I need to patch in the following node into the machine.config of an Azure AppService (this is per Sitecore CMS requirements here).
I've seen this article https://aaronstannard.com/how-to-modify-machineconfig-on-windows-azure-web-roles/ which mentions how to set individual settings, using AppCmd and Windows Azure start up tasks. I'm not sure how this is done in Azure and I'm also not sure how I would change to inserting a whole new config node?
<configuration>
<!-- Other configuration settings -->
<mscorlib>
<cryptographySettings>
<cryptoNameMapping>
<cryptoClasses>
<cryptoClass AESPROXY="Sitecore.SecurityModel.Cryptography.AesCryptoServiceProviderProxy, Sitecore.Kernel, Version=XX.X.X.XXXX, Culture=neutral"/>
</cryptoClasses>
<nameEntry name="Rijndael" class="AESPROXY"/>
<nameEntry name="System.Security.Cryptography.Rijndael" class="AESPROXY"/>
<nameEntry name="System.Security.Cryptography.RijndaelManaged" class="AESPROXY"/>
<nameEntry name="AesManaged" class="AESPROXY"/>
<nameEntry name="System.Security.Cryptography.AesManaged" class="AESPROXY"/>
</cryptoNameMapping>
</cryptographySettings>
</mscorlib>
</configuration>
Short answer: You can't change machine.config on an Azure AppService.
You need to make your changes to your application's web.config file instead - you should be able to overwrite any necessary settings in web.config.
I had originally asked this question while following some security recommendations for Sitecore CMS, but overlooked the comment about performing a different action for Azure App Services.