zz_linuxwebapp_types.go

// SPDX-FileCopyrightText: 2024 The Crossplane Authors <https://crossplane.io>
//
// SPDX-License-Identifier: Apache-2.0

// Code generated by upjet. DO NOT EDIT.

package v1beta1

import (
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
	"k8s.io/apimachinery/pkg/runtime/schema"

	v1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
)

type ActionInitParameters struct {

	// Predefined action to be taken to an Auto Heal trigger. Possible values include: Recycle.
	ActionType *string `json:"actionType,omitempty" tf:"action_type,omitempty"`

	// The minimum amount of time in hh:mm:ss the Linux Web App must have been running before the defined action will be run in the event of a trigger.
	MinimumProcessExecutionTime *string `json:"minimumProcessExecutionTime,omitempty" tf:"minimum_process_execution_time,omitempty"`
}

type ActionObservation struct {

	// Predefined action to be taken to an Auto Heal trigger. Possible values include: Recycle.
	ActionType *string `json:"actionType,omitempty" tf:"action_type,omitempty"`

	// The minimum amount of time in hh:mm:ss the Linux Web App must have been running before the defined action will be run in the event of a trigger.
	MinimumProcessExecutionTime *string `json:"minimumProcessExecutionTime,omitempty" tf:"minimum_process_execution_time,omitempty"`
}

type ActionParameters struct {

	// Predefined action to be taken to an Auto Heal trigger. Possible values include: Recycle.
	// +kubebuilder:validation:Optional
	ActionType *string `json:"actionType" tf:"action_type,omitempty"`

	// The minimum amount of time in hh:mm:ss the Linux Web App must have been running before the defined action will be run in the event of a trigger.
	// +kubebuilder:validation:Optional
	MinimumProcessExecutionTime *string `json:"minimumProcessExecutionTime,omitempty" tf:"minimum_process_execution_time,omitempty"`
}

type ApplicationLogsInitParameters struct {

	// A azure_blob_storage_http block as defined below.
	AzureBlobStorage []AzureBlobStorageInitParameters `json:"azureBlobStorage,omitempty" tf:"azure_blob_storage,omitempty"`

	// Log level. Possible values include: Off, Verbose, Information, Warning, and Error.
	FileSystemLevel *string `json:"fileSystemLevel,omitempty" tf:"file_system_level,omitempty"`
}

type ApplicationLogsObservation struct {

	// A azure_blob_storage_http block as defined below.
	AzureBlobStorage []AzureBlobStorageObservation `json:"azureBlobStorage,omitempty" tf:"azure_blob_storage,omitempty"`

	// Log level. Possible values include: Off, Verbose, Information, Warning, and Error.
	FileSystemLevel *string `json:"fileSystemLevel,omitempty" tf:"file_system_level,omitempty"`
}

type ApplicationLogsParameters struct {

	// A azure_blob_storage_http block as defined below.
	// +kubebuilder:validation:Optional
	AzureBlobStorage []AzureBlobStorageParameters `json:"azureBlobStorage,omitempty" tf:"azure_blob_storage,omitempty"`

	// Log level. Possible values include: Off, Verbose, Information, Warning, and Error.
	// +kubebuilder:validation:Optional
	FileSystemLevel *string `json:"fileSystemLevel" tf:"file_system_level,omitempty"`
}

type AutoHealSettingInitParameters struct {

	// The action to take. Possible values are Allow or Deny. Defaults to Allow.
	Action []ActionInitParameters `json:"action,omitempty" tf:"action,omitempty"`

	// A trigger block as defined below.
	Trigger []TriggerInitParameters `json:"trigger,omitempty" tf:"trigger,omitempty"`
}

type AutoHealSettingObservation struct {

	// The action to take. Possible values are Allow or Deny. Defaults to Allow.
	Action []ActionObservation `json:"action,omitempty" tf:"action,omitempty"`

	// A trigger block as defined below.
	Trigger []TriggerObservation `json:"trigger,omitempty" tf:"trigger,omitempty"`
}

type AutoHealSettingParameters struct {

	// The action to take. Possible values are Allow or Deny. Defaults to Allow.
	// +kubebuilder:validation:Optional
	Action []ActionParameters `json:"action,omitempty" tf:"action,omitempty"`

	// A trigger block as defined below.
	// +kubebuilder:validation:Optional
	Trigger []TriggerParameters `json:"trigger,omitempty" tf:"trigger,omitempty"`
}

type AzureBlobStorageInitParameters struct {

	// The level at which to log. Possible values include Error, Warning, Information, Verbose and Off. NOTE: this field is not available for http_logs
	Level *string `json:"level,omitempty" tf:"level,omitempty"`

	// The retention period in days. A value of 0 means no retention.
	RetentionInDays *float64 `json:"retentionInDays,omitempty" tf:"retention_in_days,omitempty"`

	// SAS url to an Azure blob container with read/write/list/delete permissions.
	SASURL *string `json:"sasUrl,omitempty" tf:"sas_url,omitempty"`
}

type AzureBlobStorageObservation struct {

	// The level at which to log. Possible values include Error, Warning, Information, Verbose and Off. NOTE: this field is not available for http_logs
	Level *string `json:"level,omitempty" tf:"level,omitempty"`

	// The retention period in days. A value of 0 means no retention.
	RetentionInDays *float64 `json:"retentionInDays,omitempty" tf:"retention_in_days,omitempty"`

	// SAS url to an Azure blob container with read/write/list/delete permissions.
	SASURL *string `json:"sasUrl,omitempty" tf:"sas_url,omitempty"`
}

type AzureBlobStorageParameters struct {

	// The level at which to log. Possible values include Error, Warning, Information, Verbose and Off. NOTE: this field is not available for http_logs
	// +kubebuilder:validation:Optional
	Level *string `json:"level" tf:"level,omitempty"`

	// The retention period in days. A value of 0 means no retention.
	// +kubebuilder:validation:Optional
	RetentionInDays *float64 `json:"retentionInDays" tf:"retention_in_days,omitempty"`

	// SAS url to an Azure blob container with read/write/list/delete permissions.
	// +kubebuilder:validation:Optional
	SASURL *string `json:"sasUrl" tf:"sas_url,omitempty"`
}

type FileSystemInitParameters struct {

	// The retention period in days. A value of 0 means no retention.
	RetentionInDays *float64 `json:"retentionInDays,omitempty" tf:"retention_in_days,omitempty"`

	// The maximum size in megabytes that log files can use.
	RetentionInMb *float64 `json:"retentionInMb,omitempty" tf:"retention_in_mb,omitempty"`
}

type FileSystemObservation struct {

	// The retention period in days. A value of 0 means no retention.
	RetentionInDays *float64 `json:"retentionInDays,omitempty" tf:"retention_in_days,omitempty"`

	// The maximum size in megabytes that log files can use.
	RetentionInMb *float64 `json:"retentionInMb,omitempty" tf:"retention_in_mb,omitempty"`
}

type FileSystemParameters struct {

	// The retention period in days. A value of 0 means no retention.
	// +kubebuilder:validation:Optional
	RetentionInDays *float64 `json:"retentionInDays" tf:"retention_in_days,omitempty"`

	// The maximum size in megabytes that log files can use.
	// +kubebuilder:validation:Optional
	RetentionInMb *float64 `json:"retentionInMb" tf:"retention_in_mb,omitempty"`
}

type HTTPLogsAzureBlobStorageInitParameters struct {

	// The retention period in days. A value of 0 means no retention.
	RetentionInDays *float64 `json:"retentionInDays,omitempty" tf:"retention_in_days,omitempty"`
}

type HTTPLogsAzureBlobStorageObservation struct {

	// The retention period in days. A value of 0 means no retention.
	RetentionInDays *float64 `json:"retentionInDays,omitempty" tf:"retention_in_days,omitempty"`
}

type HTTPLogsAzureBlobStorageParameters struct {

	// The retention period in days. A value of 0 means no retention.
	// +kubebuilder:validation:Optional
	RetentionInDays *float64 `json:"retentionInDays,omitempty" tf:"retention_in_days,omitempty"`

	// SAS url to an Azure blob container with read/write/list/delete permissions.
	// +kubebuilder:validation:Required
	SASURLSecretRef v1.SecretKeySelector `json:"sasurlSecretRef" tf:"-"`
}

type HTTPLogsInitParameters struct {

	// A azure_blob_storage_http block as defined below.
	AzureBlobStorage []HTTPLogsAzureBlobStorageInitParameters `json:"azureBlobStorage,omitempty" tf:"azure_blob_storage,omitempty"`

	// A file_system block as defined above.
	FileSystem []FileSystemInitParameters `json:"fileSystem,omitempty" tf:"file_system,omitempty"`
}

type HTTPLogsObservation struct {

	// A azure_blob_storage_http block as defined below.
	AzureBlobStorage []HTTPLogsAzureBlobStorageObservation `json:"azureBlobStorage,omitempty" tf:"azure_blob_storage,omitempty"`

	// A file_system block as defined above.
	FileSystem []FileSystemObservation `json:"fileSystem,omitempty" tf:"file_system,omitempty"`
}

type HTTPLogsParameters struct {

	// A azure_blob_storage_http block as defined below.
	// +kubebuilder:validation:Optional
	AzureBlobStorage []HTTPLogsAzureBlobStorageParameters `json:"azureBlobStorage,omitempty" tf:"azure_blob_storage,omitempty"`

	// A file_system block as defined above.
	// +kubebuilder:validation:Optional
	FileSystem []FileSystemParameters `json:"fileSystem,omitempty" tf:"file_system,omitempty"`
}

type LinuxWebAppAuthSettingsActiveDirectoryInitParameters struct {

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with Azure Active Directory.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The App Setting name that contains the client secret of the Client. Cannot be used with `client_secret`.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`
}

type LinuxWebAppAuthSettingsActiveDirectoryObservation struct {

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with Azure Active Directory.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The App Setting name that contains the client secret of the Client. Cannot be used with `client_secret`.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`
}

type LinuxWebAppAuthSettingsActiveDirectoryParameters struct {

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
	// +kubebuilder:validation:Optional
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with Azure Active Directory.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with client_secret_setting_name.
	// The Client Secret for the Client ID. Cannot be used with `client_secret_setting_name`.
	// +kubebuilder:validation:Optional
	ClientSecretSecretRef *v1.SecretKeySelector `json:"clientSecretSecretRef,omitempty" tf:"-"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The App Setting name that contains the client secret of the Client. Cannot be used with `client_secret`.
	// +kubebuilder:validation:Optional
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`
}

type LinuxWebAppAuthSettingsFacebookInitParameters struct {

	// The App ID of the Facebook app used for login.
	// The App ID of the Facebook app used for login.
	AppID *string `json:"appId,omitempty" tf:"app_id,omitempty"`

	// The app setting name that contains the app_secret value used for Facebook Login.
	// The app setting name that contains the `app_secret` value used for Facebook Login. Cannot be specified with `app_secret`.
	AppSecretSettingName *string `json:"appSecretSettingName,omitempty" tf:"app_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook Login authentication.
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsFacebookObservation struct {

	// The App ID of the Facebook app used for login.
	// The App ID of the Facebook app used for login.
	AppID *string `json:"appId,omitempty" tf:"app_id,omitempty"`

	// The app setting name that contains the app_secret value used for Facebook Login.
	// The app setting name that contains the `app_secret` value used for Facebook Login. Cannot be specified with `app_secret`.
	AppSecretSettingName *string `json:"appSecretSettingName,omitempty" tf:"app_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook Login authentication.
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsFacebookParameters struct {

	// The App ID of the Facebook app used for login.
	// The App ID of the Facebook app used for login.
	// +kubebuilder:validation:Optional
	AppID *string `json:"appId" tf:"app_id,omitempty"`

	// The App Secret of the Facebook app used for Facebook login. Cannot be specified with app_secret_setting_name.
	// The App Secret of the Facebook app used for Facebook Login. Cannot be specified with `app_secret_setting_name`.
	// +kubebuilder:validation:Optional
	AppSecretSecretRef *v1.SecretKeySelector `json:"appSecretSecretRef,omitempty" tf:"-"`

	// The app setting name that contains the app_secret value used for Facebook Login.
	// The app setting name that contains the `app_secret` value used for Facebook Login. Cannot be specified with `app_secret`.
	// +kubebuilder:validation:Optional
	AppSecretSettingName *string `json:"appSecretSettingName,omitempty" tf:"app_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// Specifies a list of OAuth 2.0 scopes to be requested as part of Facebook Login authentication.
	// +kubebuilder:validation:Optional
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsGithubInitParameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the GitHub app used for login.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for GitHub Login. Cannot be specified with `client_secret`.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub Login authentication.
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsGithubObservation struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the GitHub app used for login.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for GitHub Login. Cannot be specified with `client_secret`.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub Login authentication.
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsGithubParameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the GitHub app used for login.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with client_secret_setting_name.
	// The Client Secret of the GitHub app used for GitHub Login. Cannot be specified with `client_secret_setting_name`.
	// +kubebuilder:validation:Optional
	ClientSecretSecretRef *v1.SecretKeySelector `json:"clientSecretSecretRef,omitempty" tf:"-"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for GitHub Login. Cannot be specified with `client_secret`.
	// +kubebuilder:validation:Optional
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub Login authentication.
	// +kubebuilder:validation:Optional
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsGoogleInitParameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OpenID Connect Client ID for the Google web application.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for Google Login. Cannot be specified with `client_secret`.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified, "openid", "profile", and "email" are used as default scopes.
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsGoogleObservation struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OpenID Connect Client ID for the Google web application.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for Google Login. Cannot be specified with `client_secret`.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified, "openid", "profile", and "email" are used as default scopes.
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsGoogleParameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OpenID Connect Client ID for the Google web application.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with client_secret_setting_name.
	// The client secret associated with the Google web application.  Cannot be specified with `client_secret_setting_name`.
	// +kubebuilder:validation:Optional
	ClientSecretSecretRef *v1.SecretKeySelector `json:"clientSecretSecretRef,omitempty" tf:"-"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for Google Login. Cannot be specified with `client_secret`.
	// +kubebuilder:validation:Optional
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Google Sign-In authentication. If not specified, "openid", "profile", and "email" are used as default scopes.
	// +kubebuilder:validation:Optional
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsInitParameters struct {

	// An active_directory block as defined above.
	ActiveDirectory []LinuxWebAppAuthSettingsActiveDirectoryInitParameters `json:"activeDirectory,omitempty" tf:"active_directory,omitempty"`

	// Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
	// Specifies a map of Login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
	// +mapType=granular
	AdditionalLoginParameters map[string]*string `json:"additionalLoginParameters,omitempty" tf:"additional_login_parameters,omitempty"`

	// Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Linux Web App.
	// Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Web App.
	AllowedExternalRedirectUrls []*string `json:"allowedExternalRedirectUrls,omitempty" tf:"allowed_external_redirect_urls,omitempty"`

	// The default authentication provider to use when multiple providers are configured. Possible values include: BuiltInAuthenticationProviderAzureActiveDirectory, BuiltInAuthenticationProviderFacebook, BuiltInAuthenticationProviderGoogle, BuiltInAuthenticationProviderMicrosoftAccount, BuiltInAuthenticationProviderTwitter, BuiltInAuthenticationProviderGithub
	// The default authentication provider to use when multiple providers are configured. Possible values include: `AzureActiveDirectory`, `Facebook`, `Google`, `MicrosoftAccount`, `Twitter`, `Github`.
	DefaultProvider *string `json:"defaultProvider,omitempty" tf:"default_provider,omitempty"`

	// Should the Authentication / Authorization feature be enabled for the Linux Web App?
	// Should the Authentication / Authorization feature be enabled?
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// A facebook block as defined below.
	Facebook []LinuxWebAppAuthSettingsFacebookInitParameters `json:"facebook,omitempty" tf:"facebook,omitempty"`

	// A github block as defined below.
	Github []LinuxWebAppAuthSettingsGithubInitParameters `json:"github,omitempty" tf:"github,omitempty"`

	// A google block as defined below.
	Google []LinuxWebAppAuthSettingsGoogleInitParameters `json:"google,omitempty" tf:"google,omitempty"`

	// The OpenID Connect Issuer URI that represents the entity that issues access tokens for this Linux Web App.
	// The OpenID Connect Issuer URI that represents the entity which issues access tokens.
	Issuer *string `json:"issuer,omitempty" tf:"issuer,omitempty"`

	// A microsoft block as defined below.
	Microsoft []LinuxWebAppAuthSettingsMicrosoftInitParameters `json:"microsoft,omitempty" tf:"microsoft,omitempty"`

	// The RuntimeVersion of the Authentication / Authorization feature in use for the Linux Web App.
	// The RuntimeVersion of the Authentication / Authorization feature in use.
	RuntimeVersion *string `json:"runtimeVersion,omitempty" tf:"runtime_version,omitempty"`

	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to 72 hours.
	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to `72` hours.
	TokenRefreshExtensionHours *float64 `json:"tokenRefreshExtensionHours,omitempty" tf:"token_refresh_extension_hours,omitempty"`

	// Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to false.
	// Should the Windows Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to `false`.
	TokenStoreEnabled *bool `json:"tokenStoreEnabled,omitempty" tf:"token_store_enabled,omitempty"`

	// A twitter block as defined below.
	Twitter []LinuxWebAppAuthSettingsTwitterInitParameters `json:"twitter,omitempty" tf:"twitter,omitempty"`

	// The action to take when an unauthenticated client attempts to access the app. Possible values include: RedirectToLoginPage, AllowAnonymous.
	// The action to take when an unauthenticated client attempts to access the app. Possible values include: `RedirectToLoginPage`, `AllowAnonymous`.
	UnauthenticatedClientAction *string `json:"unauthenticatedClientAction,omitempty" tf:"unauthenticated_client_action,omitempty"`
}

type LinuxWebAppAuthSettingsMicrosoftInitParameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OAuth 2.0 client ID that was created for the app used for authentication.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with `client_secret`.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// The list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, `wl.basic` is used as the default scope.
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsMicrosoftObservation struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OAuth 2.0 client ID that was created for the app used for authentication.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with `client_secret`.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// The list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, `wl.basic` is used as the default scope.
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsMicrosoftParameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with client_secret_setting_name.
	// The OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with `client_secret_setting_name`.
	// +kubebuilder:validation:Optional
	ClientSecretSecretRef *v1.SecretKeySelector `json:"clientSecretSecretRef,omitempty" tf:"-"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication. Cannot be specified with `client_secret`.
	// +kubebuilder:validation:Optional
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// Specifies a list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, "wl.basic" is used as the default scope.
	// The list of OAuth 2.0 scopes that will be requested as part of Microsoft Account authentication. If not specified, `wl.basic` is used as the default scope.
	// +kubebuilder:validation:Optional
	OauthScopes []*string `json:"oauthScopes,omitempty" tf:"oauth_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsObservation struct {

	// An active_directory block as defined above.
	ActiveDirectory []LinuxWebAppAuthSettingsActiveDirectoryObservation `json:"activeDirectory,omitempty" tf:"active_directory,omitempty"`

	// Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
	// Specifies a map of Login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
	// +mapType=granular
	AdditionalLoginParameters map[string]*string `json:"additionalLoginParameters,omitempty" tf:"additional_login_parameters,omitempty"`

	// Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Linux Web App.
	// Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Web App.
	AllowedExternalRedirectUrls []*string `json:"allowedExternalRedirectUrls,omitempty" tf:"allowed_external_redirect_urls,omitempty"`

	// The default authentication provider to use when multiple providers are configured. Possible values include: BuiltInAuthenticationProviderAzureActiveDirectory, BuiltInAuthenticationProviderFacebook, BuiltInAuthenticationProviderGoogle, BuiltInAuthenticationProviderMicrosoftAccount, BuiltInAuthenticationProviderTwitter, BuiltInAuthenticationProviderGithub
	// The default authentication provider to use when multiple providers are configured. Possible values include: `AzureActiveDirectory`, `Facebook`, `Google`, `MicrosoftAccount`, `Twitter`, `Github`.
	DefaultProvider *string `json:"defaultProvider,omitempty" tf:"default_provider,omitempty"`

	// Should the Authentication / Authorization feature be enabled for the Linux Web App?
	// Should the Authentication / Authorization feature be enabled?
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// A facebook block as defined below.
	Facebook []LinuxWebAppAuthSettingsFacebookObservation `json:"facebook,omitempty" tf:"facebook,omitempty"`

	// A github block as defined below.
	Github []LinuxWebAppAuthSettingsGithubObservation `json:"github,omitempty" tf:"github,omitempty"`

	// A google block as defined below.
	Google []LinuxWebAppAuthSettingsGoogleObservation `json:"google,omitempty" tf:"google,omitempty"`

	// The OpenID Connect Issuer URI that represents the entity that issues access tokens for this Linux Web App.
	// The OpenID Connect Issuer URI that represents the entity which issues access tokens.
	Issuer *string `json:"issuer,omitempty" tf:"issuer,omitempty"`

	// A microsoft block as defined below.
	Microsoft []LinuxWebAppAuthSettingsMicrosoftObservation `json:"microsoft,omitempty" tf:"microsoft,omitempty"`

	// The RuntimeVersion of the Authentication / Authorization feature in use for the Linux Web App.
	// The RuntimeVersion of the Authentication / Authorization feature in use.
	RuntimeVersion *string `json:"runtimeVersion,omitempty" tf:"runtime_version,omitempty"`

