@drunk-pulumi/azure-components 0.0.6

package/vnet/VirtualNetwork.js

@@ -0,0 +1,311 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HubVnet = void 0;
+const network = __importStar(require("@pulumi/azure-native/network"));
+const pulumi = __importStar(require("@pulumi/pulumi"));
+const base_1 = require("../base");
+const Basion_1 = require("./Basion");
+const Firewall_1 = require("./Firewall");
+const helpers = __importStar(require("./helpers"));
+const NetworkPeering_1 = require("./NetworkPeering");
+const RouteTable_1 = require("./RouteTable");
+const securityRules_1 = require("./securityRules");
+const VpnGateway_1 = require("./VpnGateway");
+class HubVnet extends base_1.BaseResourceComponent {
+    basion;
+    securityGroup;
+    routeTable;
+    natGateway;
+    vpnGateway;
+    firewall;
+    vnet;
+    subnets;
+    constructor(name, args, opts) {
+        super('HubVnet', name, args, opts);
+        const securityGroup = this.createSecurityGroup();
+        const routeTable = this.createRouteTable();
+        const natGateway = this.createNatGateway();
+        const { vnet, subnets } = this.createVnet({ natGateway, routeTable, securityGroup });
+        const firewall = this.createFirewall(subnets);
+        const basion = this.createBasion(subnets);
+        const vpnGateway = this.createVpnGateway(subnets);
+        //this.createOutboundRoute({ router: routeTable!, natGateway, firewall });
+        this.createPeering(vnet);
+        if (basion)
+            this.basion = { id: basion.id, resourceName: basion.resourceName };
+        if (securityGroup)
+            this.securityGroup = { id: securityGroup.id, resourceName: securityGroup.name };
+        this.routeTable = { id: routeTable.id, resourceName: routeTable.resourceName };
+        if (natGateway)
+            this.natGateway = { id: natGateway.id, resourceName: natGateway.name };
+        if (vpnGateway)
+            this.vpnGateway = { id: vpnGateway.id, resourceName: vpnGateway.resourceName };
+        if (firewall)
+            this.firewall = firewall.firewall;
+        this.vnet = { id: vnet.id, resourceName: vnet.name };
+        this.subnets = base_1.baseHelpers.recordMap(subnets, (s) => ({ id: s.id, resourceName: s.name.apply((n) => n) }));
+        this.registerOutputs();
+    }
+    getOutputs() {
+        return {
+            securityGroup: this.securityGroup,
+            routeTable: this.routeTable,
+            natGateway: this.natGateway,
+            vpnGateway: this.vpnGateway,
+            firewall: this.firewall,
+            vnet: this.vnet,
+            subnets: this.subnets,
+        };
+    }
+    createSecurityGroup() {
+        const { rsGroup, securityGroup, basion } = this.args;
+        if (!securityGroup)
+            return undefined;
+        const { securityRules = [], ...props } = securityGroup;
+        if (basion) {
+            securityRules.push(...(0, securityRules_1.getBasionSecurityRules)({ bastionAddressPrefix: basion.subnetPrefix }));
+        }
+        return new network.NetworkSecurityGroup(`${this.name}-nsg`, {
+            ...rsGroup,
+            ...props,
+            securityRules,
+        }, { dependsOn: this.opts?.dependsOn, parent: this });
+    }
+    createRouteTable() {
+        const { rsGroup, firewall, routeTable = {} } = this.args;
+        const { routes = [], ...routeProps } = routeTable;
+        if (firewall) {
+            routes.push({
+                name: 'Internet',
+                ...helpers.defaultRouteRules.defaultInternetRoute,
+            });
+        }
+        return new RouteTable_1.RouteTable(`${this.name}-tb`, {
+            rsGroup,
+            ...routeProps,
+            routes,
+        }, { dependsOn: this.opts?.dependsOn, parent: this });
+    }
+    createNatGateway() {
+        const { rsGroup, natGateway, publicIpAddresses } = this.args;
+        if (!natGateway)
+            return undefined;
+        if (!publicIpAddresses)
+            throw new Error('PublicIpAddresses is required when NatGateway is created');
+        return new network.NatGateway(`${this.name}-ngw`, {
+            ...rsGroup,
+            ...natGateway,
+            sku: { name: natGateway.sku },
+            publicIpAddresses,
+        }, { dependsOn: this.opts?.dependsOn, parent: this });
+    }
+    createVpnGateway(subnets) {
+        const { rsGroup, vpnGateway } = this.args;
+        if (!vpnGateway)
+            return undefined;
+        const vpnSubnet = subnets[helpers.AzureSubnetNames.GatewaySubnetName];
+        return new VpnGateway_1.VpnGateway(`${this.name}-vpn`, {
+            ...vpnGateway,
+            rsGroup,
+            subnetId: vpnSubnet.id,
+        }, { dependsOn: vpnSubnet, parent: this });
+    }
+    createFirewall(subnets) {
+        const { rsGroup, natGateway, publicIpAddresses, firewall } = this.args;
+        if (!firewall)
+            return undefined;
+        const firewallSubnet = subnets[helpers.AzureSubnetNames.AzFirewallSubnet];
