@drunk-pulumi/azure-components 0.0.6

package/vnet/Firewall.js

@@ -0,0 +1,136 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Firewall = void 0;
+const network = __importStar(require("@pulumi/azure-native/network"));
+const base_1 = require("../base");
+class Firewall extends base_1.BaseResourceComponent {
+    firewall;
+    policy;
+    privateIpAddress;
+    constructor(name, args, opts) {
+        super('Firewall', name, args, opts);
+        const policy = this.createPolicy();
+        const firewall = this.createFirewall(policy);
+        this.createPolicyRuleGroup(policy);
+        this.firewall = { id: firewall.id, resourceName: firewall.name };
+        this.policy = { id: policy.id, resourceName: policy.name };
+        this.privateIpAddress = firewall.ipConfigurations.apply((config) => config[0].privateIPAddress);
+        // Export the resource ID
+        this.registerOutputs();
+    }
+    getOutputs() {
+        return { firewall: this.firewall, policy: this.policy, privateIpAddress: this.privateIpAddress };
+    }
+    createPolicy(basePolicy) {
+        const { rsGroup, sku, policy: { rules, ...policy }, logs, } = this.args;
+        return new network.FirewallPolicy(this.name, {
+            ...policy,
+            ...rsGroup,
+            sku,
+            basePolicy: basePolicy ? { id: basePolicy.id } : undefined,
+            dnsSettings: policy.dnsSettings ?? sku.tier !== network.FirewallPolicySkuTier.Basic
+                ? {
+                    enableProxy: true,
+                }
+                : undefined,
+            snat: {
+                //Auto learn need a Route Server
+                autoLearnPrivateRanges: 'Enabled',
+                privateRanges: ['IANAPrivateRanges'],
+            },
+            threatIntelMode: policy.threatIntelMode ?? sku.tier !== network.FirewallPolicySkuTier.Basic
+                ? network.AzureFirewallThreatIntelMode.Deny
+                : undefined,
+            threatIntelWhitelist: policy.threatIntelWhitelist ?? {
+                fqdns: ['*.microsoft.com'],
+                ipAddresses: ['20.3.4.5'],
+            },
+            transportSecurity: sku.tier !== network.FirewallPolicySkuTier.Basic && policy.transportSecurityCA
+                ? { certificateAuthority: policy.transportSecurityCA }
+                : undefined,
+            insights: logs
+                ? {
+                    isEnabled: true,
+                    logAnalyticsResources: {
+                        defaultWorkspaceId: { id: logs.defaultWorkspace.id },
+                        workspaces: logs.regionalWorkspaces
+                            ? logs.regionalWorkspaces.map((wp) => ({
+                                region: wp.region,
+                                workspaceId: { id: wp.id },
+                            }))
+                            : undefined,
+                    },
+                }
+                : undefined,
+        }, { dependsOn: this.opts?.dependsOn, parent: this });
+    }
+    createFirewall(firewallPolicy) {
+        const { rsGroup, sku, logs, policy, snat, additionalProperties, ...props } = this.args;
+        const properties = {
+            ...additionalProperties,
+            //autoLearnPrivateRanges: 'Enabled',
+            //privateRanges: 'IANAPrivateRanges',
+        };
+        if (snat) {
+            if (snat.routeServerId)
+                properties['Network.RouteServerInfo.RouteServerID'] = snat.routeServerId;