	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to 72 hours.
	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to `72` hours.
	TokenRefreshExtensionHours *float64 `json:"tokenRefreshExtensionHours,omitempty" tf:"token_refresh_extension_hours,omitempty"`

	// Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to false.
	// Should the Windows Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to `false`.
	TokenStoreEnabled *bool `json:"tokenStoreEnabled,omitempty" tf:"token_store_enabled,omitempty"`

	// A twitter block as defined below.
	Twitter []LinuxWebAppAuthSettingsTwitterObservation `json:"twitter,omitempty" tf:"twitter,omitempty"`

	// The action to take when an unauthenticated client attempts to access the app. Possible values include: RedirectToLoginPage, AllowAnonymous.
	// The action to take when an unauthenticated client attempts to access the app. Possible values include: `RedirectToLoginPage`, `AllowAnonymous`.
	UnauthenticatedClientAction *string `json:"unauthenticatedClientAction,omitempty" tf:"unauthenticated_client_action,omitempty"`
}

type LinuxWebAppAuthSettingsParameters struct {

	// An active_directory block as defined above.
	// +kubebuilder:validation:Optional
	ActiveDirectory []LinuxWebAppAuthSettingsActiveDirectoryParameters `json:"activeDirectory,omitempty" tf:"active_directory,omitempty"`

	// Specifies a map of login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
	// Specifies a map of Login Parameters to send to the OpenID Connect authorization endpoint when a user logs in.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	AdditionalLoginParameters map[string]*string `json:"additionalLoginParameters,omitempty" tf:"additional_login_parameters,omitempty"`

	// Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Linux Web App.
	// Specifies a list of External URLs that can be redirected to as part of logging in or logging out of the Windows Web App.
	// +kubebuilder:validation:Optional
	AllowedExternalRedirectUrls []*string `json:"allowedExternalRedirectUrls,omitempty" tf:"allowed_external_redirect_urls,omitempty"`

	// The default authentication provider to use when multiple providers are configured. Possible values include: BuiltInAuthenticationProviderAzureActiveDirectory, BuiltInAuthenticationProviderFacebook, BuiltInAuthenticationProviderGoogle, BuiltInAuthenticationProviderMicrosoftAccount, BuiltInAuthenticationProviderTwitter, BuiltInAuthenticationProviderGithub
	// The default authentication provider to use when multiple providers are configured. Possible values include: `AzureActiveDirectory`, `Facebook`, `Google`, `MicrosoftAccount`, `Twitter`, `Github`.
	// +kubebuilder:validation:Optional
	DefaultProvider *string `json:"defaultProvider,omitempty" tf:"default_provider,omitempty"`

	// Should the Authentication / Authorization feature be enabled for the Linux Web App?
	// Should the Authentication / Authorization feature be enabled?
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled" tf:"enabled,omitempty"`

	// A facebook block as defined below.
	// +kubebuilder:validation:Optional
	Facebook []LinuxWebAppAuthSettingsFacebookParameters `json:"facebook,omitempty" tf:"facebook,omitempty"`

	// A github block as defined below.
	// +kubebuilder:validation:Optional
	Github []LinuxWebAppAuthSettingsGithubParameters `json:"github,omitempty" tf:"github,omitempty"`

	// A google block as defined below.
	// +kubebuilder:validation:Optional
	Google []LinuxWebAppAuthSettingsGoogleParameters `json:"google,omitempty" tf:"google,omitempty"`

	// The OpenID Connect Issuer URI that represents the entity that issues access tokens for this Linux Web App.
	// The OpenID Connect Issuer URI that represents the entity which issues access tokens.
	// +kubebuilder:validation:Optional
	Issuer *string `json:"issuer,omitempty" tf:"issuer,omitempty"`

	// A microsoft block as defined below.
	// +kubebuilder:validation:Optional
	Microsoft []LinuxWebAppAuthSettingsMicrosoftParameters `json:"microsoft,omitempty" tf:"microsoft,omitempty"`

	// The RuntimeVersion of the Authentication / Authorization feature in use for the Linux Web App.
	// The RuntimeVersion of the Authentication / Authorization feature in use.
	// +kubebuilder:validation:Optional
	RuntimeVersion *string `json:"runtimeVersion,omitempty" tf:"runtime_version,omitempty"`

	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to 72 hours.
	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to `72` hours.
	// +kubebuilder:validation:Optional
	TokenRefreshExtensionHours *float64 `json:"tokenRefreshExtensionHours,omitempty" tf:"token_refresh_extension_hours,omitempty"`

	// Should the Linux Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to false.
	// Should the Windows Web App durably store platform-specific security tokens that are obtained during login flows? Defaults to `false`.
	// +kubebuilder:validation:Optional
	TokenStoreEnabled *bool `json:"tokenStoreEnabled,omitempty" tf:"token_store_enabled,omitempty"`

	// A twitter block as defined below.
	// +kubebuilder:validation:Optional
	Twitter []LinuxWebAppAuthSettingsTwitterParameters `json:"twitter,omitempty" tf:"twitter,omitempty"`

	// The action to take when an unauthenticated client attempts to access the app. Possible values include: RedirectToLoginPage, AllowAnonymous.
	// The action to take when an unauthenticated client attempts to access the app. Possible values include: `RedirectToLoginPage`, `AllowAnonymous`.
	// +kubebuilder:validation:Optional
	UnauthenticatedClientAction *string `json:"unauthenticatedClientAction,omitempty" tf:"unauthenticated_client_action,omitempty"`
}

type LinuxWebAppAuthSettingsTwitterInitParameters struct {

	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	ConsumerKey *string `json:"consumerKey,omitempty" tf:"consumer_key,omitempty"`

	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with `consumer_secret`.
	ConsumerSecretSettingName *string `json:"consumerSecretSettingName,omitempty" tf:"consumer_secret_setting_name,omitempty"`
}

type LinuxWebAppAuthSettingsTwitterObservation struct {

	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	ConsumerKey *string `json:"consumerKey,omitempty" tf:"consumer_key,omitempty"`

	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with `consumer_secret`.
	ConsumerSecretSettingName *string `json:"consumerSecretSettingName,omitempty" tf:"consumer_secret_setting_name,omitempty"`
}

type LinuxWebAppAuthSettingsTwitterParameters struct {

	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	// +kubebuilder:validation:Optional
	ConsumerKey *string `json:"consumerKey" tf:"consumer_key,omitempty"`

	// The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with consumer_secret_setting_name.
	// The OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with `consumer_secret_setting_name`.
	// +kubebuilder:validation:Optional
	ConsumerSecretSecretRef *v1.SecretKeySelector `json:"consumerSecretSecretRef,omitempty" tf:"-"`

	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in. Cannot be specified with `consumer_secret`.
	// +kubebuilder:validation:Optional
	ConsumerSecretSettingName *string `json:"consumerSecretSettingName,omitempty" tf:"consumer_secret_setting_name,omitempty"`
}

type LinuxWebAppAuthSettingsV2ActiveDirectoryV2InitParameters struct {

	// The list of allowed Applications for the Default Authorisation Policy.
	// The list of allowed Applications for the Default Authorisation Policy.
	AllowedApplications []*string `json:"allowedApplications,omitempty" tf:"allowed_applications,omitempty"`

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The list of allowed Group Names for the Default Authorisation Policy.
	// The list of allowed Group Names for the Default Authorisation Policy.
	AllowedGroups []*string `json:"allowedGroups,omitempty" tf:"allowed_groups,omitempty"`

	// The list of allowed Identities for the Default Authorisation Policy.
	// The list of allowed Identities for the Default Authorisation Policy.
	AllowedIdentities []*string `json:"allowedIdentities,omitempty" tf:"allowed_identities,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with Azure Active Directory.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The thumbprint of the certificate used for signing purposes.
	// The thumbprint of the certificate used for signing purposes.
	ClientSecretCertificateThumbprint *string `json:"clientSecretCertificateThumbprint,omitempty" tf:"client_secret_certificate_thumbprint,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The App Setting name that contains the client secret of the Client.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// A list of Allowed Client Applications in the JWT Claim.
	// A list of Allowed Client Applications in the JWT Claim.
	JwtAllowedClientApplications []*string `json:"jwtAllowedClientApplications,omitempty" tf:"jwt_allowed_client_applications,omitempty"`

	// A list of Allowed Groups in the JWT Claim.
	// A list of Allowed Groups in the JWT Claim.
	JwtAllowedGroups []*string `json:"jwtAllowedGroups,omitempty" tf:"jwt_allowed_groups,omitempty"`

	// A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
	// A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
	// +mapType=granular
	LoginParameters map[string]*string `json:"loginParameters,omitempty" tf:"login_parameters,omitempty"`

	// The Azure Tenant Endpoint for the Authenticating Tenant. e.g. https://login.microsoftonline.com/v2.0/{tenant-guid}/
	// The Azure Tenant Endpoint for the Authenticating Tenant. e.g. `https://login.microsoftonline.com/v2.0/{tenant-guid}/`.
	TenantAuthEndpoint *string `json:"tenantAuthEndpoint,omitempty" tf:"tenant_auth_endpoint,omitempty"`

	// Should the www-authenticate provider should be omitted from the request? Defaults to false.
	// Should the www-authenticate provider should be omitted from the request? Defaults to `false`
	WwwAuthenticationDisabled *bool `json:"wwwAuthenticationDisabled,omitempty" tf:"www_authentication_disabled,omitempty"`
}

type LinuxWebAppAuthSettingsV2ActiveDirectoryV2Observation struct {

	// The list of allowed Applications for the Default Authorisation Policy.
	// The list of allowed Applications for the Default Authorisation Policy.
	AllowedApplications []*string `json:"allowedApplications,omitempty" tf:"allowed_applications,omitempty"`

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The list of allowed Group Names for the Default Authorisation Policy.
	// The list of allowed Group Names for the Default Authorisation Policy.
	AllowedGroups []*string `json:"allowedGroups,omitempty" tf:"allowed_groups,omitempty"`

	// The list of allowed Identities for the Default Authorisation Policy.
	// The list of allowed Identities for the Default Authorisation Policy.
	AllowedIdentities []*string `json:"allowedIdentities,omitempty" tf:"allowed_identities,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with Azure Active Directory.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The thumbprint of the certificate used for signing purposes.
	// The thumbprint of the certificate used for signing purposes.
	ClientSecretCertificateThumbprint *string `json:"clientSecretCertificateThumbprint,omitempty" tf:"client_secret_certificate_thumbprint,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The App Setting name that contains the client secret of the Client.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// A list of Allowed Client Applications in the JWT Claim.
	// A list of Allowed Client Applications in the JWT Claim.
	JwtAllowedClientApplications []*string `json:"jwtAllowedClientApplications,omitempty" tf:"jwt_allowed_client_applications,omitempty"`

	// A list of Allowed Groups in the JWT Claim.
	// A list of Allowed Groups in the JWT Claim.
	JwtAllowedGroups []*string `json:"jwtAllowedGroups,omitempty" tf:"jwt_allowed_groups,omitempty"`

	// A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
	// A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
	// +mapType=granular
	LoginParameters map[string]*string `json:"loginParameters,omitempty" tf:"login_parameters,omitempty"`

	// The Azure Tenant Endpoint for the Authenticating Tenant. e.g. https://login.microsoftonline.com/v2.0/{tenant-guid}/
	// The Azure Tenant Endpoint for the Authenticating Tenant. e.g. `https://login.microsoftonline.com/v2.0/{tenant-guid}/`.
	TenantAuthEndpoint *string `json:"tenantAuthEndpoint,omitempty" tf:"tenant_auth_endpoint,omitempty"`

	// Should the www-authenticate provider should be omitted from the request? Defaults to false.
	// Should the www-authenticate provider should be omitted from the request? Defaults to `false`
	WwwAuthenticationDisabled *bool `json:"wwwAuthenticationDisabled,omitempty" tf:"www_authentication_disabled,omitempty"`
}

type LinuxWebAppAuthSettingsV2ActiveDirectoryV2Parameters struct {

	// The list of allowed Applications for the Default Authorisation Policy.
	// The list of allowed Applications for the Default Authorisation Policy.
	// +kubebuilder:validation:Optional
	AllowedApplications []*string `json:"allowedApplications,omitempty" tf:"allowed_applications,omitempty"`

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed audience values to consider when validating JWTs issued by Azure Active Directory.
	// +kubebuilder:validation:Optional
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The list of allowed Group Names for the Default Authorisation Policy.
	// The list of allowed Group Names for the Default Authorisation Policy.
	// +kubebuilder:validation:Optional
	AllowedGroups []*string `json:"allowedGroups,omitempty" tf:"allowed_groups,omitempty"`

	// The list of allowed Identities for the Default Authorisation Policy.
	// The list of allowed Identities for the Default Authorisation Policy.
	// +kubebuilder:validation:Optional
	AllowedIdentities []*string `json:"allowedIdentities,omitempty" tf:"allowed_identities,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with Azure Active Directory.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The thumbprint of the certificate used for signing purposes.
	// The thumbprint of the certificate used for signing purposes.
	// +kubebuilder:validation:Optional
	ClientSecretCertificateThumbprint *string `json:"clientSecretCertificateThumbprint,omitempty" tf:"client_secret_certificate_thumbprint,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The App Setting name that contains the client secret of the Client.
	// +kubebuilder:validation:Optional
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// A list of Allowed Client Applications in the JWT Claim.
	// A list of Allowed Client Applications in the JWT Claim.
	// +kubebuilder:validation:Optional
	JwtAllowedClientApplications []*string `json:"jwtAllowedClientApplications,omitempty" tf:"jwt_allowed_client_applications,omitempty"`

	// A list of Allowed Groups in the JWT Claim.
	// A list of Allowed Groups in the JWT Claim.
	// +kubebuilder:validation:Optional
	JwtAllowedGroups []*string `json:"jwtAllowedGroups,omitempty" tf:"jwt_allowed_groups,omitempty"`

	// A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
	// A map of key-value pairs to send to the Authorisation Endpoint when a user logs in.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	LoginParameters map[string]*string `json:"loginParameters,omitempty" tf:"login_parameters,omitempty"`

	// The Azure Tenant Endpoint for the Authenticating Tenant. e.g. https://login.microsoftonline.com/v2.0/{tenant-guid}/
	// The Azure Tenant Endpoint for the Authenticating Tenant. e.g. `https://login.microsoftonline.com/v2.0/{tenant-guid}/`.
	// +kubebuilder:validation:Optional
	TenantAuthEndpoint *string `json:"tenantAuthEndpoint" tf:"tenant_auth_endpoint,omitempty"`

	// Should the www-authenticate provider should be omitted from the request? Defaults to false.
	// Should the www-authenticate provider should be omitted from the request? Defaults to `false`
	// +kubebuilder:validation:Optional
	WwwAuthenticationDisabled *bool `json:"wwwAuthenticationDisabled,omitempty" tf:"www_authentication_disabled,omitempty"`
}

type LinuxWebAppAuthSettingsV2AppleV2InitParameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OpenID Connect Client ID for the Apple web application.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for Apple Login.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`
}

type LinuxWebAppAuthSettingsV2AppleV2Observation struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OpenID Connect Client ID for the Apple web application.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for Apple Login.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2AppleV2Parameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OpenID Connect Client ID for the Apple web application.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for Apple Login.
	// +kubebuilder:validation:Optional
	ClientSecretSettingName *string `json:"clientSecretSettingName" tf:"client_secret_setting_name,omitempty"`
}

type LinuxWebAppAuthSettingsV2AzureStaticWebAppV2InitParameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with Azure Static Web App Authentication.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`
}

type LinuxWebAppAuthSettingsV2AzureStaticWebAppV2Observation struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with Azure Static Web App Authentication.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`
}

type LinuxWebAppAuthSettingsV2AzureStaticWebAppV2Parameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with Azure Static Web App Authentication.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`
}

type LinuxWebAppAuthSettingsV2CustomOidcV2InitParameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with this Custom OIDC.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The name which should be used for this Storage Account.
	// The name of the Custom OIDC Authentication Provider.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The name of the claim that contains the users name.
	// The name of the claim that contains the users name.
	NameClaimType *string `json:"nameClaimType,omitempty" tf:"name_claim_type,omitempty"`

	// Specifies the endpoint used for OpenID Connect Discovery. For example https://example.com/.well-known/openid-configuration.
	// The endpoint that contains all the configuration endpoints for this Custom OIDC provider.
	OpenIDConfigurationEndpoint *string `json:"openidConfigurationEndpoint,omitempty" tf:"openid_configuration_endpoint,omitempty"`

	// The list of the scopes that should be requested while authenticating.
	// The list of the scopes that should be requested while authenticating.
	Scopes []*string `json:"scopes,omitempty" tf:"scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2CustomOidcV2Observation struct {

	// The endpoint to make the Authorisation Request as supplied by openid_configuration_endpoint response.
	// The endpoint to make the Authorisation Request.
	AuthorisationEndpoint *string `json:"authorisationEndpoint,omitempty" tf:"authorisation_endpoint,omitempty"`

	// The endpoint that provides the keys necessary to validate the token as supplied by openid_configuration_endpoint response.
	// The endpoint that provides the keys necessary to validate the token.
	CertificationURI *string `json:"certificationUri,omitempty" tf:"certification_uri,omitempty"`

	// The Client Credential Method used.
	// The Client Credential Method used. Currently the only supported value is `ClientSecretPost`.
	ClientCredentialMethod *string `json:"clientCredentialMethod,omitempty" tf:"client_credential_method,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with this Custom OIDC.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The App Setting name that contains the secret for this Custom OIDC Client.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// The endpoint that issued the Token as supplied by openid_configuration_endpoint response.
	// The endpoint that issued the Token.
	IssuerEndpoint *string `json:"issuerEndpoint,omitempty" tf:"issuer_endpoint,omitempty"`

	// The name which should be used for this Storage Account.
	// The name of the Custom OIDC Authentication Provider.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The name of the claim that contains the users name.
	// The name of the claim that contains the users name.
	NameClaimType *string `json:"nameClaimType,omitempty" tf:"name_claim_type,omitempty"`

	// Specifies the endpoint used for OpenID Connect Discovery. For example https://example.com/.well-known/openid-configuration.
	// The endpoint that contains all the configuration endpoints for this Custom OIDC provider.
	OpenIDConfigurationEndpoint *string `json:"openidConfigurationEndpoint,omitempty" tf:"openid_configuration_endpoint,omitempty"`

	// The list of the scopes that should be requested while authenticating.
	// The list of the scopes that should be requested while authenticating.
	Scopes []*string `json:"scopes,omitempty" tf:"scopes,omitempty"`

	// The endpoint used to request a Token as supplied by openid_configuration_endpoint response.
	// The endpoint used to request a Token.
	TokenEndpoint *string `json:"tokenEndpoint,omitempty" tf:"token_endpoint,omitempty"`
}

type LinuxWebAppAuthSettingsV2CustomOidcV2Parameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the Client to use to authenticate with this Custom OIDC.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The name which should be used for this Storage Account.
	// The name of the Custom OIDC Authentication Provider.
	// +kubebuilder:validation:Optional
	Name *string `json:"name" tf:"name,omitempty"`

	// The name of the claim that contains the users name.
	// The name of the claim that contains the users name.
	// +kubebuilder:validation:Optional
	NameClaimType *string `json:"nameClaimType,omitempty" tf:"name_claim_type,omitempty"`

	// Specifies the endpoint used for OpenID Connect Discovery. For example https://example.com/.well-known/openid-configuration.
	// The endpoint that contains all the configuration endpoints for this Custom OIDC provider.
	// +kubebuilder:validation:Optional
	OpenIDConfigurationEndpoint *string `json:"openidConfigurationEndpoint" tf:"openid_configuration_endpoint,omitempty"`

	// The list of the scopes that should be requested while authenticating.
	// The list of the scopes that should be requested while authenticating.
	// +kubebuilder:validation:Optional
	Scopes []*string `json:"scopes,omitempty" tf:"scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2FacebookV2InitParameters struct {

	// The App ID of the Facebook app used for login.
	// The App ID of the Facebook app used for login.
	AppID *string `json:"appId,omitempty" tf:"app_id,omitempty"`

	// The app setting name that contains the app_secret value used for Facebook Login.
	// The app setting name that contains the `app_secret` value used for Facebook Login.
	AppSecretSettingName *string `json:"appSecretSettingName,omitempty" tf:"app_secret_setting_name,omitempty"`

	// The version of the Facebook API to be used while logging in.
	// The version of the Facebook API to be used while logging in.
	GraphAPIVersion *string `json:"graphApiVersion,omitempty" tf:"graph_api_version,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// Specifies a list of scopes to be requested as part of Facebook Login authentication.
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2FacebookV2Observation struct {

	// The App ID of the Facebook app used for login.
	// The App ID of the Facebook app used for login.
	AppID *string `json:"appId,omitempty" tf:"app_id,omitempty"`

	// The app setting name that contains the app_secret value used for Facebook Login.
	// The app setting name that contains the `app_secret` value used for Facebook Login.
	AppSecretSettingName *string `json:"appSecretSettingName,omitempty" tf:"app_secret_setting_name,omitempty"`

	// The version of the Facebook API to be used while logging in.
	// The version of the Facebook API to be used while logging in.
	GraphAPIVersion *string `json:"graphApiVersion,omitempty" tf:"graph_api_version,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// Specifies a list of scopes to be requested as part of Facebook Login authentication.
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2FacebookV2Parameters struct {

