CODEWITHSUNDEEP
azureazure-functionsserverlessazure-api-management
Stefan H Singer
Stefan H Singer

Reputation: 5504

How to specify custom domain and certificate for Azure Functions using Serverless?

We use serverless to deploy a graphql handler function as an Azure Function and access it via APIM.

We need to use our own custom domain (pointed via CNAME to Azure APIM domain), and can set this up manually via the Azure Portal, and uploading certificate + specifying certificate password for it.

However, if we execute "sls deploy" that custom domain setting gets removed, so we'd need to either retain it somehow or specify it via serverless.yml, but I cannot find any information on how to do this.

Current serverless.yml config:

service: my-service-${env:STAGE, 'develop'}
configValidationMode: off

provider:
  name: azure
  runtime: nodejs12
  region: north-europe
  resourceGroup: My-Service-Group
  subscriptionId: MySubscriptionId
  stage: ${env:STAGE, 'develop'}
  apim: true


plugins:
  - serverless-azure-functions

functions:
  graphql:
    handler: lib/azure.handler
    events:
      - http: true
        methods:
          - GET
          - POST
        authLevel: anonymous # can also be `function` or `admin`
        route: graphql
      - http: true
        direction: out
        name: "$return"
        route: graphql

Any guidance in this would be much appreciated.

Upvotes: 1

Views: 536

Answers (1)

SaiKarri-MT
SaiKarri-MT

Reputation: 1301

For setting up the certificate we need to select the option of TSL/SSL settings from Azure portal, then we can create App Service Managed Certificate.

To achieve this, we need to add the custom domain as below steps:

  • Map the domain to application
  • We would need to buy a wildcard certificate

Below is how we usually setup:

enter image description here

And lastly, we need to create the DNS rule.

Thanks to codeproject as we have all the info clearly drafted

Check for the below sample serverless.yml to from apim section:

# serverless.yml

apim:
  apis:
    - name: v1
      subscriptionRequired: false # if true must provide an api key
      displayName: v1
      description: V1 sample app APIs
      protocols:
        - https
      path: v1
      tags:
        - tag1
        - tag2
      authorization: none
  cors:
    allowCredentials: false
    allowedOrigins:
      - "*"
    allowedMethods:
      - GET
      - POST
      - PUT
      - DELETE
      - PATCH
    allowedHeaders:
      - "*"
    exposeHeaders:
      - "*"

And “sls deploy”

Check for serverless framework and azure deployment documentation

Upvotes: 1

Related Questions