+        const firewallManageSubnet = subnets[helpers.AzureSubnetNames.AzFirewallManagementSubnet];
+        return new Firewall_1.Firewall(`${this.name}-fw`, {
+            ...firewall,
+            rsGroup,
+            managementIpConfiguration: firewallManageSubnet && firewall.managementPublicIpAddress
+                ? {
+                    name: `${this.name}-fw-management`,
+                    publicIPAddress: firewall.managementPublicIpAddress,
+                    subnet: { id: firewallManageSubnet.id },
+                }
+                : undefined,
+            ipConfigurations: publicIpAddresses
+                ? pulumi.output(publicIpAddresses).apply((ips) => ips.map((i, index) => ({
+                    name: `${this.name}-${i.resourceName}-ip-config`,
+                    //Only link the public Ip Address when nateGateway not created.
+                    publicIPAddress: natGateway ? undefined : i,
+                    //Only link the subnet to the first ipConfigurations
+                    subnet: index === 0 ? { id: firewallSubnet.id } : undefined,
+                })))
+                : [
+                    {
+                        name: `${this.name}-ip-config`,
+                        subnet: { id: firewallSubnet.id },
+                    },
+                ],
+        }, { dependsOn: firewallManageSubnet ? [firewallManageSubnet, firewallSubnet] : firewallSubnet, parent: this });
+    }
+    createBasion(subnets) {
+        const { rsGroup, basion } = this.args;
+        if (!basion)
+            return undefined;
+        const basionSubnet = subnets[helpers.AzureSubnetNames.AzBastionSubnetName];
+        return new Basion_1.Basion(`${this.name}-bastion`, {
+            ...basion,
+            rsGroup,
+            subnetId: basionSubnet.id,
+            network: { ...basion.network },
+        }, { dependsOn: basionSubnet, parent: this });
+    }
+    createVnet({ natGateway, routeTable, securityGroup, }) {
+        const { rsGroup, firewall, basion, vpnGateway, vnet } = this.args;
+        const subnets = vnet.subnets ?? [];
+        const dependsOn = [];
+        if (firewall) {
+            //If NateGateway is together with Firewall, then NatGateway must be link to the Firewall Subnet only.
+            if (natGateway) {
+                subnets.forEach((s) => {
+                    s.disableNatGateway = true;
+                });
+            }
+            subnets.push({
+                subnetName: helpers.AzureSubnetNames.AzFirewallSubnet,
+                addressPrefix: firewall.subnetPrefix,
+                disableSecurityGroup: true,
+                disableRouteTable: false,
+                disableNatGateway: false,
+            });
+            if (firewall.managementSubnetPrefix) {
+                subnets.push({
+                    subnetName: helpers.AzureSubnetNames.AzFirewallManagementSubnet,
+                    addressPrefix: firewall.managementSubnetPrefix,
+                    disableSecurityGroup: true,
+                    disableRouteTable: true,
+                    disableNatGateway: true,
+                });
+            }
+        }
+        if (basion) {
+            subnets.push({
+                subnetName: helpers.AzureSubnetNames.AzBastionSubnetName,
+                addressPrefix: basion.subnetPrefix,
+                disableSecurityGroup: false,
+                disableRouteTable: true,
+                disableNatGateway: true,
+            });
+        }
+        if (vpnGateway) {
+            subnets.push({
+                subnetName: helpers.AzureSubnetNames.GatewaySubnetName,
+                addressPrefix: vpnGateway.subnetPrefix,
+                disableSecurityGroup: true,
+                disableRouteTable: true,
+                disableNatGateway: true,
+            });
+        }
+        if (natGateway)
+            dependsOn.push(natGateway);
+        if (routeTable)
+            dependsOn.push(routeTable);
+        if (securityGroup)
+            dependsOn.push(securityGroup);
+        const vn = new network.VirtualNetwork(`${this.name}-vnet`, {
+            ...rsGroup,
+            ...vnet,
+            addressSpace: {
+                addressPrefixes: vnet.addressPrefixes ?? subnets.map((s) => s.addressPrefix),
+            },
+            subnets: [],
+            virtualNetworkPeerings: [],
+            enableVmProtection: true,
+            encryption: {
+                enabled: true,
+                enforcement: network.VirtualNetworkEncryptionEnforcement.AllowUnencrypted,
+            },
+        }, { dependsOn, ignoreChanges: ['virtualNetworkPeerings', 'subnets'], parent: this });
+        const subs = this.createSubnets({
+            subnets,
+            vnet: vn,
+            natGateway,
+            routeTable,
+            securityGroup,
+        });
+        return { vnet: vn, subnets: subs };
+    }
+    createSubnets({ subnets, vnet, natGateway, routeTable, securityGroup, }) {
+        const { rsGroup, vnet: { defaultOutboundAccess }, } = this.args;
+        const rs = {};
+        subnets