+        }
+        return new network.AzureFirewall(this.name, {
+            ...props,
+            ...rsGroup,
+            sku,
+            additionalProperties: properties,
+            firewallPolicy: firewallPolicy ? { id: firewallPolicy.id } : undefined,
+            threatIntelMode: props.threatIntelMode ?? (sku.tier !== network.AzureFirewallSkuTier.Basic && sku.name !== 'AZFW_Hub')
+                ? network.AzureFirewallThreatIntelMode.Deny
+                : undefined,
+        }, { ...this.opts, dependsOn: firewallPolicy ? firewallPolicy : this.opts?.dependsOn, parent: this });
+    }
+    createPolicyRuleGroup(firewallPolicy) {
+        const { policy, rsGroup } = this.args;
+        if (!policy.rules)
+            return;
+        policy.rules
+            .sort((a, b) => a.priority - b.priority)
+            .map((p) => new network.FirewallPolicyRuleCollectionGroup(`${this.name}-${p.name}`, {
+            ...rsGroup,
+            ...p,
+            firewallPolicyName: firewallPolicy.name,
+        }, { dependsOn: [firewallPolicy], parent: this }));
+    }
+}
+exports.Firewall = Firewall;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiRmlyZXdhbGwuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdm5ldC9GaXJld2FsbC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxzRUFBd0Q7QUFHeEQsa0NBQWdFO0FBNERoRSxNQUFhLFFBQVMsU0FBUSw0QkFBbUM7SUFDL0MsUUFBUSxDQUF3QjtJQUNoQyxNQUFNLENBQXdCO0lBQzlCLGdCQUFnQixDQUF3QjtJQUV4RCxZQUFZLElBQVksRUFBRSxJQUFrQixFQUFFLElBQXNDO1FBQ2xGLEtBQUssQ0FBQyxVQUFVLEVBQUUsSUFBSSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztRQUVwQyxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDbkMsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLGNBQWMsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUM3QyxJQUFJLENBQUMscUJBQXFCLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFbkMsSUFBSSxDQUFDLFFBQVEsR0FBRyxFQUFFLEVBQUUsRUFBRSxRQUFRLENBQUMsRUFBRSxFQUFFLFlBQVksRUFBRSxRQUFRLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDakUsSUFBSSxDQUFDLE1BQU0sR0FBRyxFQUFFLEVBQUUsRUFBRSxNQUFNLENBQUMsRUFBRSxFQUFFLFlBQVksRUFBRSxNQUFNLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDM0QsSUFBSSxDQUFDLGdCQUFnQixHQUFHLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFLLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLE1BQU8sQ0FBQyxDQUFDLENBQUMsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1FBRWpHLHlCQUF5QjtRQUN6QixJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7SUFDekIsQ0FBQztJQUVNLFVBQVU7UUFDZixPQUFPLEVBQUUsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRLEVBQUUsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNLEVBQUUsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7SUFDbkcsQ0FBQztJQUVPLFlBQVksQ0FBQyxVQUFpQztRQUNwRCxNQUFNLEVBQ0osT0FBTyxFQUNQLEdBQUcsRUFDSCxNQUFNLEVBQUUsRUFBRSxLQUFLLEVBQUUsR0FBRyxNQUFNLEVBQUUsRUFDNUIsSUFBSSxHQUNMLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUVkLE9BQU8sSUFBSSxPQUFPLENBQUMsY0FBYyxDQUMvQixJQUFJLENBQUMsSUFBSSxFQUNUO1lBQ0UsR0FBRyxNQUFNO1lBQ1QsR0FBRyxPQUFPO1lBQ1YsR0FBRztZQUNILFVBQVUsRUFBRSxVQUFVLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLFVBQVUsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUztZQUMxRCxXQUFXLEVBQ1QsTUFBTSxDQUFDLFdBQVcsSUFBSSxHQUFHLENBQUMsSUFBSSxLQUFLLE9BQU8sQ0FBQyxxQkFBcUIsQ0FBQyxLQUFLO2dCQUNwRSxDQUFDLENBQUM7b0JBQ0UsV0FBVyxFQUFFLElBQUk7aUJBQ2xCO2dCQUNILENBQUMsQ0FBQyxTQUFTO1lBRWYsSUFBSSxFQUFFO2dCQUNKLGdDQUFnQztnQkFDaEMsc0