply)
+      + enabled                           = true
+      + https_only                        = true
+      + id                                = (known after apply)
+      + key_vault_reference_identity_id   = (known after apply)
+      + kind                              = (known after apply)
+      + location                          = "westus2"
+      + name                              = (known after apply)
+      + outbound_ip_address_list          = (known after apply)
+      + outbound_ip_addresses             = (known after apply)
+      + possible_outbound_ip_address_list = (known after apply)
+      + possible_outbound_ip_addresses    = (known after apply)
+      + resource_group_name               = "FrontDoor"
+      + service_plan_id                   = (known after apply)
+      + site_credential                   = (known after apply)
+      + zip_deploy_file                   = (known after apply)
+
+      + auth_settings {
+          + additional_login_parameters    = (known after apply)
+          + allowed_external_redirect_urls = (known after apply)
+          + default_provider               = (known after apply)
+          + enabled                        = (known after apply)
+          + issuer                         = (known after apply)
+          + runtime_version                = (known after apply)
+          + token_refresh_extension_hours  = (known after apply)
+          + token_store_enabled            = (known after apply)
+          + unauthenticated_client_action  = (known after apply)
+
+          + active_directory {
+              + allowed_audiences          = (known after apply)
+              + client_id                  = (known after apply)
+              + client_secret              = (sensitive value)
+              + client_secret_setting_name = (known after apply)
+            }
+
+          + facebook {
+              + app_id                  = (known after apply)
+              + app_secret              = (sensitive value)
+              + app_secret_setting_name = (known after apply)
+              + oauth_scopes            = (known after apply)
+            }
+
+          + github {
+              + client_id                  = (known after apply)
+              + client_secret              = (sensitive value)
+              + client_secret_setting_name = (known after apply)
+              + oauth_scopes               = (known after apply)
+            }
+
+          + google {
+              + client_id                  = (known after apply)
+              + client_secret              = (sensitive value)
+              + client_secret_setting_name = (known after apply)
+              + oauth_scopes               = (known after apply)
+            }
+
+          + microsoft {
+              + client_id                  = (known after apply)
+              + client_secret              = (sensitive value)
+              + client_secret_setting_name = (known after apply)
+              + oauth_scopes               = (known after apply)
+            }
+
+          + twitter {
+              + consumer_key                 = (known after apply)
+              + consumer_secret              = (sensitive value)
+              + consumer_secret_setting_name = (known after apply)
+            }
+        }
+
+      + site_config {
+          + always_on                               = true
+          + auto_heal_enabled                       = false
+          + container_registry_use_managed_identity = false
+          + default_documents                       = (known after apply)
+          + detailed_error_logging_enabled          = (known after apply)
+          + ftps_state                              = "Disabled"
+          + health_check_eviction_time_in_min       = (known after apply)
+          + http2_enabled                           = false
+          + ip_restriction                          = [
+              + {
                  + action                    = "Allow"
-      + azure_firewall_name = "testfirewall"
-      + id                  = (known after apply)
-      + name                = "apptestcollection"
+                  + headers                   = [
+                      + {
+                          + x_azure_fdid      = (known after apply)
+                          + x_fd_health_probe = []
+                          + x_forwarded_for   = []
+                          + x_forwarded_host  = []
+                        },
+                    ]
+                  + ip_address                = null
+                  + name                      = "Allow traffic from Front Door"
                  + priority                  = 100
-      + resource_group_name = "test-resources"
-
-      + rule {
-          + name             = "testrule"
-          + source_addresses = [
-              + "10.0.0.0/16",
-            ]
-          + target_fqdns     = [
-              + "*.google.com",
+                  + service_tag               = "AzureFrontDoor.Backend"
+                  + virtual_network_subnet_id = null
+                },
            ]
+          + linux_fx_version                        = (known after apply)
+          + load_balancing_mode                     = "LeastRequests"
+          + local_mysql_enabled                     = false
+          + managed_pipeline_mode                   = "Integrated"
+          + minimum_tls_version                     = "1.2"
+          + remote_debugging_enabled                = false
+          + remote_debugging_version                = (known after apply)
+          + scm_ip_restriction                      = (known after apply)
+          + scm_minimum_tls_version                 = "1.2"
+          + scm_type                                = (known after apply)
+          + scm_use_main_ip_restriction             = false
+          + use_32_bit_worker                       = true
+          + vnet_route_all_enabled                  = false
+          + websockets_enabled                      = false
+          + windows_fx_version                      = (known after apply)
+          + worker_count                            = (known after apply)