+            .sort((a, b) => a.subnetName.localeCompare(b.subnetName))
+            .map((s) => (rs[s.subnetName] = new network.Subnet(`${this.name}-${s.subnetName}`, {
+            ...s,
+            ...rsGroup,
+            virtualNetworkName: vnet.name,
+            //Not allows outbound by default and it will be controlling by NatGateway or Firewall
+            defaultOutboundAccess: defaultOutboundAccess ?? false,
+            routeTable: s.disableRouteTable ? undefined : routeTable ? { id: routeTable.id } : undefined,
+            networkSecurityGroup: s.disableSecurityGroup
+                ? undefined
+                : securityGroup
+                    ? { id: securityGroup.id }
+                    : undefined,
+            natGateway: s.disableNatGateway ? undefined : natGateway ? { id: natGateway.id } : undefined,
+        }, { dependsOn: vnet, deleteBeforeReplace: true, parent: this })));
+        return rs;
+    }
+    // private createOutboundRoute({
+    //   router,
+    //   firewall,
+    //   natGateway,
+    // }: {
+    //   router: RouteTable;
+    //   natGateway?: network.NatGateway;
+    //   firewall?: Firewall;
+    // }) {
+    //   if (natGateway && !firewall) {
+    //     return router.addRoute('Internet-via-Gateway', helpers.defaultRouteRules.defaultGatewayRoute);
+    //   }
+    // }
+    createPeering(vnet) {
+        const { vnetPeering } = this.args;
+        if (!vnetPeering)
+            return undefined;
+        return new NetworkPeering_1.NetworkPeering(`${this.name}-peering`, {
+            ...vnetPeering,
+            firstVnet: { id: vnet.id, resourceName: vnet.name },
+            secondVnet: vnetPeering.vnet,
+        }, { dependsOn: vnet, parent: this });
+    }
+}
+exports.HubVnet = HubVnet;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVmlydHVhbE5ldHdvcmsuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdm5ldC9WaXJ0dWFsTmV0d29yay50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxzRUFBd0Q7QUFFeEQsdURBQXlDO0FBQ3pDLGtDQUE2RTtBQUU3RSxxQ0FBOEM7QUFDOUMseUNBQW9EO0FBQ3BELG1EQUFxQztBQUNyQyxxREFBc0U7QUFDdEUsNkNBQTBEO0FBQzFELG1EQUF5RDtBQUN6RCw2Q0FBMEQ7QUE2RDFELE1BQWEsT0FBUSxTQUFRLDRCQUFrQztJQUM3QyxNQUFNLENBQXlCO0lBQy9CLGFBQWEsQ0FBeUI7SUFDdEMsVUFBVSxDQUF3QjtJQUNsQyxVQUFVLENBQXlCO0lBQ25DLFVBQVUsQ0FBeUI7SUFDbkMsUUFBUSxDQUF5QjtJQUNqQyxJQUFJLENBQXdCO0lBQzVCLE9BQU8sQ0FBd0M7SUFFL0QsWUFBWSxJQUFZLEVBQUUsSUFBaUIsRUFBRSxJQUFzQztRQUNqRixLQUFLLENBQUMsU0FBUyxFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFbkMsTUFBTSxhQUFhLEdBQUcsSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUM7UUFDakQsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7UUFDM0MsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7UUFDM0MsTUFBTSxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUUsR0FBRyxJQUFJLENBQUMsVUFBVSxDQUFDLEVBQUUsVUFBVSxFQUFFLFVBQVUsRUFBRSxhQUFhLEVBQUUsQ0FBQyxDQUFDO1FBQ3JGLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDOUMsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUMxQyxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFFbEQsMEVBQTBFO1FBQzFFLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7UUFFekIsSUFBSSxNQUFNO1lBQUUsSUFBSSxDQUFDLE1BQU0sR0FBRyxFQUFFLEVBQUUsRUFBRSxNQUFNLENBQUMsRUFBRSxFQUFFLFlBQVksRUFBRSxNQUFNLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDL0UsSUFBSSxhQUFhO1lBQUUsSUFBSSxDQUFDLGFBQWEsR0FBRyxFQUFFLEVBQUUsRUFBRSxhQUFhLENBQUMsRUFBRSxFQUFFLFlBQVksRUFBRSxhQUFhLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDbkcsSUFBSSxDQUFDLFVBQVUsR0FBRyxFQUFFLEVBQUUsRUFBRSxVQUFVLENBQUMsRUFBRSxFQUFFLFlBQVksRUFBRSxVQUFVLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDL0UsSUFBSSxVQUFVO1lBQUUsSUFBSSxDQUFDLFVBQVUsR0FBRyxFQUFFLEVBQUUsRUFBRSxVQUFVLENBQUMsRUFBRSxFQUFFLFlBQVksRUFBRSxVQUFVLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDdkYsSUFBSSxVQUFVO1lBQUUsSUFBSSxDQUFDLFVBQVUsR0FBRyxFQUFFLEVBQUUsRUFBRSxVQUFVLENBQUMsRUFBRSxFQUFFLFlBQVksRUFBRSxVQUFVLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDL0YsSUFBSSxRQUFRO1lBQUUsSUFBSSxDQUFDLFFBQVEsR0FBRyxRQUFRLENBQUMsUUFBUSxDQUFDO1FBQ2hELElBQUksQ0FBQyxJQUFJLEdBQUcsRUFBRSxFQUFFLEVBQUUsSUFBSSxDQUFDLEVBQUUsRUFBRSxZQUFZLEVBQUUsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1FBRXJELElBQUksQ0FBQyxPQUFPLEdBQUcsa0JBQVcsQ0FBQyxTQUFTLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQyxFQUFFLEVBQUUsWUFBWSxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFFLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQztRQUU1RyxJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7SUFDekIsQ0FBQztJQUVNLFVBQVU7UUFDZixPQUFPO1lBQ0wsYUFBYSxFQUFFLElBQUksQ0FBQyxhQUFhO1lBQ2pDLFVBQVUsRUFBRSxJQUFJLENBQUMsVUFBVTtZQUMzQixVQUFVLEVBQUUsSUFBSSxDQUFDLFVBQVU7WUFDM0IsVUFBVSxFQUFFLElBQUksQ0FBQyxVQUFVO1lBQzNCLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUN2QixJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUk7WUFDZixPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU87U0FDdEIsQ0FBQztJQUNKLENBQUM7SUFFTyxtQkFBbUI7UUFDekIsTUFBTSxFQUFFLE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUNyRCxJQUFJLENBQUMsYUFBYTtZQUFFLE