	// The App ID of the Facebook app used for login.
	// The App ID of the Facebook app used for login.
	// +kubebuilder:validation:Optional
	AppID *string `json:"appId" tf:"app_id,omitempty"`

	// The app setting name that contains the app_secret value used for Facebook Login.
	// The app setting name that contains the `app_secret` value used for Facebook Login.
	// +kubebuilder:validation:Optional
	AppSecretSettingName *string `json:"appSecretSettingName" tf:"app_secret_setting_name,omitempty"`

	// The version of the Facebook API to be used while logging in.
	// The version of the Facebook API to be used while logging in.
	// +kubebuilder:validation:Optional
	GraphAPIVersion *string `json:"graphApiVersion,omitempty" tf:"graph_api_version,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// Specifies a list of scopes to be requested as part of Facebook Login authentication.
	// +kubebuilder:validation:Optional
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2GithubV2InitParameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the GitHub app used for login.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for GitHub Login.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub Login authentication.
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2GithubV2Observation struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the GitHub app used for login.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for GitHub Login.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub Login authentication.
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2GithubV2Parameters struct {

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The ID of the GitHub app used for login.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for GitHub Login.
	// +kubebuilder:validation:Optional
	ClientSecretSettingName *string `json:"clientSecretSettingName" tf:"client_secret_setting_name,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// Specifies a list of OAuth 2.0 scopes that will be requested as part of GitHub Login authentication.
	// +kubebuilder:validation:Optional
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2GoogleV2InitParameters struct {

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed Audiences that will be requested as part of Google Sign-In authentication.
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OpenID Connect Client ID for the Google web application.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for Google Login.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// Specifies a list of Login scopes that will be requested as part of Google Sign-In authentication.
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2GoogleV2Observation struct {

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed Audiences that will be requested as part of Google Sign-In authentication.
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OpenID Connect Client ID for the Google web application.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for Google Login.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// Specifies a list of Login scopes that will be requested as part of Google Sign-In authentication.
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2GoogleV2Parameters struct {

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed Audiences that will be requested as part of Google Sign-In authentication.
	// +kubebuilder:validation:Optional
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OpenID Connect Client ID for the Google web application.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name that contains the `client_secret` value used for Google Login.
	// +kubebuilder:validation:Optional
	ClientSecretSettingName *string `json:"clientSecretSettingName" tf:"client_secret_setting_name,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// Specifies a list of Login scopes that will be requested as part of Google Sign-In authentication.
	// +kubebuilder:validation:Optional
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2InitParameters struct {

	// An active_directory_v2 block as defined below.
	ActiveDirectoryV2 []LinuxWebAppAuthSettingsV2ActiveDirectoryV2InitParameters `json:"activeDirectoryV2,omitempty" tf:"active_directory_v2,omitempty"`

	// An apple_v2 block as defined below.
	AppleV2 []LinuxWebAppAuthSettingsV2AppleV2InitParameters `json:"appleV2,omitempty" tf:"apple_v2,omitempty"`

	// Should the AuthV2 Settings be enabled. Defaults to false.
	// Should the AuthV2 Settings be enabled. Defaults to `false`
	AuthEnabled *bool `json:"authEnabled,omitempty" tf:"auth_enabled,omitempty"`

	// An azure_static_web_app_v2 block as defined below.
	AzureStaticWebAppV2 []LinuxWebAppAuthSettingsV2AzureStaticWebAppV2InitParameters `json:"azureStaticWebAppV2,omitempty" tf:"azure_static_web_app_v2,omitempty"`

	// The path to the App Auth settings.
	// The path to the App Auth settings. **Note:** Relative Paths are evaluated from the Site Root directory.
	ConfigFilePath *string `json:"configFilePath,omitempty" tf:"config_file_path,omitempty"`

	// Zero or more custom_oidc_v2 blocks as defined below.
	CustomOidcV2 []LinuxWebAppAuthSettingsV2CustomOidcV2InitParameters `json:"customOidcV2,omitempty" tf:"custom_oidc_v2,omitempty"`

	// The Default Authentication Provider to use when the unauthenticated_action is set to RedirectToLoginPage. Possible values include: apple, azureactivedirectory, facebook, github, google, twitter and the name of your custom_oidc_v2 provider.
	// The Default Authentication Provider to use when the `unauthenticated_action` is set to `RedirectToLoginPage`. Possible values include: `apple`, `azureactivedirectory`, `facebook`, `github`, `google`, `twitter` and the `name` of your `custom_oidc_v2` provider.
	DefaultProvider *string `json:"defaultProvider,omitempty" tf:"default_provider,omitempty"`

	// The paths which should be excluded from the unauthenticated_action when it is set to RedirectToLoginPage.
	// The paths which should be excluded from the `unauthenticated_action` when it is set to `RedirectToLoginPage`.
	ExcludedPaths []*string `json:"excludedPaths,omitempty" tf:"excluded_paths,omitempty"`

	// A facebook_v2 block as defined below.
	FacebookV2 []LinuxWebAppAuthSettingsV2FacebookV2InitParameters `json:"facebookV2,omitempty" tf:"facebook_v2,omitempty"`

	// The convention used to determine the url of the request made. Possible values include NoProxy, Standard, Custom. Defaults to NoProxy.
	// The convention used to determine the url of the request made. Possible values include `ForwardProxyConventionNoProxy`, `ForwardProxyConventionStandard`, `ForwardProxyConventionCustom`. Defaults to `ForwardProxyConventionNoProxy`
	ForwardProxyConvention *string `json:"forwardProxyConvention,omitempty" tf:"forward_proxy_convention,omitempty"`

	// The name of the custom header containing the host of the request.
	// The name of the header containing the host of the request.
	ForwardProxyCustomHostHeaderName *string `json:"forwardProxyCustomHostHeaderName,omitempty" tf:"forward_proxy_custom_host_header_name,omitempty"`

	// The name of the custom header containing the scheme of the request.
	// The name of the header containing the scheme of the request.
	ForwardProxyCustomSchemeHeaderName *string `json:"forwardProxyCustomSchemeHeaderName,omitempty" tf:"forward_proxy_custom_scheme_header_name,omitempty"`

	// A github_v2 block as defined below.
	GithubV2 []LinuxWebAppAuthSettingsV2GithubV2InitParameters `json:"githubV2,omitempty" tf:"github_v2,omitempty"`

	// A google_v2 block as defined below.
	GoogleV2 []LinuxWebAppAuthSettingsV2GoogleV2InitParameters `json:"googleV2,omitempty" tf:"google_v2,omitempty"`

	// The prefix that should precede all the authentication and authorisation paths. Defaults to /.auth.
	// The prefix that should precede all the authentication and authorisation paths. Defaults to `/.auth`
	HTTPRouteAPIPrefix *string `json:"httpRouteApiPrefix,omitempty" tf:"http_route_api_prefix,omitempty"`

	// A login block as defined below.
	Login []LinuxWebAppAuthSettingsV2LoginInitParameters `json:"login,omitempty" tf:"login,omitempty"`

	// A microsoft_v2 block as defined below.
	MicrosoftV2 []LinuxWebAppAuthSettingsV2MicrosoftV2InitParameters `json:"microsoftV2,omitempty" tf:"microsoft_v2,omitempty"`

	// Should the authentication flow be used for all requests.
	// Should the authentication flow be used for all requests.
	RequireAuthentication *bool `json:"requireAuthentication,omitempty" tf:"require_authentication,omitempty"`

	// Should HTTPS be required on connections? Defaults to true.
	// Should HTTPS be required on connections? Defaults to true.
	RequireHTTPS *bool `json:"requireHttps,omitempty" tf:"require_https,omitempty"`

	// The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to ~1.
	// The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to `~1`
	RuntimeVersion *string `json:"runtimeVersion,omitempty" tf:"runtime_version,omitempty"`

	// A twitter_v2 block as defined below.
	TwitterV2 []LinuxWebAppAuthSettingsV2TwitterV2InitParameters `json:"twitterV2,omitempty" tf:"twitter_v2,omitempty"`

	// The action to take for requests made without authentication. Possible values include RedirectToLoginPage, AllowAnonymous, Return401, and Return403. Defaults to RedirectToLoginPage.
	// The action to take for requests made without authentication. Possible values include `RedirectToLoginPage`, `AllowAnonymous`, `Return401`, and `Return403`. Defaults to `RedirectToLoginPage`.
	UnauthenticatedAction *string `json:"unauthenticatedAction,omitempty" tf:"unauthenticated_action,omitempty"`
}

type LinuxWebAppAuthSettingsV2LoginInitParameters struct {

	// External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
	// External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends. **Note:** URLs within the current domain are always implicitly allowed.
	AllowedExternalRedirectUrls []*string `json:"allowedExternalRedirectUrls,omitempty" tf:"allowed_external_redirect_urls,omitempty"`

	// The method by which cookies expire. Possible values include: FixedTime, and IdentityProviderDerived. Defaults to FixedTime.
	// The method by which cookies expire. Possible values include: `FixedTime`, and `IdentityProviderDerived`. Defaults to `FixedTime`.
	CookieExpirationConvention *string `json:"cookieExpirationConvention,omitempty" tf:"cookie_expiration_convention,omitempty"`

	// The time after the request is made when the session cookie should expire. Defaults to 08:00:00.
	// The time after the request is made when the session cookie should expire. Defaults to `08:00:00`.
	CookieExpirationTime *string `json:"cookieExpirationTime,omitempty" tf:"cookie_expiration_time,omitempty"`

	// The endpoint to which logout requests should be made.
	// The endpoint to which logout requests should be made.
	LogoutEndpoint *string `json:"logoutEndpoint,omitempty" tf:"logout_endpoint,omitempty"`

	// The time after the request is made when the nonce should expire. Defaults to 00:05:00.
	// The time after the request is made when the nonce should expire. Defaults to `00:05:00`.
	NonceExpirationTime *string `json:"nonceExpirationTime,omitempty" tf:"nonce_expiration_time,omitempty"`

	// Should the fragments from the request be preserved after the login request is made. Defaults to false.
	// Should the fragments from the request be preserved after the login request is made. Defaults to `false`.
	PreserveURLFragmentsForLogins *bool `json:"preserveUrlFragmentsForLogins,omitempty" tf:"preserve_url_fragments_for_logins,omitempty"`

	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to 72 hours.
	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to `72` hours.
	TokenRefreshExtensionTime *float64 `json:"tokenRefreshExtensionTime,omitempty" tf:"token_refresh_extension_time,omitempty"`

	// Should the Token Store configuration Enabled. Defaults to false
	// Should the Token Store configuration Enabled. Defaults to `false`
	TokenStoreEnabled *bool `json:"tokenStoreEnabled,omitempty" tf:"token_store_enabled,omitempty"`

	// The directory path in the App Filesystem in which the tokens will be stored.
	// The directory path in the App Filesystem in which the tokens will be stored.
	TokenStorePath *string `json:"tokenStorePath,omitempty" tf:"token_store_path,omitempty"`

	// The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
	// The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
	TokenStoreSASSettingName *string `json:"tokenStoreSasSettingName,omitempty" tf:"token_store_sas_setting_name,omitempty"`

	// Should the nonce be validated while completing the login flow. Defaults to true.
	// Should the nonce be validated while completing the login flow. Defaults to `true`.
	ValidateNonce *bool `json:"validateNonce,omitempty" tf:"validate_nonce,omitempty"`
}

type LinuxWebAppAuthSettingsV2LoginObservation struct {

	// External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
	// External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends. **Note:** URLs within the current domain are always implicitly allowed.
	AllowedExternalRedirectUrls []*string `json:"allowedExternalRedirectUrls,omitempty" tf:"allowed_external_redirect_urls,omitempty"`

	// The method by which cookies expire. Possible values include: FixedTime, and IdentityProviderDerived. Defaults to FixedTime.
	// The method by which cookies expire. Possible values include: `FixedTime`, and `IdentityProviderDerived`. Defaults to `FixedTime`.
	CookieExpirationConvention *string `json:"cookieExpirationConvention,omitempty" tf:"cookie_expiration_convention,omitempty"`

	// The time after the request is made when the session cookie should expire. Defaults to 08:00:00.
	// The time after the request is made when the session cookie should expire. Defaults to `08:00:00`.
	CookieExpirationTime *string `json:"cookieExpirationTime,omitempty" tf:"cookie_expiration_time,omitempty"`

	// The endpoint to which logout requests should be made.
	// The endpoint to which logout requests should be made.
	LogoutEndpoint *string `json:"logoutEndpoint,omitempty" tf:"logout_endpoint,omitempty"`

	// The time after the request is made when the nonce should expire. Defaults to 00:05:00.
	// The time after the request is made when the nonce should expire. Defaults to `00:05:00`.
	NonceExpirationTime *string `json:"nonceExpirationTime,omitempty" tf:"nonce_expiration_time,omitempty"`

	// Should the fragments from the request be preserved after the login request is made. Defaults to false.
	// Should the fragments from the request be preserved after the login request is made. Defaults to `false`.
	PreserveURLFragmentsForLogins *bool `json:"preserveUrlFragmentsForLogins,omitempty" tf:"preserve_url_fragments_for_logins,omitempty"`

	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to 72 hours.
	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to `72` hours.
	TokenRefreshExtensionTime *float64 `json:"tokenRefreshExtensionTime,omitempty" tf:"token_refresh_extension_time,omitempty"`

	// Should the Token Store configuration Enabled. Defaults to false
	// Should the Token Store configuration Enabled. Defaults to `false`
	TokenStoreEnabled *bool `json:"tokenStoreEnabled,omitempty" tf:"token_store_enabled,omitempty"`

	// The directory path in the App Filesystem in which the tokens will be stored.
	// The directory path in the App Filesystem in which the tokens will be stored.
	TokenStorePath *string `json:"tokenStorePath,omitempty" tf:"token_store_path,omitempty"`

	// The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
	// The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
	TokenStoreSASSettingName *string `json:"tokenStoreSasSettingName,omitempty" tf:"token_store_sas_setting_name,omitempty"`

	// Should the nonce be validated while completing the login flow. Defaults to true.
	// Should the nonce be validated while completing the login flow. Defaults to `true`.
	ValidateNonce *bool `json:"validateNonce,omitempty" tf:"validate_nonce,omitempty"`
}

type LinuxWebAppAuthSettingsV2LoginParameters struct {

	// External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends.
	// External URLs that can be redirected to as part of logging in or logging out of the app. This is an advanced setting typically only needed by Windows Store application backends. **Note:** URLs within the current domain are always implicitly allowed.
	// +kubebuilder:validation:Optional
	AllowedExternalRedirectUrls []*string `json:"allowedExternalRedirectUrls,omitempty" tf:"allowed_external_redirect_urls,omitempty"`

	// The method by which cookies expire. Possible values include: FixedTime, and IdentityProviderDerived. Defaults to FixedTime.
	// The method by which cookies expire. Possible values include: `FixedTime`, and `IdentityProviderDerived`. Defaults to `FixedTime`.
	// +kubebuilder:validation:Optional
	CookieExpirationConvention *string `json:"cookieExpirationConvention,omitempty" tf:"cookie_expiration_convention,omitempty"`

	// The time after the request is made when the session cookie should expire. Defaults to 08:00:00.
	// The time after the request is made when the session cookie should expire. Defaults to `08:00:00`.
	// +kubebuilder:validation:Optional
	CookieExpirationTime *string `json:"cookieExpirationTime,omitempty" tf:"cookie_expiration_time,omitempty"`

	// The endpoint to which logout requests should be made.
	// The endpoint to which logout requests should be made.
	// +kubebuilder:validation:Optional
	LogoutEndpoint *string `json:"logoutEndpoint,omitempty" tf:"logout_endpoint,omitempty"`

	// The time after the request is made when the nonce should expire. Defaults to 00:05:00.
	// The time after the request is made when the nonce should expire. Defaults to `00:05:00`.
	// +kubebuilder:validation:Optional
	NonceExpirationTime *string `json:"nonceExpirationTime,omitempty" tf:"nonce_expiration_time,omitempty"`

	// Should the fragments from the request be preserved after the login request is made. Defaults to false.
	// Should the fragments from the request be preserved after the login request is made. Defaults to `false`.
	// +kubebuilder:validation:Optional
	PreserveURLFragmentsForLogins *bool `json:"preserveUrlFragmentsForLogins,omitempty" tf:"preserve_url_fragments_for_logins,omitempty"`

	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to 72 hours.
	// The number of hours after session token expiration that a session token can be used to call the token refresh API. Defaults to `72` hours.
	// +kubebuilder:validation:Optional
	TokenRefreshExtensionTime *float64 `json:"tokenRefreshExtensionTime,omitempty" tf:"token_refresh_extension_time,omitempty"`

	// Should the Token Store configuration Enabled. Defaults to false
	// Should the Token Store configuration Enabled. Defaults to `false`
	// +kubebuilder:validation:Optional
	TokenStoreEnabled *bool `json:"tokenStoreEnabled,omitempty" tf:"token_store_enabled,omitempty"`

	// The directory path in the App Filesystem in which the tokens will be stored.
	// The directory path in the App Filesystem in which the tokens will be stored.
	// +kubebuilder:validation:Optional
	TokenStorePath *string `json:"tokenStorePath,omitempty" tf:"token_store_path,omitempty"`

	// The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
	// The name of the app setting which contains the SAS URL of the blob storage containing the tokens.
	// +kubebuilder:validation:Optional
	TokenStoreSASSettingName *string `json:"tokenStoreSasSettingName,omitempty" tf:"token_store_sas_setting_name,omitempty"`

	// Should the nonce be validated while completing the login flow. Defaults to true.
	// Should the nonce be validated while completing the login flow. Defaults to `true`.
	// +kubebuilder:validation:Optional
	ValidateNonce *bool `json:"validateNonce,omitempty" tf:"validate_nonce,omitempty"`
}

type LinuxWebAppAuthSettingsV2MicrosoftV2InitParameters struct {

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OAuth 2.0 client ID that was created for the app used for authentication.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// The list of Login scopes that will be requested as part of Microsoft Account authentication.
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2MicrosoftV2Observation struct {

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OAuth 2.0 client ID that was created for the app used for authentication.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	ClientSecretSettingName *string `json:"clientSecretSettingName,omitempty" tf:"client_secret_setting_name,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// The list of Login scopes that will be requested as part of Microsoft Account authentication.
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2MicrosoftV2Parameters struct {

	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// Specifies a list of Allowed Audiences that will be requested as part of Microsoft Sign-In authentication.
	// +kubebuilder:validation:Optional
	AllowedAudiences []*string `json:"allowedAudiences,omitempty" tf:"allowed_audiences,omitempty"`

	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// The OAuth 2.0 client ID that was created for the app used for authentication.
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// The app setting name containing the OAuth 2.0 client secret that was created for the app used for authentication.
	// +kubebuilder:validation:Optional
	ClientSecretSettingName *string `json:"clientSecretSettingName" tf:"client_secret_setting_name,omitempty"`

	// The list of Login scopes that should be requested as part of Microsoft Account authentication.
	// The list of Login scopes that will be requested as part of Microsoft Account authentication.
	// +kubebuilder:validation:Optional
	LoginScopes []*string `json:"loginScopes,omitempty" tf:"login_scopes,omitempty"`
}

type LinuxWebAppAuthSettingsV2Observation struct {

	// An active_directory_v2 block as defined below.
	ActiveDirectoryV2 []LinuxWebAppAuthSettingsV2ActiveDirectoryV2Observation `json:"activeDirectoryV2,omitempty" tf:"active_directory_v2,omitempty"`

	// An apple_v2 block as defined below.
	AppleV2 []LinuxWebAppAuthSettingsV2AppleV2Observation `json:"appleV2,omitempty" tf:"apple_v2,omitempty"`

	// Should the AuthV2 Settings be enabled. Defaults to false.
	// Should the AuthV2 Settings be enabled. Defaults to `false`
	AuthEnabled *bool `json:"authEnabled,omitempty" tf:"auth_enabled,omitempty"`

	// An azure_static_web_app_v2 block as defined below.
	AzureStaticWebAppV2 []LinuxWebAppAuthSettingsV2AzureStaticWebAppV2Observation `json:"azureStaticWebAppV2,omitempty" tf:"azure_static_web_app_v2,omitempty"`

	// The path to the App Auth settings.
	// The path to the App Auth settings. **Note:** Relative Paths are evaluated from the Site Root directory.
	ConfigFilePath *string `json:"configFilePath,omitempty" tf:"config_file_path,omitempty"`

	// Zero or more custom_oidc_v2 blocks as defined below.
	CustomOidcV2 []LinuxWebAppAuthSettingsV2CustomOidcV2Observation `json:"customOidcV2,omitempty" tf:"custom_oidc_v2,omitempty"`

	// The Default Authentication Provider to use when the unauthenticated_action is set to RedirectToLoginPage. Possible values include: apple, azureactivedirectory, facebook, github, google, twitter and the name of your custom_oidc_v2 provider.
	// The Default Authentication Provider to use when the `unauthenticated_action` is set to `RedirectToLoginPage`. Possible values include: `apple`, `azureactivedirectory`, `facebook`, `github`, `google`, `twitter` and the `name` of your `custom_oidc_v2` provider.
	DefaultProvider *string `json:"defaultProvider,omitempty" tf:"default_provider,omitempty"`

	// The paths which should be excluded from the unauthenticated_action when it is set to RedirectToLoginPage.
	// The paths which should be excluded from the `unauthenticated_action` when it is set to `RedirectToLoginPage`.
	ExcludedPaths []*string `json:"excludedPaths,omitempty" tf:"excluded_paths,omitempty"`

