Check if a Private Endpoint connection exists on an App Service using Bicep #14315
-
|
Hello everyone, I'm trying to set up different Access Restrictions for an App Service depending on whether it has a Private Endpoint or not. For instance, if the App Service has a Private Endpoint, I want to allow access only from the Private Endpoint VNET Address Space in the Main Site and permit AzureCloud ServiceTag for the SCM Site (My main goal is to allow AzureCloud IPs on the SCM Site even if the App Service has Private Endpoint or not). My issue is that I'm having trouble identifying if a Private Endpoint is attached using Bicep. I haven't been able to find a property in the App Service resource using Bicep to check for an existing Private Connection. I'm looking for a method to check if a Private Endpoint exists on the App Service without using a deployment script resource to check the Private Endpoint connections using CLI cmdlets. I don't have access to the VNET and its resources because it's deployed in a different resource group, but I can access the App Services and check through the portal if it has a Private Endpoint assigned. Therefore, I want to use Bicep to determine if a Private Endpoint exists on that App Service to configure the Access Restriction settings based on its presence or absence. If you have any suggestions or workarounds, I would appreciate it. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Like most of the time, what actually matters is if the properties you need are present in the resource definition and not if Bicep's types knows it or not. In this case, there are two properties you can use to check if a private endpoint exists. Example below with the values returned when a private endpoint does not exists. resource function 'Microsoft.Web/sites@2023-12-01' existing = {
name: 'myfunc'
}
// null if no private endpoint
output privateLinkIdentifierNotPresent bool = function.properties.privateLinkIdentifiers == null || function.properties.privateLinkIdentifiers == ''
// [] if no private endpoint
output privateEndpointConnectionsNotPresent bool = function.properties.privateEndpointConnections == [] || function.properties.privateEndpointConnections == null
|
Beta Was this translation helpful? Give feedback.
-
|
That did the trick! It worked! From now on, I'll examine properties in the resource definition along with Bicep's types. Thank you so much! |
Beta Was this translation helpful? Give feedback.
Like most of the time, what actually matters is if the properties you need are present in the resource definition and not if Bicep's types knows it or not.
In this case, there are two properties you can use to check if a private endpoint exists. Example below with the values returned when a private endpoint does not exists.