JBQXNCLEVBQUUsU0FBUztnQkFDakMsYUFBYSxFQUFFLENBQUMsbUJBQW1CLENBQUM7YUFDckM7WUFFRCxlQUFlLEVBQ2IsTUFBTSxDQUFDLGVBQWUsSUFBSSxHQUFHLENBQUMsSUFBSSxLQUFLLE9BQU8sQ0FBQyxxQkFBcUIsQ0FBQyxLQUFLO2dCQUN4RSxDQUFDLENBQUMsT0FBTyxDQUFDLDRCQUE0QixDQUFDLElBQUk7Z0JBQzNDLENBQUMsQ0FBQyxTQUFTO1lBQ2Ysb0JBQW9CLEVBQUUsTUFBTSxDQUFDLG9CQUFvQixJQUFJO2dCQUNuRCxLQUFLLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQztnQkFDMUIsV0FBVyxFQUFFLENBQUMsVUFBVSxDQUFDO2FBQzFCO1lBRUQsaUJBQWlCLEVBQ2YsR0FBRyxDQUFDLElBQUksS0FBSyxPQUFPLENBQUMscUJBQXFCLENBQUMsS0FBSyxJQUFJLE1BQU0sQ0FBQyxtQkFBbUI7Z0JBQzVFLENBQUMsQ0FBQyxFQUFFLG9CQUFvQixFQUFFLE1BQU0sQ0FBQyxtQkFBbUIsRUFBRTtnQkFDdEQsQ0FBQyxDQUFDLFNBQVM7WUFFZixRQUFRLEVBQUUsSUFBSTtnQkFDWixDQUFDLENBQUM7b0JBQ0UsU0FBUyxFQUFFLElBQUk7b0JBQ2YscUJBQXFCLEVBQUU7d0JBQ3JCLGtCQUFrQixFQUFFLEVBQUUsRUFBRSxFQUFFLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFLEVBQUU7d0JBQ3BELFVBQVUsRUFBRSxJQUFJLENBQUMsa0JBQWtCOzRCQUNqQyxDQUFDLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQztnQ0FDbkMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxNQUFNO2dDQUNqQixXQUFXLEVBQUUsRUFBRSxFQUFFLEVBQUUsRUFBRSxDQUFDLEVBQUUsRUFBRTs2QkFDM0IsQ0FBQyxDQUFDOzRCQUNMLENBQUMsQ0FBQyxTQUFTO3FCQUNkO2lCQUNGO2dCQUNILENBQUMsQ0FBQyxTQUFTO1NBQ2QsRUFDRCxFQUFFLFNBQVMsRUFBRSxJQUFJLENBQUMsSUFBSSxFQUFFLFNBQVMsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ2xELENBQUM7SUFDSixDQUFDO0lBRU8sY0FBYyxDQUFDLGNBQXNDO1FBQzNELE1BQU0sRUFBRSxPQUFPLEVBQUUsR0FBRyxFQUFFLElBQUksRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLG9CQUFvQixFQUFFLEdBQUcsS0FBSyxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUN2RixNQUFNLFVBQVUsR0FBeUM7WUFDdkQsR0FBRyxvQkFBb0I7WUFDdkIsb0NBQW9DO1lBQ3BDLHFDQUFxQztTQUN0QyxDQUFDO1FBRUYsSUFBSSxJQUFJLEVBQUUsQ0FBQztZQUNULElBQUksSUFBSSxDQUFDLGFBQWE7Z0JBQUUsVUFBVSxDQUFDLHVDQUF1QyxDQUFDLEdBQUcsSUFBSSxDQUFDLGFBQWEsQ0FBQztRQUNuRyxDQUFDO1FBRUQsT0FBTyxJQUFJLE9BQU8sQ0FBQyxhQUFhLENBQzlCLElBQUksQ0FBQyxJQUFJLEVBQ1Q7WUFDRSxHQUFHLEtBQUs7WUFDUixHQUFHLE9BQU87WUFDVixHQUFHO1lBQ0gsb0JBQW9CLEVBQUUsVUFBVTtZQUNoQyxjQUFjLEVBQUUsY0FBYyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRSxjQUFjLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLFNBQVM7WUFDdEUsZUFBZSxFQUNiLEtBQUssQ0FBQyxlQUFlLElBQUksQ0FBQyxHQUFHLENBQUMsSUFBSSxLQUFLLE9BQU8sQ0FBQyxvQkFBb0IsQ0FBQyxLQUFLLElBQUksR0FBRyxDQUFDLElBQUksS0FBSyxVQUFVLENBQUM7Z0JBQ25HLENBQUMsQ0FBQyxPQUFPLENBQUMsNEJBQTRCLENBQUMsSUFBSTtnQkFDM0MsQ0FBQyxDQUFDLFNBQVM7U0FDaEIsRUFDRCxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksRUFBRSxTQUFTLEVBQUUsY0FBYyxDQUFDLENBQUMsQ0FBQyxjQUFjLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsU0FBUyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDbEcsQ0FBQztJQUNKLENBQUM7SUFFTyxxQkFBcUIsQ0FBQyxjQUFzQztRQUNsRSxNQUFNLEVBQUUsTUFBTSxFQUFFLE9BQU8sRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUM7UUFDdEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLO1lBQUUsT0FBTztRQUUxQixNQUFNLENBQUMsS0FBSzthQUNULElBQUksQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxRQUFRLEdBQUcsQ0FBQyxDQUFDLFFBQVEsQ0FBQzthQUN2QyxHQUFHLENBQ0YsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUNKLElBQUksT0FBTyxDQUFDLGlDQUFpQyxDQUMzQyxHQUFHLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxDQUFDLElBQUksRUFBRSxFQUN4QjtZQUNFLEdBQUcsT0FBTztZQUNWLEdBQUcsQ0FBQztZQUNKLGtCQUFrQixFQUFFLGNBQWMsQ0FBQyxJQUFJO1NBQ3hDLEVBQ0QsRUFBRSxTQUFTLEVBQUUsQ0FBQyxjQUFjLENBQUMsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQzlDLENBQ0osQ0FBQztJQUNOLENBQUM7Q0FDRjtBQXJJRCw0QkFxSUMifQ==

