I wanted to experiment a bit with terraform and azure function apps. So I made the below to set up an Azure function app. I chose the windows version because I could not get the linux one to work with .Net core and HTTP.
Note: I have removed the backend from the below, but you will need a backend and to initialise your terraform.
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.2.0"
}
}
#TODO Your backend goes here
}
provider "azurerm" {
features {}
}
variable "location" {
type = string
default = "West Europe"
}
variable "resourcegroup" {
type = string
default = "Resourcegroup"
}
resource "random_string" "storage_name" {
length = 24
upper = false
lower = true
number = true
special = false
}
resource "azurerm_storage_account" "my" {
name = random_string.storage_name.result
resource_group_name = var.resourcegroup
location = var.location
account_tier = "Standard"
account_replication_type = "LRS"
}
resource "azurerm_service_plan" "my" {
name = "my-app-service-plan"
resource_group_name = var.resourcegroup
location = var.location
os_type = "Windows"
sku_name = "Y1"
}
resource "azurerm_windows_function_app" "my" {
name = "my-win-function-app"
resource_group_name = var.resourcegroup
location = var.location
storage_account_name = azurerm_storage_account.my.name
service_plan_id = azurerm_service_plan.my.id
storage_account_access_key = azurerm_storage_account.my.primary_access_key
site_config {}
}
The above is quite straightforward. We first set up several variables. We then create the storage account that the azure function app will be using. Azure functions need storage accounts for operations like managing triggers and logging function executions. We also create a service plan as an azure function needs a service plan. Next up we set up the actual app, here we use the storage account and service plan.
This Azure function app has no azure function inside of it. I wanted to deploy this through pipelines in azure devops. But there is a resource for this as well called azure function app function.
After applying your plan you can find your Azure function in Azure:
If I did not apply the storage_account_access_key to the azurerm_windows_function_app resource I would get an error like the following:
creating Windows Function App: (Site Name "my-win-function-app" / Resource Group "Resourcegroup"):
│ web.AppsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="BadRequest"
│ Message="Creation of storage file share failed with: 'The remote server returned an error: (403) Forbidden.'. Please
│ check if the storage account is accessible." Details=[{"Message":"Creation of storage file share failed with: 'The
│ remote server returned an error: (403) Forbidden.'. Please check if the storage account is
│ accessible."},{"Code":"BadRequest"},{"ErrorEntity":{"Code":"BadRequest","ExtendedCode":"99022","Message":"Creation of
│ storage file share failed with: 'The remote server returned an error: (403) Forbidden.'. Please check if the storage
│ account is accessible.","MessageTemplate":"Creation of storage file share failed with: '{0}'. Please check if the
│ storage account is accessible.","Parameters":["The remote server returned an error: (403) Forbidden."]}}]
I hope you found this helpful, please leave a comment down below :) Let me know if you want a post on how to setup the pipeline as well.