@drunk-pulumi/azure-components 1.0.3 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/ResourceBuilder.d.ts +5 -5
- package/ResourceBuilder.js +9 -8
- package/aks/AzKubernetes.d.ts +50 -19
- package/aks/AzKubernetes.js +229 -125
- package/aks/ContainerRegistry.js +2 -1
- package/aks/helpers.d.ts +6 -0
- package/aks/helpers.js +26 -5
- package/aks/types.d.ts +245 -0
- package/aks/types.js +3 -0
- package/apim/Apim.d.ts +6 -3
- package/apim/Apim.js +18 -16
- package/app/AppContainer.d.ts +91 -0
- package/app/AppContainer.js +141 -0
- package/app/AppContainerEnv.d.ts +68 -0
- package/app/AppContainerEnv.js +142 -0
- package/app/index.d.ts +2 -0
- package/app/index.js +3 -1
- package/azAd/AppRegistration.d.ts +9 -12
- package/azAd/AppRegistration.js +15 -12
- package/azAd/CloudflareAzIdentity.d.ts +10 -0
- package/azAd/CloudflareAzIdentity.js +61 -0
- package/azAd/GroupRole.d.ts +1 -1
- package/azAd/GroupRole.js +4 -5
- package/azAd/UserAssignedIdentity.js +6 -6
- package/azAd/helpers/rsRoleDefinition.js +4 -9
- package/azAd/index.d.ts +1 -0
- package/azAd/index.js +2 -1
- package/base/BaseResourceComponent.d.ts +1 -1
- package/base/BaseResourceComponent.js +5 -5
- package/base/helpers.js +2 -2
- package/database/AzSql.d.ts +6 -5
- package/database/AzSql.js +2 -1
- package/database/Redis.d.ts +1 -4
- package/database/Redis.js +12 -4
- package/database/helpers.js +3 -3
- package/helpers/autoTags.js +4 -1
- package/helpers/index.d.ts +1 -0
- package/helpers/index.js +3 -2
- package/helpers/stackEnv.d.ts +2 -1
- package/helpers/stackEnv.js +4 -3
- package/helpers/zoneHelper.d.ts +24 -0
- package/helpers/zoneHelper.js +40 -0
- package/logs/Logs.d.ts +6 -16
- package/logs/Logs.js +4 -5
- package/package.json +8 -7
- package/services/ServiceBus.js +2 -1
- package/storage/StorageAccount.d.ts +4 -7
- package/storage/StorageAccount.js +16 -13
- package/types.d.ts +14 -3
- package/vault/KeyVault.d.ts +5 -0
- package/vault/KeyVault.js +13 -2
- package/vault/helpers.d.ts +7 -4
- package/vault/helpers.js +11 -4
- package/vm/DiskEncryptionSet.js +3 -1
- package/vm/VirtualMachine.d.ts +5 -0
- package/vm/VirtualMachine.js +156 -41
- package/vnet/Basion.js +3 -1
- package/vnet/Firewall.d.ts +8 -13
- package/vnet/Firewall.js +8 -6
- package/vnet/FirewallPolicies/FirewallPolicyBuilder.js +24 -6
- package/vnet/FirewallPolicies/commonPolicies.d.ts +29 -2
- package/vnet/FirewallPolicies/commonPolicies.js +466 -20
- package/vnet/FirewallPolicies/index.d.ts +2 -0
- package/vnet/FirewallPolicies/index.js +18 -1
- package/vnet/IpAddresses.d.ts +1 -1
- package/vnet/IpAddresses.js +3 -2
- package/vnet/PrivateDnsZone.d.ts +4 -4
- package/vnet/PrivateDnsZone.js +17 -17
- package/vnet/PrivateEndpoint.d.ts +2 -5
- package/vnet/PrivateEndpoint.js +6 -1
- package/vnet/VirtualNetwork.d.ts +11 -5
- package/vnet/VirtualNetwork.js +31 -9
- package/vnet/helpers.d.ts +2 -0
- package/vnet/helpers.js +40 -2
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
import * as app from '@pulumi/azure-native/app';
|
|
2
|
+
import * as pulumi from '@pulumi/pulumi';
|
|
3
|
+
import * as types from '../types';
|
|
4
|
+
import { AppContainerArgs } from './AppContainer';
|
|
5
|
+
import { BaseResourceComponent, CommonBaseArgs } from '../base';
|
|
6
|
+
import * as enums from '@pulumi/azure-native/types/enums';
|
|
7
|
+
interface ScheduledEntryArgs {
|
|
8
|
+
/**
|
|
9
|
+
* Length of maintenance window range from 8 to 24 hours.
|
|
10
|
+
*/
|
|
11
|
+
durationHours: pulumi.Input<number>;
|
|
12
|
+
/**
|
|
13
|
+
* Start hour after which managed environment maintenance can start from 0 to 23 hour.
|
|
14
|
+
*/
|
|
15
|
+
startHourUtc: pulumi.Input<number>;
|
|
16
|
+
/**
|
|
17
|
+
* Day of the week when a managed environment can be patched.
|
|
18
|
+
*/
|
|
19
|
+
weekDay: pulumi.Input<enums.app.WeekDay>;
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Azure Container Apps Managed Environment component providing isolated hosting
|
|
23
|
+
* environment for container apps with networking, monitoring, and scaling features.