package/vnet/FirewallPolicies/FirewallPolicyBuilder.d.ts

@@ -0,0 +1,18 @@
+import * as inputs from '@pulumi/azure-native/types/input';
+import * as network from '@pulumi/azure-native/network';
+import { RulePolicyArgs } from '../Firewall';
+export declare class FirewallPolicyBuilder {
+    readonly name: string;
+    private readonly props;
+    private _natRules;
+    private _netRules;
+    private _appRules;
+    constructor(name: string, props: {
+        priority: number;
+        action: network.FirewallPolicyFilterRuleCollectionActionType;
+    });
+    addNatRule(name: string, props: Omit<inputs.network.NatRuleArgs, 'name' | 'ruleType'>): FirewallPolicyBuilder;
+    addNetRule(name: string, props: Omit<inputs.network.NetworkRuleArgs, 'name' | 'ruleType'>): FirewallPolicyBuilder;
+    addAppRule(name: string, props: Omit<inputs.network.ApplicationRuleArgs, 'name' | 'ruleType'>): FirewallPolicyBuilder;
+    build(): RulePolicyArgs;
+}

package/vnet/FirewallPolicies/FirewallPolicyBuilder.js

@@ -0,0 +1,91 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FirewallPolicyBuilder = void 0;
+const network = __importStar(require("@pulumi/azure-native/network"));
+class FirewallPolicyBuilder {
+    name;
+    props;
+    _natRules = [];
+    _netRules = [];
+    _appRules = [];
+    constructor(name, props) {
+        this.name = name;
+        this.props = props;
+    }
+    addNatRule(name, props) {
+        this._natRules.push({
+            ...props,
+            name: `${this.name}-${name}-nat`,
+            ruleType: 'NatRule',
+        });
+        return this;
+    }
+    addNetRule(name, props) {
+        this._netRules.push({
+            ...props,
+            name: `${this.name}-${name}-net`,
+            ruleType: 'NetworkRule',
+        });
+        return this;
+    }
+    addAppRule(name, props) {
+        this._appRules.push({
+            ...props,
+            name: `${this.name}-${name}-app`,
+            ruleType: 'ApplicationRule',
+        });
+        return this;
+    }
+    build() {
+        const natRules = {
+            name: `${this.name}-nat-rules`,
+            action: { type: network.FirewallPolicyNatRuleCollectionActionType.DNAT },
+            ruleCollectionType: 'FirewallPolicyNatRuleCollection',
+            priority: 300,
+            rules: this._natRules,
+        };
+        const rules = {
+            name: `${this.name}-${this.props.action}-rules`,
+            action: { type: this.props.action },
+            ruleCollectionType: `FirewallPolicyFilterRuleCollection`,
+            priority: 400,
+            rules: [...this._netRules, ...this._appRules],
+        };
+        return { name: this.name, priority: this.props.priority, ruleCollections: [natRules, rules] };
+    }
+}
+exports.FirewallPolicyBuilder = FirewallPolicyBuilder;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiRmlyZXdhbGxQb2xpY3lCdWlsZGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3ZuZXQvRmlyZXdhbGxQb2xpY2llcy9GaXJld2FsbFBvbGljeUJ1aWxkZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBRUEsc0VBQXdEO0FBR3hELE1BQWEscUJBQXFCO0lBTWQ7SUFDQztJQU5YLFNBQVMsR0FBc0MsRUFBRSxDQUFDO0lBQ2xELFNBQVMsR0FBMEMsRUFBRSxDQUFDO0lBQ3RELFNBQVMsR0FBOEMsRUFBRSxDQUFDO0lBRWxFLFlBQ2tCLElBQVksRUFDWCxLQUF5RjtRQUQxRixTQUFJLEdBQUosSUFBSSxDQUFRO1FBQ1gsVUFBSyxHQUFMLEtBQUssQ0FBb0Y7SUFDekcsQ0FBQztJQUVHLFVBQVUsQ0FBQyxJQUFZLEVBQUUsS0FBNEQ7UUFDMUYsSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUM7WUFDbEIsR0FBRyxLQUFLO1lBQ1IsSUFBSSxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksSUFBSSxJQUFJLE1BQU07WUFDaEMsUUFBUSxFQUFFLFNBQVM7U0FDcEIsQ0FBQyxDQUFDO1FBRUgsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRU0sVUFBVSxDQUNmLElBQVksRUFDWixLQUFnRTtRQUVoRSxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQztZQUNsQixHQUFHLEtBQUs7WUFDUixJQUFJLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxJQUFJLElBQUksTUFBTTtZQUNoQyxRQUFRLEVBQUUsYUFBYTtTQUN4QixDQUFDLENBQUM7UUFDSCxPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFTSxVQUFVLENBQ2YsSUFBWSxFQUNaLEtBQW9FO1FBRXBFLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDO1lBQ2xCLEdBQUcsS0FBSztZQUNSLElBQUksRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLElBQUksSUFBSSxNQUFNO1lBQ2hDLFFBQVEsRUFBRSxpQkFBaUI7U0FDNUIsQ0FBQyxDQUFDO1FBQ0gsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRU0sS0FBSztRQUNWLE1BQU0sUUFBUSxHQUF1RDtZQUNuRSxJQUFJLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxZQUFZO1lBQzlCLE1BQU0sRUFBRSxFQUFFLElBQUksRUFBRSxPQUFPLENBQUMseUNBQXlDLENBQUMsSUFBSSxFQUFFO1lBQ3hFLGtCQUFrQixFQUFFLGlDQUFpQztZQUNyRCxRQUFRLEVBQUUsR0FBRztZQUNiLEtBQUssRUFBRSxJQUFJLENBQUMsU0FBUztTQUN0QixDQUFDO1FBRUYsTUFBTSxLQUFLLEdBQTBEO1lBQ25FLElBQUksRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLElBQUksSUFBSSxDQUFDLEtBQUssQ0FBQyxNQUFNLFFBQVE7WUFDL0MsTUFBTSxFQUFFLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsTUFBTSxFQUFFO1lBQ25DLGtCQUFrQixFQUFFLG9DQUFvQztZQUN4RCxRQUFRLEVBQUUsR0FBRztZQUNiLEtBQUssRUFBRSxDQUFDLEdBQUcsSUFBSSxDQUFDLFNBQVMsRUFBRSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUM7U0FDOUMsQ0FBQztRQUVGLE9BQU8sRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUksRUFBRSxRQUFRLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxRQUFRLEVBQUUsZUFBZSxFQUFFLENBQUMsUUFBUSxFQUFFLEtBQUssQ0FBQyxFQUFFLENBQUM7SUFDaEcsQ0FBQztDQUNGO0FBL0RELHNEQStEQyJ9

package/vnet/FirewallPolicies/commonPolicies.d.ts

@@ -0,0 +1,10 @@
+import * as pulumi from '@pulumi/pulumi';
+import { FirewallPolicyBuilder } from './FirewallPolicyBuilder';
+export declare function getDefaultPolicies(priority?: number): FirewallPolicyBuilder;
+/** These rules are not required for Private AKS */
+export declare function getAksPolicies(name: string, { priority, subnetAddressSpaces, }: {
+    priority: number;
+    subnetAddressSpaces: Array<pulumi.Input<string>>;
+    /** the name of Azure Container registry allows access from Azure AKS */
+    allowsAcrs?: pulumi.Input<string>[];
+}): FirewallPolicyBuilder;

