Azure-cli: webapp: Way to get 'Custom Domain Verification ID' for web app

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @AzureAppServiceCLI, @antcp.

routing to appropriate team to help look if it's a feature reqeust or doc issue

@jonsamwell there's some older methods which still work - I was hoping to move to this new TXT based record too, but unfortunately we're stuck using CNAMEs for now.

Instead, you can create an extra awverify record as follows:

CNAME or TXT awverify.yourdns.com => awverify.web-app-name.azurewebsites.net

Note: this additional awverify record is only needed if you're unable to point yourdns.com directly at your website immediately. The awverify record allows you to add the binding ahead of time, or alternatively, if you have a proxy (e.g. Cloudflare) in front, the awverify record removes the requirement for a direct CNAME binding all together.

@peter-dolkens we need the Python SDK updated with this new property for CLI to expose this. We are working on it. this got added to the rest-api-sepc as a part of this https://github.com/Azure/azure-rest-api-specs/pull/10117 we will get the SDK updated & released soon. Adding tentative ETA to the milestone tag to track this.

@panchagnula does someone have a ticket to add it to the go SDK?

@ericsampson don't have a firm ETA but next week (if all goes as planned) we should be able to release a new Python SDK that should have this property after which we can work on incorporating this to azure-cli

@panchagnula I was asking not about azure-clie but about the GO SDK because that's what's used by Terraform - looks like the go SDK work is inflight here so I'm good: https://github.com/Azure/azure-sdk-for-go/issues/12160
Thanks!

Got it @ericsampson I am not the right person to talk about GO SDK - since I mainly work on CLI - but I can make sure GO SDK gets released once the python SDK is released as well.

Hi,

You can use the Azure Resource Graph to achieve this. https://docs.microsoft.com/en-us/azure/governance/resource-graph/overview

If you are using CLI, you can get the Custom Verification ID of Azure App Service with following commands.

az extension add --name resource-graph
az graph query -q "Resources | project name, properties.customDomainVerificationId, type | where type == 'microsoft.web/sites'"

Thanks,
Supriya.

Is there an ETA for this being released in the CLI?

still waiting for Python SDK to be published.

Building on SupriyaGangineni's reply...

The domain verification id is the same for all app services on the same subscription. the following query gives you a list of all subscriptions you have access to.

az graph query -q "Resources | join kind=leftouter (ResourceContainers | where type=='microsoft.resources/subscriptions' | project SubName=name, subscriptionId) on subscriptionId | where type == 'microsoft.web/sites'| project vid = tostring(properties.customDomainVerificationId), SubName | distinct *"

Moving this to next sprint since we need the new SDK with latest API Version to support this property

Is this ID set dynamically when the first App Service is created or is it possible to know what this ID is prior to deploying the first App Service? @brandonwittwer