|
|
24
|
+
*/
|
|
25
|
+
export interface AppContainerEnvArgs extends CommonBaseArgs, types.WithUserAssignedIdentity, Partial<Pick<app.ManagedEnvironmentArgs, 'daprAIConnectionString' | 'daprAIInstrumentationKey' | 'customDomainConfiguration' | 'infrastructureResourceGroup' | 'peerAuthentication' | 'peerTrafficConfiguration' | 'workloadProfiles' | 'zoneRedundant' | 'appInsightsConfiguration' | 'appLogsConfiguration' | 'openTelemetryConfiguration' | 'publicNetworkAccess'>> {
|
|
26
|
+
/** VNet configuration for internal networking */
|
|
27
|
+
vnetConfiguration?: {
|
|
28
|
+
/** Subnet resource info for infrastructure components */
|
|
29
|
+
infrastructureSubnet: types.SubResourceInputs;
|
|
30
|
+
/** Enable internal-only ingress */
|
|
31
|
+
internal?: boolean;
|
|
32
|
+
/** Platform-reserved CIDR (e.g., '10.0.0.0/23') - must not overlap with infrastructure subnet */
|
|
33
|
+
platformReservedCidr?: pulumi.Input<string>;
|
|
34
|
+
/** Platform-reserved DNS IP (must be within platformReservedCidr) */
|
|
35
|
+
platformReservedDnsIP?: pulumi.Input<string>;
|
|
36
|
+
};
|
|
37
|
+
/** Log Analytics workspace for Container App logs and metrics */
|
|
38
|
+
logAnalyticsWorkspace?: types.ResourceInputs;
|
|
39
|
+
/** Dapr configuration */
|
|
40
|
+
dapr?: {
|
|
41
|
+
/** Application Insights connection string for Dapr telemetry */
|
|
42
|
+
connectionString?: pulumi.Input<string>;
|
|
43
|
+
/** Application Insights instrumentation key for Dapr telemetry */
|
|
44
|
+
instrumentationKey?: pulumi.Input<string>;
|
|
45
|
+
};
|
|
46
|
+
containerApps?: Record<string, Omit<AppContainerArgs, types.CommonProps | 'managedEnvironmentId'>>;
|
|
47
|
+
maintenanceSchedules?: pulumi.Input<ScheduledEntryArgs>[];
|
|
48
|
+
}
|
|
49
|
+
export declare class AppContainerEnv extends BaseResourceComponent<AppContainerEnvArgs> {
|
|
50
|
+
readonly id: pulumi.Output<string>;
|
|
51
|
+
readonly resourceName: pulumi.Output<string>;
|
|
52
|
+
readonly defaultDomain: pulumi.Output<string>;
|
|
53
|
+
readonly staticIp: pulumi.Output<string>;
|
|
54
|
+
constructor(name: string, args: AppContainerEnvArgs, opts?: pulumi.ComponentResourceOptions);
|
|
55
|
+
getOutputs(): {
|
|
56
|
+
resourceName: pulumi.Output<string>;
|
|
57
|
+
id: pulumi.Output<string>;
|
|
58
|
+
defaultDomain: pulumi.Output<string>;
|
|
59
|
+
staticIp: pulumi.Output<string>;
|
|
60
|
+
vaultSecrets: {
|
|
61
|
+
[key: string]: import("..").VaultSecretResult;
|
|
62
|
+
} | undefined;
|
|
63
|
+
};
|
|
64
|
+
private createManagedEnvironment;
|
|
65
|
+
private createMaintenance;
|
|
66
|
+
private createApps;
|
|
67
|
+
}
|
|
68
|
+
export {};
|
|
@@ -0,0 +1,142 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.AppContainerEnv = void 0;
|
|
37
|
+
const app = __importStar(require("@pulumi/azure-native/app"));
|
|
38
|
+
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
39
|
+
const AppContainer_1 = require("./AppContainer");
|
|
40
|
+
const base_1 = require("../base");
|
|
41
|
+
const helpers_1 = require("../helpers");
|
|
42
|
+
class AppContainerEnv extends base_1.BaseResourceComponent {
|
|
43
|
+
id;
|
|
44
|
+
resourceName;
|
|
45
|
+
defaultDomain;
|
|
46
|
+
staticIp;
|
|
47
|
+
constructor(name, args, opts) {
|
|
48
|
+
super('AppContainerEnv', name, args, opts);
|
|
49
|
+
const managedEnv = this.createManagedEnvironment();
|
|
50
|
+