9BQU8sU0FBUyxDQUFDO1FBQ3JDLE1BQU0sRUFBRSxhQUFhLEdBQUcsRUFBRSxFQUFFLEdBQUcsS0FBSyxFQUFFLEdBQUcsYUFBYSxDQUFDO1FBRXZELElBQUksTUFBTSxFQUFFLENBQUM7WUFDWCxhQUFhLENBQUMsSUFBSSxDQUFDLEdBQUcsSUFBQSxzQ0FBc0IsRUFBQyxFQUFFLG9CQUFvQixFQUFFLE1BQU0sQ0FBQyxZQUFZLEVBQUUsQ0FBQyxDQUFDLENBQUM7UUFDL0YsQ0FBQztRQUVELE9BQU8sSUFBSSxPQUFPLENBQUMsb0JBQW9CLENBQ3JDLEdBQUcsSUFBSSxDQUFDLElBQUksTUFBTSxFQUNsQjtZQUNFLEdBQUcsT0FBTztZQUNWLEdBQUcsS0FBSztZQUNSLGFBQWE7U0FDZCxFQUNELEVBQUUsU0FBUyxFQUFFLElBQUksQ0FBQyxJQUFJLEVBQUUsU0FBUyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDbEQsQ0FBQztJQUNKLENBQUM7SUFFTyxnQkFBZ0I7UUFDdEIsTUFBTSxFQUFFLE9BQU8sRUFBRSxRQUFRLEVBQUUsVUFBVSxHQUFHLEVBQUUsRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUM7UUFDekQsTUFBTSxFQUFFLE1BQU0sR0FBRyxFQUFFLEVBQUUsR0FBRyxVQUFVLEVBQUUsR0FBRyxVQUFVLENBQUM7UUFFbEQsSUFBSSxRQUFRLEVBQUUsQ0FBQztZQUNiLE1BQU0sQ0FBQyxJQUFJLENBQUM7Z0JBQ1YsSUFBSSxFQUFFLFVBQVU7Z0JBQ2hCLEdBQUcsT0FBTyxDQUFDLGlCQUFpQixDQUFDLG9CQUFvQjthQUNsRCxDQUFDLENBQUM7UUFDTCxDQUFDO1FBRUQsT0FBTyxJQUFJLHVCQUFVLENBQ25CLEdBQUcsSUFBSSxDQUFDLElBQUksS0FBSyxFQUNqQjtZQUNFLE9BQU87WUFDUCxHQUFHLFVBQVU7WUFDYixNQUFNO1NBQ1AsRUFDRCxFQUFFLFNBQVMsRUFBRSxJQUFJLENBQUMsSUFBSSxFQUFFLFNBQVMsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ2xELENBQUM7SUFDSixDQUFDO0lBRU8sZ0JBQWdCO1FBQ3RCLE1BQU0sRUFBRSxPQUFPLEVBQUUsVUFBVSxFQUFFLGlCQUFpQixFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUM3RCxJQUFJLENBQUMsVUFBVTtZQUFFLE9BQU8sU0FBUyxDQUFDO1FBQ2xDLElBQUksQ0FBQyxpQkFBaUI7WUFBRSxNQUFNLElBQUksS0FBSyxDQUFDLDBEQUEwRCxDQUFDLENBQUM7UUFFcEcsT0FBTyxJQUFJLE9BQU8sQ0FBQyxVQUFVLENBQzNCLEdBQUcsSUFBSSxDQUFDLElBQUksTUFBTSxFQUNsQjtZQUNFLEdBQUcsT0FBTztZQUNWLEdBQUcsVUFBVTtZQUNiLEdBQUcsRUFBRSxFQUFFLElBQUksRUFBRSxVQUFVLENBQUMsR0FBRyxFQUFFO1lBQzdCLGlCQUFpQjtTQUNsQixFQUNELEVBQUUsU0FBUyxFQUFFLElBQUksQ0FBQyxJQUFJLEVBQUUsU0FBUyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDbEQsQ0FBQztJQUNKLENBQUM7SUFFTyxnQkFBZ0IsQ0FBQyxPQUF1QztRQUM5RCxNQUFNLEVBQUUsT0FBTyxFQUFFLFVBQVUsRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUM7UUFDMUMsSUFBSSxDQUFDLFVBQVU7WUFBRSxPQUFPLFNBQVMsQ0FBQztRQUVsQyxNQUFNLFNBQVMsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLGdCQUFnQixDQUFDLGlCQUFpQixDQUFDLENBQUM7UUFDdEUsT0FBTyxJQUFJLHVCQUFVLENBQ25CLEdBQUcsSUFBSSxDQUFDLElBQUksTUFBTSxFQUNsQjtZQUNFLEdBQUcsVUFBVTtZQUNiLE9BQU87WUFDUCxRQUFRLEVBQUUsU0FBUyxDQUFDLEVBQUU7U0FDdkIsRUFDRCxFQUFFLFNBQVMsRUFBRSxTQUFTLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUN2QyxDQUFDO0lBQ0osQ0FBQztJQUVPLGNBQWMsQ0FBQyxPQUF1QztRQUM1RCxNQUFNLEVBQUUsT0FBTyxFQUFFLFVBQVUsRUFBRSxpQkFBaUIsRUFBRSxRQUFRLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDO1FBQ3ZFLElBQUksQ0FBQyxRQUFRO1lBQUUsT0FBTyxTQUFTLENBQUM7UUFFaEMsTUFBTSxjQUFjLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1FBQzFFLE1BQU0sb0JBQW9CLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO1FBRTFGLE9BQU8sSUFBSSxtQkFBUSxDQUNqQixHQUFHLElBQUksQ0FBQyxJQUFJLEtBQUssRUFDakI7WUFDRSxHQUFHLFFBQVE7WUFDWCxPQUFPO1lBQ1AseUJBQXlCLEVBQ3ZCLG9CQUFvQixJQUFJLFFBQVEsQ0FBQyx5QkFBeUI7Z0JBQ3hELENBQUMsQ0FBQztvQkFDRSxJQUFJLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxnQkFBZ0I7b0JBQ2xDLGVBQWUsRUFBRSxRQUFRLENBQUMseUJBQXlCO29CQUNuRCxNQUFNLEVBQUUsRUFBRSxFQUFFLEVBQUUsb0JBQW9CLENBQUMsRUFBRSxFQUFFO2lCQUN4QztnQkFDSCxDQUFDLENBQUMsU0FBUztZQUVmLGdCQUFnQixFQUFFLGlCQUFpQjtnQkFDakMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsaUJBQWlCLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUM3QyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztvQkFDckIsSUFBSSxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksSUFBSSxDQUFDLENBQUMsWUFBWSxZQUFZO29CQUNoRCwrREFBK0Q7b0JBQy9ELGVBQWUsRUFBRSxVQUFVLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsQ0FBQztvQkFDM0Msb0RBQW9EO29CQUNwRCxNQUFNLEVBQUUsS0FBSyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsY0FBYyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxTQUFTO2lCQUM1RCxDQUFDLENBQUMsQ0FDSjtnQkFDSCxDQUFDLENBQUM7b0JBQ0U7d0JBQ0UsSUFBSSxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksWUFBWTt3QkFDOUIsTUFBTSxFQUFFLEVBQUUsRUFBRSxFQUFFLGNBQWMsQ0FBQyxFQUFFLEVBQUU7cUJBQ2xDO2lCQUNGO1NBQ04sRUFDRCxFQUFFLFNBQVMsRUFBRSxvQkFBb0IsQ0FBQyxDQUFDLENBQUMsQ0FBQyxvQkFBb0IsRUFBRSxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUMsY0FBYyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDNUcsQ0FBQztJQUNKLENBQUM7SUFFTyxZQUFZLENBQUMsT0FBdUM7UUFDMUQsTUFBTSxFQUFFLE9BQU8sRUFBRSxNQUFNLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDO1FBQ3RDLElBQUksQ0FBQyxNQUFNO1lBQUUsT0FBTyxTQUFTLENBQUM7UUFDOUIsTUFBTSxZQUFZLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1FBRTNFLE9BQU8sSUFBSSxlQUFNLENBQ2YsR0FBRyxJQUFJLENBQUMsSUFBSSxVQUFVLEVBQ3RCO1lBQ0UsR0FBRyxNQUFNO1lBQ1QsT0FBTztZQUNQLFFBQVEsRUFBRSxZQUFZLENBQUMsRUFBRTtZQUN6QixPQUFPLEVBQUUsRUFBRSxHQUFHLE1BQU0sQ0FBQyxPQUFPLEVBQUU7U0FDL0IsRUFDRCxFQUFFLFNBQVMsRUFBRSxZQUFZLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUMxQyxDQUFDO0lBQ0osQ0FBQztJQUVPLFVBQVUsQ0FBQyxFQUNqQixVQUFVLEVBQ1YsVUFBVSxFQUNWLGFBQWEsR0FLZDtRQUNDLE1BQU0sRUFBRSxPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0sRUFBRSxVQUFVLEVBQUUsSUFBSSxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUNsRSxNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsT0FBTyxJQUFJLEVBQUUsQ0FBQztRQUNuQyxNQUFNLFNBQVMsR0FBb0MsRUFBRSxDQUFDO1FBRXRELElBQUksUUFBUSxFQUFFLENBQUM7WUFDYixxR0FBcUc7WUFDckcsSUFBSSxVQUFVLEVBQUUsQ0FBQztnQkFDZixPQUFPLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7b0JBQ3BCLENBQUMsQ0FBQyxpQkFBaUIsR0FBRyxJQUFJLENBQUM7Z0JBQzdCLENBQUMsQ0FBQyxDQUFDO1lBQ0wsQ0FBQztZQUVELE9BQU8sQ0FBQyxJQUFJLENBQUM7Z0JBQ1gsVUFBVSxFQUFFLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxnQkFBZ0I7Z0JBQ3JELGFBQWEsRUFBRSxRQUFRLENBQUMsWUFBWTtnQkFDcEMsb0JBQW9CLEVBQUUsSUFBSTtnQkFDMUIsaUJBQWlCLEVBQUUsS0FBSztnQkFDeEIsaUJBQWlCLEVBQUUsS0FBSzthQUN6QixDQUFDLENBQUM7WUFFSCxJQUFJLFFBQVEsQ0FBQyxzQkFBc0IsRUFBRSxDQUFDO2dCQUNwQyxPQUFPLENBQUMsSUFBSSxDQUFDO29CQUNYLFVBQVUsRUFBRSxPQUFPLENBQUMsZ0JBQWdCLENBQUMsMEJBQTBCO29CQUMvRCxhQUFhLEVBQUUsUUFBUSxDQUFDLHNCQUFzQjtvQkFDOUMsb0JBQW9CLEVBQUUsSUFBSTtvQkFDMUIsaUJBQWlCLEVBQUUsSUFBSTtvQkFDdkIsaUJBQWlCLEVBQUUsSUFBSTtpQkFDeEIsQ0FBQyxDQUFDO1lBQ0wsQ0FBQztRQUNILENBQUM7UUFDRCxJQUFJLE1BQU0sRUFBRSxDQUFDO1lBQ1gsT0FBTyxDQUFDLElBQUksQ0FBQztnQkFDWCxVQUFVLEVBQUUsT0FBTyxDQUFDLGdCQUFnQixDQUFDLG1CQUFtQjtnQkFDeEQsYUFBYSxFQUFFLE1BQU0sQ0FBQyxZQUFZO2dCQUNsQyxvQkFBb0IsRUFBRSxLQUFLO2dCQUMzQixpQkFBaUIsRUFBRSxJQUFJO2dCQUN2QixpQkFBaUIsRUFBRSxJQUFJO2FBQ3hCLENBQUMsQ0FBQztRQUNMLENBQUM7UUFDRCxJQUFJLFVBQVUsRUFBRSxDQUFDO1lBQ2YsT0FBTyxDQUFDLElBQUksQ0FBQztnQkFDWCxVQUFVLEVBQUUsT0FBTyxDQUFDLGdCQUFnQixDQUFDLGlCQUFpQjtnQkFDdEQsYUFBYSxFQUFFLFVBQVUsQ0FBQyxZQUFZO2dCQUN0QyxvQkFBb0IsRUFBRSxJQUFJO2dCQUMxQixpQkFBaUIsRUFBRSxJQUFJO2dCQUN2QixpQkFBaUIsRUFBRSxJQUFJO2FBQ3hCLENBQUMsQ0FBQztRQUNMLENBQUM7UUFFRCxJQUFJLFVBQVU7WUFBRSxTQUFTLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQzNDLElBQUksVUFBVTtZQUFFLFNBQVMsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDM0MsSUFBSSxhQUFhO1lBQUUsU0FBUyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUVqRCxNQUFNLEVBQUUsR0FBRyxJQUFJLE9BQU8sQ0FBQyxjQUFjLENBQ25DLEdBQUcsSUFBSSxDQUFDLElBQUksT0FBTyxFQUNuQjtZQUNFLEdBQUcsT0FBTztZQUNWLEdBQUcsSUFBSTtZQUNQLFlBQVksRUFBRTtnQkFDWixlQUFlLEVBQUUsSUFBSSxDQUFDLGVBQWUsSUFBSSxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsYUFBYyxDQUFDO2FBQzlFO1lBRUQsT0FBTyxFQUFFLEVBQUU7WUFDWCxzQkFBc0IsRUFBRSxFQUFFO1lBRTFCLGtCQUFrQixFQUFFLElBQUk7WUFDeEIsVUFBVSxFQUFFO2dCQUNWLE9BQU8sRUFBRSxJQUFJO2dCQUNiLFdBQVcsRUFBRSxPQUFPLENBQUMsbUNBQW1DLENBQUMsZ0JBQWdCO2FBQzFFO1NBQ0YsRUFDRCxFQUFFLFNBQVMsRUFBRSxhQUFhLEVBQUUsQ0FBQyx3QkFBd0IsRUFBRSxTQUFTLENBQUMsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ2xGLENBQUM7UUFFRixNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDO1lBQzlCLE9BQU87WUFDUCxJQUFJLEVBQUUsRUFBRTtZQUNSLFVBQVU7WUFDVixVQUFVO1lBQ1YsYUFBYTtTQUNkLENBQUMsQ0FBQztRQUVILE9BQU8sRUFBRSxJQUFJLEVBQUUsRUFBRSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FBQztJQUNyQyxDQUFDO0lBRU8sYUFBYSxDQUFDLEVBQ3BCLE9BQU8sRUFDUCxJQUFJLEVBQ0osVUFBVSxFQUNWLFVBQVUsRUFDVixhQUFhLEdBT2Q7UUFDQyxNQUFNLEVBQ0osT0FBTyxFQUNQLElBQUksRUFBRSxFQUFFLHFCQUFxQixFQUFFLEdBQ2hDLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUNkLE1BQU0sRUFBRSxHQUFtQyxFQUFFLENBQUM7UUFFOUMsT0FBTzthQUNKLElBQUksQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsQ0FBQzthQUN4RCxHQUFHLENBQ0YsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUNKLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsR0FBRyxJQUFJLE9BQU8sQ0FBQyxNQUFNLENBQ3BDLEdBQUcsSUFBSSxDQUFDLElBQUksSUFBSSxDQUFDLENBQUMsVUFBVSxFQUFFLEVBQzlCO1lBQ0UsR0FBRyxDQUFDO1lBQ0osR0FBRyxPQUFPO1lBQ1Ysa0JBQWtCLEVBQUUsSUFBSSxDQUFDLElBQUk7WUFFN0IscUZBQXFGO1lBQ3JGLHFCQUFxQixFQUFFLHFCQUFxQixJQUFJLEtBQUs7WUFDckQsVUFBVSxFQUFFLENBQUMsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFLFVBQVUsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUztZQUM1RixvQkFBb0IsRUFBRSxDQUFDLENBQUMsb0JBQW9CO2dCQUMxQyxDQUFDLENBQUMsU0FBUztnQkFDWCxDQUFDLENBQUMsYUFBYTtvQkFDZixDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsYUFBYSxDQUFDLEVBQUUsRUFBRTtvQkFDMUIsQ0FBQyxDQUFDLFNBQVM7WUFDYixVQUFVLEVBQUUsQ0FBQyxDQUFDLGlCQUFpQixDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsVUFBVSxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxTQUFTO1NBQzdGLEVBQ0QsRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLG1CQUFtQixFQUFFLElBQUksRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQzdELENBQUMsQ0FDTCxDQUFDO1FBRUosT0FBTyxFQUFFLENBQUM7SUFDWixDQUFDO0lBRUQsZ0NBQWdDO0lBQ2hDLFlBQVk7SUFDWixjQUFjO0lBQ2QsZ0JBQWdCO0lBQ2hCLE9BQU87SUFDUCx3QkFBd0I7SUFDeEIscUNBQXFDO0lBQ3JDLHlCQUF5QjtJQUN6QixPQUFPO0lBQ1AsbUNBQW1DO0lBQ25DLHFHQUFxRztJQUNyRyxNQUFNO0lBQ04sSUFBSTtJQUVJLGFBQWEsQ0FBQyxJQUE0QjtRQUNoRCxNQUFNLEVBQUUsV0FBVyxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUNsQyxJQUFJLENBQUMsV0FBVztZQUFFLE9BQU8sU0FBUyxDQUFDO1FBRW5DLE9BQU8sSUFBSSwrQkFBYyxDQUN2QixHQUFHLElBQUksQ0FBQyxJQUFJLFVBQVUsRUFDdEI7WUFDRSxHQUFHLFdBQVc7WUFDZCxTQUFTLEVBQUUsRUFBRSxFQUFFLEVBQUUsSUFBSSxDQUFDLEVBQUUsRUFBRSxZQUFZLEVBQUUsSUFBSSxDQUFDLElBQUksRUFBRTtZQUNuRCxVQUFVLEVBQUUsV0FBVyxDQUFDLElBQUk7U0FDN0IsRUFDRCxFQUFFLFNBQVMsRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUNsQyxDQUFDO0lBQ0osQ0FBQztDQUNGO0FBaFdELDBCQWdXQyJ9

