Microsoft.App managedEnvironments

Bicep resource definition

The managedEnvironments resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.App/managedEnvironments resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.App/managedEnvironments@2023-11-02-preview' = {
  name: 'string'
  location: 'string'
  tags: {
    tagName1: 'tagValue1'
    tagName2: 'tagValue2'
  }
  kind: 'string'
  identity: {
    type: 'string'
    userAssignedIdentities: {
      {customized property}: {}
    }
  }
  properties: {
    appInsightsConfiguration: {
      connectionString: 'string'
    }
    appLogsConfiguration: {
      destination: 'string'
      logAnalyticsConfiguration: {
        customerId: 'string'
        dynamicJsonColumns: bool
        sharedKey: 'string'
      }
    }
    customDomainConfiguration: {
      certificateKeyVaultProperties: {
        identity: 'string'
        keyVaultUrl: 'string'
      }
      certificatePassword: 'string'
      certificateValue: any()
      dnsSuffix: 'string'
    }
    daprAIConnectionString: 'string'
    daprAIInstrumentationKey: 'string'
    daprConfiguration: {}
    infrastructureResourceGroup: 'string'
    kedaConfiguration: {}
    openTelemetryConfiguration: {
      destinationsConfiguration: {
        dataDogConfiguration: {
          key: 'string'
          site: 'string'
        }
        otlpConfigurations: [
          {
            endpoint: 'string'
            headers: [
              {
                key: 'string'
                value: 'string'
              }
            ]
            insecure: bool
            name: 'string'
          }
        ]
      }
      logsConfiguration: {
        destinations: [
          'string'
        ]
      }
      metricsConfiguration: {
        destinations: [
          'string'
        ]
      }
      tracesConfiguration: {
        destinations: [
          'string'
        ]
      }
    }
    peerAuthentication: {
      mtls: {
        enabled: bool
      }
    }
    vnetConfiguration: {
      dockerBridgeCidr: 'string'
      infrastructureSubnetId: 'string'
      internal: bool
      platformReservedCidr: 'string'
      platformReservedDnsIP: 'string'
    }
    workloadProfiles: [
      {
        maximumCount: int
        minimumCount: int
        name: 'string'
        workloadProfileType: 'string'
      }
    ]
    zoneRedundant: bool
  }
}

Property values

managedEnvironments

Name Description Value
name The resource name string (required)
location The geo-location where the resource lives string (required)
tags Resource tags. Dictionary of tag names and values. See Tags in templates
kind Kind of the Environment. string
identity Managed identities for the Managed Environment to interact with other Azure services without maintaining any secrets or credentials in code. ManagedServiceIdentity
properties Managed environment resource specific properties ManagedEnvironmentProperties

ManagedServiceIdentity

Name Description Value
type Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed). 'None'
'SystemAssigned'
'SystemAssigned,UserAssigned'
'UserAssigned' (required)
userAssignedIdentities The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests. UserAssignedIdentities

UserAssignedIdentities

Name Description Value
{customized property} UserAssignedIdentity

UserAssignedIdentity

This object doesn't contain any properties to set during deployment. All properties are ReadOnly.

ManagedEnvironmentProperties

Name Description Value
appInsightsConfiguration Environment level Application Insights configuration AppInsightsConfiguration
appLogsConfiguration Cluster configuration which enables the log daemon to export
app logs to a destination. Currently only "log-analytics" is
supported
AppLogsConfiguration
customDomainConfiguration Custom domain configuration for the environment CustomDomainConfiguration
daprAIConnectionString Application Insights connection string used by Dapr to export Service to Service communication telemetry string

Constraints:
Sensitive value. Pass in as a secure parameter.
daprAIInstrumentationKey Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry string

Constraints:
Sensitive value. Pass in as a secure parameter.
daprConfiguration The configuration of Dapr component. DaprConfiguration
infrastructureResourceGroup Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources. If a subnet ID is provided, this resource group will be created in the same subscription as the subnet. string
kedaConfiguration The configuration of Keda component. KedaConfiguration
openTelemetryConfiguration Environment Open Telemetry configuration OpenTelemetryConfiguration
peerAuthentication Peer authentication settings for the Managed Environment ManagedEnvironmentPropertiesPeerAuthentication
vnetConfiguration Vnet configuration for the environment VnetConfiguration
workloadProfiles Workload profiles configured for the Managed Environment. WorkloadProfile[]
zoneRedundant Whether or not this Managed Environment is zone-redundant. bool

AppInsightsConfiguration

Name Description Value
connectionString Application Insights connection string string

Constraints:
Sensitive value. Pass in as a secure parameter.