package/vnet/FirewallPolicies/commonPolicies.js

@@ -0,0 +1,55 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getDefaultPolicies = getDefaultPolicies;
+exports.getAksPolicies = getAksPolicies;
+const helpers_1 = require("../../helpers");
+const FirewallPolicyBuilder_1 = require("./FirewallPolicyBuilder");
+function getDefaultPolicies(priority = 6001) {
+    return new FirewallPolicyBuilder_1.FirewallPolicyBuilder('default', { priority, action: 'Deny' }).addAppRule('deny-everything-else', {
+        description: 'Default Deny Everything Else',
+        protocols: [
+            { protocolType: 'Http', port: 80 },
+            { protocolType: 'Https', port: 443 },
+            { protocolType: 'Mssql', port: 1433 },
+        ],
+        sourceAddresses: ['*'],
+        targetFqdns: ['*'],
+    });
+}
+/** These rules are not required for Private AKS */
+function getAksPolicies(name, { priority, subnetAddressSpaces, }) {
+    return (new FirewallPolicyBuilder_1.FirewallPolicyBuilder(name, { priority, action: 'Allow' })
+        //Net
+        .addNetRule('aks-udp', {
+        description: 'For tunneled secure communication between the nodes and the control plane.',
+        ipProtocols: ['UDP'],
+        sourceAddresses: subnetAddressSpaces,
+        destinationAddresses: [`AzureCloud.${helpers_1.azureEnv.currentRegionCode}`],
+        destinationPorts: ['1194'],
+    })
+        .addNetRule('aks-tcp', {
+        description: 'For tunneled secure communication between the nodes and the control plane.',
+        ipProtocols: ['TCP'],
+        sourceAddresses: subnetAddressSpaces,
+        destinationAddresses: [`AzureCloud.${helpers_1.azureEnv.currentRegionCode}`],
+        destinationPorts: ['9000'],
+    })
+        //App
+        .addAppRule('aks-allow-acrs', {
+        description: 'Allows pods to access AzureKubernetesService',
+        sourceAddresses: subnetAddressSpaces,
+        fqdnTags: [
+            `*.hcp.${helpers_1.azureEnv.currentRegionCode}.azmk8s.io`,
+            'mcr.microsoft.com',
+            '*.data.mcr.microsoft.com',
+            'mcr-0001.mcr-msedge.net',
+            'management.azure.com',
+            'login.microsoftonline.com',
+            'packages.microsoft.com',
+            'acs-mirror.azureedge.net',
+            'packages.aks.azure.com',
+        ],
+        protocols: [{ protocolType: 'Https', port: 443 }],
+    }));
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29tbW9uUG9saWNpZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvdm5ldC9GaXJld2FsbFBvbGljaWVzL2NvbW1vblBvbGljaWVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBSUEsZ0RBV0M7QUFHRCx3Q0ErQ0M7QUFoRUQsMkNBQXlDO0FBQ3pDLG1FQUFnRTtBQUVoRSxTQUFnQixrQkFBa0IsQ0FBQyxXQUFtQixJQUFJO0lBQ3hELE9BQU8sSUFBSSw2Q0FBcUIsQ0FBQyxTQUFTLEVBQUUsRUFBRSxRQUFRLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxDQUFDLENBQUMsVUFBVSxDQUFDLHNCQUFzQixFQUFFO1FBQzNHLFdBQVcsRUFBRSw4QkFBOEI7UUFDM0MsU0FBUyxFQUFFO1lBQ1QsRUFBRSxZQUFZLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxFQUFFLEVBQUU7WUFDbEMsRUFBRSxZQUFZLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxHQUFHLEVBQUU7WUFDcEMsRUFBRSxZQUFZLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxJQUFJLEVBQUU7U0FDdEM7UUFDRCxlQUFlLEVBQUUsQ0FBQyxHQUFHLENBQUM7UUFDdEIsV0FBVyxFQUFFLENBQUMsR0FBRyxDQUFDO0tBQ25CLENBQUMsQ0FBQztBQUNMLENBQUM7QUFFRCxtREFBbUQ7QUFDbkQsU0FBZ0IsY0FBYyxDQUM1QixJQUFZLEVBQ1osRUFDRSxRQUFRLEVBQ1IsbUJBQW1CLEdBTXBCO0lBRUQsT0FBTyxDQUNMLElBQUksNkNBQXFCLENBQUMsSUFBSSxFQUFFLEVBQUUsUUFBUSxFQUFFLE1BQU0sRUFBRSxPQUFPLEVBQUUsQ0FBQztRQUM1RCxLQUFLO1NBQ0osVUFBVSxDQUFDLFNBQVMsRUFBRTtRQUNyQixXQUFXLEVBQUUsNEVBQTRFO1FBQ3pGLFdBQVcsRUFBRSxDQUFDLEtBQUssQ0FBQztRQUNwQixlQUFlLEVBQUUsbUJBQW1CO1FBQ3BDLG9CQUFvQixFQUFFLENBQUMsY0FBYyxrQkFBUSxDQUFDLGlCQUFpQixFQUFFLENBQUM7UUFDbEUsZ0JBQWdCLEVBQUUsQ0FBQyxNQUFNLENBQUM7S0FDM0IsQ0FBQztTQUNELFVBQVUsQ0FBQyxTQUFTLEVBQUU7UUFDckIsV0FBVyxFQUFFLDRFQUE0RTtRQUN6RixXQUFXLEVBQUUsQ0FBQyxLQUFLLENBQUM7UUFDcEIsZUFBZSxFQUFFLG1CQUFtQjtRQUNwQyxvQkFBb0IsRUFBRSxDQUFDLGNBQWMsa0JBQVEsQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1FBQ2xFLGdCQUFnQixFQUFFLENBQUMsTUFBTSxDQUFDO0tBQzNCLENBQUM7UUFDRixLQUFLO1NBQ0osVUFBVSxDQUFDLGdCQUFnQixFQUFFO1FBQzVCLFdBQVcsRUFBRSw4Q0FBOEM7UUFDM0QsZUFBZSxFQUFFLG1CQUFtQjtRQUNwQyxRQUFRLEVBQUU7WUFDUixTQUFTLGtCQUFRLENBQUMsaUJBQWlCLFlBQVk7WUFDL0MsbUJBQW1CO1lBQ25CLDBCQUEwQjtZQUMxQix5QkFBeUI7WUFDekIsc0JBQXNCO1lBQ3RCLDJCQUEyQjtZQUMzQix3QkFBd0I7WUFDeEIsMEJBQTBCO1lBQzFCLHdCQUF3QjtTQUN6QjtRQUNELFNBQVMsRUFBRSxDQUFDLEVBQUUsWUFBWSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsR0FBRyxFQUFFLENBQUM7S0FDbEQsQ0FBQyxDQUNMLENBQUM7QUFDSixDQUFDIn0=

package/vnet/FirewallPolicies/index.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvdm5ldC9GaXJld2FsbFBvbGljaWVzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiIifQ==

package/vnet/IpAddresses.d.ts

@@ -0,0 +1,36 @@
+import * as network from '@pulumi/azure-native/network';
+import * as pulumi from '@pulumi/pulumi';
+import { BaseResourceComponent, CommonBaseArgs } from '../base';
+type IpSku = {
+    /**
+     * Name of a public IP address SKU.
+     */
+    name: network.PublicIPAddressSkuName;
+    /**
+     * Tier of a public IP address SKU.
+     */
+    tier?: network.PublicIPAddressSkuTier;
+};
+export interface IpAddressesArgs extends CommonBaseArgs {
+    sku: IpSku;
+    prefix?: {
+        length: 28 | 29 | 30 | 31 | number;
+    };
+    /** The default config for all Ip address. */
+    defaultConfig?: Omit<network.PublicIPAddressArgs, 'id' | 'ipAddress' | 'publicIPPrefix' | 'resourceGroupName' | 'location' | 'sku' | 'publicIPAllocationMethod' | 'natGateway'>;
+    ipAddresses: Array<Pick<network.PublicIPAddressArgs, 'zones'> & {
+        name: string;
+        sku?: IpSku;
+    }>;
+}
+export declare class IpAddresses extends BaseResourceComponent<IpAddressesArgs> {
+    readonly ipAddresses: Record<string, {
+        id: pulumi.Output<string>;
+        resourceName: pulumi.Output<string>;
+        ipAddress: pulumi.Output<string | undefined>;
+    }>;
+    constructor(name: string, args: IpAddressesArgs, opts?: pulumi.ComponentResourceOptions);
+    getOutputs(): {};
+    private createIpPrefix;
+}
+export {};

package/vnet/IpAddresses.js

@@ -0,0 +1,74 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.IpAddresses = void 0;
+const network = __importStar(require("@pulumi/azure-native/network"));
+const base_1 = require("../base");
+class IpAddresses extends base_1.BaseResourceComponent {
+    ipAddresses = {};
+    constructor(name, args, opts) {
+        super('IpAddresses', name, args, opts);
+        const { rsGroup, sku, defaultConfig, ipAddresses } = this.args;
+        const prefix = this.createIpPrefix();
+        ipAddresses.map((ip) => {
+            const ipAddress = new network.PublicIPAddress(`${name}-${ip.name}`, {
+                ...defaultConfig,
+                ...rsGroup,
+                sku: ip.sku ?? sku,
+                publicIPPrefix: prefix ? { id: prefix.id } : undefined,
+                publicIPAllocationMethod: network.IPAllocationMethod.Static,
+                zones: ip.zones ?? defaultConfig?.zones,
+            }, { ...opts, dependsOn: prefix ? prefix : opts?.dependsOn, parent: this, ignoreChanges: ['natGateway'] });
+            this.ipAddresses[ip.name] = { id: ipAddress.id, resourceName: ipAddress.name, ipAddress: ipAddress.ipAddress };
+            return ipAddress;
+        });
+        this.registerOutputs();
+    }
+    getOutputs() {
+        return {};
+    }
+    createIpPrefix() {
+        const { prefix, rsGroup, sku } = this.args;
+        if (!prefix)
+            return undefined;
+        return new network.PublicIPPrefix(this.name, {
+            ...rsGroup,
+            prefixLength: prefix.length,
+            sku,
+        }, { ...this.opts, parent: this });
+    }
+}
+exports.IpAddresses = IpAddresses;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiSXBBZGRyZXNzZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdm5ldC9JcEFkZHJlc3Nlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxzRUFBd0Q7QUFFeEQsa0NBQWdFO0FBK0JoRSxNQUFhLFdBQVksU0FBUSw0QkFBc0M7SUFDckQsV0FBVyxHQU92QixFQUFFLENBQUM7SUFFUCxZQUFZLElBQVksRUFBRSxJQUFxQixFQUFFLElBQXNDO1FBQ3JGLEtBQUssQ0FBQyxhQUFhLEVBQUUsSUFBSSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztRQUV2QyxNQUFNLEVBQUUsT0FBTyxFQUFFLEdBQUcsRUFBRSxhQUFhLEVBQUUsV0FBVyxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUMvRCxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7UUFFckMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFO1lBQ3JCLE1BQU0sU0FBUyxHQUFHLElBQUksT0FBTyxDQUFDLGVBQWUsQ0FDM0MsR0FBRyxJQUFJLElBQUksRUFBRSxDQUFDLElBQUksRUFBRSxFQUNwQjtnQkFDRSxHQUFHLGFBQWE7Z0JBQ2hCLEdBQUcsT0FBTztnQkFDVixHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsSUFBSSxHQUFHO2dCQUNsQixjQUFjLEVBQUUsTUFBTSxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRSxNQUFNLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLFNBQVM7Z0JBQ3RELHdCQUF3QixFQUFFLE9BQU8sQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNO2dCQUMzRCxLQUFLLEVBQUUsRUFBRSxDQUFDLEtBQUssSUFBSSxhQUFhLEVBQUUsS0FBSzthQUN4QyxFQUNELEVBQUUsR0FBRyxJQUFJLEVBQUUsU0FBUyxFQUFFLE1BQU0sQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxJQUFJLEVBQUUsU0FBUyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsYUFBYSxFQUFFLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FDdkcsQ0FBQztZQUVGLElBQUksQ0FBQyxXQUFXLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxHQUFHLEVBQUUsRUFBRSxFQUFFLFNBQVMsQ0FBQyxFQUFFLEVBQUUsWUFBWSxFQUFFLFNBQVMsQ0FBQyxJQUFJLEVBQUUsU0FBUyxFQUFFLFNBQVMsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUMvRyxPQUFPLFNBQVMsQ0FBQztRQUNuQixDQUFDLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztJQUN6QixDQUFDO0lBRU0sVUFBVTtRQUNmLE9BQU8sRUFBRSxDQUFDO0lBQ1osQ0FBQztJQUVPLGNBQWM7UUFDcEIsTUFBTSxFQUFFLE1BQU0sRUFBRSxPQUFPLEVBQUUsR0FBRyxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUMzQyxJQUFJLENBQUMsTUFBTTtZQUFFLE9BQU8sU0FBUyxDQUFDO1FBRTlCLE9BQU8sSUFBSSxPQUFPLENBQUMsY0FBYyxDQUMvQixJQUFJLENBQUMsSUFBSSxFQUNUO1lBQ0UsR0FBRyxPQUFPO1lBQ1YsWUFBWSxFQUFFLE1BQU0sQ0FBQyxNQUFNO1lBQzNCLEdBQUc7U0FDSixFQUNELEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDL0IsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQXZERCxrQ0F1REMifQ==