-          + protocol {
-              + port = 443
-              + type = "Https"
+          + application_stack {
+              + current_stack             = (known after apply)
+              + docker_container_name     = (known after apply)
+              + docker_container_registry = (known after apply)
+              + docker_container_tag      = (known after apply)
+              + dotnet_version            = (known after apply)
+              + java_container            = (known after apply)
+              + java_container_version    = (known after apply)
+              + java_version              = (known after apply)
+              + node_version              = (known after apply)
+              + php_version               = (known after apply)
+              + python_version            = (known after apply)
            }
        }
    }

-  # azurerm_firewall_network_rule_collection.net-rc will be created
-  + resource "azurerm_firewall_network_rule_collection" "net-rc" {
-      + action              = "Allow"
-      + azure_firewall_name = "testfirewall"
+  # random_id.app_name will be created
+  + resource "random_id" "app_name" {
+      + b64_std     = (known after apply)
+      + b64_url     = (known after apply)
+      + byte_length = 8
+      + dec         = (known after apply)
+      + hex         = (known after apply)
      + id          = (known after apply)
-      + name                = "apptestcollection"
-      + priority            = 100
-      + resource_group_name = "test-resources"
-
-      + rule {
-          + destination_addresses = [
-              + "8.8.4.4",
-              + "8.8.8.8",
-            ]
-          + destination_fqdns     = []
-          + destination_ip_groups = []
-          + destination_ports     = [
-              + "53",
-            ]
-          + name                  = "dnsrule"
-          + protocols             = [
-              + "TCP",
-              + "UDP",
-            ]
-          + source_addresses      = [
-              + "10.0.0.0/16",
-            ]
-          + source_ip_groups      = []
-        }
    }

-  # azurerm_public_ip.pip will be created
-  + resource "azurerm_public_ip" "pip" {
-      + allocation_method       = "Static"
-      + availability_zone       = (known after apply)
-      + fqdn                    = (known after apply)
+  # random_id.front_door_endpoint_name will be created
+  + resource "random_id" "front_door_endpoint_name" {
+      + b64_std     = (known after apply)
+      + b64_url     = (known after apply)
+      + byte_length = 8
+      + dec         = (known after apply)
+      + hex         = (known after apply)
      + id          = (known after apply)
-      + idle_timeout_in_minutes = 4
-      + ip_address              = (known after apply)
-      + ip_version              = "IPv4"
-      + location                = "eastus"
-      + name                    = "testpip"
-      + resource_group_name     = "test-resources"
-      + sku                     = "Standard"
-      + zones                   = (known after apply)
    }

-  # azurerm_resource_group.rg will be created
-  + resource "azurerm_resource_group" "rg" {
-      + id       = (known after apply)
-      + location = "eastus"
-      + name     = "test-resources"
-    }
+Plan: 10 to add, 0 to change, 0 to destroy.

-  # azurerm_subnet.subnet will be created
-  + resource "azurerm_subnet" "subnet" {
-      + address_prefix                                 = (known after apply)
-      + address_prefixes                               = [
-          + "10.0.1.0/24",
-        ]
-      + enforce_private_link_endpoint_network_policies = false
-      + enforce_private_link_service_network_policies  = false
-      + id                                             = (known after apply)
-      + name                                           = "AzureFirewallSubnet"
-      + resource_group_name                            = "test-resources"
-      + virtual_network_name                           = "testvnet"
-    }
-
-  # azurerm_virtual_network.vnet will be created
-  + resource "azurerm_virtual_network" "vnet" {
-      + address_space         = [
-          + "10.0.0.0/16",
-        ]
-      + dns_servers           = (known after apply)
-      + guid                  = (known after apply)
-      + id                    = (known after apply)
-      + location              = "eastus"
-      + name                  = "testvnet"
-      + resource_group_name   = "test-resources"
-      + subnet                = (known after apply)
-      + vm_protection_enabled = false
-    }
-
-Plan: 7 to add, 0 to change, 0 to destroy.
+Changes to Outputs:
+  + frontDoorEndpointHostName = (known after apply)
 ```