2

I am using bicep to configure the site and DNS. Currently, I can configure it when using the subdomain (e.g www.foilen-lab.me) by using a CNANE, but for the main (e.g foilen-lab.me), I cannot use a CNAME and must use the IP. How can I get the IP?

Currently for the "www":

resource siteWww 'Microsoft.Web/sites@2021-03-01' = {
  name: 'www-foilen-lab-me'
  location: location
  kind: 'app,linux,container'
  properties: {
    serverFarmId: serverFarmsId
    reserved: true
    httpsOnly: true
    siteConfig: {
      alwaysOn: true
      numberOfWorkers: 1
      linuxFxVersion: 'DOCKER|foilen/az-docker-apache_php:7.4.9-3'
    }
  }
}

resource dnsWww 'Microsoft.Network/dnsZones/CNAME@2018-05-01' = {
  parent: dnsZone
  name: 'www'
  properties: {
    TTL: 3600
    CNAMERecord: {
      cname: '${siteWww.name}.azurewebsites.net'
    }
  }
}

And I would like to create something like:

resource dns 'Microsoft.Network/dnsZones/A@2018-05-01' = {
  parent: dnsZone
  name: '@'
  properties: {
    TTL: 3600
    ARecords: [
      {
        ipv4Address: '${siteWww.xxxxxxxx}'
      }
    ]
  }
}

thanks

Simon Levesque
  • 417
  • 1
  • 6
  • 13
  • This is important to note that the inbound IP address of your Web App might not be static - there are good explanations in the documentation here https://learn.microsoft.com/en-us/azure/app-service/overview-inbound-outbound-ips and here https://www.azureblue.io/how-to-use-fix-ips-with-azure-app-service/. Here you might want to rely on TLS/SSL Binding to have a static IP and construct your App from there - see https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-bindings#secure-a-custom-domain Not sure this can be done using Bicep though.. – Jul_DW Apr 28 '22 at 09:35
  • 1
    Hi Jul, from the doc you gave, the inbound ip change events are all when we update/recreate, which would happen when I update with bicep, so bicep would grab the latest IP. So, that confirms that it is safe to do that. Now, just need to know the syntax to get the inbound ips :) – Simon Levesque Apr 28 '22 at 10:51

1 Answers1

1

You should be able to use siteWww.properties.inboundIpAddress to get the current ipAddress.

As a general rule of thumb you can retrieve any property on a resource in bicep by using it's symbolic name and the JSON path of the GET from the REST api.

So for example, if you go to the portal for any resource and select the JSON View from the overview page... you can see what's possible to return via that syntax. e.g. siteWww.properties.customDomainVerificationId is also handy.

bmoore-msft
  • 8,376
  • 20
  • 22
  • 2
    The bicep's visual code extension is giving a warning: "The type "SiteProperties" does not contain property "inboundIpAddress"" When running bicep, it gives a similar warning: Warning BCP053: The type "SiteProperties" does not contain property "inboundIpAddress". But it works: the deployment was succesful and the DNS has the right value in it. I will open a bug report for that warning. thanks – Simon Levesque Apr 28 '22 at 16:56
  • as well - thanks for the bug report – bmoore-msft Apr 29 '22 at 17:16
  • @SimonLevesque - Do you have a link to the bug? – Guillaume LaHaye May 17 '23 at 04:43
  • 1
    https://github.com/Azure/bicep/issues/784#issuecomment-1112445916 – Simon Levesque May 18 '23 at 12:28
  • This one is more specific to inboundIpAddress and is still open: https://github.com/Azure/azure-rest-api-specs/issues/12974 – Guillaume LaHaye May 19 '23 at 19:46