this.createMaintenance(managedEnv);
|
|
51
|
+
this.createApps(managedEnv);
|
|
52
|
+
this.id = managedEnv.id;
|
|
53
|
+
this.resourceName = managedEnv.name;
|
|
54
|
+
this.defaultDomain = managedEnv.defaultDomain;
|
|
55
|
+
this.staticIp = managedEnv.staticIp;
|
|
56
|
+
this.registerOutputs();
|
|
57
|
+
}
|
|
58
|
+
getOutputs() {
|
|
59
|
+
return {
|
|
60
|
+
resourceName: this.resourceName,
|
|
61
|
+
id: this.id,
|
|
62
|
+
defaultDomain: this.defaultDomain,
|
|
63
|
+
staticIp: this.staticIp,
|
|
64
|
+
vaultSecrets: this.vaultSecrets,
|
|
65
|
+
};
|
|
66
|
+
}
|
|
67
|
+
createManagedEnvironment() {
|
|
68
|
+
const { rsGroup, defaultUAssignedId, vnetConfiguration, logAnalyticsWorkspace, dapr, workloadProfiles, zoneRedundant, ...props } = this.args;
|
|
69
|
+
// Build Log Analytics configuration
|
|
70
|
+
const appLogsConfiguration = logAnalyticsWorkspace
|
|
71
|
+
? {
|
|
72
|
+
appLogsConfiguration: {
|
|
73
|
+
logAnalyticsConfiguration: {
|
|
74
|
+
customerId: logAnalyticsWorkspace.id,
|
|
75
|
+
sharedKey: pulumi.secret(logAnalyticsWorkspace.id), // In practice, retrieve actual shared key
|
|
76
|
+
},
|
|
77
|
+
},
|
|
78
|
+
}
|
|
79
|
+
: undefined;
|
|
80
|
+
return new app.ManagedEnvironment(this.name, {
|
|
81
|
+
...props,
|
|
82
|
+
...rsGroup,
|
|
83
|
+
// Logging and monitoring
|
|
84
|
+
...appLogsConfiguration,
|
|
85
|
+
workloadProfiles: workloadProfiles ?? [
|
|
86
|
+
{
|
|
87
|
+
name: 'Consumption',
|
|
88
|
+
workloadProfileType: 'Consumption',
|
|
89
|
+
},
|
|
90
|
+
],
|
|
91
|
+
identity: {
|
|
92
|
+
type: defaultUAssignedId
|
|
93
|
+
? app.ManagedServiceIdentityType.SystemAssigned_UserAssigned
|
|
94
|
+
: app.ManagedServiceIdentityType.SystemAssigned,
|
|
95
|
+
userAssignedIdentities: defaultUAssignedId ? [defaultUAssignedId.id] : undefined,
|
|
96
|
+
},
|
|
97
|
+
// VNet integration
|
|
98
|
+
vnetConfiguration: vnetConfiguration
|
|
99
|
+
? {
|
|
100
|
+
infrastructureSubnetId: vnetConfiguration.infrastructureSubnet.id,
|
|
101
|
+
internal: vnetConfiguration.internal ?? false,
|
|
102
|
+
platformReservedCidr: vnetConfiguration.platformReservedCidr,
|
|
103
|
+
platformReservedDnsIP: vnetConfiguration.platformReservedDnsIP,
|
|
104
|
+
}
|
|
105
|
+
: undefined,
|
|
106
|
+
// Dapr telemetry
|
|
107
|
+
daprAIConnectionString: dapr?.connectionString ?? this.args.daprAIConnectionString,
|
|
108
|
+
daprAIInstrumentationKey: dapr?.instrumentationKey ?? this.args.daprAIInstrumentationKey,
|
|
109
|
+
zoneRedundant: zoneRedundant ?? helpers_1.azureEnv.isPrd,
|
|
110
|
+
}, { ...this.opts, parent: this, deleteBeforeReplace: true });
|
|
111
|
+
}
|
|
112
|
+
createMaintenance(env) {
|
|
113
|
+
const { rsGroup, maintenanceSchedules } = this.args;
|
|
114
|
+
new app.MaintenanceConfiguration(`${this.name}-maintenance`, {
|
|
115
|
+
configName: 'default',
|
|
116
|
+
environmentName: env.name,
|
|
117
|
+
resourceGroupName: rsGroup.resourceGroupName,
|
|
118
|
+
scheduledEntries: maintenanceSchedules ?? [
|
|
119
|
+
{
|
|
120
|
+
weekDay: 'Sunday',
|
|
121
|
+
durationHours: 8,
|
|
122
|
+
startHourUtc: 0,
|
|
123
|
+
},
|
|
124
|
+
],
|
|
125
|
+
}, { dependsOn: env, deletedWith: env, parent: this, deleteBeforeReplace: true });
|
|
126
|
+
}
|
|
127
|
+
createApps(env) {
|
|
128
|
+
const { containerApps, rsGroup, vaultInfo, defaultUAssignedId, groupRoles } = this.args;
|
|
129
|