	// A facebook_v2 block as defined below.
	FacebookV2 []LinuxWebAppAuthSettingsV2FacebookV2Observation `json:"facebookV2,omitempty" tf:"facebook_v2,omitempty"`

	// The convention used to determine the url of the request made. Possible values include NoProxy, Standard, Custom. Defaults to NoProxy.
	// The convention used to determine the url of the request made. Possible values include `ForwardProxyConventionNoProxy`, `ForwardProxyConventionStandard`, `ForwardProxyConventionCustom`. Defaults to `ForwardProxyConventionNoProxy`
	ForwardProxyConvention *string `json:"forwardProxyConvention,omitempty" tf:"forward_proxy_convention,omitempty"`

	// The name of the custom header containing the host of the request.
	// The name of the header containing the host of the request.
	ForwardProxyCustomHostHeaderName *string `json:"forwardProxyCustomHostHeaderName,omitempty" tf:"forward_proxy_custom_host_header_name,omitempty"`

	// The name of the custom header containing the scheme of the request.
	// The name of the header containing the scheme of the request.
	ForwardProxyCustomSchemeHeaderName *string `json:"forwardProxyCustomSchemeHeaderName,omitempty" tf:"forward_proxy_custom_scheme_header_name,omitempty"`

	// A github_v2 block as defined below.
	GithubV2 []LinuxWebAppAuthSettingsV2GithubV2Observation `json:"githubV2,omitempty" tf:"github_v2,omitempty"`

	// A google_v2 block as defined below.
	GoogleV2 []LinuxWebAppAuthSettingsV2GoogleV2Observation `json:"googleV2,omitempty" tf:"google_v2,omitempty"`

	// The prefix that should precede all the authentication and authorisation paths. Defaults to /.auth.
	// The prefix that should precede all the authentication and authorisation paths. Defaults to `/.auth`
	HTTPRouteAPIPrefix *string `json:"httpRouteApiPrefix,omitempty" tf:"http_route_api_prefix,omitempty"`

	// A login block as defined below.
	Login []LinuxWebAppAuthSettingsV2LoginObservation `json:"login,omitempty" tf:"login,omitempty"`

	// A microsoft_v2 block as defined below.
	MicrosoftV2 []LinuxWebAppAuthSettingsV2MicrosoftV2Observation `json:"microsoftV2,omitempty" tf:"microsoft_v2,omitempty"`

	// Should the authentication flow be used for all requests.
	// Should the authentication flow be used for all requests.
	RequireAuthentication *bool `json:"requireAuthentication,omitempty" tf:"require_authentication,omitempty"`

	// Should HTTPS be required on connections? Defaults to true.
	// Should HTTPS be required on connections? Defaults to true.
	RequireHTTPS *bool `json:"requireHttps,omitempty" tf:"require_https,omitempty"`

	// The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to ~1.
	// The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to `~1`
	RuntimeVersion *string `json:"runtimeVersion,omitempty" tf:"runtime_version,omitempty"`

	// A twitter_v2 block as defined below.
	TwitterV2 []LinuxWebAppAuthSettingsV2TwitterV2Observation `json:"twitterV2,omitempty" tf:"twitter_v2,omitempty"`

	// The action to take for requests made without authentication. Possible values include RedirectToLoginPage, AllowAnonymous, Return401, and Return403. Defaults to RedirectToLoginPage.
	// The action to take for requests made without authentication. Possible values include `RedirectToLoginPage`, `AllowAnonymous`, `Return401`, and `Return403`. Defaults to `RedirectToLoginPage`.
	UnauthenticatedAction *string `json:"unauthenticatedAction,omitempty" tf:"unauthenticated_action,omitempty"`
}

type LinuxWebAppAuthSettingsV2Parameters struct {

	// An active_directory_v2 block as defined below.
	// +kubebuilder:validation:Optional
	ActiveDirectoryV2 []LinuxWebAppAuthSettingsV2ActiveDirectoryV2Parameters `json:"activeDirectoryV2,omitempty" tf:"active_directory_v2,omitempty"`

	// An apple_v2 block as defined below.
	// +kubebuilder:validation:Optional
	AppleV2 []LinuxWebAppAuthSettingsV2AppleV2Parameters `json:"appleV2,omitempty" tf:"apple_v2,omitempty"`

	// Should the AuthV2 Settings be enabled. Defaults to false.
	// Should the AuthV2 Settings be enabled. Defaults to `false`
	// +kubebuilder:validation:Optional
	AuthEnabled *bool `json:"authEnabled,omitempty" tf:"auth_enabled,omitempty"`

	// An azure_static_web_app_v2 block as defined below.
	// +kubebuilder:validation:Optional
	AzureStaticWebAppV2 []LinuxWebAppAuthSettingsV2AzureStaticWebAppV2Parameters `json:"azureStaticWebAppV2,omitempty" tf:"azure_static_web_app_v2,omitempty"`

	// The path to the App Auth settings.
	// The path to the App Auth settings. **Note:** Relative Paths are evaluated from the Site Root directory.
	// +kubebuilder:validation:Optional
	ConfigFilePath *string `json:"configFilePath,omitempty" tf:"config_file_path,omitempty"`

	// Zero or more custom_oidc_v2 blocks as defined below.
	// +kubebuilder:validation:Optional
	CustomOidcV2 []LinuxWebAppAuthSettingsV2CustomOidcV2Parameters `json:"customOidcV2,omitempty" tf:"custom_oidc_v2,omitempty"`

	// The Default Authentication Provider to use when the unauthenticated_action is set to RedirectToLoginPage. Possible values include: apple, azureactivedirectory, facebook, github, google, twitter and the name of your custom_oidc_v2 provider.
	// The Default Authentication Provider to use when the `unauthenticated_action` is set to `RedirectToLoginPage`. Possible values include: `apple`, `azureactivedirectory`, `facebook`, `github`, `google`, `twitter` and the `name` of your `custom_oidc_v2` provider.
	// +kubebuilder:validation:Optional
	DefaultProvider *string `json:"defaultProvider,omitempty" tf:"default_provider,omitempty"`

	// The paths which should be excluded from the unauthenticated_action when it is set to RedirectToLoginPage.
	// The paths which should be excluded from the `unauthenticated_action` when it is set to `RedirectToLoginPage`.
	// +kubebuilder:validation:Optional
	ExcludedPaths []*string `json:"excludedPaths,omitempty" tf:"excluded_paths,omitempty"`

	// A facebook_v2 block as defined below.
	// +kubebuilder:validation:Optional
	FacebookV2 []LinuxWebAppAuthSettingsV2FacebookV2Parameters `json:"facebookV2,omitempty" tf:"facebook_v2,omitempty"`

	// The convention used to determine the url of the request made. Possible values include NoProxy, Standard, Custom. Defaults to NoProxy.
	// The convention used to determine the url of the request made. Possible values include `ForwardProxyConventionNoProxy`, `ForwardProxyConventionStandard`, `ForwardProxyConventionCustom`. Defaults to `ForwardProxyConventionNoProxy`
	// +kubebuilder:validation:Optional
	ForwardProxyConvention *string `json:"forwardProxyConvention,omitempty" tf:"forward_proxy_convention,omitempty"`

	// The name of the custom header containing the host of the request.
	// The name of the header containing the host of the request.
	// +kubebuilder:validation:Optional
	ForwardProxyCustomHostHeaderName *string `json:"forwardProxyCustomHostHeaderName,omitempty" tf:"forward_proxy_custom_host_header_name,omitempty"`

	// The name of the custom header containing the scheme of the request.
	// The name of the header containing the scheme of the request.
	// +kubebuilder:validation:Optional
	ForwardProxyCustomSchemeHeaderName *string `json:"forwardProxyCustomSchemeHeaderName,omitempty" tf:"forward_proxy_custom_scheme_header_name,omitempty"`

	// A github_v2 block as defined below.
	// +kubebuilder:validation:Optional
	GithubV2 []LinuxWebAppAuthSettingsV2GithubV2Parameters `json:"githubV2,omitempty" tf:"github_v2,omitempty"`

	// A google_v2 block as defined below.
	// +kubebuilder:validation:Optional
	GoogleV2 []LinuxWebAppAuthSettingsV2GoogleV2Parameters `json:"googleV2,omitempty" tf:"google_v2,omitempty"`

	// The prefix that should precede all the authentication and authorisation paths. Defaults to /.auth.
	// The prefix that should precede all the authentication and authorisation paths. Defaults to `/.auth`
	// +kubebuilder:validation:Optional
	HTTPRouteAPIPrefix *string `json:"httpRouteApiPrefix,omitempty" tf:"http_route_api_prefix,omitempty"`

	// A login block as defined below.
	// +kubebuilder:validation:Optional
	Login []LinuxWebAppAuthSettingsV2LoginParameters `json:"login" tf:"login,omitempty"`

	// A microsoft_v2 block as defined below.
	// +kubebuilder:validation:Optional
	MicrosoftV2 []LinuxWebAppAuthSettingsV2MicrosoftV2Parameters `json:"microsoftV2,omitempty" tf:"microsoft_v2,omitempty"`

	// Should the authentication flow be used for all requests.
	// Should the authentication flow be used for all requests.
	// +kubebuilder:validation:Optional
	RequireAuthentication *bool `json:"requireAuthentication,omitempty" tf:"require_authentication,omitempty"`

	// Should HTTPS be required on connections? Defaults to true.
	// Should HTTPS be required on connections? Defaults to true.
	// +kubebuilder:validation:Optional
	RequireHTTPS *bool `json:"requireHttps,omitempty" tf:"require_https,omitempty"`

	// The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to ~1.
	// The Runtime Version of the Authentication and Authorisation feature of this App. Defaults to `~1`
	// +kubebuilder:validation:Optional
	RuntimeVersion *string `json:"runtimeVersion,omitempty" tf:"runtime_version,omitempty"`

	// A twitter_v2 block as defined below.
	// +kubebuilder:validation:Optional
	TwitterV2 []LinuxWebAppAuthSettingsV2TwitterV2Parameters `json:"twitterV2,omitempty" tf:"twitter_v2,omitempty"`

	// The action to take for requests made without authentication. Possible values include RedirectToLoginPage, AllowAnonymous, Return401, and Return403. Defaults to RedirectToLoginPage.
	// The action to take for requests made without authentication. Possible values include `RedirectToLoginPage`, `AllowAnonymous`, `Return401`, and `Return403`. Defaults to `RedirectToLoginPage`.
	// +kubebuilder:validation:Optional
	UnauthenticatedAction *string `json:"unauthenticatedAction,omitempty" tf:"unauthenticated_action,omitempty"`
}

type LinuxWebAppAuthSettingsV2TwitterV2InitParameters struct {

	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	ConsumerKey *string `json:"consumerKey,omitempty" tf:"consumer_key,omitempty"`

	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
	ConsumerSecretSettingName *string `json:"consumerSecretSettingName,omitempty" tf:"consumer_secret_setting_name,omitempty"`
}

type LinuxWebAppAuthSettingsV2TwitterV2Observation struct {

	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	ConsumerKey *string `json:"consumerKey,omitempty" tf:"consumer_key,omitempty"`

	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
	ConsumerSecretSettingName *string `json:"consumerSecretSettingName,omitempty" tf:"consumer_secret_setting_name,omitempty"`
}

type LinuxWebAppAuthSettingsV2TwitterV2Parameters struct {

	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	// The OAuth 1.0a consumer key of the Twitter application used for sign-in.
	// +kubebuilder:validation:Optional
	ConsumerKey *string `json:"consumerKey" tf:"consumer_key,omitempty"`

	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
	// The app setting name that contains the OAuth 1.0a consumer secret of the Twitter application used for sign-in.
	// +kubebuilder:validation:Optional
	ConsumerSecretSettingName *string `json:"consumerSecretSettingName" tf:"consumer_secret_setting_name,omitempty"`
}

type LinuxWebAppBackupInitParameters struct {

	// Should this backup job be enabled? Defaults to true.
	// Should this backup job be enabled?
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// The name which should be used for this Backup.
	// The name which should be used for this Backup.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// A schedule block as defined below.
	Schedule []LinuxWebAppBackupScheduleInitParameters `json:"schedule,omitempty" tf:"schedule,omitempty"`
}

type LinuxWebAppBackupObservation struct {

	// Should this backup job be enabled? Defaults to true.
	// Should this backup job be enabled?
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// The name which should be used for this Backup.
	// The name which should be used for this Backup.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// A schedule block as defined below.
	Schedule []LinuxWebAppBackupScheduleObservation `json:"schedule,omitempty" tf:"schedule,omitempty"`
}

type LinuxWebAppBackupParameters struct {

	// Should this backup job be enabled? Defaults to true.
	// Should this backup job be enabled?
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// The name which should be used for this Backup.
	// The name which should be used for this Backup.
	// +kubebuilder:validation:Optional
	Name *string `json:"name" tf:"name,omitempty"`

	// A schedule block as defined below.
	// +kubebuilder:validation:Optional
	Schedule []LinuxWebAppBackupScheduleParameters `json:"schedule" tf:"schedule,omitempty"`

	// The SAS URL to the container.
	// The SAS URL to the container.
	// +kubebuilder:validation:Required
	StorageAccountURLSecretRef v1.SecretKeySelector `json:"storageAccountUrlSecretRef" tf:"-"`
}

type LinuxWebAppBackupScheduleInitParameters struct {

	// How often the backup should be executed (e.g. for weekly backup, this should be set to 7 and frequency_unit should be set to Day).
	// How often the backup should be executed (e.g. for weekly backup, this should be set to `7` and `frequency_unit` should be set to `Day`).
	FrequencyInterval *float64 `json:"frequencyInterval,omitempty" tf:"frequency_interval,omitempty"`

	// The unit of time for how often the backup should take place. Possible values include: Day, Hour
	// The unit of time for how often the backup should take place. Possible values include: `Day` and `Hour`.
	FrequencyUnit *string `json:"frequencyUnit,omitempty" tf:"frequency_unit,omitempty"`

	// Should the service keep at least one backup, regardless of the age of backup? Defaults to false.
	// Should the service keep at least one backup, regardless of age of backup. Defaults to `false`.
	KeepAtLeastOneBackup *bool `json:"keepAtLeastOneBackup,omitempty" tf:"keep_at_least_one_backup,omitempty"`

	// After how many days backups should be deleted. Defaults to 30.
	// After how many days backups should be deleted.
	RetentionPeriodDays *float64 `json:"retentionPeriodDays,omitempty" tf:"retention_period_days,omitempty"`

	// When the schedule should start working in RFC-3339 format.
	// When the schedule should start working in RFC-3339 format.
	StartTime *string `json:"startTime,omitempty" tf:"start_time,omitempty"`
}

type LinuxWebAppBackupScheduleObservation struct {

	// How often the backup should be executed (e.g. for weekly backup, this should be set to 7 and frequency_unit should be set to Day).
	// How often the backup should be executed (e.g. for weekly backup, this should be set to `7` and `frequency_unit` should be set to `Day`).
	FrequencyInterval *float64 `json:"frequencyInterval,omitempty" tf:"frequency_interval,omitempty"`

	// The unit of time for how often the backup should take place. Possible values include: Day, Hour
	// The unit of time for how often the backup should take place. Possible values include: `Day` and `Hour`.
	FrequencyUnit *string `json:"frequencyUnit,omitempty" tf:"frequency_unit,omitempty"`

	// Should the service keep at least one backup, regardless of the age of backup? Defaults to false.
	// Should the service keep at least one backup, regardless of age of backup. Defaults to `false`.
	KeepAtLeastOneBackup *bool `json:"keepAtLeastOneBackup,omitempty" tf:"keep_at_least_one_backup,omitempty"`

	// The time the backup was last attempted.
	LastExecutionTime *string `json:"lastExecutionTime,omitempty" tf:"last_execution_time,omitempty"`

	// After how many days backups should be deleted. Defaults to 30.
	// After how many days backups should be deleted.
	RetentionPeriodDays *float64 `json:"retentionPeriodDays,omitempty" tf:"retention_period_days,omitempty"`

	// When the schedule should start working in RFC-3339 format.
	// When the schedule should start working in RFC-3339 format.
	StartTime *string `json:"startTime,omitempty" tf:"start_time,omitempty"`
}

type LinuxWebAppBackupScheduleParameters struct {

	// How often the backup should be executed (e.g. for weekly backup, this should be set to 7 and frequency_unit should be set to Day).
	// How often the backup should be executed (e.g. for weekly backup, this should be set to `7` and `frequency_unit` should be set to `Day`).
	// +kubebuilder:validation:Optional
	FrequencyInterval *float64 `json:"frequencyInterval" tf:"frequency_interval,omitempty"`

	// The unit of time for how often the backup should take place. Possible values include: Day, Hour
	// The unit of time for how often the backup should take place. Possible values include: `Day` and `Hour`.
	// +kubebuilder:validation:Optional
	FrequencyUnit *string `json:"frequencyUnit" tf:"frequency_unit,omitempty"`

	// Should the service keep at least one backup, regardless of the age of backup? Defaults to false.
	// Should the service keep at least one backup, regardless of age of backup. Defaults to `false`.
	// +kubebuilder:validation:Optional
	KeepAtLeastOneBackup *bool `json:"keepAtLeastOneBackup,omitempty" tf:"keep_at_least_one_backup,omitempty"`

	// After how many days backups should be deleted. Defaults to 30.
	// After how many days backups should be deleted.
	// +kubebuilder:validation:Optional
	RetentionPeriodDays *float64 `json:"retentionPeriodDays,omitempty" tf:"retention_period_days,omitempty"`

	// When the schedule should start working in RFC-3339 format.
	// When the schedule should start working in RFC-3339 format.
	// +kubebuilder:validation:Optional
	StartTime *string `json:"startTime,omitempty" tf:"start_time,omitempty"`
}

type LinuxWebAppConnectionStringInitParameters struct {

	// The name of the Connection String.
	// The name which should be used for this Connection.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Type of database. Possible values include: MySQL, SQLServer, SQLAzure, Custom, NotificationHub, ServiceBus, EventHub, APIHub, DocDb, RedisCache, and PostgreSQL.
	// Type of database. Possible values include: `MySQL`, `SQLServer`, `SQLAzure`, `Custom`, `NotificationHub`, `ServiceBus`, `EventHub`, `APIHub`, `DocDb`, `RedisCache`, and `PostgreSQL`.
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

type LinuxWebAppConnectionStringObservation struct {

	// The name of the Connection String.
	// The name which should be used for this Connection.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Type of database. Possible values include: MySQL, SQLServer, SQLAzure, Custom, NotificationHub, ServiceBus, EventHub, APIHub, DocDb, RedisCache, and PostgreSQL.
	// Type of database. Possible values include: `MySQL`, `SQLServer`, `SQLAzure`, `Custom`, `NotificationHub`, `ServiceBus`, `EventHub`, `APIHub`, `DocDb`, `RedisCache`, and `PostgreSQL`.
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

type LinuxWebAppConnectionStringParameters struct {

	// The name of the Connection String.
	// The name which should be used for this Connection.
	// +kubebuilder:validation:Optional
	Name *string `json:"name" tf:"name,omitempty"`

	// Type of database. Possible values include: MySQL, SQLServer, SQLAzure, Custom, NotificationHub, ServiceBus, EventHub, APIHub, DocDb, RedisCache, and PostgreSQL.
	// Type of database. Possible values include: `MySQL`, `SQLServer`, `SQLAzure`, `Custom`, `NotificationHub`, `ServiceBus`, `EventHub`, `APIHub`, `DocDb`, `RedisCache`, and `PostgreSQL`.
	// +kubebuilder:validation:Optional
	Type *string `json:"type" tf:"type,omitempty"`

	// The connection string value.
	// The connection string value.
	// +kubebuilder:validation:Required
	ValueSecretRef v1.SecretKeySelector `json:"valueSecretRef" tf:"-"`
}

type LinuxWebAppIdentityInitParameters struct {

	// A list of User Assigned Managed Identity IDs to be assigned to this Linux Web App.
	// +listType=set
	IdentityIds []*string `json:"identityIds,omitempty" tf:"identity_ids,omitempty"`

	// Specifies the type of Managed Service Identity that should be configured on this Linux Web App. Possible values are SystemAssigned, UserAssigned, and SystemAssigned, UserAssigned (to enable both).
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

type LinuxWebAppIdentityObservation struct {

	// A list of User Assigned Managed Identity IDs to be assigned to this Linux Web App.
	// +listType=set
	IdentityIds []*string `json:"identityIds,omitempty" tf:"identity_ids,omitempty"`

	// The Principal ID associated with this Managed Service Identity.
	PrincipalID *string `json:"principalId,omitempty" tf:"principal_id,omitempty"`

	// The Tenant ID associated with this Managed Service Identity.
	TenantID *string `json:"tenantId,omitempty" tf:"tenant_id,omitempty"`

	// Specifies the type of Managed Service Identity that should be configured on this Linux Web App. Possible values are SystemAssigned, UserAssigned, and SystemAssigned, UserAssigned (to enable both).
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

type LinuxWebAppIdentityParameters struct {

	// A list of User Assigned Managed Identity IDs to be assigned to this Linux Web App.
	// +kubebuilder:validation:Optional
	// +listType=set
	IdentityIds []*string `json:"identityIds,omitempty" tf:"identity_ids,omitempty"`

