My bicep deployment template is for some reason deploying outbound IP addresses to all webapps, despite logic indicating it should only perform this when it iterates over a specific parameter in the param file.
From the main bicep file:
module WebApps 'webapps.bicep' = [for WebAppConfig in WebAppDeployments: {
name: 'WebApp${WebAppConfig.NamingSuffix}'
dependsOn: [
applicationInsights
sqlServer
]
scope: resourceGroup('${NamePrefix}-RG-1')
params: {
NamePrefix: NamePrefix
NamePrefixInfra: NamePrefixInfra
Tags: Tags
Location: Location
dockerImageName: dockerImageName
WebAppConfig: WebAppConfig
}
}]
// Azure SQL Whitelists
module SQLServerWhitelistIPs 'sqlWhitelist.bicep' = [for (WebAppConfig, index) in WebAppDeployments: if (WebAppConfig=='BACKEND') {
name: 'SqlServerWhitelists${index}'
dependsOn: [
WebApps
sqlServer
]
scope: resourceGroup('${NamePrefix}-RG-1')
params: {
NamePrefix: NamePrefix
WebAppConfig: WebAppConfig
WebAppIps: WebApps[index].outputs.WebAppIps
}
In the webapp module, at the end I place:
output WebAppIps array = split(WebApp.properties.possibleOutboundIpAddresses, ',')
And in the param file:
"WebAppDeployments": {
"value": [
{
"NamingSuffix": "FRONTEND"
},
{
"NamingSuffix": "BACKEND"
},
{
"NamingSuffix": "CMS"
}
]
}
The problem is, instead of creating three webapps with only one having the outbound IP addresses whitelisted, it populates all three. I’m not sure what I’m doing wrong here.
I tried changing the main bicep file :
module SQLServerWhitelistIPs 'sqlWhitelist.bicep' = [for (WebAppConfig, index) in WebAppDeployments: if (WebAppConfig=='BACKEND') {
name: 'SqlServerWhitelists${index}'
dependsOn: [
WebApps
sqlServer
]
scope: resourceGroup('${NamePrefix}-RG-1')
params: {
NamePrefix: NamePrefix
WebAppConfig: WebAppConfig
WebAppIps: WebApps[index].outputs.WebAppIps
}
}]
to
module SQLServerWhitelistIPs 'sqlWhitelist.bicep' = [for (WebAppConfig, index) in WebAppDeployments: if (WebAppConfig.NamingSuffix=='BACKEND')
but to no avail. It still populates every webapp, instead of JUST the backend one.
2
Answers
I apologise - my code was indeed working correctly, but due to me being a giant newbie at this, I was simply looking at the wrong values. I was checking the Outbound IP addresses of the webapp, instead of the networking tab of the SQL server. After changing from WebAppConfig == 'BACKEND' to WebAppConfig.Namingsuffix == 'BACKEND' , the ip's have been populated in the whitelisting. However, many thanks to @Jahnavi for providing another way to perform this operation, its very informative.
One of the possible reasons is with the
outputblock. You can modify theoutputblock by adding the condition for theBackendwebapps as below:Moreover, instead of passing
if (WebAppConfig=='BACKEND'), you need to pass the condition withNamingsuffix. Modify it asif(WebAppConfig.NamingSuffix=='BACKEND')because theWebAppConfigobject includes a property calledNamingSuffixfor different webapps parameters.And then you can filter the
WebAppDeploymentsarray in theSQLServerWhitelistIPsmodule to just include the backend web app.After checking the above, I modified your code and was able to deploy it successfully.