Skip to content
/ HighlyAvailableAzureWebAppArmTemplate Public

Azure ARM Template and deployment script to create a web app, CosmosDB, application gateway with WAF, Storage Account added to a Traffic Manager.

License

MIT license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ssemyan/HighlyAvailableAzureWebAppArmTemplate

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
ArchitectureDiagram.gif
ArchitectureDiagram.gif
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
deploy.ps1
deploy.ps1
 
 
parameters.json
parameters.json
 
 
template.json
template.json
 
 

Repository files navigation

Multi Region Highly Available Web App ARM Template

This is an Azure ARM Template and associated PowerShell deployment script to create a web app, CosmosDB, application gateway with Web Application Firewall, and Storage Account for logging.

The template also creates a Managed Service Identity for the web app, a KeyVault, and adds the CosmosDB auth key as a secret in KeyVault and gives the Web App's MSI GET access to this secret.

The PowerShell deployment script also creates an endpoint for the new webapp in a Traffic Manager which is created if it does not already exist.

You can use this script to replicate a web app's environment across several regions. The traffic manager will then direct requests to the most performant region (e.g. usually the closest region). If a region goes down, it will redirect requests to the next closest region, thus allowing for a highly available application.

The Traffic Manger should be the main entrypoint for the app (via DNS).

Architectural Diagram

Architecture

Note, this template creates regular Web Apps without an NSG. For web apps within a Network Security Group, you will need to use an App Service Environment.

Parameters

  • regionName - The name of the new region - this will form the base name of all the resources created.
  • trafficManagerName - The name of the Traffic Manager to create or use
  • trafficManagerResourceGroup - The name of the resource group to create or use for the Traffic Manager
  • trafficManagerResourceGroupLocation - The location for the Traffic Manager resource group
  • keyVaultOwnerId - The ID of the user who should be given admin rights on the KeyVault
  • deploy_location - the location to deploy the new region to

To look up user IDs with the Azure CLI:

az ad user show <username>

To use these files to create a region in a new or existing resource group, first log into the subscription you wish to use:

Login-AzureRmAccount -SubscriptionName <name of subscription to use>

Then use the following command in a powershell prompt (where ResourceGroupName is the name of the resource group to use or create):

.\deploy.ps1 -resourceGroupName [ResourceGroupName]

To run from a command prompt:

powershell -f deploy.ps1 -resourceGroupName [ResourceGroupName]

About

Azure ARM Template and deployment script to create a web app, CosmosDB, application gateway with WAF, Storage Account added to a Traffic Manager.

Topics

azure azure-keyvault azure-webapp azure-application-gateway azure-traffic-manager azure-managed-service-identity azure-arm-templates

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages