I need to setup set programmatically - via Terraform - the 'Outbound internet traffic'

Question

Like in the image, i need to setup the 'Outbound internet traffic' programmatically but I don't understand where to search for it.

In the azure portal I go to the web app -> click on network name from 'Virtual network integration' section.

To create the web app I used azurerm_windows_web_app and I just provided the network's id. Also azurerm_app_service_virtual_network_swift_connection doesn't provide this option.

In the documentation this has many names but I suspect that it could be done with :

site_config {
    vnet_route_all_enabled = true # WEBSITE_VNET_ROUTE_ALL
}

Are these the same?

Answer 1

need to setup set programmatically - via Terraform - the 'Outbound internet traffic'

To enable outbound internet traffic under the web app's virtual network configuration, you need to set vnet_route_all_enabled to true. Your assumption is correct.

site_config {
    vnet_route_all_enabled            = true
  }

As a test, I deployed the web app with vnet_route_all_enabled set to false. the web app's configuration has vnet_route_all_enabled disabled (unchecked in the portal). To enable outbound traffic, simply set it to true; this action will enable outbound traffic.

Here is the Terraform code to create a web app with outbound traffic disabled.

provider "azurerm" {
  features {}
}

data "azurerm_resource_group" "example" {
  name = "webapp-rg"
}
resource "azurerm_virtual_network" "res-1" {
  address_space       = ["10.0.0.0/16"]
  location            = data.azurerm_resource_group.example.location
  name                = "webapp-vnet1"
  resource_group_name = data.azurerm_resource_group.example.name
}

resource "azurerm_subnet" "res-2" {
  address_prefixes     = ["10.0.0.0/24"]
  name                 = "webappsubnet1"
  resource_group_name  = data.azurerm_resource_group.example.name
  service_endpoints    = ["Microsoft.Storage"]
  virtual_network_name = azurerm_virtual_network.res-1.name
  delegation {
    name = "delegation"
    service_delegation {
      actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
      name    = "Microsoft.Web/serverFarms"
    }
  }
}
resource "azurerm_service_plan" "res-3" {
  location            = data.azurerm_resource_group.example.location
  name                = "ASP-webapprg-949e1"
  os_type             = "Windows"
  resource_group_name = data.azurerm_resource_group.example.name
  sku_name            = "P1v3"
}
resource "azurerm_windows_web_app" "res-4" {
  name                                           = "venkatwebappdemo"
  location                                       = data.azurerm_resource_group.example.location
  public_network_access_enabled                  = false
  resource_group_name                            = data.azurerm_resource_group.example.name
  service_plan_id                                = azurerm_service_plan.res-3.id
  virtual_network_subnet_id                      = azurerm_subnet.res-2.id
  webdeploy_publish_basic_authentication_enabled = false
  client_affinity_enabled                        = true
  ftp_publish_basic_authentication_enabled       = false
  https_only                                     = true
  site_config {
    ftps_state                        = "FtpsOnly"
    vnet_route_all_enabled            = false
  }
}

Terraform apply