+
if (!containerApps)
|
|
130
|
+
return undefined;
|
|
131
|
+
return Object.entries(containerApps).forEach(([appName, appArgs]) => new AppContainer_1.AppContainer(appName, {
|
|
132
|
+
...appArgs,
|
|
133
|
+
rsGroup,
|
|
134
|
+
vaultInfo,
|
|
135
|
+
defaultUAssignedId: appArgs.defaultUAssignedId ?? defaultUAssignedId,
|
|
136
|
+
groupRoles,
|
|
137
|
+
managedEnvironmentId: env.id,
|
|
138
|
+
}, { dependsOn: env, deletedWith: env, parent: this }));
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
exports.AppContainerEnv = AppContainerEnv;
|
|
142
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXBwQ29udGFpbmVyRW52LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2FwcC9BcHBDb250YWluZXJFbnYudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsOERBQWdEO0FBQ2hELHVEQUF5QztBQUV6QyxpREFBZ0U7QUFDaEUsa0NBQWdFO0FBQ2hFLHdDQUFzQztBQXNFdEMsTUFBYSxlQUFnQixTQUFRLDRCQUEwQztJQUM3RCxFQUFFLENBQXdCO0lBQzFCLFlBQVksQ0FBd0I7SUFDcEMsYUFBYSxDQUF3QjtJQUNyQyxRQUFRLENBQXdCO0lBRWhELFlBQVksSUFBWSxFQUFFLElBQXlCLEVBQUUsSUFBc0M7UUFDekYsS0FBSyxDQUFDLGlCQUFpQixFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFM0MsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLHdCQUF3QixFQUFFLENBQUM7UUFDbkQsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQ25DLElBQUksQ0FBQyxVQUFVLENBQUMsVUFBVSxDQUFDLENBQUM7UUFFNUIsSUFBSSxDQUFDLEVBQUUsR0FBRyxVQUFVLENBQUMsRUFBRSxDQUFDO1FBQ3hCLElBQUksQ0FBQyxZQUFZLEdBQUcsVUFBVSxDQUFDLElBQUksQ0FBQztRQUNwQyxJQUFJLENBQUMsYUFBYSxHQUFHLFVBQVUsQ0FBQyxhQUFhLENBQUM7UUFDOUMsSUFBSSxDQUFDLFFBQVEsR0FBRyxVQUFVLENBQUMsUUFBUSxDQUFDO1FBRXBDLElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztJQUN6QixDQUFDO0lBRU0sVUFBVTtRQUNmLE9BQU87WUFDTCxZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVk7WUFDL0IsRUFBRSxFQUFFLElBQUksQ0FBQyxFQUFFO1lBQ1gsYUFBYSxFQUFFLElBQUksQ0FBQyxhQUFhO1lBQ2pDLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUN2QixZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVk7U0FDaEMsQ0FBQztJQUNKLENBQUM7SUFFTyx3QkFBd0I7UUFDOUIsTUFBTSxFQUNKLE9BQU8sRUFDUCxrQkFBa0IsRUFDbEIsaUJBQWlCLEVBQ2pCLHFCQUFxQixFQUNyQixJQUFJLEVBQ0osZ0JBQWdCLEVBQ2hCLGFBQWEsRUFDYixHQUFHLEtBQUssRUFDVCxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUM7UUFFZCxvQ0FBb0M7UUFDcEMsTUFBTSxvQkFBb0IsR0FBRyxxQkFBcUI7WUFDaEQsQ0FBQyxDQUFDO2dCQUNFLG9CQUFvQixFQUFFO29CQUNwQix5QkFBeUIsRUFBRTt3QkFDekIsVUFBVSxFQUFFLHFCQUFxQixDQUFDLEVBQUU7d0JBQ3BDLFNBQVMsRUFBRSxNQUFNLENBQUMsTUFBTSxDQUFDLHFCQUFxQixDQUFDLEVBQUUsQ0FBQyxFQUFFLDBDQUEwQztxQkFDL0Y7aUJBQ0Y7YUFDRjtZQUNILENBQUMsQ0FBQyxTQUFTLENBQUM7UUFFZCxPQUFPLElBQUksR0FBRyxDQUFDLGtCQUFrQixDQUMvQixJQUFJLENBQUMsSUFBSSxFQUNUO1lBQ0UsR0FBRyxLQUFLO1lBQ1IsR0FBRyxPQUFPO1lBQ1YseUJBQXlCO1lBQ3pCLEdBQUcsb0JBQW9CO1lBQ3ZCLGdCQUFnQixFQUFFLGdCQUFnQixJQUFJO2dCQUNwQztvQkFDRSxJQUFJLEVBQUUsYUFBYTtvQkFDbkIsbUJBQW1CLEVBQUUsYUFBYTtpQkFDbkM7YUFDRjtZQUNELFFBQVEsRUFBRTtnQkFDUixJQUFJLEVBQUUsa0JBQWtCO29CQUN0QixDQUFDLENBQUMsR0FBRyxDQUFDLDBCQUEwQixDQUFDLDJCQUEyQjtvQkFDNUQsQ0FBQyxDQUFDLEdBQUcsQ0FBQywwQkFBMEIsQ0FBQyxjQUFjO2dCQUNqRCxzQkFBc0IsRUFBRSxrQkFBa0IsQ0FBQyxDQUFDLENBQUMsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsU0FBUzthQUNqRjtZQUVELG1CQUFtQjtZQUNuQixpQkFBaUIsRUFBRSxpQkFBaUI7Z0JBQ2xDLENBQUMsQ0FBQztvQkFDRSxzQkFBc0IsRUFBRSxpQkFBaUIsQ0FBQyxvQkFBb0IsQ0FBQyxFQUFFO29CQUNqRSxRQUFRLEVBQUUsaUJBQWlCLENBQUMsUUFBUSxJQUFJLEtBQUs7b0JBQzdDLG9CQUFvQixFQUFFLGlCQUFpQixDQUFDLG9CQUFvQjtvQkFDNUQscUJBQXFCLEVBQUUsaUJBQWlCLENBQUMscUJBQXFCO2lCQUMvRDtnQkFDSCxDQUFDLENBQUMsU0FBUztZQUViLGlCQUFpQjtZQUNqQixzQkFBc0IsRUFBRSxJQUFJLEVBQUUsZ0JBQWdCLElBQUksSUFBSSxDQUFDLElBQUksQ0FBQyxzQkFBc0I7WUFDbEYsd0JBQXdCLEVBQUUsSUFBSSxFQUFFLGtCQUFrQixJQUFJLElBQUksQ0FBQyxJQUFJLENBQUMsd0JBQXdCO1lBQ3hGLGFBQWEsRUFBRSxhQUFhLElBQUksa0JBQVEsQ0FBQyxLQUFLO1NBQy9DLEVBQ0QsRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxtQkFBbUIsRUFBRSxJQUFJLEVBQUUsQ0FDMUQsQ0FBQztJQUNKLENBQUM7SUFFTyxpQkFBaUIsQ0FBQyxHQUEyQjtRQUNuRCxNQUFNLEVBQUUsT0FBTyxFQUFFLG9CQUFvQixFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztRQUVwRCxJQUFJLEdBQUcsQ0FBQyx3QkFBd0IsQ0FDOUIsR0FBRyxJQUFJLENBQUMsSUFBSSxjQUFjLEVBQzFCO1lBQ0UsVUFBVSxFQUFFLFNBQVM7WUFDckIsZUFBZSxFQUFFLEdBQUcsQ0FBQyxJQUFJO1lBQ3pCLGlCQUFpQixFQUFFLE9BQU8sQ0FBQyxpQkFBaUI7WUFDNUMsZ0JBQWdCLEVBQUUsb0JBQW9CLElBQUk7Z0JBQ3hDO29CQUNFLE9BQU8sRUFBRSxRQUFRO29CQUNqQixhQUFhLEVBQUUsQ0FBQztvQkFDaEIsWUFBWSxFQUFFLENBQUM7aUJBQ2hCO2FBQ0Y7U0FDRixFQUNELEVBQUUsU0FBUyxFQUFFLEdBQUcsRUFBRSxXQUFXLEVBQUUsR0FBRyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsbUJBQW1CLEVBQUUsSUFBSSxFQUFFLENBQzlFLENBQUM7SUFDSixDQUFDO0lBRU8sVUFBVSxDQUFDLEdBQTJCO1FBQzVDLE1BQU0sRUFBRSxhQUFhLEVBQUUsT0FBTyxFQUFFLFNBQVMsRUFBRSxrQkFBa0IsRUFBRSxVQUFVLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDO1FBQ3hGLElBQUksQ0FBQyxhQUFhO1lBQUUsT0FBTyxTQUFTLENBQUM7UUFFckMsT0FBTyxNQUFNLENBQUMsT0FBTyxDQUFDLGFBQWEsQ0FBQyxDQUFDLE9BQU8sQ0FDMUMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxPQUFPLENBQUMsRUFBRSxFQUFFLENBQ3JCLElBQUksMkJBQVksQ0FDZCxPQUFPLEVBQ1A7WUFDRSxHQUFHLE9BQU87WUFDVixPQUFPO1lBQ1AsU0FBUztZQUNULGtCQUFrQixFQUFFLE9BQU8sQ0FBQyxrQkFBa0IsSUFBSSxrQkFBa0I7WUFDcEUsVUFBVTtZQUNWLG9CQUFvQixFQUFFLEdBQUcsQ0FBQyxFQUFFO1NBQzdCLEVBQ0QsRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLFdBQVcsRUFBRSxHQUFHLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUNuRCxDQUNKLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUF2SUQsMENBdUlDIn0=
|
package/app/index.d.ts
CHANGED
package/app/index.js
CHANGED
|
@@ -16,8 +16,10 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
17
|
__exportStar(require("./AppCert"), exports);
|
|
18
18
|
__exportStar(require("./AppConfig"), exports);
|
|
19
|
+
__exportStar(require("./AppContainer"), exports);
|
|
20
|
+
__exportStar(require("./AppContainerEnv"), exports);
|
|
19
21
|
__exportStar(require("./AppService"), exports);
|
|
20
22
|
__exportStar(require("./IoTHub"), exports);
|
|
21
23
|
__exportStar(require("./LogicApp"), exports);
|
|
22
24
|
__exportStar(require("./SignalR"), exports);
|
|
23
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
25
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvYXBwL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSw0Q0FBMEI7QUFDMUIsOENBQTRCO0FBQzVCLGlEQUErQjtBQUMvQixvREFBa0M7QUFDbEMsK0NBQTZCO0FBQzdCLDJDQUF5QjtBQUN6Qiw2Q0FBMkI7QUFDM0IsNENBQTBCIn0=
|
|
@@ -2,8 +2,7 @@ import * as azAd from '@pulumi/azuread';
|
|
|
2
2
|
import * as pulumi from '@pulumi/pulumi';
|
|
3
3
|
import { RoleAssignmentArgs } from './RoleAssignment';
|
|
4
4
|
import { WithMemberOfArgs, WithVaultInfo } from '../types';
|
|
5
|
-
import { BaseComponent } from '../base
|
|
6
|
-
import { VaultSecrets } from '../vault';
|
|
5
|
+
import { BaseComponent } from '../base';
|
|
7
6
|
export declare enum GroupMembershipClaimsTypes {
|
|
8
7
|
None = "None",
|
|
9
8
|
SecurityGroup = "SecurityGroup",
|
|
@@ -31,21 +30,19 @@ export interface AppRegistrationArgs extends WithVaultInfo, WithMemberOfArgs, Pa
