Configure Web App Settings Flashcards
1
Q
What are some key features of app settings
A
- values in app settings override the ones in Web.config or appsettings,json for ASP.NET and .NET Core projects
- the code uses dev settings when debugging locally and prod secrets when deployed to azure
- encrypted at rest
- some settings locked behind higher price tiers
- can be edited in bulk on the portal by clicking the advanced button, bringing up a JSON file you can edit
2
Q
What are app settings?
A
- vars passed as env vars to the application code in app service
- For Linux app service uses the –env flag to pass values to the containers
- can be found in app management page on the portal by selecting configuration -> app settings
3
Q
What are some examples of general settings
A
- Stack (software stack to run the app such as Python, .NET etc)
- platform; lets you config settings for hosting platform (32/64 bit, websocket protocol, always on, HTTP version etc)
- Debugging; remote debugging settings
- incoming client certificates
4
Q
What are handler mappings?
A
- let you add custom script processes to handle requests for specific file extensions
5
Q
How are handler mappings configured?
A
- extension; the file extension you want to handle such as *.php
- script processor; the absolute path of the script processor, requests to files that match the file extension are handled by this
- argument; optional cmd args for the script processor
6
Q
Where is code deployed by default?
A
To the root path (/) AKA D:\home\site\wwwroot
7
Q
What are Azure Storage Mounts?
A
- custom storage for containerised apps (including Linux)
- configured with Name, options, storage accounts, storage type, container, share name, accessed key and mount path
8
Q
What types of logging are provided by app service?
A
- Application; for windows and Linux, logs messages generated by app code
- Web server; for windows, raw HTTP request data
- detailed error logging; for windows, copies of the .HTML error pages
- failed request tracing; for windows, detailed tracing info on failed requests
- deployment logging; for windows and linux, helps determine why a deployment failed
9
Q
How can app logging be turned on?
A
- Turned on in the portal
- you can select filesystem, blob or both
- filesystem is for temp debugging purposes and turns itself off after 12 hours
- blob is for long term logging but needs a container to write to
10
Q
What are the levels of logging
A
Disabled
Enabled
Warning
information
Verbose
11
Q
What is log streaming?
A
- Logs can be streamed in real time
- These logs are stored within d:/home/logfiles
- to stream logs in the portal navigate to your app and select log stream
12
Q
How is a cert stored in app service?
A
- a cert uploaded into an app is stored in a deployment unit that is bound to the app service plans resource group and region combination
- this makes it accessible to other apps within the same region/plan combination
13
Q
What are the options for creating cerrts in app service?
A
- Create free app servcice managed cert
- purchase an app service cert
- import a cert from key vault
- upload a private cert
- upload a public cert
14
Q
What criteria must a custom cert meet?
A
It must;
- be exported as a password-protected file (PFX), encrypted using triple DES
- contain private key at least 2048 bits long
- contain all intermediate certs in the cert chain
15
Q
What criteria must a custom cert meet to secure a custom domain in a TLS binding?
A
- App service must be in basic, standard, premium or isolated tier
- contain an extended key usage for server auth
- be signed by a trusted cert authority