	// Specifies the type of Managed Service Identity that should be configured on this Linux Web App. Possible values are SystemAssigned, UserAssigned, and SystemAssigned, UserAssigned (to enable both).
	// +kubebuilder:validation:Optional
	Type *string `json:"type" tf:"type,omitempty"`
}

type LinuxWebAppInitParameters struct {

	// A map of key-value pairs of App Settings.
	// +mapType=granular
	AppSettings map[string]*string `json:"appSettings,omitempty" tf:"app_settings,omitempty"`

	// A auth_settings block as defined below.
	AuthSettings []LinuxWebAppAuthSettingsInitParameters `json:"authSettings,omitempty" tf:"auth_settings,omitempty"`

	// An auth_settings_v2 block as defined below.
	AuthSettingsV2 []LinuxWebAppAuthSettingsV2InitParameters `json:"authSettingsV2,omitempty" tf:"auth_settings_v2,omitempty"`

	// A backup block as defined below.
	Backup []LinuxWebAppBackupInitParameters `json:"backup,omitempty" tf:"backup,omitempty"`

	// Should Client Affinity be enabled?
	ClientAffinityEnabled *bool `json:"clientAffinityEnabled,omitempty" tf:"client_affinity_enabled,omitempty"`

	// Should Client Certificates be enabled?
	ClientCertificateEnabled *bool `json:"clientCertificateEnabled,omitempty" tf:"client_certificate_enabled,omitempty"`

	// Paths to exclude when using client certificates, separated by ;
	// Paths to exclude when using client certificates, separated by ;
	ClientCertificateExclusionPaths *string `json:"clientCertificateExclusionPaths,omitempty" tf:"client_certificate_exclusion_paths,omitempty"`

	// The Client Certificate mode. Possible values are Required, Optional, and OptionalInteractiveUser. This property has no effect when client_certificate_enabled is false. Defaults to Required.
	ClientCertificateMode *string `json:"clientCertificateMode,omitempty" tf:"client_certificate_mode,omitempty"`

	// One or more connection_string blocks as defined below.
	ConnectionString []LinuxWebAppConnectionStringInitParameters `json:"connectionString,omitempty" tf:"connection_string,omitempty"`

	// Should the Linux Web App be enabled? Defaults to true.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Should the default FTP Basic Authentication publishing profile be enabled. Defaults to true.
	FtpPublishBasicAuthenticationEnabled *bool `json:"ftpPublishBasicAuthenticationEnabled,omitempty" tf:"ftp_publish_basic_authentication_enabled,omitempty"`

	// Should the Linux Web App require HTTPS connections. Defaults to false.
	HTTPSOnly *bool `json:"httpsOnly,omitempty" tf:"https_only,omitempty"`

	// An identity block as defined below.
	Identity []LinuxWebAppIdentityInitParameters `json:"identity,omitempty" tf:"identity,omitempty"`

	// The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the identity block. For more information see - Access vaults with a user-assigned identity.
	KeyVaultReferenceIdentityID *string `json:"keyVaultReferenceIdentityId,omitempty" tf:"key_vault_reference_identity_id,omitempty"`

	// The Azure Region where the Linux Web App should exist. Changing this forces a new Linux Web App to be created.
	Location *string `json:"location,omitempty" tf:"location,omitempty"`

	// A logs block as defined below.
	Logs []LogsInitParameters `json:"logs,omitempty" tf:"logs,omitempty"`

	// Should public network access be enabled for the Web App. Defaults to true.
	PublicNetworkAccessEnabled *bool `json:"publicNetworkAccessEnabled,omitempty" tf:"public_network_access_enabled,omitempty"`

	// The ID of the Service Plan that this Linux App Service will be created in.
	// +crossplane:generate:reference:type=github.com/upbound/provider-azure/apis/web/v1beta1.ServicePlan
	// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID()
	ServicePlanID *string `json:"servicePlanId,omitempty" tf:"service_plan_id,omitempty"`

	// Reference to a ServicePlan in web to populate servicePlanId.
	// +kubebuilder:validation:Optional
	ServicePlanIDRef *v1.Reference `json:"servicePlanIdRef,omitempty" tf:"-"`

	// Selector for a ServicePlan in web to populate servicePlanId.
	// +kubebuilder:validation:Optional
	ServicePlanIDSelector *v1.Selector `json:"servicePlanIdSelector,omitempty" tf:"-"`

	// A site_config block as defined below.
	SiteConfig []LinuxWebAppSiteConfigInitParameters `json:"siteConfig,omitempty" tf:"site_config,omitempty"`

	// A sticky_settings block as defined below.
	StickySettings []LinuxWebAppStickySettingsInitParameters `json:"stickySettings,omitempty" tf:"sticky_settings,omitempty"`

	// One or more storage_account blocks as defined below.
	StorageAccount []LinuxWebAppStorageAccountInitParameters `json:"storageAccount,omitempty" tf:"storage_account,omitempty"`

	// A mapping of tags which should be assigned to the Linux Web App.
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// The subnet id which will be used by this Web App for regional virtual network integration.
	// +crossplane:generate:reference:type=github.com/upbound/provider-azure/apis/network/v1beta1.Subnet
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-azure/apis/rconfig.ExtractResourceID()
	VirtualNetworkSubnetID *string `json:"virtualNetworkSubnetId,omitempty" tf:"virtual_network_subnet_id,omitempty"`

	// Reference to a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDRef *v1.Reference `json:"virtualNetworkSubnetIdRef,omitempty" tf:"-"`

	// Selector for a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDSelector *v1.Selector `json:"virtualNetworkSubnetIdSelector,omitempty" tf:"-"`

	// Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to true.
	WebdeployPublishBasicAuthenticationEnabled *bool `json:"webdeployPublishBasicAuthenticationEnabled,omitempty" tf:"webdeploy_publish_basic_authentication_enabled,omitempty"`

	// The local path and filename of the Zip packaged application to deploy to this Linux Web App.
	// The local path and filename of the Zip packaged application to deploy to this Linux Web App. **Note:** Using this value requires either `WEBSITE_RUN_FROM_PACKAGE=1` or `SCM_DO_BUILD_DURING_DEPLOYMENT=true` to be set on the App in `app_settings`.
	ZipDeployFile *string `json:"zipDeployFile,omitempty" tf:"zip_deploy_file,omitempty"`
}

type LinuxWebAppObservation struct {

	// A map of key-value pairs of App Settings.
	// +mapType=granular
	AppSettings map[string]*string `json:"appSettings,omitempty" tf:"app_settings,omitempty"`

	// A auth_settings block as defined below.
	AuthSettings []LinuxWebAppAuthSettingsObservation `json:"authSettings,omitempty" tf:"auth_settings,omitempty"`

	// An auth_settings_v2 block as defined below.
	AuthSettingsV2 []LinuxWebAppAuthSettingsV2Observation `json:"authSettingsV2,omitempty" tf:"auth_settings_v2,omitempty"`

	// A backup block as defined below.
	Backup []LinuxWebAppBackupObservation `json:"backup,omitempty" tf:"backup,omitempty"`

	// Should Client Affinity be enabled?
	ClientAffinityEnabled *bool `json:"clientAffinityEnabled,omitempty" tf:"client_affinity_enabled,omitempty"`

	// Should Client Certificates be enabled?
	ClientCertificateEnabled *bool `json:"clientCertificateEnabled,omitempty" tf:"client_certificate_enabled,omitempty"`

	// Paths to exclude when using client certificates, separated by ;
	// Paths to exclude when using client certificates, separated by ;
	ClientCertificateExclusionPaths *string `json:"clientCertificateExclusionPaths,omitempty" tf:"client_certificate_exclusion_paths,omitempty"`

	// The Client Certificate mode. Possible values are Required, Optional, and OptionalInteractiveUser. This property has no effect when client_certificate_enabled is false. Defaults to Required.
	ClientCertificateMode *string `json:"clientCertificateMode,omitempty" tf:"client_certificate_mode,omitempty"`

	// One or more connection_string blocks as defined below.
	ConnectionString []LinuxWebAppConnectionStringObservation `json:"connectionString,omitempty" tf:"connection_string,omitempty"`

	// The default hostname of the Linux Web App.
	DefaultHostName *string `json:"defaultHostname,omitempty" tf:"default_hostname,omitempty"`

	// Should the Linux Web App be enabled? Defaults to true.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Should the default FTP Basic Authentication publishing profile be enabled. Defaults to true.
	FtpPublishBasicAuthenticationEnabled *bool `json:"ftpPublishBasicAuthenticationEnabled,omitempty" tf:"ftp_publish_basic_authentication_enabled,omitempty"`

	// Should the Linux Web App require HTTPS connections. Defaults to false.
	HTTPSOnly *bool `json:"httpsOnly,omitempty" tf:"https_only,omitempty"`

	// The ID of the App Service Environment used by App Service.
	HostingEnvironmentID *string `json:"hostingEnvironmentId,omitempty" tf:"hosting_environment_id,omitempty"`

	// The ID of the Linux Web App.
	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// An identity block as defined below.
	Identity []LinuxWebAppIdentityObservation `json:"identity,omitempty" tf:"identity,omitempty"`

	// The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the identity block. For more information see - Access vaults with a user-assigned identity.
	KeyVaultReferenceIdentityID *string `json:"keyVaultReferenceIdentityId,omitempty" tf:"key_vault_reference_identity_id,omitempty"`

	// The Kind value for this Linux Web App.
	Kind *string `json:"kind,omitempty" tf:"kind,omitempty"`

	// The Azure Region where the Linux Web App should exist. Changing this forces a new Linux Web App to be created.
	Location *string `json:"location,omitempty" tf:"location,omitempty"`

	// A logs block as defined below.
	Logs []LogsObservation `json:"logs,omitempty" tf:"logs,omitempty"`

	// A list of outbound IP addresses - such as ["52.23.25.3", "52.143.43.12"]
	OutboundIPAddressList []*string `json:"outboundIpAddressList,omitempty" tf:"outbound_ip_address_list,omitempty"`

	// A comma separated list of outbound IP addresses - such as 52.23.25.3,52.143.43.12.
	OutboundIPAddresses *string `json:"outboundIpAddresses,omitempty" tf:"outbound_ip_addresses,omitempty"`

	// A list of possible outbound ip address.
	PossibleOutboundIPAddressList []*string `json:"possibleOutboundIpAddressList,omitempty" tf:"possible_outbound_ip_address_list,omitempty"`

	// A comma-separated list of outbound IP addresses - such as 52.23.25.3,52.143.43.12,52.143.43.17 - not all of which are necessarily in use. Superset of outbound_ip_addresses.
	PossibleOutboundIPAddresses *string `json:"possibleOutboundIpAddresses,omitempty" tf:"possible_outbound_ip_addresses,omitempty"`

	// Should public network access be enabled for the Web App. Defaults to true.
	PublicNetworkAccessEnabled *bool `json:"publicNetworkAccessEnabled,omitempty" tf:"public_network_access_enabled,omitempty"`

	// The name of the Resource Group where the Linux Web App should exist. Changing this forces a new Linux Web App to be created.
	ResourceGroupName *string `json:"resourceGroupName,omitempty" tf:"resource_group_name,omitempty"`

	// The ID of the Service Plan that this Linux App Service will be created in.
	ServicePlanID *string `json:"servicePlanId,omitempty" tf:"service_plan_id,omitempty"`

	// A site_config block as defined below.
	SiteConfig []LinuxWebAppSiteConfigObservation `json:"siteConfig,omitempty" tf:"site_config,omitempty"`

	// A sticky_settings block as defined below.
	StickySettings []LinuxWebAppStickySettingsObservation `json:"stickySettings,omitempty" tf:"sticky_settings,omitempty"`

	// One or more storage_account blocks as defined below.
	StorageAccount []LinuxWebAppStorageAccountObservation `json:"storageAccount,omitempty" tf:"storage_account,omitempty"`

	// A mapping of tags which should be assigned to the Linux Web App.
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// The subnet id which will be used by this Web App for regional virtual network integration.
	VirtualNetworkSubnetID *string `json:"virtualNetworkSubnetId,omitempty" tf:"virtual_network_subnet_id,omitempty"`

	// Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to true.
	WebdeployPublishBasicAuthenticationEnabled *bool `json:"webdeployPublishBasicAuthenticationEnabled,omitempty" tf:"webdeploy_publish_basic_authentication_enabled,omitempty"`

	// The local path and filename of the Zip packaged application to deploy to this Linux Web App.
	// The local path and filename of the Zip packaged application to deploy to this Linux Web App. **Note:** Using this value requires either `WEBSITE_RUN_FROM_PACKAGE=1` or `SCM_DO_BUILD_DURING_DEPLOYMENT=true` to be set on the App in `app_settings`.
	ZipDeployFile *string `json:"zipDeployFile,omitempty" tf:"zip_deploy_file,omitempty"`
}

type LinuxWebAppParameters struct {

	// A map of key-value pairs of App Settings.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	AppSettings map[string]*string `json:"appSettings,omitempty" tf:"app_settings,omitempty"`

	// A auth_settings block as defined below.
	// +kubebuilder:validation:Optional
	AuthSettings []LinuxWebAppAuthSettingsParameters `json:"authSettings,omitempty" tf:"auth_settings,omitempty"`

	// An auth_settings_v2 block as defined below.
	// +kubebuilder:validation:Optional
	AuthSettingsV2 []LinuxWebAppAuthSettingsV2Parameters `json:"authSettingsV2,omitempty" tf:"auth_settings_v2,omitempty"`

	// A backup block as defined below.
	// +kubebuilder:validation:Optional
	Backup []LinuxWebAppBackupParameters `json:"backup,omitempty" tf:"backup,omitempty"`

	// Should Client Affinity be enabled?
	// +kubebuilder:validation:Optional
	ClientAffinityEnabled *bool `json:"clientAffinityEnabled,omitempty" tf:"client_affinity_enabled,omitempty"`

	// Should Client Certificates be enabled?
	// +kubebuilder:validation:Optional
	ClientCertificateEnabled *bool `json:"clientCertificateEnabled,omitempty" tf:"client_certificate_enabled,omitempty"`

	// Paths to exclude when using client certificates, separated by ;
	// Paths to exclude when using client certificates, separated by ;
	// +kubebuilder:validation:Optional
	ClientCertificateExclusionPaths *string `json:"clientCertificateExclusionPaths,omitempty" tf:"client_certificate_exclusion_paths,omitempty"`

	// The Client Certificate mode. Possible values are Required, Optional, and OptionalInteractiveUser. This property has no effect when client_certificate_enabled is false. Defaults to Required.
	// +kubebuilder:validation:Optional
	ClientCertificateMode *string `json:"clientCertificateMode,omitempty" tf:"client_certificate_mode,omitempty"`

	// One or more connection_string blocks as defined below.
	// +kubebuilder:validation:Optional
	ConnectionString []LinuxWebAppConnectionStringParameters `json:"connectionString,omitempty" tf:"connection_string,omitempty"`

	// Should the Linux Web App be enabled? Defaults to true.
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Should the default FTP Basic Authentication publishing profile be enabled. Defaults to true.
	// +kubebuilder:validation:Optional
	FtpPublishBasicAuthenticationEnabled *bool `json:"ftpPublishBasicAuthenticationEnabled,omitempty" tf:"ftp_publish_basic_authentication_enabled,omitempty"`

	// Should the Linux Web App require HTTPS connections. Defaults to false.
	// +kubebuilder:validation:Optional
	HTTPSOnly *bool `json:"httpsOnly,omitempty" tf:"https_only,omitempty"`

	// An identity block as defined below.
	// +kubebuilder:validation:Optional
	Identity []LinuxWebAppIdentityParameters `json:"identity,omitempty" tf:"identity,omitempty"`

	// The User Assigned Identity ID used for accessing KeyVault secrets. The identity must be assigned to the application in the identity block. For more information see - Access vaults with a user-assigned identity.
	// +kubebuilder:validation:Optional
	KeyVaultReferenceIdentityID *string `json:"keyVaultReferenceIdentityId,omitempty" tf:"key_vault_reference_identity_id,omitempty"`

	// The Azure Region where the Linux Web App should exist. Changing this forces a new Linux Web App to be created.
	// +kubebuilder:validation:Optional
	Location *string `json:"location,omitempty" tf:"location,omitempty"`

	// A logs block as defined below.
	// +kubebuilder:validation:Optional
	Logs []LogsParameters `json:"logs,omitempty" tf:"logs,omitempty"`

	// Should public network access be enabled for the Web App. Defaults to true.
	// +kubebuilder:validation:Optional
	PublicNetworkAccessEnabled *bool `json:"publicNetworkAccessEnabled,omitempty" tf:"public_network_access_enabled,omitempty"`

	// The name of the Resource Group where the Linux Web App should exist. Changing this forces a new Linux Web App to be created.
	// +crossplane:generate:reference:type=github.com/upbound/provider-azure/apis/azure/v1beta1.ResourceGroup
	// +kubebuilder:validation:Optional
	ResourceGroupName *string `json:"resourceGroupName,omitempty" tf:"resource_group_name,omitempty"`

	// Reference to a ResourceGroup in azure to populate resourceGroupName.
	// +kubebuilder:validation:Optional
	ResourceGroupNameRef *v1.Reference `json:"resourceGroupNameRef,omitempty" tf:"-"`

	// Selector for a ResourceGroup in azure to populate resourceGroupName.
	// +kubebuilder:validation:Optional
	ResourceGroupNameSelector *v1.Selector `json:"resourceGroupNameSelector,omitempty" tf:"-"`

	// The ID of the Service Plan that this Linux App Service will be created in.
	// +crossplane:generate:reference:type=github.com/upbound/provider-azure/apis/web/v1beta1.ServicePlan
	// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID()
	// +kubebuilder:validation:Optional
	ServicePlanID *string `json:"servicePlanId,omitempty" tf:"service_plan_id,omitempty"`

	// Reference to a ServicePlan in web to populate servicePlanId.
	// +kubebuilder:validation:Optional
	ServicePlanIDRef *v1.Reference `json:"servicePlanIdRef,omitempty" tf:"-"`

	// Selector for a ServicePlan in web to populate servicePlanId.
	// +kubebuilder:validation:Optional
	ServicePlanIDSelector *v1.Selector `json:"servicePlanIdSelector,omitempty" tf:"-"`

	// A site_config block as defined below.
	// +kubebuilder:validation:Optional
	SiteConfig []LinuxWebAppSiteConfigParameters `json:"siteConfig,omitempty" tf:"site_config,omitempty"`

	// A sticky_settings block as defined below.
	// +kubebuilder:validation:Optional
	StickySettings []LinuxWebAppStickySettingsParameters `json:"stickySettings,omitempty" tf:"sticky_settings,omitempty"`

	// One or more storage_account blocks as defined below.
	// +kubebuilder:validation:Optional
	StorageAccount []LinuxWebAppStorageAccountParameters `json:"storageAccount,omitempty" tf:"storage_account,omitempty"`

	// A mapping of tags which should be assigned to the Linux Web App.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// The subnet id which will be used by this Web App for regional virtual network integration.
	// +crossplane:generate:reference:type=github.com/upbound/provider-azure/apis/network/v1beta1.Subnet
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-azure/apis/rconfig.ExtractResourceID()
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetID *string `json:"virtualNetworkSubnetId,omitempty" tf:"virtual_network_subnet_id,omitempty"`

	// Reference to a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDRef *v1.Reference `json:"virtualNetworkSubnetIdRef,omitempty" tf:"-"`

	// Selector for a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDSelector *v1.Selector `json:"virtualNetworkSubnetIdSelector,omitempty" tf:"-"`

	// Should the default WebDeploy Basic Authentication publishing credentials enabled. Defaults to true.
	// +kubebuilder:validation:Optional
	WebdeployPublishBasicAuthenticationEnabled *bool `json:"webdeployPublishBasicAuthenticationEnabled,omitempty" tf:"webdeploy_publish_basic_authentication_enabled,omitempty"`

	// The local path and filename of the Zip packaged application to deploy to this Linux Web App.
	// The local path and filename of the Zip packaged application to deploy to this Linux Web App. **Note:** Using this value requires either `WEBSITE_RUN_FROM_PACKAGE=1` or `SCM_DO_BUILD_DURING_DEPLOYMENT=true` to be set on the App in `app_settings`.
	// +kubebuilder:validation:Optional
	ZipDeployFile *string `json:"zipDeployFile,omitempty" tf:"zip_deploy_file,omitempty"`
}

type LinuxWebAppSiteConfigApplicationStackInitParameters struct {
	DockerImage *string `json:"dockerImage,omitempty" tf:"docker_image,omitempty"`

	// The docker image, including tag, to be used. e.g. appsvc/staticsite:latest.
	DockerImageName *string `json:"dockerImageName,omitempty" tf:"docker_image_name,omitempty"`

	DockerImageTag *string `json:"dockerImageTag,omitempty" tf:"docker_image_tag,omitempty"`

	// The URL of the container registry where the docker_image_name is located. e.g. https://index.docker.io or https://mcr.microsoft.com. This value is required with docker_image_name.
	DockerRegistryURL *string `json:"dockerRegistryUrl,omitempty" tf:"docker_registry_url,omitempty"`

	// The User Name to use for authentication against the registry to pull the image.
	DockerRegistryUsername *string `json:"dockerRegistryUsername,omitempty" tf:"docker_registry_username,omitempty"`

	// The version of .NET to use. Possible values include 3.1, 5.0, 6.0, 7.0 and 8.0.
	DotnetVersion *string `json:"dotnetVersion,omitempty" tf:"dotnet_version,omitempty"`

	// The version of Go to use. Possible values include 1.18, and 1.19.
	GoVersion *string `json:"goVersion,omitempty" tf:"go_version,omitempty"`

	// The Java server type. Possible values include JAVA, TOMCAT, and JBOSSEAP.
	JavaServer *string `json:"javaServer,omitempty" tf:"java_server,omitempty"`

	// The Version of the java_server to use.
	JavaServerVersion *string `json:"javaServerVersion,omitempty" tf:"java_server_version,omitempty"`

	// The Version of Java to use. Possible values include 8, 11, and 17.
	JavaVersion *string `json:"javaVersion,omitempty" tf:"java_version,omitempty"`

	// The version of Node to run. Possible values include 12-lts, 14-lts, 16-lts, 18-lts and 20-lts. This property conflicts with java_version.
	NodeVersion *string `json:"nodeVersion,omitempty" tf:"node_version,omitempty"`

	// The version of PHP to run. Possible values are 7.4, 8.0, 8.1 and 8.2.
	PHPVersion *string `json:"phpVersion,omitempty" tf:"php_version,omitempty"`

	// The version of Python to run. Possible values include 3.7, 3.8, 3.9, 3.10, 3.11 and 3.12.
	PythonVersion *string `json:"pythonVersion,omitempty" tf:"python_version,omitempty"`

	// The version of Ruby to run. Possible values include 2.6 and 2.7.
	RubyVersion *string `json:"rubyVersion,omitempty" tf:"ruby_version,omitempty"`
}

type LinuxWebAppSiteConfigApplicationStackObservation struct {
	DockerImage *string `json:"dockerImage,omitempty" tf:"docker_image,omitempty"`

	// The docker image, including tag, to be used. e.g. appsvc/staticsite:latest.
	DockerImageName *string `json:"dockerImageName,omitempty" tf:"docker_image_name,omitempty"`

	DockerImageTag *string `json:"dockerImageTag,omitempty" tf:"docker_image_tag,omitempty"`

	// The URL of the container registry where the docker_image_name is located. e.g. https://index.docker.io or https://mcr.microsoft.com. This value is required with docker_image_name.
	DockerRegistryURL *string `json:"dockerRegistryUrl,omitempty" tf:"docker_registry_url,omitempty"`

	// The User Name to use for authentication against the registry to pull the image.
	DockerRegistryUsername *string `json:"dockerRegistryUsername,omitempty" tf:"docker_registry_username,omitempty"`

	// The version of .NET to use. Possible values include 3.1, 5.0, 6.0, 7.0 and 8.0.
	DotnetVersion *string `json:"dotnetVersion,omitempty" tf:"dotnet_version,omitempty"`

	// The version of Go to use. Possible values include 1.18, and 1.19.
	GoVersion *string `json:"goVersion,omitempty" tf:"go_version,omitempty"`

	// The Java server type. Possible values include JAVA, TOMCAT, and JBOSSEAP.
	JavaServer *string `json:"javaServer,omitempty" tf:"java_server,omitempty"`

	// The Version of the java_server to use.
	JavaServerVersion *string `json:"javaServerVersion,omitempty" tf:"java_server_version,omitempty"`

	// The Version of Java to use. Possible values include 8, 11, and 17.
	JavaVersion *string `json:"javaVersion,omitempty" tf:"java_version,omitempty"`

	// The version of Node to run. Possible values include 12-lts, 14-lts, 16-lts, 18-lts and 20-lts. This property conflicts with java_version.
	NodeVersion *string `json:"nodeVersion,omitempty" tf:"node_version,omitempty"`

	// The version of PHP to run. Possible values are 7.4, 8.0, 8.1 and 8.2.
	PHPVersion *string `json:"phpVersion,omitempty" tf:"php_version,omitempty"`

	// The version of Python to run. Possible values include 3.7, 3.8, 3.9, 3.10, 3.11 and 3.12.
	PythonVersion *string `json:"pythonVersion,omitempty" tf:"python_version,omitempty"`

	// The version of Ruby to run. Possible values include 2.6 and 2.7.
	RubyVersion *string `json:"rubyVersion,omitempty" tf:"ruby_version,omitempty"`
}

type LinuxWebAppSiteConfigApplicationStackParameters struct {

	// +kubebuilder:validation:Optional
	DockerImage *string `json:"dockerImage,omitempty" tf:"docker_image,omitempty"`

	// The docker image, including tag, to be used. e.g. appsvc/staticsite:latest.
	// +kubebuilder:validation:Optional
	DockerImageName *string `json:"dockerImageName,omitempty" tf:"docker_image_name,omitempty"`

	// +kubebuilder:validation:Optional
	DockerImageTag *string `json:"dockerImageTag,omitempty" tf:"docker_image_tag,omitempty"`

	// The User Name to use for authentication against the registry to pull the image.
	// +kubebuilder:validation:Optional
	DockerRegistryPasswordSecretRef *v1.SecretKeySelector `json:"dockerRegistryPasswordSecretRef,omitempty" tf:"-"`

	// The URL of the container registry where the docker_image_name is located. e.g. https://index.docker.io or https://mcr.microsoft.com. This value is required with docker_image_name.
	// +kubebuilder:validation:Optional
	DockerRegistryURL *string `json:"dockerRegistryUrl,omitempty" tf:"docker_registry_url,omitempty"`

	// The User Name to use for authentication against the registry to pull the image.
	// +kubebuilder:validation:Optional
	DockerRegistryUsername *string `json:"dockerRegistryUsername,omitempty" tf:"docker_registry_username,omitempty"`

	// The version of .NET to use. Possible values include 3.1, 5.0, 6.0, 7.0 and 8.0.
	// +kubebuilder:validation:Optional
	DotnetVersion *string `json:"dotnetVersion,omitempty" tf:"dotnet_version,omitempty"`

	// The version of Go to use. Possible values include 1.18, and 1.19.
	// +kubebuilder:validation:Optional
	GoVersion *string `json:"goVersion,omitempty" tf:"go_version,omitempty"`

	// The Java server type. Possible values include JAVA, TOMCAT, and JBOSSEAP.
	// +kubebuilder:validation:Optional
	JavaServer *string `json:"javaServer,omitempty" tf:"java_server,omitempty"`

	// The Version of the java_server to use.
	// +kubebuilder:validation:Optional
	JavaServerVersion *string `json:"javaServerVersion,omitempty" tf:"java_server_version,omitempty"`

	// The Version of Java to use. Possible values include 8, 11, and 17.
	// +kubebuilder:validation:Optional
	JavaVersion *string `json:"javaVersion,omitempty" tf:"java_version,omitempty"`

	// The version of Node to run. Possible values include 12-lts, 14-lts, 16-lts, 18-lts and 20-lts. This property conflicts with java_version.
	// +kubebuilder:validation:Optional
	NodeVersion *string `json:"nodeVersion,omitempty" tf:"node_version,omitempty"`

	// The version of PHP to run. Possible values are 7.4, 8.0, 8.1 and 8.2.
	// +kubebuilder:validation:Optional
	PHPVersion *string `json:"phpVersion,omitempty" tf:"php_version,omitempty"`

	// The version of Python to run. Possible values include 3.7, 3.8, 3.9, 3.10, 3.11 and 3.12.
	// +kubebuilder:validation:Optional
	PythonVersion *string `json:"pythonVersion,omitempty" tf:"python_version,omitempty"`

	// The version of Ruby to run. Possible values include 2.6 and 2.7.
	// +kubebuilder:validation:Optional
	RubyVersion *string `json:"rubyVersion,omitempty" tf:"ruby_version,omitempty"`
}

type LinuxWebAppSiteConfigCorsInitParameters struct {

	// Specifies a list of origins that should be allowed to make cross-origin calls.
	// Specifies a list of origins that should be allowed to make cross-origin calls.
	// +listType=set
	AllowedOrigins []*string `json:"allowedOrigins,omitempty" tf:"allowed_origins,omitempty"`

	// Whether CORS requests with credentials are allowed. Defaults to false
	// Are credentials allowed in CORS requests? Defaults to `false`.
	SupportCredentials *bool `json:"supportCredentials,omitempty" tf:"support_credentials,omitempty"`
}

type LinuxWebAppSiteConfigCorsObservation struct {

	// Specifies a list of origins that should be allowed to make cross-origin calls.
	// Specifies a list of origins that should be allowed to make cross-origin calls.
	// +listType=set
	AllowedOrigins []*string `json:"allowedOrigins,omitempty" tf:"allowed_origins,omitempty"`

	// Whether CORS requests with credentials are allowed. Defaults to false
	// Are credentials allowed in CORS requests? Defaults to `false`.
	SupportCredentials *bool `json:"supportCredentials,omitempty" tf:"support_credentials,omitempty"`
}

type LinuxWebAppSiteConfigCorsParameters struct {

	// Specifies a list of origins that should be allowed to make cross-origin calls.
	// Specifies a list of origins that should be allowed to make cross-origin calls.
	// +kubebuilder:validation:Optional
	// +listType=set
	AllowedOrigins []*string `json:"allowedOrigins,omitempty" tf:"allowed_origins,omitempty"`

	// Whether CORS requests with credentials are allowed. Defaults to false
	// Are credentials allowed in CORS requests? Defaults to `false`.
	// +kubebuilder:validation:Optional
	SupportCredentials *bool `json:"supportCredentials,omitempty" tf:"support_credentials,omitempty"`
}

type LinuxWebAppSiteConfigIPRestrictionHeadersInitParameters struct {

	// Specifies a list of Azure Front Door IDs.
	XAzureFdid []*string `json:"xAzureFdid,omitempty" tf:"x_azure_fdid"`

	// Specifies if a Front Door Health Probe should be expected. The only possible value is 1.
	XFdHealthProbe []*string `json:"xFdHealthProbe,omitempty" tf:"x_fd_health_probe"`

	// Specifies a list of addresses for which matching should be applied. Omitting this value means allow any.
	XForwardedFor []*string `json:"xForwardedFor,omitempty" tf:"x_forwarded_for"`

	// Specifies a list of Hosts for which matching should be applied.
	XForwardedHost []*string `json:"xForwardedHost,omitempty" tf:"x_forwarded_host"`
}

type LinuxWebAppSiteConfigIPRestrictionHeadersObservation struct {

	// Specifies a list of Azure Front Door IDs.
	XAzureFdid []*string `json:"xAzureFdid,omitempty" tf:"x_azure_fdid,omitempty"`

	// Specifies if a Front Door Health Probe should be expected. The only possible value is 1.
	XFdHealthProbe []*string `json:"xFdHealthProbe,omitempty" tf:"x_fd_health_probe,omitempty"`

	// Specifies a list of addresses for which matching should be applied. Omitting this value means allow any.
	XForwardedFor []*string `json:"xForwardedFor,omitempty" tf:"x_forwarded_for,omitempty"`

	// Specifies a list of Hosts for which matching should be applied.
	XForwardedHost []*string `json:"xForwardedHost,omitempty" tf:"x_forwarded_host,omitempty"`
}

type LinuxWebAppSiteConfigIPRestrictionHeadersParameters struct {

	// Specifies a list of Azure Front Door IDs.
	// +kubebuilder:validation:Optional
	XAzureFdid []*string `json:"xAzureFdid,omitempty" tf:"x_azure_fdid"`

	// Specifies if a Front Door Health Probe should be expected. The only possible value is 1.
	// +kubebuilder:validation:Optional
	XFdHealthProbe []*string `json:"xFdHealthProbe,omitempty" tf:"x_fd_health_probe"`

	// Specifies a list of addresses for which matching should be applied. Omitting this value means allow any.
	// +kubebuilder:validation:Optional
	XForwardedFor []*string `json:"xForwardedFor,omitempty" tf:"x_forwarded_for"`

	// Specifies a list of Hosts for which matching should be applied.
	// +kubebuilder:validation:Optional
	XForwardedHost []*string `json:"xForwardedHost,omitempty" tf:"x_forwarded_host"`
}

type LinuxWebAppSiteConfigIPRestrictionInitParameters struct {

	// The action to take. Possible values are Allow or Deny. Defaults to Allow.
	// The action to take. Possible values are `Allow` or `Deny`.
	Action *string `json:"action,omitempty" tf:"action,omitempty"`

	// The Description of this IP Restriction.
	// The description of the IP restriction rule.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// A headers block as defined above.
	Headers []LinuxWebAppSiteConfigIPRestrictionHeadersInitParameters `json:"headers,omitempty" tf:"headers,omitempty"`

	// The CIDR notation of the IP or IP Range to match. For example: 10.0.0.0/24 or 192.168.10.1/32
	// The CIDR notation of the IP or IP Range to match. For example: `10.0.0.0/24` or `192.168.10.1/32` or `fe80::/64` or `13.107.6.152/31,13.107.128.0/22`
	IPAddress *string `json:"ipAddress,omitempty" tf:"ip_address,omitempty"`

	// The name which should be used for this Storage Account.
	// The name which should be used for this `ip_restriction`.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The priority value of this ip_restriction. Defaults to 65000.
	// The priority value of this `ip_restriction`.
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// The Service Tag used for this IP Restriction.
	// The Service Tag used for this IP Restriction.
	ServiceTag *string `json:"serviceTag,omitempty" tf:"service_tag,omitempty"`

	// The subnet id which will be used by this Web App for regional virtual network integration.
	// The Virtual Network Subnet ID used for this IP Restriction.
	// +crossplane:generate:reference:type=github.com/upbound/provider-azure/apis/network/v1beta1.Subnet
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-azure/apis/rconfig.ExtractResourceID()
	VirtualNetworkSubnetID *string `json:"virtualNetworkSubnetId,omitempty" tf:"virtual_network_subnet_id,omitempty"`

	// Reference to a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDRef *v1.Reference `json:"virtualNetworkSubnetIdRef,omitempty" tf:"-"`

	// Selector for a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDSelector *v1.Selector `json:"virtualNetworkSubnetIdSelector,omitempty" tf:"-"`
}

type LinuxWebAppSiteConfigIPRestrictionObservation struct {

	// The action to take. Possible values are Allow or Deny. Defaults to Allow.
	// The action to take. Possible values are `Allow` or `Deny`.
	Action *string `json:"action,omitempty" tf:"action,omitempty"`

	// The Description of this IP Restriction.
	// The description of the IP restriction rule.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// A headers block as defined above.
	Headers []LinuxWebAppSiteConfigIPRestrictionHeadersObservation `json:"headers,omitempty" tf:"headers,omitempty"`

	// The CIDR notation of the IP or IP Range to match. For example: 10.0.0.0/24 or 192.168.10.1/32
	// The CIDR notation of the IP or IP Range to match. For example: `10.0.0.0/24` or `192.168.10.1/32` or `fe80::/64` or `13.107.6.152/31,13.107.128.0/22`
	IPAddress *string `json:"ipAddress,omitempty" tf:"ip_address,omitempty"`

	// The name which should be used for this Storage Account.
	// The name which should be used for this `ip_restriction`.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The priority value of this ip_restriction. Defaults to 65000.
	// The priority value of this `ip_restriction`.
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// The Service Tag used for this IP Restriction.
	// The Service Tag used for this IP Restriction.
	ServiceTag *string `json:"serviceTag,omitempty" tf:"service_tag,omitempty"`

	// The subnet id which will be used by this Web App for regional virtual network integration.
	// The Virtual Network Subnet ID used for this IP Restriction.
	VirtualNetworkSubnetID *string `json:"virtualNetworkSubnetId,omitempty" tf:"virtual_network_subnet_id,omitempty"`
}

type LinuxWebAppSiteConfigIPRestrictionParameters struct {

	// The action to take. Possible values are Allow or Deny. Defaults to Allow.
	// The action to take. Possible values are `Allow` or `Deny`.
	// +kubebuilder:validation:Optional
	Action *string `json:"action,omitempty" tf:"action,omitempty"`

	// The Description of this IP Restriction.
	// The description of the IP restriction rule.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// A headers block as defined above.
	// +kubebuilder:validation:Optional
	Headers []LinuxWebAppSiteConfigIPRestrictionHeadersParameters `json:"headers,omitempty" tf:"headers,omitempty"`

	// The CIDR notation of the IP or IP Range to match. For example: 10.0.0.0/24 or 192.168.10.1/32
	// The CIDR notation of the IP or IP Range to match. For example: `10.0.0.0/24` or `192.168.10.1/32` or `fe80::/64` or `13.107.6.152/31,13.107.128.0/22`
	// +kubebuilder:validation:Optional
	IPAddress *string `json:"ipAddress,omitempty" tf:"ip_address,omitempty"`

	// The name which should be used for this Storage Account.
	// The name which should be used for this `ip_restriction`.
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The priority value of this ip_restriction. Defaults to 65000.
	// The priority value of this `ip_restriction`.
	// +kubebuilder:validation:Optional
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// The Service Tag used for this IP Restriction.
	// The Service Tag used for this IP Restriction.
	// +kubebuilder:validation:Optional
	ServiceTag *string `json:"serviceTag,omitempty" tf:"service_tag,omitempty"`

	// The subnet id which will be used by this Web App for regional virtual network integration.
	// The Virtual Network Subnet ID used for this IP Restriction.
	// +crossplane:generate:reference:type=github.com/upbound/provider-azure/apis/network/v1beta1.Subnet
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-azure/apis/rconfig.ExtractResourceID()
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetID *string `json:"virtualNetworkSubnetId,omitempty" tf:"virtual_network_subnet_id,omitempty"`

	// Reference to a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDRef *v1.Reference `json:"virtualNetworkSubnetIdRef,omitempty" tf:"-"`

	// Selector for a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDSelector *v1.Selector `json:"virtualNetworkSubnetIdSelector,omitempty" tf:"-"`
}

type LinuxWebAppSiteConfigInitParameters struct {

	// The URL to the API Definition for this Linux Web App.
	APIDefinitionURL *string `json:"apiDefinitionUrl,omitempty" tf:"api_definition_url,omitempty"`

	// The API Management API ID this Linux Web App is associated with.
	APIManagementAPIID *string `json:"apiManagementApiId,omitempty" tf:"api_management_api_id,omitempty"`

	// If this Linux Web App is Always On enabled. Defaults to true.
	AlwaysOn *bool `json:"alwaysOn,omitempty" tf:"always_on,omitempty"`

	// The App command line to launch.
	AppCommandLine *string `json:"appCommandLine,omitempty" tf:"app_command_line,omitempty"`

	// A application_stack block as defined above.
	ApplicationStack []LinuxWebAppSiteConfigApplicationStackInitParameters `json:"applicationStack,omitempty" tf:"application_stack,omitempty"`

	// Should Auto heal rules be enabled? Required with auto_heal_setting.
	AutoHealEnabled *bool `json:"autoHealEnabled,omitempty" tf:"auto_heal_enabled,omitempty"`

	// A auto_heal_setting block as defined above. Required with auto_heal.
	AutoHealSetting []AutoHealSettingInitParameters `json:"autoHealSetting,omitempty" tf:"auto_heal_setting,omitempty"`

	// The Client ID of the Managed Service Identity to use for connections to the Azure Container Registry.
	ContainerRegistryManagedIdentityClientID *string `json:"containerRegistryManagedIdentityClientId,omitempty" tf:"container_registry_managed_identity_client_id,omitempty"`

	// Should connections for Azure Container Registry use Managed Identity.
	ContainerRegistryUseManagedIdentity *bool `json:"containerRegistryUseManagedIdentity,omitempty" tf:"container_registry_use_managed_identity,omitempty"`

	// A cors block as defined above.
	Cors []LinuxWebAppSiteConfigCorsInitParameters `json:"cors,omitempty" tf:"cors,omitempty"`

	// Specifies a list of Default Documents for the Linux Web App.
	DefaultDocuments []*string `json:"defaultDocuments,omitempty" tf:"default_documents,omitempty"`

	// The State of FTP / FTPS service. Possible values include AllAllowed, FtpsOnly, and Disabled. Defaults to Disabled.
	FtpsState *string `json:"ftpsState,omitempty" tf:"ftps_state,omitempty"`

	// The amount of time in minutes that a node can be unhealthy before being removed from the load balancer. Possible values are between 2 and 10. Only valid in conjunction with health_check_path.
	// The amount of time in minutes that a node is unhealthy before being removed from the load balancer. Possible values are between `2` and `10`. Defaults to `10`. Only valid in conjunction with `health_check_path`
	HealthCheckEvictionTimeInMin *float64 `json:"healthCheckEvictionTimeInMin,omitempty" tf:"health_check_eviction_time_in_min,omitempty"`

	// The path to the Health Check.
	HealthCheckPath *string `json:"healthCheckPath,omitempty" tf:"health_check_path,omitempty"`

	// Should the HTTP2 be enabled?
	Http2Enabled *bool `json:"http2Enabled,omitempty" tf:"http2_enabled,omitempty"`

	// One or more ip_restriction blocks as defined above.
	IPRestriction []LinuxWebAppSiteConfigIPRestrictionInitParameters `json:"ipRestriction,omitempty" tf:"ip_restriction,omitempty"`

	// The Default action for traffic that does not match any ip_restriction rule. possible values include Allow and Deny. Defaults to Allow.
	IPRestrictionDefaultAction *string `json:"ipRestrictionDefaultAction,omitempty" tf:"ip_restriction_default_action,omitempty"`

	// The Site load balancing. Possible values include: WeightedRoundRobin, LeastRequests, LeastResponseTime, WeightedTotalTraffic, RequestHash, PerSiteRoundRobin. Defaults to LeastRequests if omitted.
	LoadBalancingMode *string `json:"loadBalancingMode,omitempty" tf:"load_balancing_mode,omitempty"`

	// Use Local MySQL. Defaults to false.
	LocalMySQLEnabled *bool `json:"localMysqlEnabled,omitempty" tf:"local_mysql_enabled,omitempty"`

	// Managed pipeline mode. Possible values include Integrated, and Classic. Defaults to Integrated.
	ManagedPipelineMode *string `json:"managedPipelineMode,omitempty" tf:"managed_pipeline_mode,omitempty"`

	// The configures the minimum version of TLS required for SSL requests. Possible values include: 1.0, 1.1, and 1.2. Defaults to 1.2.
	MinimumTLSVersion *string `json:"minimumTlsVersion,omitempty" tf:"minimum_tls_version,omitempty"`

	// Should Remote Debugging be enabled? Defaults to false.
	RemoteDebuggingEnabled *bool `json:"remoteDebuggingEnabled,omitempty" tf:"remote_debugging_enabled,omitempty"`

	// The Remote Debugging Version. Possible values include VS2017, VS2019 and VS2022.
	RemoteDebuggingVersion *string `json:"remoteDebuggingVersion,omitempty" tf:"remote_debugging_version,omitempty"`

	// One or more scm_ip_restriction blocks as defined above.
	ScmIPRestriction []LinuxWebAppSiteConfigScmIPRestrictionInitParameters `json:"scmIpRestriction,omitempty" tf:"scm_ip_restriction,omitempty"`

	// The Default action for traffic that does not match any scm_ip_restriction rule. possible values include Allow and Deny. Defaults to Allow.
	ScmIPRestrictionDefaultAction *string `json:"scmIpRestrictionDefaultAction,omitempty" tf:"scm_ip_restriction_default_action,omitempty"`

	// The configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: 1.0, 1.1, and 1.2. Defaults to 1.2.
	ScmMinimumTLSVersion *string `json:"scmMinimumTlsVersion,omitempty" tf:"scm_minimum_tls_version,omitempty"`

	// Should the Linux Web App ip_restriction configuration be used for the SCM also.
	ScmUseMainIPRestriction *bool `json:"scmUseMainIpRestriction,omitempty" tf:"scm_use_main_ip_restriction,omitempty"`

	// Should the Linux Web App use a 32-bit worker? Defaults to true.
	Use32BitWorker *bool `json:"use32BitWorker,omitempty" tf:"use_32_bit_worker,omitempty"`

	// Should all outbound traffic have NAT Gateways, Network Security Groups and User Defined Routes applied? Defaults to false.
	// Should all outbound traffic to have Virtual Network Security Groups and User Defined Routes applied? Defaults to `false`.
	VnetRouteAllEnabled *bool `json:"vnetRouteAllEnabled,omitempty" tf:"vnet_route_all_enabled,omitempty"`

	// Should Web Sockets be enabled? Defaults to false.
	WebsocketsEnabled *bool `json:"websocketsEnabled,omitempty" tf:"websockets_enabled,omitempty"`

	// The number of Workers for this Linux App Service.
	WorkerCount *float64 `json:"workerCount,omitempty" tf:"worker_count,omitempty"`
}

type LinuxWebAppSiteConfigObservation struct {

	// The URL to the API Definition for this Linux Web App.
	APIDefinitionURL *string `json:"apiDefinitionUrl,omitempty" tf:"api_definition_url,omitempty"`

	// The API Management API ID this Linux Web App is associated with.
	APIManagementAPIID *string `json:"apiManagementApiId,omitempty" tf:"api_management_api_id,omitempty"`

	// If this Linux Web App is Always On enabled. Defaults to true.
	AlwaysOn *bool `json:"alwaysOn,omitempty" tf:"always_on,omitempty"`

	// The App command line to launch.
	AppCommandLine *string `json:"appCommandLine,omitempty" tf:"app_command_line,omitempty"`

	// A application_stack block as defined above.
	ApplicationStack []LinuxWebAppSiteConfigApplicationStackObservation `json:"applicationStack,omitempty" tf:"application_stack,omitempty"`

	// Should Auto heal rules be enabled? Required with auto_heal_setting.
	AutoHealEnabled *bool `json:"autoHealEnabled,omitempty" tf:"auto_heal_enabled,omitempty"`

	// A auto_heal_setting block as defined above. Required with auto_heal.
	AutoHealSetting []AutoHealSettingObservation `json:"autoHealSetting,omitempty" tf:"auto_heal_setting,omitempty"`

	// The Client ID of the Managed Service Identity to use for connections to the Azure Container Registry.
	ContainerRegistryManagedIdentityClientID *string `json:"containerRegistryManagedIdentityClientId,omitempty" tf:"container_registry_managed_identity_client_id,omitempty"`

	// Should connections for Azure Container Registry use Managed Identity.
	ContainerRegistryUseManagedIdentity *bool `json:"containerRegistryUseManagedIdentity,omitempty" tf:"container_registry_use_managed_identity,omitempty"`

	// A cors block as defined above.
	Cors []LinuxWebAppSiteConfigCorsObservation `json:"cors,omitempty" tf:"cors,omitempty"`

	// Specifies a list of Default Documents for the Linux Web App.
	DefaultDocuments []*string `json:"defaultDocuments,omitempty" tf:"default_documents,omitempty"`

	// Should the Linux Web App be enabled? Defaults to true.
	DetailedErrorLoggingEnabled *bool `json:"detailedErrorLoggingEnabled,omitempty" tf:"detailed_error_logging_enabled,omitempty"`

	// The State of FTP / FTPS service. Possible values include AllAllowed, FtpsOnly, and Disabled. Defaults to Disabled.
	FtpsState *string `json:"ftpsState,omitempty" tf:"ftps_state,omitempty"`

	// The amount of time in minutes that a node can be unhealthy before being removed from the load balancer. Possible values are between 2 and 10. Only valid in conjunction with health_check_path.
	// The amount of time in minutes that a node is unhealthy before being removed from the load balancer. Possible values are between `2` and `10`. Defaults to `10`. Only valid in conjunction with `health_check_path`
	HealthCheckEvictionTimeInMin *float64 `json:"healthCheckEvictionTimeInMin,omitempty" tf:"health_check_eviction_time_in_min,omitempty"`

	// The path to the Health Check.
	HealthCheckPath *string `json:"healthCheckPath,omitempty" tf:"health_check_path,omitempty"`

	// Should the HTTP2 be enabled?
	Http2Enabled *bool `json:"http2Enabled,omitempty" tf:"http2_enabled,omitempty"`

	// One or more ip_restriction blocks as defined above.
	IPRestriction []LinuxWebAppSiteConfigIPRestrictionObservation `json:"ipRestriction,omitempty" tf:"ip_restriction,omitempty"`

	// The Default action for traffic that does not match any ip_restriction rule. possible values include Allow and Deny. Defaults to Allow.
	IPRestrictionDefaultAction *string `json:"ipRestrictionDefaultAction,omitempty" tf:"ip_restriction_default_action,omitempty"`

	LinuxFxVersion *string `json:"linuxFxVersion,omitempty" tf:"linux_fx_version,omitempty"`

	// The Site load balancing. Possible values include: WeightedRoundRobin, LeastRequests, LeastResponseTime, WeightedTotalTraffic, RequestHash, PerSiteRoundRobin. Defaults to LeastRequests if omitted.
	LoadBalancingMode *string `json:"loadBalancingMode,omitempty" tf:"load_balancing_mode,omitempty"`

	// Use Local MySQL. Defaults to false.
	LocalMySQLEnabled *bool `json:"localMysqlEnabled,omitempty" tf:"local_mysql_enabled,omitempty"`

	// Managed pipeline mode. Possible values include Integrated, and Classic. Defaults to Integrated.
	ManagedPipelineMode *string `json:"managedPipelineMode,omitempty" tf:"managed_pipeline_mode,omitempty"`

	// The configures the minimum version of TLS required for SSL requests. Possible values include: 1.0, 1.1, and 1.2. Defaults to 1.2.
	MinimumTLSVersion *string `json:"minimumTlsVersion,omitempty" tf:"minimum_tls_version,omitempty"`

	// Should Remote Debugging be enabled? Defaults to false.
	RemoteDebuggingEnabled *bool `json:"remoteDebuggingEnabled,omitempty" tf:"remote_debugging_enabled,omitempty"`

	// The Remote Debugging Version. Possible values include VS2017, VS2019 and VS2022.
	RemoteDebuggingVersion *string `json:"remoteDebuggingVersion,omitempty" tf:"remote_debugging_version,omitempty"`

	// One or more scm_ip_restriction blocks as defined above.
	ScmIPRestriction []LinuxWebAppSiteConfigScmIPRestrictionObservation `json:"scmIpRestriction,omitempty" tf:"scm_ip_restriction,omitempty"`

	// The Default action for traffic that does not match any scm_ip_restriction rule. possible values include Allow and Deny. Defaults to Allow.
	ScmIPRestrictionDefaultAction *string `json:"scmIpRestrictionDefaultAction,omitempty" tf:"scm_ip_restriction_default_action,omitempty"`

	// The configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: 1.0, 1.1, and 1.2. Defaults to 1.2.
	ScmMinimumTLSVersion *string `json:"scmMinimumTlsVersion,omitempty" tf:"scm_minimum_tls_version,omitempty"`

	ScmType *string `json:"scmType,omitempty" tf:"scm_type,omitempty"`

	// Should the Linux Web App ip_restriction configuration be used for the SCM also.
	ScmUseMainIPRestriction *bool `json:"scmUseMainIpRestriction,omitempty" tf:"scm_use_main_ip_restriction,omitempty"`

	// Should the Linux Web App use a 32-bit worker? Defaults to true.
	Use32BitWorker *bool `json:"use32BitWorker,omitempty" tf:"use_32_bit_worker,omitempty"`

	// Should all outbound traffic have NAT Gateways, Network Security Groups and User Defined Routes applied? Defaults to false.
	// Should all outbound traffic to have Virtual Network Security Groups and User Defined Routes applied? Defaults to `false`.
	VnetRouteAllEnabled *bool `json:"vnetRouteAllEnabled,omitempty" tf:"vnet_route_all_enabled,omitempty"`

	// Should Web Sockets be enabled? Defaults to false.
	WebsocketsEnabled *bool `json:"websocketsEnabled,omitempty" tf:"websockets_enabled,omitempty"`

	// The number of Workers for this Linux App Service.
	WorkerCount *float64 `json:"workerCount,omitempty" tf:"worker_count,omitempty"`
}

type LinuxWebAppSiteConfigParameters struct {

	// The URL to the API Definition for this Linux Web App.
	// +kubebuilder:validation:Optional
	APIDefinitionURL *string `json:"apiDefinitionUrl,omitempty" tf:"api_definition_url,omitempty"`

	// The API Management API ID this Linux Web App is associated with.
	// +kubebuilder:validation:Optional
	APIManagementAPIID *string `json:"apiManagementApiId,omitempty" tf:"api_management_api_id,omitempty"`

	// If this Linux Web App is Always On enabled. Defaults to true.
	// +kubebuilder:validation:Optional
	AlwaysOn *bool `json:"alwaysOn,omitempty" tf:"always_on,omitempty"`

	// The App command line to launch.
	// +kubebuilder:validation:Optional
	AppCommandLine *string `json:"appCommandLine,omitempty" tf:"app_command_line,omitempty"`

	// A application_stack block as defined above.
	// +kubebuilder:validation:Optional
	ApplicationStack []LinuxWebAppSiteConfigApplicationStackParameters `json:"applicationStack,omitempty" tf:"application_stack,omitempty"`

	// Should Auto heal rules be enabled? Required with auto_heal_setting.
	// +kubebuilder:validation:Optional
	AutoHealEnabled *bool `json:"autoHealEnabled,omitempty" tf:"auto_heal_enabled,omitempty"`

	// A auto_heal_setting block as defined above. Required with auto_heal.
	// +kubebuilder:validation:Optional
	AutoHealSetting []AutoHealSettingParameters `json:"autoHealSetting,omitempty" tf:"auto_heal_setting,omitempty"`

	// The Client ID of the Managed Service Identity to use for connections to the Azure Container Registry.
	// +kubebuilder:validation:Optional
	ContainerRegistryManagedIdentityClientID *string `json:"containerRegistryManagedIdentityClientId,omitempty" tf:"container_registry_managed_identity_client_id,omitempty"`

	// Should connections for Azure Container Registry use Managed Identity.
	// +kubebuilder:validation:Optional
	ContainerRegistryUseManagedIdentity *bool `json:"containerRegistryUseManagedIdentity,omitempty" tf:"container_registry_use_managed_identity,omitempty"`

	// A cors block as defined above.
	// +kubebuilder:validation:Optional
	Cors []LinuxWebAppSiteConfigCorsParameters `json:"cors,omitempty" tf:"cors,omitempty"`

	// Specifies a list of Default Documents for the Linux Web App.
	// +kubebuilder:validation:Optional
	DefaultDocuments []*string `json:"defaultDocuments,omitempty" tf:"default_documents,omitempty"`

	// The State of FTP / FTPS service. Possible values include AllAllowed, FtpsOnly, and Disabled. Defaults to Disabled.
	// +kubebuilder:validation:Optional
	FtpsState *string `json:"ftpsState,omitempty" tf:"ftps_state,omitempty"`

	// The amount of time in minutes that a node can be unhealthy before being removed from the load balancer. Possible values are between 2 and 10. Only valid in conjunction with health_check_path.
	// The amount of time in minutes that a node is unhealthy before being removed from the load balancer. Possible values are between `2` and `10`. Defaults to `10`. Only valid in conjunction with `health_check_path`
	// +kubebuilder:validation:Optional
	HealthCheckEvictionTimeInMin *float64 `json:"healthCheckEvictionTimeInMin,omitempty" tf:"health_check_eviction_time_in_min,omitempty"`

	// The path to the Health Check.
	// +kubebuilder:validation:Optional
	HealthCheckPath *string `json:"healthCheckPath,omitempty" tf:"health_check_path,omitempty"`

	// Should the HTTP2 be enabled?
	// +kubebuilder:validation:Optional
	Http2Enabled *bool `json:"http2Enabled,omitempty" tf:"http2_enabled,omitempty"`

	// One or more ip_restriction blocks as defined above.
	// +kubebuilder:validation:Optional
	IPRestriction []LinuxWebAppSiteConfigIPRestrictionParameters `json:"ipRestriction,omitempty" tf:"ip_restriction,omitempty"`

	// The Default action for traffic that does not match any ip_restriction rule. possible values include Allow and Deny. Defaults to Allow.
	// +kubebuilder:validation:Optional
	IPRestrictionDefaultAction *string `json:"ipRestrictionDefaultAction,omitempty" tf:"ip_restriction_default_action,omitempty"`

	// The Site load balancing. Possible values include: WeightedRoundRobin, LeastRequests, LeastResponseTime, WeightedTotalTraffic, RequestHash, PerSiteRoundRobin. Defaults to LeastRequests if omitted.
	// +kubebuilder:validation:Optional
	LoadBalancingMode *string `json:"loadBalancingMode,omitempty" tf:"load_balancing_mode,omitempty"`

	// Use Local MySQL. Defaults to false.
	// +kubebuilder:validation:Optional
	LocalMySQLEnabled *bool `json:"localMysqlEnabled,omitempty" tf:"local_mysql_enabled,omitempty"`

	// Managed pipeline mode. Possible values include Integrated, and Classic. Defaults to Integrated.
	// +kubebuilder:validation:Optional
	ManagedPipelineMode *string `json:"managedPipelineMode,omitempty" tf:"managed_pipeline_mode,omitempty"`

	// The configures the minimum version of TLS required for SSL requests. Possible values include: 1.0, 1.1, and 1.2. Defaults to 1.2.
	// +kubebuilder:validation:Optional
	MinimumTLSVersion *string `json:"minimumTlsVersion,omitempty" tf:"minimum_tls_version,omitempty"`

	// Should Remote Debugging be enabled? Defaults to false.
	// +kubebuilder:validation:Optional
	RemoteDebuggingEnabled *bool `json:"remoteDebuggingEnabled,omitempty" tf:"remote_debugging_enabled,omitempty"`

	// The Remote Debugging Version. Possible values include VS2017, VS2019 and VS2022.
	// +kubebuilder:validation:Optional
	RemoteDebuggingVersion *string `json:"remoteDebuggingVersion,omitempty" tf:"remote_debugging_version,omitempty"`

	// One or more scm_ip_restriction blocks as defined above.
	// +kubebuilder:validation:Optional
	ScmIPRestriction []LinuxWebAppSiteConfigScmIPRestrictionParameters `json:"scmIpRestriction,omitempty" tf:"scm_ip_restriction,omitempty"`

	// The Default action for traffic that does not match any scm_ip_restriction rule. possible values include Allow and Deny. Defaults to Allow.
	// +kubebuilder:validation:Optional
	ScmIPRestrictionDefaultAction *string `json:"scmIpRestrictionDefaultAction,omitempty" tf:"scm_ip_restriction_default_action,omitempty"`

	// The configures the minimum version of TLS required for SSL requests to the SCM site Possible values include: 1.0, 1.1, and 1.2. Defaults to 1.2.
	// +kubebuilder:validation:Optional
	ScmMinimumTLSVersion *string `json:"scmMinimumTlsVersion,omitempty" tf:"scm_minimum_tls_version,omitempty"`

	// Should the Linux Web App ip_restriction configuration be used for the SCM also.
	// +kubebuilder:validation:Optional
	ScmUseMainIPRestriction *bool `json:"scmUseMainIpRestriction,omitempty" tf:"scm_use_main_ip_restriction,omitempty"`

	// Should the Linux Web App use a 32-bit worker? Defaults to true.
	// +kubebuilder:validation:Optional
	Use32BitWorker *bool `json:"use32BitWorker,omitempty" tf:"use_32_bit_worker,omitempty"`

	// Should all outbound traffic have NAT Gateways, Network Security Groups and User Defined Routes applied? Defaults to false.
	// Should all outbound traffic to have Virtual Network Security Groups and User Defined Routes applied? Defaults to `false`.
	// +kubebuilder:validation:Optional
	VnetRouteAllEnabled *bool `json:"vnetRouteAllEnabled,omitempty" tf:"vnet_route_all_enabled,omitempty"`

	// Should Web Sockets be enabled? Defaults to false.
	// +kubebuilder:validation:Optional
	WebsocketsEnabled *bool `json:"websocketsEnabled,omitempty" tf:"websockets_enabled,omitempty"`

	// The number of Workers for this Linux App Service.
	// +kubebuilder:validation:Optional
	WorkerCount *float64 `json:"workerCount,omitempty" tf:"worker_count,omitempty"`
}

type LinuxWebAppSiteConfigScmIPRestrictionHeadersInitParameters struct {

	// Specifies a list of Azure Front Door IDs.
	XAzureFdid []*string `json:"xAzureFdid,omitempty" tf:"x_azure_fdid"`

	// Specifies if a Front Door Health Probe should be expected. The only possible value is 1.
	XFdHealthProbe []*string `json:"xFdHealthProbe,omitempty" tf:"x_fd_health_probe"`

	// Specifies a list of addresses for which matching should be applied. Omitting this value means allow any.
	XForwardedFor []*string `json:"xForwardedFor,omitempty" tf:"x_forwarded_for"`

	// Specifies a list of Hosts for which matching should be applied.
	XForwardedHost []*string `json:"xForwardedHost,omitempty" tf:"x_forwarded_host"`
}

type LinuxWebAppSiteConfigScmIPRestrictionHeadersObservation struct {

	// Specifies a list of Azure Front Door IDs.
	XAzureFdid []*string `json:"xAzureFdid,omitempty" tf:"x_azure_fdid,omitempty"`

	// Specifies if a Front Door Health Probe should be expected. The only possible value is 1.
	XFdHealthProbe []*string `json:"xFdHealthProbe,omitempty" tf:"x_fd_health_probe,omitempty"`

	// Specifies a list of addresses for which matching should be applied. Omitting this value means allow any.
	XForwardedFor []*string `json:"xForwardedFor,omitempty" tf:"x_forwarded_for,omitempty"`

	// Specifies a list of Hosts for which matching should be applied.
	XForwardedHost []*string `json:"xForwardedHost,omitempty" tf:"x_forwarded_host,omitempty"`
}

type LinuxWebAppSiteConfigScmIPRestrictionHeadersParameters struct {

	// Specifies a list of Azure Front Door IDs.
	// +kubebuilder:validation:Optional
	XAzureFdid []*string `json:"xAzureFdid,omitempty" tf:"x_azure_fdid"`

	// Specifies if a Front Door Health Probe should be expected. The only possible value is 1.
	// +kubebuilder:validation:Optional
	XFdHealthProbe []*string `json:"xFdHealthProbe,omitempty" tf:"x_fd_health_probe"`

	// Specifies a list of addresses for which matching should be applied. Omitting this value means allow any.
	// +kubebuilder:validation:Optional
	XForwardedFor []*string `json:"xForwardedFor,omitempty" tf:"x_forwarded_for"`

	// Specifies a list of Hosts for which matching should be applied.
	// +kubebuilder:validation:Optional
	XForwardedHost []*string `json:"xForwardedHost,omitempty" tf:"x_forwarded_host"`
}

type LinuxWebAppSiteConfigScmIPRestrictionInitParameters struct {

	// The action to take. Possible values are Allow or Deny. Defaults to Allow.
	// The action to take. Possible values are `Allow` or `Deny`.
	Action *string `json:"action,omitempty" tf:"action,omitempty"`

	// The Description of this IP Restriction.
	// The description of the IP restriction rule.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// A headers block as defined above.
	Headers []LinuxWebAppSiteConfigScmIPRestrictionHeadersInitParameters `json:"headers,omitempty" tf:"headers,omitempty"`

	// The CIDR notation of the IP or IP Range to match. For example: 10.0.0.0/24 or 192.168.10.1/32
	// The CIDR notation of the IP or IP Range to match. For example: `10.0.0.0/24` or `192.168.10.1/32` or `fe80::/64` or `13.107.6.152/31,13.107.128.0/22`
	IPAddress *string `json:"ipAddress,omitempty" tf:"ip_address,omitempty"`

	// The name which should be used for this Storage Account.
	// The name which should be used for this `ip_restriction`.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The priority value of this ip_restriction. Defaults to 65000.
	// The priority value of this `ip_restriction`.
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// The Service Tag used for this IP Restriction.
	// The Service Tag used for this IP Restriction.
	ServiceTag *string `json:"serviceTag,omitempty" tf:"service_tag,omitempty"`

	// The subnet id which will be used by this Web App for regional virtual network integration.
	// The Virtual Network Subnet ID used for this IP Restriction.
	// +crossplane:generate:reference:type=github.com/upbound/provider-azure/apis/network/v1beta1.Subnet
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-azure/apis/rconfig.ExtractResourceID()
	VirtualNetworkSubnetID *string `json:"virtualNetworkSubnetId,omitempty" tf:"virtual_network_subnet_id,omitempty"`

	// Reference to a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDRef *v1.Reference `json:"virtualNetworkSubnetIdRef,omitempty" tf:"-"`

	// Selector for a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDSelector *v1.Selector `json:"virtualNetworkSubnetIdSelector,omitempty" tf:"-"`
}

type LinuxWebAppSiteConfigScmIPRestrictionObservation struct {

	// The action to take. Possible values are Allow or Deny. Defaults to Allow.
	// The action to take. Possible values are `Allow` or `Deny`.
	Action *string `json:"action,omitempty" tf:"action,omitempty"`

	// The Description of this IP Restriction.
	// The description of the IP restriction rule.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// A headers block as defined above.
	Headers []LinuxWebAppSiteConfigScmIPRestrictionHeadersObservation `json:"headers,omitempty" tf:"headers,omitempty"`

	// The CIDR notation of the IP or IP Range to match. For example: 10.0.0.0/24 or 192.168.10.1/32
	// The CIDR notation of the IP or IP Range to match. For example: `10.0.0.0/24` or `192.168.10.1/32` or `fe80::/64` or `13.107.6.152/31,13.107.128.0/22`
	IPAddress *string `json:"ipAddress,omitempty" tf:"ip_address,omitempty"`

	// The name which should be used for this Storage Account.
	// The name which should be used for this `ip_restriction`.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The priority value of this ip_restriction. Defaults to 65000.
	// The priority value of this `ip_restriction`.
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// The Service Tag used for this IP Restriction.
	// The Service Tag used for this IP Restriction.
	ServiceTag *string `json:"serviceTag,omitempty" tf:"service_tag,omitempty"`

	// The subnet id which will be used by this Web App for regional virtual network integration.
	// The Virtual Network Subnet ID used for this IP Restriction.
	VirtualNetworkSubnetID *string `json:"virtualNetworkSubnetId,omitempty" tf:"virtual_network_subnet_id,omitempty"`
}

type LinuxWebAppSiteConfigScmIPRestrictionParameters struct {

	// The action to take. Possible values are Allow or Deny. Defaults to Allow.
	// The action to take. Possible values are `Allow` or `Deny`.
	// +kubebuilder:validation:Optional
	Action *string `json:"action,omitempty" tf:"action,omitempty"`

	// The Description of this IP Restriction.
	// The description of the IP restriction rule.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// A headers block as defined above.
	// +kubebuilder:validation:Optional
	Headers []LinuxWebAppSiteConfigScmIPRestrictionHeadersParameters `json:"headers,omitempty" tf:"headers,omitempty"`

	// The CIDR notation of the IP or IP Range to match. For example: 10.0.0.0/24 or 192.168.10.1/32
	// The CIDR notation of the IP or IP Range to match. For example: `10.0.0.0/24` or `192.168.10.1/32` or `fe80::/64` or `13.107.6.152/31,13.107.128.0/22`
	// +kubebuilder:validation:Optional
	IPAddress *string `json:"ipAddress,omitempty" tf:"ip_address,omitempty"`

	// The name which should be used for this Storage Account.
	// The name which should be used for this `ip_restriction`.
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The priority value of this ip_restriction. Defaults to 65000.
	// The priority value of this `ip_restriction`.
	// +kubebuilder:validation:Optional
	Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`

	// The Service Tag used for this IP Restriction.
	// The Service Tag used for this IP Restriction.
	// +kubebuilder:validation:Optional
	ServiceTag *string `json:"serviceTag,omitempty" tf:"service_tag,omitempty"`

	// The subnet id which will be used by this Web App for regional virtual network integration.
	// The Virtual Network Subnet ID used for this IP Restriction.
	// +crossplane:generate:reference:type=github.com/upbound/provider-azure/apis/network/v1beta1.Subnet
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-azure/apis/rconfig.ExtractResourceID()
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetID *string `json:"virtualNetworkSubnetId,omitempty" tf:"virtual_network_subnet_id,omitempty"`

	// Reference to a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDRef *v1.Reference `json:"virtualNetworkSubnetIdRef,omitempty" tf:"-"`

	// Selector for a Subnet in network to populate virtualNetworkSubnetId.
	// +kubebuilder:validation:Optional
	VirtualNetworkSubnetIDSelector *v1.Selector `json:"virtualNetworkSubnetIdSelector,omitempty" tf:"-"`
}

type LinuxWebAppSiteCredentialInitParameters struct {
}

type LinuxWebAppSiteCredentialObservation struct {

	// The Site Credentials Username used for publishing.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The Site Credentials Password used for publishing.
	Password *string `json:"password,omitempty" tf:"password,omitempty"`
}

type LinuxWebAppSiteCredentialParameters struct {
}

type LinuxWebAppStickySettingsInitParameters struct {

	// A list of app_setting names that the Linux Web App will not swap between Slots when a swap operation is triggered.
	AppSettingNames []*string `json:"appSettingNames,omitempty" tf:"app_setting_names,omitempty"`

	// A list of connection_string names that the Linux Web App will not swap between Slots when a swap operation is triggered.
	ConnectionStringNames []*string `json:"connectionStringNames,omitempty" tf:"connection_string_names,omitempty"`
}

type LinuxWebAppStickySettingsObservation struct {

	// A list of app_setting names that the Linux Web App will not swap between Slots when a swap operation is triggered.
	AppSettingNames []*string `json:"appSettingNames,omitempty" tf:"app_setting_names,omitempty"`

	// A list of connection_string names that the Linux Web App will not swap between Slots when a swap operation is triggered.
	ConnectionStringNames []*string `json:"connectionStringNames,omitempty" tf:"connection_string_names,omitempty"`
}

type LinuxWebAppStickySettingsParameters struct {

	// A list of app_setting names that the Linux Web App will not swap between Slots when a swap operation is triggered.
	// +kubebuilder:validation:Optional
	AppSettingNames []*string `json:"appSettingNames,omitempty" tf:"app_setting_names,omitempty"`

	// A list of connection_string names that the Linux Web App will not swap between Slots when a swap operation is triggered.
	// +kubebuilder:validation:Optional
	ConnectionStringNames []*string `json:"connectionStringNames,omitempty" tf:"connection_string_names,omitempty"`
}

type LinuxWebAppStorageAccountInitParameters struct {

	// The Name of the Storage Account.
	AccountName *string `json:"accountName,omitempty" tf:"account_name,omitempty"`

	// The path at which to mount the storage share.
	MountPath *string `json:"mountPath,omitempty" tf:"mount_path,omitempty"`

	// The name which should be used for this Storage Account.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The Name of the File Share or Container Name for Blob storage.
	ShareName *string `json:"shareName,omitempty" tf:"share_name,omitempty"`

	// The Azure Storage Type. Possible values include AzureFiles and AzureBlob
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

type LinuxWebAppStorageAccountObservation struct {

	// The Name of the Storage Account.
	AccountName *string `json:"accountName,omitempty" tf:"account_name,omitempty"`

	// The path at which to mount the storage share.
	MountPath *string `json:"mountPath,omitempty" tf:"mount_path,omitempty"`

	// The name which should be used for this Storage Account.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The Name of the File Share or Container Name for Blob storage.
	ShareName *string `json:"shareName,omitempty" tf:"share_name,omitempty"`

	// The Azure Storage Type. Possible values include AzureFiles and AzureBlob
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

type LinuxWebAppStorageAccountParameters struct {

	// The Access key for the storage account.
	// +kubebuilder:validation:Required
	AccessKeySecretRef v1.SecretKeySelector `json:"accessKeySecretRef" tf:"-"`

	// The Name of the Storage Account.
	// +kubebuilder:validation:Optional
	AccountName *string `json:"accountName" tf:"account_name,omitempty"`

	// The path at which to mount the storage share.
	// +kubebuilder:validation:Optional
	MountPath *string `json:"mountPath,omitempty" tf:"mount_path,omitempty"`

	// The name which should be used for this Storage Account.
	// +kubebuilder:validation:Optional
	Name *string `json:"name" tf:"name,omitempty"`

	// The Name of the File Share or Container Name for Blob storage.
	// +kubebuilder:validation:Optional
	ShareName *string `json:"shareName" tf:"share_name,omitempty"`

	// The Azure Storage Type. Possible values include AzureFiles and AzureBlob
	// +kubebuilder:validation:Optional
	Type *string `json:"type" tf:"type,omitempty"`
}

type LogsInitParameters struct {

	// A application_logs block as defined above.
	ApplicationLogs []ApplicationLogsInitParameters `json:"applicationLogs,omitempty" tf:"application_logs,omitempty"`

	// Should detailed error messages be enabled?
	DetailedErrorMessages *bool `json:"detailedErrorMessages,omitempty" tf:"detailed_error_messages,omitempty"`

	// Should the failed request tracing be enabled?
	FailedRequestTracing *bool `json:"failedRequestTracing,omitempty" tf:"failed_request_tracing,omitempty"`

	// An http_logs block as defined above.
	HTTPLogs []HTTPLogsInitParameters `json:"httpLogs,omitempty" tf:"http_logs,omitempty"`
}

type LogsObservation struct {

	// A application_logs block as defined above.
	ApplicationLogs []ApplicationLogsObservation `json:"applicationLogs,omitempty" tf:"application_logs,omitempty"`

	// Should detailed error messages be enabled?
	DetailedErrorMessages *bool `json:"detailedErrorMessages,omitempty" tf:"detailed_error_messages,omitempty"`

	// Should the failed request tracing be enabled?
	FailedRequestTracing *bool `json:"failedRequestTracing,omitempty" tf:"failed_request_tracing,omitempty"`

	// An http_logs block as defined above.
	HTTPLogs []HTTPLogsObservation `json:"httpLogs,omitempty" tf:"http_logs,omitempty"`
}

type LogsParameters struct {

	// A application_logs block as defined above.
	// +kubebuilder:validation:Optional
	ApplicationLogs []ApplicationLogsParameters `json:"applicationLogs,omitempty" tf:"application_logs,omitempty"`

	// Should detailed error messages be enabled?
	// +kubebuilder:validation:Optional
	DetailedErrorMessages *bool `json:"detailedErrorMessages,omitempty" tf:"detailed_error_messages,omitempty"`

	// Should the failed request tracing be enabled?
	// +kubebuilder:validation:Optional
	FailedRequestTracing *bool `json:"failedRequestTracing,omitempty" tf:"failed_request_tracing,omitempty"`

	// An http_logs block as defined above.
	// +kubebuilder:validation:Optional
	HTTPLogs []HTTPLogsParameters `json:"httpLogs,omitempty" tf:"http_logs,omitempty"`
}

type RequestsInitParameters struct {

	// The number of occurrences of the defined status_code in the specified interval on which to trigger this rule.
	Count *float64 `json:"count,omitempty" tf:"count,omitempty"`

	// The time interval in the form hh:mm:ss.
	Interval *string `json:"interval,omitempty" tf:"interval,omitempty"`
}

type RequestsObservation struct {

	// The number of occurrences of the defined status_code in the specified interval on which to trigger this rule.
	Count *float64 `json:"count,omitempty" tf:"count,omitempty"`

	// The time interval in the form hh:mm:ss.
	Interval *string `json:"interval,omitempty" tf:"interval,omitempty"`
}

type RequestsParameters struct {

	// The number of occurrences of the defined status_code in the specified interval on which to trigger this rule.
	// +kubebuilder:validation:Optional
	Count *float64 `json:"count" tf:"count,omitempty"`

	// The time interval in the form hh:mm:ss.
	// +kubebuilder:validation:Optional
	Interval *string `json:"interval" tf:"interval,omitempty"`
}

type SlowRequestInitParameters struct {

	// The number of occurrences of the defined status_code in the specified interval on which to trigger this rule.
	Count *float64 `json:"count,omitempty" tf:"count,omitempty"`

	// The time interval in the form hh:mm:ss.
	Interval *string `json:"interval,omitempty" tf:"interval,omitempty"`

	// The path to which this rule status code applies.
	Path *string `json:"path,omitempty" tf:"path,omitempty"`

	// The threshold of time passed to qualify as a Slow Request in hh:mm:ss.
	TimeTaken *string `json:"timeTaken,omitempty" tf:"time_taken,omitempty"`
}

type SlowRequestObservation struct {

	// The number of occurrences of the defined status_code in the specified interval on which to trigger this rule.
	Count *float64 `json:"count,omitempty" tf:"count,omitempty"`

	// The time interval in the form hh:mm:ss.
	Interval *string `json:"interval,omitempty" tf:"interval,omitempty"`

	// The path to which this rule status code applies.
	Path *string `json:"path,omitempty" tf:"path,omitempty"`

	// The threshold of time passed to qualify as a Slow Request in hh:mm:ss.
	TimeTaken *string `json:"timeTaken,omitempty" tf:"time_taken,omitempty"`
}

type SlowRequestParameters struct {

	// The number of occurrences of the defined status_code in the specified interval on which to trigger this rule.
	// +kubebuilder:validation:Optional
	Count *float64 `json:"count" tf:"count,omitempty"`

	// The time interval in the form hh:mm:ss.
	// +kubebuilder:validation:Optional
	Interval *string `json:"interval" tf:"interval,omitempty"`

	// The path to which this rule status code applies.
	// +kubebuilder:validation:Optional
	Path *string `json:"path,omitempty" tf:"path,omitempty"`

	// The threshold of time passed to qualify as a Slow Request in hh:mm:ss.
	// +kubebuilder:validation:Optional
	TimeTaken *string `json:"timeTaken" tf:"time_taken,omitempty"`
}

type StatusCodeInitParameters struct {

	// The number of occurrences of the defined status_code in the specified interval on which to trigger this rule.
	Count *float64 `json:"count,omitempty" tf:"count,omitempty"`

	// The time interval in the form hh:mm:ss.
	Interval *string `json:"interval,omitempty" tf:"interval,omitempty"`

	// The path to which this rule status code applies.
	Path *string `json:"path,omitempty" tf:"path,omitempty"`

	// The status code for this rule, accepts single status codes and status code ranges. e.g. 500 or 400-499. Possible values are integers between 101 and 599
	StatusCodeRange *string `json:"statusCodeRange,omitempty" tf:"status_code_range,omitempty"`

	// The Request Sub Status of the Status Code.
	SubStatus *float64 `json:"subStatus,omitempty" tf:"sub_status,omitempty"`

	// The Win32 Status Code of the Request.
	Win32StatusCode *float64 `json:"win32StatusCode,omitempty" tf:"win32_status_code,omitempty"`
}

type StatusCodeObservation struct {

	// The number of occurrences of the defined status_code in the specified interval on which to trigger this rule.
	Count *float64 `json:"count,omitempty" tf:"count,omitempty"`

	// The time interval in the form hh:mm:ss.
	Interval *string `json:"interval,omitempty" tf:"interval,omitempty"`

	// The path to which this rule status code applies.
	Path *string `json:"path,omitempty" tf:"path,omitempty"`

	// The status code for this rule, accepts single status codes and status code ranges. e.g. 500 or 400-499. Possible values are integers between 101 and 599
	StatusCodeRange *string `json:"statusCodeRange,omitempty" tf:"status_code_range,omitempty"`

	// The Request Sub Status of the Status Code.
	SubStatus *float64 `json:"subStatus,omitempty" tf:"sub_status,omitempty"`

	// The Win32 Status Code of the Request.
	Win32StatusCode *float64 `json:"win32StatusCode,omitempty" tf:"win32_status_code,omitempty"`
}

type StatusCodeParameters struct {

	// The number of occurrences of the defined status_code in the specified interval on which to trigger this rule.
	// +kubebuilder:validation:Optional
	Count *float64 `json:"count" tf:"count,omitempty"`

	// The time interval in the form hh:mm:ss.
	// +kubebuilder:validation:Optional
	Interval *string `json:"interval" tf:"interval,omitempty"`

	// The path to which this rule status code applies.
	// +kubebuilder:validation:Optional
	Path *string `json:"path,omitempty" tf:"path,omitempty"`

	// The status code for this rule, accepts single status codes and status code ranges. e.g. 500 or 400-499. Possible values are integers between 101 and 599
	// +kubebuilder:validation:Optional
	StatusCodeRange *string `json:"statusCodeRange" tf:"status_code_range,omitempty"`

	// The Request Sub Status of the Status Code.
	// +kubebuilder:validation:Optional
	SubStatus *float64 `json:"subStatus,omitempty" tf:"sub_status,omitempty"`

	// The Win32 Status Code of the Request.
	// +kubebuilder:validation:Optional
	Win32StatusCode *float64 `json:"win32StatusCode,omitempty" tf:"win32_status_code,omitempty"`
}

type TriggerInitParameters struct {

	// A requests block as defined above.
	Requests []RequestsInitParameters `json:"requests,omitempty" tf:"requests,omitempty"`

	// One or more slow_request blocks as defined above.
	SlowRequest []SlowRequestInitParameters `json:"slowRequest,omitempty" tf:"slow_request,omitempty"`

	// One or more status_code blocks as defined above.
	StatusCode []StatusCodeInitParameters `json:"statusCode,omitempty" tf:"status_code,omitempty"`
}

type TriggerObservation struct {

	// A requests block as defined above.
	Requests []RequestsObservation `json:"requests,omitempty" tf:"requests,omitempty"`

	// One or more slow_request blocks as defined above.
	SlowRequest []SlowRequestObservation `json:"slowRequest,omitempty" tf:"slow_request,omitempty"`

	// One or more status_code blocks as defined above.
	StatusCode []StatusCodeObservation `json:"statusCode,omitempty" tf:"status_code,omitempty"`
}

type TriggerParameters struct {

	// A requests block as defined above.
	// +kubebuilder:validation:Optional
	Requests []RequestsParameters `json:"requests,omitempty" tf:"requests,omitempty"`

	// One or more slow_request blocks as defined above.
	// +kubebuilder:validation:Optional
	SlowRequest []SlowRequestParameters `json:"slowRequest,omitempty" tf:"slow_request,omitempty"`

	// One or more status_code blocks as defined above.
	// +kubebuilder:validation:Optional
	StatusCode []StatusCodeParameters `json:"statusCode,omitempty" tf:"status_code,omitempty"`
}

// LinuxWebAppSpec defines the desired state of LinuxWebApp
type LinuxWebAppSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     LinuxWebAppParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider LinuxWebAppInitParameters `json:"initProvider,omitempty"`
}

// LinuxWebAppStatus defines the observed state of LinuxWebApp.
type LinuxWebAppStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        LinuxWebAppObservation `json:"atProvider,omitempty"`
}

// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:storageversion

// LinuxWebApp is the Schema for the LinuxWebApps API. Manages a Linux Web App.
// +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status"
// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status"
// +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name"
// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,azure}
type LinuxWebApp struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.location) || (has(self.initProvider) && has(self.initProvider.location))",message="spec.forProvider.location is a required parameter"
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.siteConfig) || (has(self.initProvider) && has(self.initProvider.siteConfig))",message="spec.forProvider.siteConfig is a required parameter"
	Spec   LinuxWebAppSpec   `json:"spec"`
	Status LinuxWebAppStatus `json:"status,omitempty"`
}

// +kubebuilder:object:root=true

// LinuxWebAppList contains a list of LinuxWebApps
type LinuxWebAppList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []LinuxWebApp `json:"items"`
}

// Repository type metadata.
var (
	LinuxWebApp_Kind             = "LinuxWebApp"
	LinuxWebApp_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: LinuxWebApp_Kind}.String()
	LinuxWebApp_KindAPIVersion   = LinuxWebApp_Kind + "." + CRDGroupVersion.String()
	LinuxWebApp_GroupVersionKind = CRDGroupVersion.WithKind(LinuxWebApp_Kind)
)

func init() {
	SchemeBuilder.Register(&LinuxWebApp{}, &LinuxWebAppList{})
}