|
|
|
31
30
|
roleAssignments?: Array<Omit<RoleAssignmentArgs, 'roleAssignmentName' | 'principalId' | 'principalType'>>;
|
|
32
31
|
}
|
|
33
32
|
export declare class AppRegistration extends BaseComponent<AppRegistrationArgs> {
|
|
33
|
+
readonly tenantId: pulumi.Output<string>;
|
|
34
34
|
readonly clientId: pulumi.Output<string>;
|
|
35
|
-
readonly clientSecret
|
|
36
|
-
readonly servicePrincipalId
|
|
37
|
-
readonly servicePrincipalPassword
|
|
38
|
-
|
|
39
|
-
[key: string]: ReturnType<VaultSecrets['getOutputs']>;
|
|
40
|
-
};
|
|
35
|
+
readonly clientSecret: pulumi.Output<string>;
|
|
36
|
+
readonly servicePrincipalId: pulumi.Output<string>;
|
|
37
|
+
readonly servicePrincipalPassword: pulumi.Output<string>;
|
|
38
|
+
private vaultSecrets;
|
|
41
39
|
constructor(name: string, args?: AppRegistrationArgs, opts?: pulumi.ComponentResourceOptions);
|
|
42
40
|
getOutputs(): {
|
|
41
|
+
tenantId: pulumi.Output<string>;
|
|
43
42
|
clientId: pulumi.Output<string>;
|
|
44
|
-
servicePrincipalId: pulumi.Output<string
|
|
43
|
+
servicePrincipalId: pulumi.Output<string>;
|
|
45
44
|
vaultSecrets: {
|
|
46
|
-
[key: string]:
|
|
47
|
-
[key: string]: import("../vault").VaultSecretResult;
|
|
48
|
-
};
|
|
45
|
+
[key: string]: import("../vault").VaultSecretResult;
|
|
49
46
|
};
|
|
50
47
|
};
|
|
51
48
|
private createAppRegistration;
|
package/azAd/AppRegistration.js
CHANGED
|
@@ -37,7 +37,7 @@ exports.AppRegistration = exports.GroupMembershipClaimsTypes = void 0;
|
|
|
37
37
|
const azAd = __importStar(require("@pulumi/azuread"));
|
|
38
38
|
const pulumi = __importStar(require("@pulumi/pulumi"));
|
|
39
39
|
const RoleAssignment_1 = require("./RoleAssignment");
|
|
40
|
-
const
|
|
40
|
+
const base_1 = require("../base");
|
|
41
41
|
const vault_1 = require("../vault");
|
|
42
42
|
const helpers_1 = require("../base/helpers");
|
|
43
43
|
const helpers_2 = require("../helpers");
|
|
@@ -49,7 +49,8 @@ var GroupMembershipClaimsTypes;
|
|
|
49
49
|
GroupMembershipClaimsTypes["ApplicationGroup"] = "ApplicationGroup";
|
|
50
50
|
GroupMembershipClaimsTypes["All"] = "All";
|
|
51
51
|
})(GroupMembershipClaimsTypes || (exports.GroupMembershipClaimsTypes = GroupMembershipClaimsTypes = {}));
|
|
52
|
-
class AppRegistration extends
|
|
52
|
+
class AppRegistration extends base_1.BaseComponent {
|
|
53
|
+
tenantId;
|
|
53
54
|
clientId;
|
|
54
55
|
clientSecret;
|
|
55
56
|
servicePrincipalId;
|
|
@@ -63,6 +64,8 @@ class AppRegistration extends BaseComponent_1.BaseComponent {
|
|
|
63
64
|
this.servicePrincipalId = sp.servicePrincipalId;
|
|
64
65
|
this.servicePrincipalPassword = sp.servicePrincipalPassword;
|
|
65
66
|
this.clientId = app.clientId;
|
|
67
|
+
this.clientSecret = clientSecret;
|
|
68
|
+
this.tenantId = helpers_2.azureEnv.tenantId;
|
|
66
69
|
this.addSecrets({
|
|
67
70
|
clientId: app.clientId,
|
|
68
71
|
clientSecret: clientSecret,
|
|
@@ -73,6 +76,7 @@ class AppRegistration extends BaseComponent_1.BaseComponent {
|
|
|
73
76
|
}
|
|
74
77
|
getOutputs() {
|
|
75
78
|
return {
|
|
79
|
+
tenantId: this.tenantId,
|
|
76
80
|
clientId: this.clientId,
|
|
77
81
|
servicePrincipalId: this.servicePrincipalId,
|
|
78
82
|
vaultSecrets: this.vaultSecrets,
|
|
@@ -97,7 +101,7 @@ class AppRegistration extends BaseComponent_1.BaseComponent {
|
|
|
97
101
|
}
|
|
98
102
|