package/vnet/VpnGateway.d.ts

@@ -0,0 +1,18 @@
+import * as nw from '@pulumi/azure-native/network';
+import * as pulumi from '@pulumi/pulumi';
+import { BaseComponent } from '../base/BaseComponent';
+import * as types from '../types';
+export interface VpnGatewayArgs extends types.WithResourceGroupInputs, Omit<nw.VirtualNetworkGatewayArgs, 'id' | 'location' | 'ipConfigurations' | 'resourceGroupName' | 'sku' | 'virtualNetworkGatewayName'> {
+    sku: nw.VirtualNetworkGatewaySkuName;
+    publicIPAddress: types.SubResourceInputs;
+    subnetId: pulumi.Input<string>;
+}
+export declare class VpnGateway extends BaseComponent<VpnGatewayArgs> {
+    readonly id: pulumi.Output<string>;
+    readonly resourceName: pulumi.Output<string>;
+    constructor(name: string, args: VpnGatewayArgs, opts?: pulumi.ComponentResourceOptions);
+    getOutputs(): {
+        id: pulumi.Output<string>;
+        resourceName: pulumi.Output<string>;
+    };
+}

package/vnet/VpnGateway.js

@@ -0,0 +1,90 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VpnGateway = void 0;
+const nw = __importStar(require("@pulumi/azure-native/network"));
+const pulumi = __importStar(require("@pulumi/pulumi"));
+const BaseComponent_1 = require("../base/BaseComponent");
+const helpers_1 = require("../base/helpers");
+const helpers_2 = require("../helpers");
+class VpnGateway extends BaseComponent_1.BaseComponent {
+    id;
+    resourceName;
+    constructor(name, args, opts) {
+        super((0, helpers_1.getComponentResourceType)('VpnGateway'), name, args, opts);
+        const { rsGroup, sku, publicIPAddress, subnetId, ...props } = args;
+        const vpn = new nw.VirtualNetworkGateway(name, {
+            ...rsGroup,
+            ...props,
+            sku: { name: sku, tier: sku },
+            gatewayType: props.gatewayType ?? 'Vpn',
+            vpnType: props.vpnType ?? 'RouteBased',
+            ipConfigurations: [
+                {
+                    name: 'vnetGatewayConfig',
+                    publicIPAddress: sku !== 'Basic'
+                        ? {
+                            id: publicIPAddress.id,
+                        }
+                        : undefined,
+                    subnet: {
+                        id: subnetId,
+                    },
+                },
+            ],
+            vpnClientConfiguration: props.vpnClientConfiguration ?? {
+                vpnClientProtocols: ['OpenVPN'],
+                vpnClientAddressPool: {
+                    addressPrefixes: ['172.16.100.0/24'],
+                },
+                vpnAuthenticationTypes: [nw.VpnAuthenticationType.AAD],
+                aadTenant: pulumi.interpolate `https://login.microsoftonline.com/${helpers_2.azureEnv.tenantId}`,
+                aadAudience: '41b23e61-6c1e-4545-b367-cd054e0ed4b4',
+                aadIssuer: pulumi.interpolate `https://sts.windows.net/${helpers_2.azureEnv.tenantId}/`,
+            },
+        }, { ...opts, parent: this });
+        this.id = vpn.id;
+        this.resourceName = vpn.name;
+        this.registerOutputs(this.getOutputs());
+    }
+    getOutputs() {
+        return {
+            id: this.id,
+            resourceName: this.resourceName,
+        };
+    }
+}
+exports.VpnGateway = VpnGateway;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVnBuR2F0ZXdheS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy92bmV0L1ZwbkdhdGV3YXkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsaUVBQW1EO0FBQ25ELHVEQUF5QztBQUN6Qyx5REFBc0Q7QUFDdEQsNkNBQTJEO0FBQzNELHdDQUFzQztBQWN0QyxNQUFhLFVBQVcsU0FBUSw2QkFBNkI7SUFDM0MsRUFBRSxDQUF3QjtJQUMxQixZQUFZLENBQXdCO0lBRXBELFlBQVksSUFBWSxFQUFFLElBQW9CLEVBQUUsSUFBc0M7UUFDcEYsS0FBSyxDQUFDLElBQUEsa0NBQXdCLEVBQUMsWUFBWSxDQUFDLEVBQUUsSUFBSSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztRQUVoRSxNQUFNLEVBQUUsT0FBTyxFQUFFLEdBQUcsRUFBRSxlQUFlLEVBQUUsUUFBUSxFQUFFLEdBQUcsS0FBSyxFQUFFLEdBQUcsSUFBSSxDQUFDO1FBRW5FLE1BQU0sR0FBRyxHQUFHLElBQUksRUFBRSxDQUFDLHFCQUFxQixDQUN0QyxJQUFJLEVBQ0o7WUFDRSxHQUFHLE9BQU87WUFDVixHQUFHLEtBQUs7WUFDUixHQUFHLEVBQUUsRUFBRSxJQUFJLEVBQUUsR0FBRyxFQUFFLElBQUksRUFBRSxHQUFHLEVBQUU7WUFFN0IsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXLElBQUksS0FBSztZQUN2QyxPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU8sSUFBSSxZQUFZO1lBRXRDLGdCQUFnQixFQUFFO2dCQUNoQjtvQkFDRSxJQUFJLEVBQUUsbUJBQW1CO29CQUN6QixlQUFlLEVBQ2IsR0FBRyxLQUFLLE9BQU87d0JBQ2IsQ0FBQyxDQUFDOzRCQUNFLEVBQUUsRUFBRSxlQUFlLENBQUMsRUFBRTt5QkFDdkI7d0JBQ0gsQ0FBQyxDQUFDLFNBQVM7b0JBQ2YsTUFBTSxFQUFFO3dCQUNOLEVBQUUsRUFBRSxRQUFRO3FCQUNiO2lCQUNGO2FBQ0Y7WUFFRCxzQkFBc0IsRUFBRSxLQUFLLENBQUMsc0JBQXNCLElBQUk7Z0JBQ3RELGtCQUFrQixFQUFFLENBQUMsU0FBUyxDQUFDO2dCQUMvQixvQkFBb0IsRUFBRTtvQkFDcEIsZUFBZSxFQUFFLENBQUMsaUJBQWlCLENBQUM7aUJBQ3JDO2dCQUVELHNCQUFzQixFQUFFLENBQUMsRUFBRSxDQUFDLHFCQUFxQixDQUFDLEdBQUcsQ0FBQztnQkFDdEQsU0FBUyxFQUFFLE1BQU0sQ0FBQyxXQUFXLENBQUEscUNBQXFDLGtCQUFRLENBQUMsUUFBUSxFQUFFO2dCQUNyRixXQUFXLEVBQUUsc0NBQXNDO2dCQUNuRCxTQUFTLEVBQUUsTUFBTSxDQUFDLFdBQVcsQ0FBQSwyQkFBMkIsa0JBQVEsQ0FBQyxRQUFRLEdBQUc7YUFDN0U7U0FDRixFQUNELEVBQUUsR0FBRyxJQUFJLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUMxQixDQUFDO1FBRUYsSUFBSSxDQUFDLEVBQUUsR0FBRyxHQUFHLENBQUMsRUFBRSxDQUFDO1FBQ2pCLElBQUksQ0FBQyxZQUFZLEdBQUcsR0FBRyxDQUFDLElBQUksQ0FBQztRQUU3QixJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQyxDQUFDO0lBQzFDLENBQUM7SUFFTSxVQUFVO1FBQ2YsT0FBTztZQUNMLEVBQUUsRUFBRSxJQUFJLENBQUMsRUFBRTtZQUNYLFlBQVksRUFBRSxJQUFJLENBQUMsWUFBWTtTQUNoQyxDQUFDO0lBQ0osQ0FBQztDQUNGO0FBN0RELGdDQTZEQyJ9

