Loading source
Pulling the file list, source metadata, and syntax-aware rendering for this listing.
Source from repo
Prepare applications for Azure deployment by generating infrastructure code, Dockerfiles, and config files.
Files
Skill
Size
Entrypoint
Format
Open file
Syntax-highlighted preview of this file as included in the skill package.
references/services/static-web-apps/terraform.md
1# Static Web Apps — Terraform Patterns — REFERENCE ONLY2> ⛔ **DO NOT COPY THIS CODE DIRECTLY**4>5> This file contains **reference patterns** for understanding Azure Static Web Apps Terraform structure.6> Infrastructure for Static Web Apps must be composed using the Azure Prepare skill workflow, not copied directly from this reference.7>8> When composing infrastructure:9> - Start from an approved base template for Static Web Apps defined by your platform or template team.10> - Use `azurerm_static_web_app` — **NEVER** use Storage Account `static_website` for static web app hosting.11>12> Hand-writing Terraform from these patterns will result in missing tags, broken azd deploy, and policy violations.13> ⚠️ **WARNING: Do NOT use Storage Account static website hosting.**15> Storage Account `static_website` requires anonymous blob access, which violates16> enterprise Azure Policies (`RequestDisallowedByPolicy: "Anonymous blob access is not allowed"`).17> Always use `azurerm_static_web_app` instead — it is fully managed and policy-compliant.18## Basic Resource20```hcl22resource "azurerm_static_web_app" "web" {23name = "swa-${var.environment_name}-${var.service_name}-${var.unique_hash}"24resource_group_name = azurerm_resource_group.main.name25location = var.location26# sku_tier defaults to "Free"; set to "Standard" for production features28sku_tier = "Standard"29# Required for azd deploy to find this resource31tags = merge(var.tags, {32"azd-service-name" = var.service_name33})34}35```36> ⚠️ **Region availability is limited.** Check [region-availability.md](region-availability.md) before selecting a region.38> 💡 **Key Points:**40> - No Storage Account, Service Plan, or other supporting resources required41> - Static Web Apps is a fully managed service — storage is built-in42> - The `azd-service-name` tag is **required** for `azd deploy` to locate the resource43## Custom Domain45```hcl47resource "azurerm_static_web_app_custom_domain" "example" {48static_web_app_id = azurerm_static_web_app.web.id49domain_name = "www.example.com"50validation_type = "cname-delegation"51}52```53## Application Settings55For the integrated API backend:57```hcl59resource "azurerm_static_web_app_function_app_registration" "api" {60static_web_app_id = azurerm_static_web_app.web.id61function_app_id = azurerm_linux_function_app.api.id62}63```64Environment variables for the SWA (available to both frontend and managed Functions API):66```hcl68resource "azurerm_static_web_app" "web" {69# ... (base configuration from above)70app_settings = {72"DATABASE_URL" = "@Microsoft.KeyVault(VaultName=${azurerm_key_vault.kv.name};SecretName=db-url)"73}74}75```76## Outputs78```hcl80output "WEB_URL" {81value = azurerm_static_web_app.web.default_host_name82}83output "STATIC_WEB_APP_NAME" {85value = azurerm_static_web_app.web.name86}87```88> 💡 **Tip:** Output names in UPPERCASE are automatically set as azd environment variables.90## Deployment Token92> ⚠️ **Security Warning:** Do NOT expose deployment tokens in Terraform outputs.94See [deployment.md](deployment.md) for secure token handling.96## azure.yaml Integration98```yaml100services:101web:102project: ./src/web103language: js104host: staticwebapp105dist: dist106```107## References109- [AZD + Terraform](../../recipes/azd/terraform.md) — Full azd+Terraform project setup111- [Region Availability](region-availability.md) — SWA is NOT available in all regions112- [Routing and Auth](routing.md)113- [Deployment](deployment.md)114