AppLogsConfiguration

Name Description Value
destination Logs destination, can be 'log-analytics', 'azure-monitor' or 'none' string
logAnalyticsConfiguration Log Analytics configuration, must only be provided when destination is configured as 'log-analytics' LogAnalyticsConfiguration

LogAnalyticsConfiguration

Name Description Value
customerId Log analytics customer id string
dynamicJsonColumns Boolean indicating whether to parse json string log into dynamic json columns bool
sharedKey Log analytics customer key string

Constraints:
Sensitive value. Pass in as a secure parameter.

CustomDomainConfiguration

Name Description Value
certificateKeyVaultProperties Certificate stored in Azure Key Vault. CertificateKeyVaultProperties
certificatePassword Certificate password string

Constraints:
Sensitive value. Pass in as a secure parameter.
certificateValue PFX or PEM blob For Bicep, you can use the any() function.
dnsSuffix Dns suffix for the environment domain string

CertificateKeyVaultProperties

Name Description Value
identity Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity. string
keyVaultUrl URL pointing to the Azure Key Vault secret that holds the certificate. string

DaprConfiguration

This object doesn't contain any properties to set during deployment. All properties are ReadOnly.

KedaConfiguration

This object doesn't contain any properties to set during deployment. All properties are ReadOnly.

OpenTelemetryConfiguration

Name Description Value
destinationsConfiguration Open telemetry destinations configuration DestinationsConfiguration
logsConfiguration Open telemetry logs configuration LogsConfiguration
metricsConfiguration Open telemetry metrics configuration MetricsConfiguration
tracesConfiguration Open telemetry trace configuration TracesConfiguration

DestinationsConfiguration

Name Description Value
dataDogConfiguration Open telemetry datadog destination configuration DataDogConfiguration
otlpConfigurations Open telemetry otlp configurations OtlpConfiguration[]

DataDogConfiguration

Name Description Value
key The data dog api key string

Constraints:
Sensitive value. Pass in as a secure parameter.
site The data dog site string

OtlpConfiguration

Name Description Value
endpoint The endpoint of otlp configuration string
headers Headers of otlp configurations Header[]
insecure Boolean indicating if otlp configuration is insecure bool
name The name of otlp configuration string
Name Description Value
key The key of otlp configuration header string
value The value of otlp configuration header string

LogsConfiguration

Name Description Value
destinations Open telemetry logs destinations string[]

MetricsConfiguration

Name Description Value
destinations Open telemetry metrics destinations string[]

TracesConfiguration

Name Description Value
destinations Open telemetry traces destinations string[]

ManagedEnvironmentPropertiesPeerAuthentication

Name Description Value
mtls Mutual TLS authentication settings for the Managed Environment Mtls

Mtls

Name Description Value
enabled Boolean indicating whether the mutual TLS authentication is enabled bool

VnetConfiguration

Name Description Value
dockerBridgeCidr CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges. string
infrastructureSubnetId Resource ID of a subnet for infrastructure components. Must not overlap with any other provided IP ranges. string
internal Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide infrastructureSubnetId if enabling this property bool
platformReservedCidr IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges. string
platformReservedDnsIP An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server. string

WorkloadProfile

Name Description Value
maximumCount The maximum capacity. int
minimumCount The minimum capacity. int
name Workload profile type for the workloads to run on. string (required)
workloadProfileType Workload profile type for the workloads to run on. string (required)

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Creates a Container App and Environment with Registry

Deploy to Azure
Create a Container App Environment with a basic Container App from an Azure Container Registry. It also deploys a Log Analytics Workspace to store logs.
Creates a two Container App with a Container App Environment

Deploy to Azure
Create a two Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs.
Creates a Container App within a Container App Environment

Deploy to Azure
Create a Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs.
Creates a Container App with a defined HTTP scaling rule

Deploy to Azure
Create a Container App Environment with a basic Container App that scales based on HTTP traffic.
Creates an external Container App environment with a VNET

Deploy to Azure
Creates an external Container App environment with a VNET.
Creates an internal Container App environment with a VNET

Deploy to Azure
Creates an internal Container App environment with a VNET.

ARM template resource definition

The managedEnvironments resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.App/managedEnvironments resource, add the following JSON to your template.