package/vnet/helpers.d.ts

@@ -0,0 +1,16 @@
+import { RouteArgs } from './RouteTable';
+export declare function getVnetIdFromSubnetId(subnetId: string): string;
+export declare function getSubnetNameFromId(subnetId: string): string;
+export declare function getDnsRecordName(recordName: string): string;
+export declare enum AzureSubnetNames {
+    AppGatewaySubnetName = "app-gateway",
+    GatewaySubnetName = "GatewaySubnet",
+    AzFirewallSubnet = "AzureFirewallSubnet",
+    AzFirewallManagementSubnet = "AzureFirewallManagementSubnet",
+    AzBastionSubnetName = "AzureBastionSubnet"
+}
+export declare const defaultServicesEndpoints: string[];
+export declare const defaultRouteRules: {
+    defaultInternetRoute: RouteArgs;
+    defaultGatewayRoute: RouteArgs;
+};

package/vnet/helpers.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defaultRouteRules = exports.defaultServicesEndpoints = exports.AzureSubnetNames = void 0;
+exports.getVnetIdFromSubnetId = getVnetIdFromSubnetId;
+exports.getSubnetNameFromId = getSubnetNameFromId;
+exports.getDnsRecordName = getDnsRecordName;
+function getVnetIdFromSubnetId(subnetId) {
+    //The sample SubnetId is /subscriptions/63a31b41-eb5d-4160-9fc9-d30fc00286c9/resourceGroups/sg-dev-aks-vnet/providers/Microsoft.Network/virtualNetworks/sg-vnet-trans/subnets/aks-main-nodes
+    return subnetId.split('/subnets')[0];
+}
+function getSubnetNameFromId(subnetId) {
+    //The sample SubnetId is /subscriptions/63a31b41-eb5d-4160-9fc9-d30fc00286c9/resourceGroups/sg-dev-aks-vnet/providers/Microsoft.Network/virtualNetworks/sg-vnet-trans/subnets/aks-main-nodes
+    return subnetId.split('/subnets')[1];
+}
+function getDnsRecordName(recordName) {
+    return recordName === '*' ? `all-aRecord` : recordName === '@' ? `root-aRecord` : `${recordName}-aRecord`;
+}
+var AzureSubnetNames;
+(function (AzureSubnetNames) {
+    AzureSubnetNames["AppGatewaySubnetName"] = "app-gateway";
+    AzureSubnetNames["GatewaySubnetName"] = "GatewaySubnet";
+    AzureSubnetNames["AzFirewallSubnet"] = "AzureFirewallSubnet";
+    AzureSubnetNames["AzFirewallManagementSubnet"] = "AzureFirewallManagementSubnet";
+    AzureSubnetNames["AzBastionSubnetName"] = "AzureBastionSubnet";
+})(AzureSubnetNames || (exports.AzureSubnetNames = AzureSubnetNames = {}));
+exports.defaultServicesEndpoints = [
+    'Microsoft.AzureActiveDirectory',
+    'Microsoft.AzureCosmosDB',
+    'Microsoft.ContainerRegistry',
+    'Microsoft.EventHub',
+    'Microsoft.KeyVault',
+    'Microsoft.ServiceBus',
+    'Microsoft.Sql',
+    'Microsoft.Storage',
+    'Microsoft.Web',
+];
+exports.defaultRouteRules = {
+    defaultInternetRoute: {
+        addressPrefix: '0.0.0.0/0',
+        nextHopType: 'Internet',
+    },
+    defaultGatewayRoute: {
+        addressPrefix: '0.0.0.0/0',
+        nextHopType: 'VirtualNetworkGateway',
+    },
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGVscGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy92bmV0L2hlbHBlcnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBSUEsc0RBR0M7QUFFRCxrREFHQztBQUVELDRDQUVDO0FBWkQsU0FBZ0IscUJBQXFCLENBQUMsUUFBZ0I7SUFDcEQsNExBQTRMO0lBQzVMLE9BQU8sUUFBUSxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUN2QyxDQUFDO0FBRUQsU0FBZ0IsbUJBQW1CLENBQUMsUUFBZ0I7SUFDbEQsNExBQTRMO0lBQzVMLE9BQU8sUUFBUSxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUN2QyxDQUFDO0FBRUQsU0FBZ0IsZ0JBQWdCLENBQUMsVUFBa0I7SUFDakQsT0FBTyxVQUFVLEtBQUssR0FBRyxDQUFDLENBQUMsQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDLFVBQVUsS0FBSyxHQUFHLENBQUMsQ0FBQyxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUMsR0FBRyxVQUFVLFVBQVUsQ0FBQztBQUM1RyxDQUFDO0FBRUQsSUFBWSxnQkFNWDtBQU5ELFdBQVksZ0JBQWdCO0lBQzFCLHdEQUFvQyxDQUFBO0lBQ3BDLHVEQUFtQyxDQUFBO0lBQ25DLDREQUF3QyxDQUFBO0lBQ3hDLGdGQUE0RCxDQUFBO0lBQzVELDhEQUEwQyxDQUFBO0FBQzVDLENBQUMsRUFOVyxnQkFBZ0IsZ0NBQWhCLGdCQUFnQixRQU0zQjtBQUVZLFFBQUEsd0JBQXdCLEdBQUc7SUFDdEMsZ0NBQWdDO0lBQ2hDLHlCQUF5QjtJQUN6Qiw2QkFBNkI7SUFDN0Isb0JBQW9CO0lBQ3BCLG9CQUFvQjtJQUNwQixzQkFBc0I7SUFDdEIsZUFBZTtJQUNmLG1CQUFtQjtJQUNuQixlQUFlO0NBQ2hCLENBQUM7QUFFVyxRQUFBLGlCQUFpQixHQUFHO0lBQy9CLG9CQUFvQixFQUFFO1FBQ3BCLGFBQWEsRUFBRSxXQUFXO1FBQzFCLFdBQVcsRUFBRSxVQUFVO0tBQ1g7SUFDZCxtQkFBbUIsRUFBRTtRQUNuQixhQUFhLEVBQUUsV0FBVztRQUMxQixXQUFXLEVBQUUsdUJBQXVCO0tBQ3hCO0NBQ2YsQ0FBQyJ9

package/vnet/index.d.ts

@@ -0,0 +1,13 @@
+export * from './AzCdn';
+export * from './Basion';
+export * from './DnsZone';
+export * from './Firewall';
+export * as vnetHelpers from './helpers';
+export * from './IpAddresses';
+export * from './NetworkPeering';
+export * from './PrivateDnsZone';
+export * from './PrivateEndpoint';
+export * from './RouteTable';
+export * from './VirtualNetwork';
+export * from './VpnGateway';
+export * from './securityRules';

