Loading source
Pulling the file list, source metadata, and syntax-aware rendering for this listing.
Source from repo
Prepare applications for Azure deployment by generating infrastructure code, Dockerfiles, and config files.
Files
Skill
Size
Entrypoint
Format
Open file
Syntax-highlighted preview of this file as included in the skill package.
references/services/app-service/templates/recipes/README.md
1# App Service Template Recipes — REFERENCE ONLY2Composable IaC + source code modules that extend the Web API or Web App base template to support specific Azure service integrations.4## Architecture6```8Base Template (per language/scenario, from AZD gallery)9│10├── Source code (REST API or full-stack web app)11├── IaC (App Service Plan, App Service, App Insights, UAMI, RBAC)12└── AZD config (azure.yaml, parameters)13+ Recipe (per integration)15│16├── Source code delta (service client, middleware, config)17├── IaC delta (new resource + RBAC + networking modules)18└── App settings delta19│20= Complete deployable project → `azd up`21```22## Available Recipes24| Recipe | IaC Delta? | Source Delta? | Status |26|--------|-----------|--------------|--------|27| [sql](sql/README.md) | ✅ SQL Server + DB + firewall + RBAC | ✅ EF Core (.NET), SQLAlchemy (Python), Prisma (Node.js) · ⏳ Spring Data JPA (Java): planned | ✅ Available |28| [cosmos](cosmos/README.md) | ✅ Cosmos account + DB + container + RBAC + PE | ✅ Cosmos SDK (.NET, Python, Node.js) · ⏳ Spring Data Cosmos (Java): planned | ✅ Available |29| [auth](auth/README.md) | ✅ App registration + Easy Auth config | ✅ MSAL / Identity middleware (.NET, Python, Node.js) · ⏳ Spring Security (Java): planned | ✅ Available |30| [redis](redis/README.md) | ✅ Redis cache + RBAC + PE | ✅ Distributed cache client (.NET, Python, Node.js) · ⏳ Spring Session (Java): planned | ✅ Available |31## How It Works33### Step 1: Fetch Base Template35```bash37# Pick template by language + scenario (see selection.md)38azd init -t <template> -e "$ENV_NAME" --no-prompt39```40### Step 2: Apply Recipe42The skill reads the recipe's README.md for:44- **IaC module files** to copy into `infra/`45- **App settings** to add to web app configuration46- **RBAC roles** with exact GUIDs (never generated by LLM)47- **Source code** to add alongside existing application code48- **Networking** to add private endpoints (conditional on VNET_ENABLED)49### Step 3: Wire Into Base51**Bicep:** Add `module` reference in `main.bicep`, pass `appServicePrincipalId`53**Terraform:** Copy `.tf` file into `infra/`, merge locals into web app settings54### Step 4: Deploy56```bash58azd env set AZURE_LOCATION eastus259azd provision --no-prompt60sleep 6061azd deploy --no-prompt62```63## Design Principles65| Principle | Why |67|-----------|-----|68| **Never synthesize base IaC** | Always use proven AZD template repos |69| **Never modify base; only extend** | Recipes are additive — no risk of breaking core |70| **Recipes own their RBAC** | Exact role GUIDs, no LLM guessing |71| **Managed identity by default** | No passwords or connection strings in app settings |72| **Health checks required** | Every app must expose `/health` |73