{
  "type": "Microsoft.App/managedEnvironments",
  "apiVersion": "2023-11-02-preview",
  "name": "string",
  "location": "string",
  "tags": {
    "tagName1": "tagValue1",
    "tagName2": "tagValue2"
  },
  "kind": "string",
  "identity": {
    "type": "string",
    "userAssignedIdentities": {
      "{customized property}": {}
    }
  },
  "properties": {
    "appInsightsConfiguration": {
      "connectionString": "string"
    },
    "appLogsConfiguration": {
      "destination": "string",
      "logAnalyticsConfiguration": {
        "customerId": "string",
        "dynamicJsonColumns": "bool",
        "sharedKey": "string"
      }
    },
    "customDomainConfiguration": {
      "certificateKeyVaultProperties": {
        "identity": "string",
        "keyVaultUrl": "string"
      },
      "certificatePassword": "string",
      "certificateValue": {},
      "dnsSuffix": "string"
    },
    "daprAIConnectionString": "string",
    "daprAIInstrumentationKey": "string",
    "daprConfiguration": {},
    "infrastructureResourceGroup": "string",
    "kedaConfiguration": {},
    "openTelemetryConfiguration": {
      "destinationsConfiguration": {
        "dataDogConfiguration": {
          "key": "string",
          "site": "string"
        },
        "otlpConfigurations": [
          {
            "endpoint": "string",
            "headers": [
              {
                "key": "string",
                "value": "string"
              }
            ],
            "insecure": "bool",
            "name": "string"
          }
        ]
      },
      "logsConfiguration": {
        "destinations": [ "string" ]
      },
      "metricsConfiguration": {
        "destinations": [ "string" ]
      },
      "tracesConfiguration": {
        "destinations": [ "string" ]
      }
    },
    "peerAuthentication": {
      "mtls": {
        "enabled": "bool"
      }
    },
    "vnetConfiguration": {
      "dockerBridgeCidr": "string",
      "infrastructureSubnetId": "string",
      "internal": "bool",
      "platformReservedCidr": "string",
      "platformReservedDnsIP": "string"
    },
    "workloadProfiles": [
      {
        "maximumCount": "int",
        "minimumCount": "int",
        "name": "string",
        "workloadProfileType": "string"
      }
    ],
    "zoneRedundant": "bool"
  }
}

Property values

managedEnvironments

Name Description Value
type The resource type 'Microsoft.App/managedEnvironments'
apiVersion The resource api version '2023-11-02-preview'
name The resource name string (required)
location The geo-location where the resource lives string (required)
tags Resource tags. Dictionary of tag names and values. See Tags in templates
kind Kind of the Environment. string
identity Managed identities for the Managed Environment to interact with other Azure services without maintaining any secrets or credentials in code. ManagedServiceIdentity
properties Managed environment resource specific properties ManagedEnvironmentProperties

ManagedServiceIdentity

Name Description Value
type Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed). 'None'
'SystemAssigned'
'SystemAssigned,UserAssigned'
'UserAssigned' (required)
userAssignedIdentities The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests. UserAssignedIdentities

UserAssignedIdentities

Name Description Value
{customized property} UserAssignedIdentity

UserAssignedIdentity

This object doesn't contain any properties to set during deployment. All properties are ReadOnly.

ManagedEnvironmentProperties

Name Description Value
appInsightsConfiguration Environment level Application Insights configuration AppInsightsConfiguration
appLogsConfiguration Cluster configuration which enables the log daemon to export
app logs to a destination. Currently only "log-analytics" is
supported
AppLogsConfiguration
customDomainConfiguration Custom domain configuration for the environment CustomDomainConfiguration
daprAIConnectionString Application Insights connection string used by Dapr to export Service to Service communication telemetry string

Constraints:
Sensitive value. Pass in as a secure parameter.
daprAIInstrumentationKey Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry string

Constraints:
Sensitive value. Pass in as a secure parameter.
daprConfiguration The configuration of Dapr component. DaprConfiguration
infrastructureResourceGroup Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources. If a subnet ID is provided, this resource group will be created in the same subscription as the subnet. string
kedaConfiguration The configuration of Keda component. KedaConfiguration
openTelemetryConfiguration Environment Open Telemetry configuration OpenTelemetryConfiguration
peerAuthentication Peer authentication settings for the Managed Environment ManagedEnvironmentPropertiesPeerAuthentication
vnetConfiguration Vnet configuration for the environment VnetConfiguration
workloadProfiles Workload profiles configured for the Managed Environment. WorkloadProfile[]
zoneRedundant Whether or not this Managed Environment is zone-redundant. bool

AppInsightsConfiguration

Name Description Value
connectionString Application Insights connection string string

Constraints:
Sensitive value. Pass in as a secure parameter.