package/vnet/index.js

@@ -0,0 +1,53 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.vnetHelpers = void 0;
+__exportStar(require("./AzCdn"), exports);
+__exportStar(require("./Basion"), exports);
+__exportStar(require("./DnsZone"), exports);
+__exportStar(require("./Firewall"), exports);
+exports.vnetHelpers = __importStar(require("./helpers"));
+__exportStar(require("./IpAddresses"), exports);
+__exportStar(require("./NetworkPeering"), exports);
+__exportStar(require("./PrivateDnsZone"), exports);
+__exportStar(require("./PrivateEndpoint"), exports);
+__exportStar(require("./RouteTable"), exports);
+__exportStar(require("./VirtualNetwork"), exports);
+__exportStar(require("./VpnGateway"), exports);
+__exportStar(require("./securityRules"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdm5ldC9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSwwQ0FBd0I7QUFDeEIsMkNBQXlCO0FBQ3pCLDRDQUEwQjtBQUMxQiw2Q0FBMkI7QUFDM0IseURBQXlDO0FBQ3pDLGdEQUE4QjtBQUM5QixtREFBaUM7QUFDakMsbURBQWlDO0FBQ2pDLG9EQUFrQztBQUNsQywrQ0FBNkI7QUFDN0IsbURBQWlDO0FBQ2pDLCtDQUE2QjtBQUM3QixrREFBZ0MifQ==

package/vnet/securityRules/SecurityRuleBuilder.d.ts

@@ -0,0 +1,12 @@
+import * as inputs from '@pulumi/azure-native/types/input';
+type RuleItemArgs = Partial<Pick<inputs.network.SecurityRuleArgs, 'description' | 'protocol' | 'sourceAddressPrefix' | 'destinationAddressPrefix' | 'destinationAddressPrefixes' | 'destinationPortRange' | 'destinationPortRanges' | 'sourceAddressPrefixes' | 'sourcePortRange' | 'sourcePortRanges'>>;
+export declare class SecurityRuleBuilder {
+    private _rules;
+    private addRule;
+    allowInbound(name: string, props: RuleItemArgs): SecurityRuleBuilder;
+    denyInbound(name: string, props: RuleItemArgs): SecurityRuleBuilder;
+    allowOutbound(name: string, props: RuleItemArgs): SecurityRuleBuilder;
+    denyOutbound(name: string, props: RuleItemArgs): SecurityRuleBuilder;
+    build(startPriority?: number): inputs.network.SecurityRuleArgs[];
+}
+export {};

package/vnet/securityRules/SecurityRuleBuilder.js

@@ -0,0 +1,55 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SecurityRuleBuilder = void 0;
+class SecurityRuleBuilder {
+    _rules = [];
+    addRule(name, props) {
+        this._rules.push({
+            name,
+            protocol: '*',
+            sourceAddressPrefix: '*',
+            sourcePortRange: '*',
+            destinationAddressPrefix: '*',
+            destinationPortRange: '*',
+            ...props,
+        });
+        return this;
+    }
+    allowInbound(name, props) {
+        return this.addRule(name, {
+            access: 'Allow',
+            direction: 'Inbound',
+            ...props,
+        });
+    }
+    denyInbound(name, props) {
+        return this.addRule(name, {
+            access: 'Deny',
+            direction: 'Inbound',
+            ...props,
+        });
+    }
+    allowOutbound(name, props) {
+        return this.addRule(name, {
+            access: 'Allow',
+            direction: 'Outbound',
+            ...props,
+        });
+    }
+    denyOutbound(name, props) {
+        return this.addRule(name, {
+            access: 'Deny',
+            direction: 'Outbound',
+            ...props,
+        });
+    }
+    build(startPriority = 300) {
+        const rules = this._rules.map((rule, index) => {
+            rule.priority = startPriority + index;
+            return rule;
+        });
+        return rules;
+    }
+}
+exports.SecurityRuleBuilder = SecurityRuleBuilder;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU2VjdXJpdHlSdWxlQnVpbGRlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy92bmV0L3NlY3VyaXR5UnVsZXMvU2VjdXJpdHlSdWxlQnVpbGRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFtQkEsTUFBYSxtQkFBbUI7SUFDdEIsTUFBTSxHQUFzQyxFQUFFLENBQUM7SUFFL0MsT0FBTyxDQUNiLElBQVksRUFDWixLQUFzRztRQUV0RyxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQztZQUNmLElBQUk7WUFDSixRQUFRLEVBQUUsR0FBRztZQUNiLG1CQUFtQixFQUFFLEdBQUc7WUFDeEIsZUFBZSxFQUFFLEdBQUc7WUFDcEIsd0JBQXdCLEVBQUUsR0FBRztZQUM3QixvQkFBb0IsRUFBRSxHQUFHO1lBQ3pCLEdBQUcsS0FBSztTQUNULENBQUMsQ0FBQztRQUVILE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVNLFlBQVksQ0FBQyxJQUFZLEVBQUUsS0FBbUI7UUFDbkQsT0FBTyxJQUFJLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRTtZQUN4QixNQUFNLEVBQUUsT0FBTztZQUNmLFNBQVMsRUFBRSxTQUFTO1lBQ3BCLEdBQUcsS0FBSztTQUNULENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTSxXQUFXLENBQUMsSUFBWSxFQUFFLEtBQW1CO1FBQ2xELE9BQU8sSUFBSSxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUU7WUFDeEIsTUFBTSxFQUFFLE1BQU07WUFDZCxTQUFTLEVBQUUsU0FBUztZQUNwQixHQUFHLEtBQUs7U0FDVCxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRU0sYUFBYSxDQUFDLElBQVksRUFBRSxLQUFtQjtRQUNwRCxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFO1lBQ3hCLE1BQU0sRUFBRSxPQUFPO1lBQ2YsU0FBUyxFQUFFLFVBQVU7WUFDckIsR0FBRyxLQUFLO1NBQ1QsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVNLFlBQVksQ0FBQyxJQUFZLEVBQUUsS0FBbUI7UUFDbkQsT0FBTyxJQUFJLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRTtZQUN4QixNQUFNLEVBQUUsTUFBTTtZQUNkLFNBQVMsRUFBRSxVQUFVO1lBQ3JCLEdBQUcsS0FBSztTQUNULENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxLQUFLLENBQUMsZ0JBQXdCLEdBQUc7UUFDL0IsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsS0FBSyxFQUFFLEVBQUU7WUFDNUMsSUFBSSxDQUFDLFFBQVEsR0FBRyxhQUFhLEdBQUcsS0FBSyxDQUFDO1lBQ3RDLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQyxDQUFDLENBQUM7UUFFSCxPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7Q0FDRjtBQTVERCxrREE0REMifQ==

package/vnet/securityRules/commonRules.d.ts

@@ -0,0 +1,9 @@
+import * as pulumi from '@pulumi/pulumi';
+export declare function getBasionSecurityRules({ bastionAddressPrefix, startPriority, }: {
+    bastionAddressPrefix: pulumi.Input<string>;
+    startPriority?: number;
+}): import("@pulumi/azure-native/types/input").network.SecurityRuleArgs[];
+export declare function getAppGatewaySecurityRules({ apiGatewayAddressPrefix, startPriority, }: {
+    apiGatewayAddressPrefix: pulumi.Input<string>;
+    startPriority?: number;
+}): import("@pulumi/azure-native/types/input").network.SecurityRuleArgs[];