Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This sample script creates an app in App Service with its related resources, and then deploys a Private Endpoint.
# Parameters
$sitename="mywebapp-$(Get-Random)"
$appserviceplanname="ASP-"+$sitename
$resourcegroupname="RG-"+$sitename
$VNetname="VNet-$(Get-Random)"
$location="chinaeast2"
$privateendpointsubnetname = "privateEndpointSubnet"
# Create a resource group.
New-AzResourceGroup -Name $resourcegroupname -Location $location
# Create an App Service plan in PremiumV2 tier.
$asp = New-AzAppServicePlan -Name $appserviceplanname `
-Location $location `
-ResourceGroupName $resourcegroupname `
-Tier PremiumV2 `
-NumberofWorkers 1 `
-WorkerSize Small
# Create a web app.
$webApp = New-AzWebApp -Name $sitename `
-Location $location `
-AppServicePlan $appserviceplanname `
-ResourceGroupName $resourcegroupname
# Create a Virtual Network with two subnets
$integrationsubnet = New-AzVirtualNetworkSubnetConfig -Name "integrationSubnet" `
-AddressPrefix "10.8.1.0/24"
$privateendpointsubnet = New-AzVirtualNetworkSubnetConfig -Name $privateendpointsubnetname `
-AddressPrefix "10.8.2.0/24" `
-PrivateEndpointNetworkPoliciesFlag Disabled
$virtualNetwork = New-AzVirtualNetwork -Name $VNetname `
-ResourceGroupName $resourcegroupname `
-Location $location -AddressPrefix "10.8.0.0/16" `
-Subnet $integrationsubnet,$privateendpointsubnet
# Configure the Private Endpoint
$privateEndPointConnection = New-AzPrivateLinkServiceConnection -Name "myPrivateEndpointconnection" `
-PrivateLinkServiceID $webApp.Id `
-GroupId sites
$subnet = $virtualNetwork | select -ExpandProperty subnets | Where-Object {$_.Name -eq $privateendpointsubnetname}
$privateEndpoint = New-AzPrivateEndpoint -Name "myPrivateEndpoint" `
-ResourceGroupName $resourcegroupname `
-Location $location `
-Subnet $subnet `
-PrivateLinkServiceConnection $privateEndPointConnection
# Configure the Private DNS zone
$dnsZone = New-AzPrivateDnsZone -Name "privatelink.chinacloudsites.cn" `
-ResourceGroupName $resourcegroupname
$dnsLink = New-AzPrivateDnsVirtualNetworkLink -Name "myDNSLink" `
-ResourceGroupName $resourcegroupname `
-ZoneName "privatelink.chinacloudsites.cn" `
-VirtualNetworkId $virtualNetwork.Id
$dnsConfig = New-AzPrivateDnsZoneConfig -Name "privatelink.chinacloudsites.cn" `
-PrivateDnsZoneId $dnsZone.ResourceId
$dnsZoneGroup = New-AzPrivateDnsZoneGroup -Name "myZoneGroup" `
-ResourceGroupName $resourcegroupname `
-PrivateEndpointName $privateEndpoint.Name `
-PrivateDnsZoneConfig $dnsConfig
After the script sample has been run, the following command can be used to remove the resource group, web app, and all related resources.
Remove-AzResourceGroup -Name myResourceGroup -Force
This script uses the following commands. Each command in the table links to command specific documentation.
| Command | Notes |
|---|---|
| New-AzResourceGroup | Creates a resource group in which all resources are stored. |
| New-AzAppServicePlan | Creates an App Service plan. |
| New-AzWebApp | Creates a web app. |
| New-AzVirtualNetworkSubnetConfig | Creates a virtual network subnet configuration. |
| New-AzVirtualNetwork | Creates a virtual network. |
| New-AzPrivateLinkServiceConnection | Creates a private link service connection configuration. |
| New-AzPrivateEndpoint | Creates a private endpoint. |
| New-AzPrivateDnsZone | Creates a new private DNS zone. |
| New-AzPrivateDnsVirtualNetworkLink | Creates a new private DNS virtual network link. |
| New-AzPrivateDnsZoneConfig | Creates DNS zone configuration of the private dns zone group. |
| New-AzPrivateDnsZoneGroup | Creates a private DNS zone group in the specified private endpoint. |
- For more information on the Azure PowerShell module, see Azure PowerShell documentation.
- Additional Azure PowerShell samples for Azure App Service Web Apps can be found in the Azure PowerShell samples.