AppLogsConfiguration

Name Description Value
destination Logs destination, can be 'log-analytics', 'azure-monitor' or 'none' string
logAnalyticsConfiguration Log Analytics configuration, must only be provided when destination is configured as 'log-analytics' LogAnalyticsConfiguration

LogAnalyticsConfiguration

Name Description Value
customerId Log analytics customer id string
dynamicJsonColumns Boolean indicating whether to parse json string log into dynamic json columns bool
sharedKey Log analytics customer key string

Constraints:
Sensitive value. Pass in as a secure parameter.

CustomDomainConfiguration

Name Description Value
certificateKeyVaultProperties Certificate stored in Azure Key Vault. CertificateKeyVaultProperties
certificatePassword Certificate password string

Constraints:
Sensitive value. Pass in as a secure parameter.
certificateValue PFX or PEM blob
dnsSuffix Dns suffix for the environment domain string

CertificateKeyVaultProperties

Name Description Value
identity Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity. string
keyVaultUrl URL pointing to the Azure Key Vault secret that holds the certificate. string

DaprConfiguration

This object doesn't contain any properties to set during deployment. All properties are ReadOnly.

KedaConfiguration

This object doesn't contain any properties to set during deployment. All properties are ReadOnly.

OpenTelemetryConfiguration

Name Description Value
destinationsConfiguration Open telemetry destinations configuration DestinationsConfiguration
logsConfiguration Open telemetry logs configuration LogsConfiguration
metricsConfiguration Open telemetry metrics configuration MetricsConfiguration
tracesConfiguration Open telemetry trace configuration TracesConfiguration

DestinationsConfiguration

Name Description Value
dataDogConfiguration Open telemetry datadog destination configuration DataDogConfiguration
otlpConfigurations Open telemetry otlp configurations OtlpConfiguration[]

DataDogConfiguration

Name Description Value
key The data dog api key string

Constraints:
Sensitive value. Pass in as a secure parameter.
site The data dog site string

OtlpConfiguration

Name Description Value
endpoint The endpoint of otlp configuration string
headers Headers of otlp configurations Header[]
insecure Boolean indicating if otlp configuration is insecure bool
name The name of otlp configuration string

Header

Name Description Value
key The key of otlp configuration header string
value The value of otlp configuration header string

LogsConfiguration

Name Description Value
destinations Open telemetry logs destinations string[]

MetricsConfiguration

Name Description Value
destinations Open telemetry metrics destinations string[]

TracesConfiguration

Name Description Value
destinations Open telemetry traces destinations string[]

ManagedEnvironmentPropertiesPeerAuthentication

Name Description Value
mtls Mutual TLS authentication settings for the Managed Environment Mtls

Mtls

Name Description Value
enabled Boolean indicating whether the mutual TLS authentication is enabled bool

VnetConfiguration

Name Description Value
dockerBridgeCidr CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges. string
infrastructureSubnetId Resource ID of a subnet for infrastructure components. Must not overlap with any other provided IP ranges. string
internal Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide infrastructureSubnetId if enabling this property bool
platformReservedCidr IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges. string
platformReservedDnsIP An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server. string

WorkloadProfile

Name Description Value
maximumCount The maximum capacity. int
minimumCount The minimum capacity. int
name Workload profile type for the workloads to run on. string (required)
workloadProfileType Workload profile type for the workloads to run on. string (required)

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Creates a Container App and Environment with Registry

Deploy to Azure
Create a Container App Environment with a basic Container App from an Azure Container Registry. It also deploys a Log Analytics Workspace to store logs.
Creates a two Container App with a Container App Environment

Deploy to Azure
Create a two Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs.
Creates a Container App within a Container App Environment

Deploy to Azure
Create a Container App Environment with a basic Container App. It also deploys a Log Analytics Workspace to store logs.
Creates a Container App with a defined HTTP scaling rule

Deploy to Azure
Create a Container App Environment with a basic Container App that scales based on HTTP traffic.
Creates an external Container App environment with a VNET

Deploy to Azure
Creates an external Container App environment with a VNET.
Creates an internal Container App environment with a VNET

Deploy to Azure
Creates an internal Container App environment with a VNET.

Terraform (AzAPI provider) resource definition

The managedEnvironments resource type can be deployed with operations that target:

  • Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.App/managedEnvironments resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.App/managedEnvironments@2023-11-02-preview"
  name = "string"
  location = "string"
  parent_id = "string"
  tags = {
    tagName1 = "tagValue1"
    tagName2 = "tagValue2"
  }
  identity {
    type = "string"
    identity_ids = []
  }
  body = jsonencode({
    properties = {
      appInsightsConfiguration = {
        connectionString = "string"
      }
      appLogsConfiguration = {
        destination = "string"
        logAnalyticsConfiguration = {
          customerId = "string"
          dynamicJsonColumns = bool
          sharedKey = "string"
        }
      }
      customDomainConfiguration = {
        certificateKeyVaultProperties = {
          identity = "string"
          keyVaultUrl = "string"
        }
        certificatePassword = "string"
        dnsSuffix = "string"
      }
      daprAIConnectionString = "string"
      daprAIInstrumentationKey = "string"
      daprConfiguration = {}
      infrastructureResourceGroup = "string"
      kedaConfiguration = {}
      openTelemetryConfiguration = {
        destinationsConfiguration = {
          dataDogConfiguration = {
            key = "string"
            site = "string"
          }
          otlpConfigurations = [
            {
              endpoint = "string"
              headers = [
                {
                  key = "string"
                  value = "string"
                }
              ]
              insecure = bool
              name = "string"
            }
          ]
        }
        logsConfiguration = {
          destinations = [
            "string"
          ]
        }
        metricsConfiguration = {
          destinations = [
            "string"
          ]
        }
        tracesConfiguration = {
          destinations = [
            "string"
          ]
        }
      }
      peerAuthentication = {
        mtls = {
          enabled = bool
        }
      }
      vnetConfiguration = {
        dockerBridgeCidr = "string"
        infrastructureSubnetId = "string"
        internal = bool
        platformReservedCidr = "string"
        platformReservedDnsIP = "string"
      }
      workloadProfiles = [
        {
          maximumCount = int
          minimumCount = int
          name = "string"
          workloadProfileType = "string"
        }
      ]
      zoneRedundant = bool
    }
    kind = "string"
  })
}

Property values

managedEnvironments

Name Description Value
type The resource type "Microsoft.App/managedEnvironments@2023-11-02-preview"
name The resource name string (required)
location The geo-location where the resource lives string (required)
parent_id To deploy to a resource group, use the ID of that resource group. string (required)
tags Resource tags. Dictionary of tag names and values.
kind Kind of the Environment. string
identity Managed identities for the Managed Environment to interact with other Azure services without maintaining any secrets or credentials in code. ManagedServiceIdentity
properties Managed environment resource specific properties ManagedEnvironmentProperties

ManagedServiceIdentity

Name Description Value
type Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed). "SystemAssigned"
"SystemAssigned,UserAssigned"
"UserAssigned" (required)
identity_ids The set of user assigned identities associated with the resource. The userAssignedIdentities dictionary keys will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}. The dictionary values can be empty objects ({}) in requests. Array of user identity IDs.

UserAssignedIdentities

Name Description Value
{customized property} UserAssignedIdentity

UserAssignedIdentity

This object doesn't contain any properties to set during deployment. All properties are ReadOnly.

ManagedEnvironmentProperties

Name Description Value
appInsightsConfiguration Environment level Application Insights configuration AppInsightsConfiguration
appLogsConfiguration Cluster configuration which enables the log daemon to export
app logs to a destination. Currently only "log-analytics" is
supported
AppLogsConfiguration
customDomainConfiguration Custom domain configuration for the environment CustomDomainConfiguration
daprAIConnectionString Application Insights connection string used by Dapr to export Service to Service communication telemetry string

Constraints:
Sensitive value. Pass in as a secure parameter.
daprAIInstrumentationKey Azure Monitor instrumentation key used by Dapr to export Service to Service communication telemetry string

Constraints:
Sensitive value. Pass in as a secure parameter.
daprConfiguration The configuration of Dapr component. DaprConfiguration
infrastructureResourceGroup Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources. If a subnet ID is provided, this resource group will be created in the same subscription as the subnet. string
kedaConfiguration The configuration of Keda component. KedaConfiguration
openTelemetryConfiguration Environment Open Telemetry configuration OpenTelemetryConfiguration
peerAuthentication Peer authentication settings for the Managed Environment ManagedEnvironmentPropertiesPeerAuthentication
vnetConfiguration Vnet configuration for the environment VnetConfiguration
workloadProfiles Workload profiles configured for the Managed Environment. WorkloadProfile[]
zoneRedundant Whether or not this Managed Environment is zone-redundant. bool

AppInsightsConfiguration

Name Description Value
connectionString Application Insights connection string string

Constraints:
Sensitive value. Pass in as a secure parameter.