package/vnet/NetworkPeering.d.ts

@@ -0,0 +1,21 @@
+import * as network from '@pulumi/azure-native/network';
+import * as pulumi from '@pulumi/pulumi';
+import * as types from '../types';
+export type PeeringDirectionType = 'Unidirectional' | 'Bidirectional';
+type NetworkPeeringProps = Omit<network.VirtualNetworkPeeringArgs, 'id' | 'name' | 'peeringState' | 'resourceGroupName' | 'virtualNetworkName' | 'virtualNetworkPeeringName' | 'syncRemoteAddressSpace'> & {
+    syncRemoteAddressSpace: 'true' | 'false';
+};
+export interface NetworkPeeringArgs {
+    options?: NetworkPeeringProps;
+    firstVnet: types.ResourceInputs;
+    secondVnet: types.ResourceInputs;
+    direction: PeeringDirectionType;
+}
+export declare class NetworkPeering extends pulumi.ComponentResource<NetworkPeeringArgs> {
+    private name;
+    private args;
+    private opts?;
+    constructor(name: string, args: NetworkPeeringArgs, opts?: pulumi.ComponentResourceOptions | undefined);
+    private createPeering;
+}
+export {};

package/vnet/NetworkPeering.js

@@ -0,0 +1,85 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NetworkPeering = void 0;
+const network = __importStar(require("@pulumi/azure-native/network"));
+const pulumi = __importStar(require("@pulumi/pulumi"));
+const helpers_1 = require("../base/helpers");
+const helpers_2 = require("../helpers");
+const defaultProps = {
+    allowForwardedTraffic: true,
+    allowVirtualNetworkAccess: true,
+    allowGatewayTransit: true,
+    syncRemoteAddressSpace: 'true',
+    doNotVerifyRemoteGateways: true,
+};
+class NetworkPeering extends pulumi.ComponentResource {
+    name;
+    args;
+    opts;
+    constructor(name, args, opts) {
+        super((0, helpers_1.getComponentResourceType)('NetworkPeering'), name, args, opts);
+        this.name = name;
+        this.args = args;
+        this.opts = opts;
+        const { firstVnet, secondVnet, direction } = args;
+        pulumi.all([firstVnet, secondVnet]).apply(([first, second]) => {
+            this.createPeering(first, second);
+            if (direction === 'Bidirectional')
+                this.createPeering(second, first);
+        });
+    }
+    createPeering(from, to) {
+        const { options } = this.args;
+        const vnetInfo = helpers_2.rsHelpers.getRsInfoFromId(from.id);
+        const n = `${this.name}-${helpers_2.rsHelpers.getShortName(from.resourceName)}-to-${helpers_2.rsHelpers.getShortName(to.resourceName)}`;
+        return new network.VirtualNetworkPeering(n, {
+            ...defaultProps,
+            ...options,
+            virtualNetworkPeeringName: n,
+            virtualNetworkName: vnetInfo.resourceName,
+            resourceGroupName: vnetInfo.rsGroup.resourceGroupName,
+            peeringSyncLevel: 'FullyInSync',
+            remoteVirtualNetwork: {
+                id: to.id,
+            },
+        }, {
+            dependsOn: this.opts?.dependsOn,
+            parent: this,
+        });
+    }
+}
+exports.NetworkPeering = NetworkPeering;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiTmV0d29ya1BlZXJpbmcuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdm5ldC9OZXR3b3JrUGVlcmluZy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxzRUFBd0Q7QUFDeEQsdURBQXlDO0FBQ3pDLDZDQUEyRDtBQUUzRCx3Q0FBdUM7QUFldkMsTUFBTSxZQUFZLEdBQXdCO0lBQ3hDLHFCQUFxQixFQUFFLElBQUk7SUFDM0IseUJBQXlCLEVBQUUsSUFBSTtJQUMvQixtQkFBbUIsRUFBRSxJQUFJO0lBQ3pCLHNCQUFzQixFQUFFLE1BQU07SUFDOUIseUJBQXlCLEVBQUUsSUFBSTtDQUNoQyxDQUFDO0FBU0YsTUFBYSxjQUFlLFNBQVEsTUFBTSxDQUFDLGlCQUFxQztJQUMxRDtJQUFzQjtJQUFrQztJQUE1RSxZQUFvQixJQUFZLEVBQVUsSUFBd0IsRUFBVSxJQUFzQztRQUNoSCxLQUFLLENBQUMsSUFBQSxrQ0FBd0IsRUFBQyxnQkFBZ0IsQ0FBQyxFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFEbEQsU0FBSSxHQUFKLElBQUksQ0FBUTtRQUFVLFNBQUksR0FBSixJQUFJLENBQW9CO1FBQVUsU0FBSSxHQUFKLElBQUksQ0FBa0M7UUFHaEgsTUFBTSxFQUFFLFNBQVMsRUFBRSxVQUFVLEVBQUUsU0FBUyxFQUFFLEdBQUcsSUFBSSxDQUFDO1FBQ2xELE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxTQUFTLEVBQUUsVUFBVSxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLEtBQUssRUFBRSxNQUFNLENBQUMsRUFBRSxFQUFFO1lBQzVELElBQUksQ0FBQyxhQUFhLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQ2xDLElBQUksU0FBUyxLQUFLLGVBQWU7Z0JBQUUsSUFBSSxDQUFDLGFBQWEsQ0FBQyxNQUFNLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDdkUsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRU8sYUFBYSxDQUFDLElBQXdCLEVBQUUsRUFBc0I7UUFDcEUsTUFBTSxFQUFFLE9BQU8sRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUM7UUFDOUIsTUFBTSxRQUFRLEdBQUcsbUJBQVMsQ0FBQyxlQUFlLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBRXBELE1BQU0sQ0FBQyxHQUFHLEdBQUcsSUFBSSxDQUFDLElBQUksSUFBSSxtQkFBUyxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLE9BQU8sbUJBQVMsQ0FBQyxZQUFZLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUM7UUFDcEgsT0FBTyxJQUFJLE9BQU8sQ0FBQyxxQkFBcUIsQ0FDdEMsQ0FBQyxFQUNEO1lBQ0UsR0FBRyxZQUFZO1lBQ2YsR0FBRyxPQUFPO1lBQ1YseUJBQXlCLEVBQUUsQ0FBQztZQUM1QixrQkFBa0IsRUFBRSxRQUFRLENBQUMsWUFBWTtZQUN6QyxpQkFBaUIsRUFBRSxRQUFRLENBQUMsT0FBTyxDQUFDLGlCQUFpQjtZQUNyRCxnQkFBZ0IsRUFBRSxhQUFhO1lBQy9CLG9CQUFvQixFQUFFO2dCQUNwQixFQUFFLEVBQUUsRUFBRSxDQUFDLEVBQUU7YUFDVjtTQUNGLEVBQ0Q7WUFDRSxTQUFTLEVBQUUsSUFBSSxDQUFDLElBQUksRUFBRSxTQUFTO1lBQy9CLE1BQU0sRUFBRSxJQUFJO1NBQ2IsQ0FDRixDQUFDO0lBQ0osQ0FBQztDQUNGO0FBbkNELHdDQW1DQyJ9

package/vnet/PrivateDnsZone.d.ts

@@ -0,0 +1,38 @@
+import * as privateDns from '@pulumi/azure-native/privatedns';
+import * as pulumi from '@pulumi/pulumi';
+import { BaseComponent } from '../base/BaseComponent';
+import { DnsRecordTypes, WithResourceGroupInputs } from '../types';
+export type DnsRecordArgs = Omit<privateDns.PrivateRecordSetArgs, 'privateZoneName' | 'relativeRecordSetName' | 'resourceGroupName' | 'ttl' | 'recordType'> & {
+    recordType: DnsRecordTypes;
+};
+export interface PrivateDnsZoneArgs extends WithResourceGroupInputs {
+    aRecords?: Array<{
+        name: string;
+        ipv4Address: pulumi.Input<pulumi.Input<string>[]>;
+    }>;
+    /** Link the private DNS zone to these Vnet also */
+    vnetLinks: Array<pulumi.Input<{
+        vnetId: string;
+    }>>;
+}
+export declare class PrivateDnsZone extends BaseComponent<PrivateDnsZoneArgs> {
+    private _rsName;
+    readonly id: pulumi.Output<string>;
+    readonly resourceName: pulumi.Output<string>;
+    constructor(name: string, args: PrivateDnsZoneArgs, opts?: pulumi.ComponentResourceOptions);
+    getOutputs(): {
+        id: pulumi.Output<string>;
+        resourceName: pulumi.Output<string>;
+    };
+    private createARecord;
+    addARecords(aRecords: Array<{
+        name: string;
+        ipv4Address: pulumi.Input<pulumi.Input<string>[]>;
+    }>): import("@pulumi/azure-native/privatedns/privateRecordSet").PrivateRecordSet[];
+    addRecordSet(name: string, props: DnsRecordArgs): import("@pulumi/azure-native/privatedns/privateRecordSet").PrivateRecordSet;
+    private createVnetLinks;
+    protected getRsGroupInfo(): {
+        resourceGroupName: pulumi.Input<string>;
+        location: string;
+    };
+}