azurerm_linux_web_app not enabling Backup/Restore over Vnet.

[Pachu11]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.5.2

AzureRM Provider Version

3.93.0

Affected Resource(s)/Data Source(s)

azurerm_linux_web_app

Terraform Configuration Files

resource "azurerm_linux_web_app" "linux_web_app" {
  app_settings = {
    # TODO: review below settinga
    "APPINSIGHTS_INSTRUMENTATIONKEY" = azurerm_application_insights.application_insights.instrumentation_key
    "APPLICATIONINSIGHTS_CONNECTION_STRING" = azurerm_application_insights.application_insights.connection_string
    "ApplicationInsightsAgent_EXTENSION_VERSION" = "~3"
    "DOCKER_REGISTRY_SERVER_URL" = var.DOCKER_REGISTRY_SERVER_URL
    "DOCKER_REGISTRY_SERVER_USERNAME" = var.DOCKER_REGISTRY_SERVER_USERNAME
    "DOCKER_REGISTRY_SERVER_PASSWORD" = var.DOCKER_REGISTRY_SERVER_PASSWORD
    "WEBSITE_CONTENTOVERVNET" = "1"
    "XDT_MicrosoftApplicationInsights_Mode" = "default"
  }
  backup {
    enabled = true
    name = var.backup_name
    schedule {
      keep_at_least_one_backup = true
      frequency_interval = var.frequency_interval
      frequency_unit = var.frequency_unit
      retention_period_days = var.retention_period_days
      start_time = var.start_time
    }
    storage_account_url = var.storage_account_url
  }
  depends_on = [
    azurerm_application_insights.application_insights
  ]
  identity {
    type = var.identity
  }
  https_only = var.https_only
  location = var.location
  name = var.name
  resource_group_name = var.resource_group_name
  service_plan_id = var.service_plan_id
  site_config {
    always_on = true
    application_stack {
      python_version = var.python_version
    }
    dynamic "ip_restriction" {
      for_each = var.ip_restriction
        content {
          action = "Allow"
          ip_address = ip_restriction.value["ip_address"]
          name = ip_restriction.value["name"]
          priority = 100
        }
    }
    dynamic "scm_ip_restriction" {
      for_each = var.scm_ip_restriction
      content {
        action = "Allow"
        ip_address = scm_ip_restriction.value["ip_address"]
        service_tag = scm_ip_restriction.value["service_tag"]
        name = scm_ip_restriction.value["name"]
        priority = 100
      }
    }
    ftps_state = var.ftps_state
    health_check_path = var.health_check_path
    health_check_eviction_time_in_min = var.health_check_eviction_time_in_min 
    http2_enabled = var.http2_enabled
    vnet_route_all_enabled = var.vnet_route_all_enabled     
  }
  tags = var.tags
  virtual_network_subnet_id = var.virtual_network_subnet_id
}

Debug Output/Panic Output

# module.linux_web_app.azurerm_application_insights.application_insights will be created
  + resource "azurerm_application_insights" "application_insights" {
      + app_id                                = (known after apply)
      + application_type                      = "web"
      + connection_string                     = (sensitive value)
      + daily_data_cap_in_gb                  = (known after apply)
      + daily_data_cap_notifications_disabled = (known after apply)
      + disable_ip_masking                    = false
      + force_customer_storage_for_profiler   = false
      + id                                    = (known after apply)
      + instrumentation_key                   = (sensitive value)
      + internet_ingestion_enabled            = true
      + internet_query_enabled                = true
      + local_authentication_disabled         = false
      + location                              = "westeurope"
      + name                                  = "test-azure-linux-web-acc-ins"
      + resource_group_name                   = "azureacc-test"
      + retention_in_days                     = 90
      + sampling_percentage                   = 100
      + workspace_id                          = (known after apply)
    }