AppLogsConfiguration

Name Description Value
destination Logs destination, can be 'log-analytics', 'azure-monitor' or 'none' string
logAnalyticsConfiguration Log Analytics configuration, must only be provided when destination is configured as 'log-analytics' LogAnalyticsConfiguration

LogAnalyticsConfiguration

Name Description Value
customerId Log analytics customer id string
dynamicJsonColumns Boolean indicating whether to parse json string log into dynamic json columns bool
sharedKey Log analytics customer key string

Constraints:
Sensitive value. Pass in as a secure parameter.

CustomDomainConfiguration

Name Description Value
certificateKeyVaultProperties Certificate stored in Azure Key Vault. CertificateKeyVaultProperties
certificatePassword Certificate password string

Constraints:
Sensitive value. Pass in as a secure parameter.
certificateValue PFX or PEM blob
dnsSuffix Dns suffix for the environment domain string

CertificateKeyVaultProperties

Name Description Value
identity Resource ID of a managed identity to authenticate with Azure Key Vault, or System to use a system-assigned identity. string
keyVaultUrl URL pointing to the Azure Key Vault secret that holds the certificate. string

DaprConfiguration

This object doesn't contain any properties to set during deployment. All properties are ReadOnly.

KedaConfiguration

This object doesn't contain any properties to set during deployment. All properties are ReadOnly.

OpenTelemetryConfiguration

Name Description Value
destinationsConfiguration Open telemetry destinations configuration DestinationsConfiguration
logsConfiguration Open telemetry logs configuration LogsConfiguration
metricsConfiguration Open telemetry metrics configuration MetricsConfiguration
tracesConfiguration Open telemetry trace configuration TracesConfiguration

DestinationsConfiguration

Name Description Value
dataDogConfiguration Open telemetry datadog destination configuration DataDogConfiguration
otlpConfigurations Open telemetry otlp configurations OtlpConfiguration[]

DataDogConfiguration

Name Description Value
key The data dog api key string

Constraints:
Sensitive value. Pass in as a secure parameter.
site The data dog site string

OtlpConfiguration

Name Description Value
endpoint The endpoint of otlp configuration string
headers Headers of otlp configurations Header[]
insecure Boolean indicating if otlp configuration is insecure bool
name The name of otlp configuration string

Header

Name Description Value
key The key of otlp configuration header string
value The value of otlp configuration header string

LogsConfiguration

Name Description Value
destinations Open telemetry logs destinations string[]

MetricsConfiguration

Name Description Value
destinations Open telemetry metrics destinations string[]

TracesConfiguration

Name Description Value
destinations Open telemetry traces destinations string[]

ManagedEnvironmentPropertiesPeerAuthentication

Name Description Value
mtls Mutual TLS authentication settings for the Managed Environment Mtls

Mtls

Name Description Value
enabled Boolean indicating whether the mutual TLS authentication is enabled bool

VnetConfiguration

Name Description Value
dockerBridgeCidr CIDR notation IP range assigned to the Docker bridge, network. Must not overlap with any other provided IP ranges. string
infrastructureSubnetId Resource ID of a subnet for infrastructure components. Must not overlap with any other provided IP ranges. string
internal Boolean indicating the environment only has an internal load balancer. These environments do not have a public static IP resource. They must provide infrastructureSubnetId if enabling this property bool
platformReservedCidr IP range in CIDR notation that can be reserved for environment infrastructure IP addresses. Must not overlap with any other provided IP ranges. string
platformReservedDnsIP An IP address from the IP range defined by platformReservedCidr that will be reserved for the internal DNS server. string

WorkloadProfile

Name Description Value
maximumCount The maximum capacity. int
minimumCount The minimum capacity. int
name Workload profile type for the workloads to run on. string (required)
workloadProfileType Workload profile type for the workloads to run on. string (required)