Azure App Service Bicep Network Access Restrictions Disallow public access

Question

I have a set of Azure App Services deployed via bicep. These will use Private endpoints as a backend service.

I've checked Resource Explorer, dumped an existing App to ARM and converted it to Bicep, and searched all of the documentation, but I'm unable to find anything about "Allow public access", and how to set it to false.

How can I set "Allow public access" to false under the Networking section?

Answer 1

Looking at the documentation, you are looking for this property (available since api version 2020-12-01):

publicNetworkAccess: Property to allow or block all public traffic. Allowed Values: 'Enabled', 'Disabled' or an empty string.

Just created a new app service plan with webappand it is working. Not sureabout existing webapp ...

param appServicePlanName string = 'thomastest-nopublicaccess-asp'
param webAppName string = 'thomastest-nopublicaccess-wba'

resource appServicePlan 'Microsoft.Web/serverfarms@2018-11-01' = {
  name: appServicePlanName
  location: resourceGroup().location
  sku: {
    tier: 'PremiumV2'
    name: 'P1V2'
  }
  properties: {
    name: appServicePlanName
    workerSize: 6
    workerSizeId: 6
    numberOfWorkers: 1
    zoneRedundant: false
  }
}

resource webApp 'Microsoft.Web/sites@2022-03-01' = {
  name: webAppName
  location: resourceGroup().location
  properties: {
    name: webAppName
    serverFarmId: appServicePlan.id
    httpsOnly: true
    publicNetworkAccess: 'Disabled'
    siteConfig: {
      appSettings: []
      metadata: [
        {
          name: 'CURRENT_STACK'
          value: 'dotnet'
        }
      ]
      phpVersion: 'OFF'
      netFrameworkVersion: 'v6.0'
      alwaysOn: true
      ftpsState: 'Disabled'
    }
  }
}