  # module.linux_web_app.azurerm_linux_web_app.linux_web_app will be created
  + resource "azurerm_linux_web_app" "linux_web_app" {
      + app_settings                                   = (known after apply)
      + client_affinity_enabled                        = false
      + client_certificate_enabled                     = false
      + client_certificate_mode                        = "Required"
      + custom_domain_verification_id                  = (sensitive value)
      + default_hostname                               = (known after apply)
      + enabled                                        = true
      + ftp_publish_basic_authentication_enabled       = true
      + hosting_environment_id                         = (known after apply)
      + https_only                                     = true
      + id                                             = (known after apply)
      + key_vault_reference_identity_id                = (known after apply)
      + kind                                           = (known after apply)
      + location                                       = "westeurope"
      + name                                           = "test-azure-linux-web-acc"
      + outbound_ip_address_list                       = (known after apply)
      + outbound_ip_addresses                          = (known after apply)
      + possible_outbound_ip_address_list              = (known after apply)
      + possible_outbound_ip_addresses                 = (known after apply)
      + public_network_access_enabled                  = true
      + resource_group_name                            = "azureacc-test"
      + service_plan_id                                = (known after apply)
      + site_credential                                = (sensitive value)
      + virtual_network_subnet_id                      = (known after apply)
      + webdeploy_publish_basic_authentication_enabled = true
      + zip_deploy_file                                = (known after apply)

      + backup {
          + enabled             = true
          + name                = "backup"
          + storage_account_url = (sensitive value)

          + schedule {
              + frequency_interval       = 1
              + frequency_unit           = "Day"
              + keep_at_least_one_backup = true
              + last_execution_time      = (known after apply)
              + retention_period_days    = 35
              + start_time               = (known after apply)
            }
        }

      + identity {
          + principal_id = (known after apply)
          + tenant_id    = (known after apply)
          + type         = "SystemAssigned"
        }

      + site_config {
          + always_on                               = true
          + container_registry_use_managed_identity = false
          + default_documents                       = (known after apply)
          + detailed_error_logging_enabled          = (known after apply)
          + ftps_state                              = "FtpsOnly"
          + health_check_eviction_time_in_min       = 5
          + health_check_path                       = "/health/probe_page.html"
          + http2_enabled                           = true
          + linux_fx_version                        = (known after apply)
          + load_balancing_mode                     = "LeastRequests"
          + local_mysql_enabled                     = false
          + managed_pipeline_mode                   = "Integrated"
          + minimum_tls_version                     = "1.2"
          + remote_debugging_enabled                = false
          + remote_debugging_version                = (known after apply)
          + scm_minimum_tls_version                 = "1.2"
          + scm_type                                = (known after apply)
          + scm_use_main_ip_restriction             = false
          + use_32_bit_worker                       = true
          + vnet_route_all_enabled                  = true
          + websockets_enabled                      = false
          + worker_count                            = (known after apply)

          + application_stack {
              + docker_registry_password = (sensitive value)
              + docker_registry_url      = (known after apply)
              + docker_registry_username = (known after apply)
              + python_version           = "3.8"
            }

          + ip_restriction {
              + action     = "Allow"
              + ip_address = "195.55.127.27/32"
              + name       = "ITP"
              + priority   = 100
            }

          + scm_ip_restriction {
              + action     = "Allow"
              + ip_address = "195.55.127.27/32"
              + name       = "itp"
              + priority   = 100
            }
          + scm_ip_restriction {
              + action      = "Allow"
              + name        = "AzureDevOpsservicetags_traffic"
              + priority    = 100
              + service_tag = "AzureCloud.northeurope"
            }
          + scm_ip_restriction {
              + action      = "Allow"
              + name        = "AzureDevOpsservicetags_traffic"
              + priority    = 100
              + service_tag = "AzureCloud.westeurope"
            }
        }
    }

Expected Behaviour

Backup/Restore over vnet to be enabled "vnetBackupRestoreEnabled": true

Actual Behaviour

"vnetBackupRestoreEnabled": false

Steps to Reproduce

terraform apply

Important Factoids

No response

References

no

[frostsxx]

Hi!

Any updates on this? @Pachu11