: undefined,
|
|
99
103
|
singlePageApplication: this.args.appType == 'singlePageApplication' ? { redirectUris: this.args.redirectUris } : undefined,
|
|
100
|
-
}, { ...this.opts, parent: this });
|
|
104
|
+
}, { ...this.opts, parent: this, ignoreChanges: ['tags'] });
|
|
101
105
|
const clientSecret = new azAd.ApplicationPassword(`${this.name}-client-secret`, {
|
|
102
106
|
displayName: this.name,
|
|
103
107
|
applicationId: app.id,
|
|
@@ -112,7 +116,7 @@ class AppRegistration extends BaseComponent_1.BaseComponent {
|
|
|
112
116
|
clientId: app.clientId,
|
|
113
117
|
owners: this.args.owners,
|
|
114
118
|
}, { dependsOn: app, deletedWith: app, parent: this });
|
|
115
|
-
|
|
119
|
+
const spPass = new azAd.ServicePrincipalPassword(`${this.name}-sp-pass`, {
|
|
116
120
|
displayName: this.name,
|
|
117
121
|
servicePrincipalId: pulumi.interpolate `/servicePrincipals/${sp.objectId}`,
|
|
118
122
|
}, { dependsOn: sp, deletedWith: app, parent: this });
|
|
@@ -140,25 +144,24 @@ class AppRegistration extends BaseComponent_1.BaseComponent {
|
|
|
140
144
|
addSecrets({ clientId, clientSecret, servicePrincipalId, servicePrincipalPass, }) {
|
|
141
145
|
if (!this.args.vaultInfo)
|
|
142
146
|
return;
|
|
143
|
-
const
|
|
144
|
-
const secret = new vault_1.VaultSecrets(n, {
|
|
147
|
+
const secret = new vault_1.VaultSecrets(this.name, {
|
|
145
148
|
vaultInfo: this.args.vaultInfo,
|
|
146
149
|
secrets: {
|
|
147
|
-
[
|
|
148
|
-
[
|
|
149
|
-
[
|
|
150
|
+
['client-id']: { value: clientId, contentType: `AppRegistration:${this.name} ` },
|
|
151
|
+
['client-secret']: { value: clientSecret, contentType: `AppRegistration:${this.name} ` },
|
|
152
|
+
['principal-id']: {
|
|
150
153
|
value: servicePrincipalId,
|
|
151
154
|
contentType: `AppRegistration:${this.name} `,
|
|
152
155
|
},
|
|
153
|
-
[
|
|
156
|
+
['principal-secret']: {
|
|
154
157
|
value: servicePrincipalPass,
|
|
155
158
|
contentType: `AppRegistration:${this.name} `,
|
|
156
159
|
},
|
|
157
160
|
},
|
|
158
161
|
}, { dependsOn: this.opts?.dependsOn, parent: this });
|
|
159
|
-
this.vaultSecrets
|
|
162
|
+
this.vaultSecrets = secret.getOutputs();
|
|
160
163
|
return secret;
|
|
161
164
|
}
|
|
162
165
|
}
|
|
163
166
|
exports.AppRegistration = AppRegistration;
|
|
164
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
167
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXBwUmVnaXN0cmF0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2F6QWQvQXBwUmVnaXN0cmF0aW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHNEQUF3QztBQUN4Qyx1REFBeUM7QUFFekMscURBQXNFO0FBR3RFLGtDQUF3QztBQUN4QyxvQ0FBd0M7QUFDeEMsNkNBQTJEO0FBQzNELHdDQUFpRDtBQUVqRCxJQUFZLDBCQU1YO0FBTkQsV0FBWSwwQkFBMEI7SUFDcEMsMkNBQWEsQ0FBQTtJQUNiLDZEQUErQixDQUFBO0lBQy9CLDZEQUErQixDQUFBO0lBQy9CLG1FQUFxQyxDQUFBO0lBQ3JDLHlDQUFXLENBQUE7QUFDYixDQUFDLEVBTlcsMEJBQTBCLDBDQUExQiwwQkFBMEIsUUFNckM7QUE0Q0QsTUFBYSxlQUFnQixTQUFRLG9CQUFrQztJQUNyRCxRQUFRLENBQXdCO0lBQ2hDLFFBQVEsQ0FBd0I7SUFDaEMsWUFBWSxDQUF3QjtJQUNwQyxrQkFBa0IsQ0FBd0I7SUFDMUMsd0JBQXdCLENBQXdCO0lBQ3hELFlBQVksR0FBMkMsRUFBRSxDQUFDO0lBRWxFLFlBQVksSUFBWSxFQUFFLE9BQTRCLEVBQUUsT0FBTyxFQUFFLFFBQVEsRUFBRSxFQUFFLElBQXNDO1FBQ2pILEtBQUssQ0FBQyxJQUFBLGtDQUF3QixFQUFDLGlCQUFpQixDQUFDLEVBQUUsSUFBSSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztRQUVyRSxhQUFhO1FBQ2IsTUFBTSxFQUFFLEdBQUcsRUFBRSxZQUFZLEVBQUUsR0FBRyxJQUFJLENBQUMscUJBQXFCLEVBQUUsQ0FBQztRQUMzRCxNQUFNLEVBQUUsR0FBRyxJQUFJLENBQUMsc0JBQXNCLENBQUMsR0FBRyxDQUFDLENBQUM7UUFFNUMsSUFBSSxDQUFDLGtCQUFrQixHQUFHLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQztRQUNoRCxJQUFJLENBQUMsd0JBQXdCLEdBQUcsRUFBRSxDQUFDLHdCQUF3QixDQUFDO1FBQzVELElBQUksQ0FBQyxRQUFRLEdBQUcsR0FBRyxDQUFDLFFBQVEsQ0FBQztRQUM3QixJQUFJLENBQUMsWUFBWSxHQUFHLFlBQVksQ0FBQztRQUNqQyxJQUFJLENBQUMsUUFBUSxHQUFHLGtCQUFRLENBQUMsUUFBUSxDQUFDO1FBRWxDLElBQUksQ0FBQyxVQUFVLENBQUM7WUFDZCxRQUFRLEVBQUUsR0FBRyxDQUFDLFFBQVE7WUFDdEIsWUFBWSxFQUFFLFlBQVk7WUFDMUIsa0JBQWtCLEVBQUUsRUFBRSxDQUFDLGtCQUFrQjtZQUN6QyxvQkFBb0IsRUFBRSxFQUFFLENBQUMsd0JBQXdCO1NBQ2xELENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztJQUN6QixDQUFDO0lBRU0sVUFBVTtRQUNmLE9BQU87WUFDTCxRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVE7WUFDdkIsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRO1lBQ3ZCLGtCQUFrQixFQUFFLElBQUksQ0FBQyxrQkFBa0I7WUFDM0MsWUFBWSxFQUFFLElBQUksQ0FBQyxZQUFZO1NBQ2hDLENBQUM7SUFDSixDQUFDO0lBRU8scUJBQXFCO1FBQzNCLE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDO1FBRTNCLE1BQU0sR0FBRyxHQUFHLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FDOUIsR0FBRyxtQkFBUyxDQUFDLEtBQUssSUFBSSxJQUFJLENBQUMsSUFBSSxFQUFFLEVBQ2pDO1lBQ0UsR0FBRyxJQUFJLENBQUMsSUFBSTtZQUNaLEdBQUcsSUFBSTtZQUNQLFdBQVcsRUFBRSxJQUFJLEVBQUUsV0FBVyxJQUFJLEdBQUcsbUJBQVMsQ0FBQyxLQUFLLElBQUksSUFBSSxDQUFDLElBQUksRUFBRTtZQUNuRSxXQUFXLEVBQUUsSUFBSSxFQUFFLFdBQVcsSUFBSSxHQUFHLG1CQUFTLENBQUMsS0FBSyxJQUFJLElBQUksQ0FBQyxJQUFJLEVBQUU7WUFDbkUscUJBQXFCLEVBQUUsSUFBSTtZQUMzQixjQUFjLEVBQUUsY0FBYztZQUU5QixjQUFjO1lBQ2QsR0FBRyxFQUNELElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxJQUFJLEtBQUs7Z0JBQ3hCLENBQUMsQ0FBQztvQkFDRSxZQUFZLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZO29CQUNwQyxTQUFTLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTO29CQUM5QixhQUFhLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxhQUFhO29CQUN0QyxXQUFXLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxXQUFXO2lCQUNuQztnQkFDSCxDQUFDLENBQUMsU0FBUztZQUNmLHFCQUFxQixFQUNuQixJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sSUFBSSx1QkFBdUIsQ0FBQyxDQUFDLENBQUMsRUFBRSxZQUFZLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUztTQUN0RyxFQUNELEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsYUFBYSxFQUFFLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FDeEQsQ0FBQztRQUVGLE1BQU0sWUFBWSxHQUFHLElBQUksSUFBSSxDQUFDLG1CQUFtQixDQUMvQyxHQUFHLElBQUksQ0FBQyxJQUFJLGdCQUFnQixFQUM1QjtZQUNFLFdBQVcsRUFBRSxJQUFJLENBQUMsSUFBSTtZQUN0QixhQUFhLEVBQUUsR0FBRyxDQUFDLEVBQUU7U0FDdEIsRUFDRCxFQUFFLFNBQVMsRUFBRSxHQUFHLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUNqQyxDQUFDO1FBRUYsT0FBTyxFQUFFLEdBQUcsRUFBRSxZQUFZLEVBQUUsWUFBWSxDQUFDLEtBQUssRUFBRSxDQUFDO0lBQ25ELENBQUM7SUFFTyxzQkFBc0IsQ0FBQyxHQUFxQjtRQUNsRCxtQkFBbUI7UUFDbkIsTUFBTSxFQUFFLEdBQUcsSUFBSSxJQUFJLENBQUMsZ0JBQWdCLENBQ2xDLEdBQUcsSUFBSSxDQUFDLElBQUksS0FBSyxFQUNqQjtZQUNFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxnQkFBZ0I7WUFDN0IsV0FBVyxFQUFFLElBQUksQ0FBQyxJQUFJO1lBQ3RCLFFBQVEsRUFBRSxHQUFHLENBQUMsUUFBUTtZQUN0QixNQUFNLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNO1NBQ3pCLEVBQ0QsRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLFdBQVcsRUFBRSxHQUFHLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUNuRCxDQUFDO1FBRUYsTUFBTSxNQUFNLEdBQUcsSUFBSSxJQUFJLENBQUMsd0JBQXdCLENBQzlDLEdBQUcsSUFBSSxDQUFDLElBQUksVUFBVSxFQUN0QjtZQUNFLFdBQVcsRUFBRSxJQUFJLENBQUMsSUFBSTtZQUN0QixrQkFBa0IsRUFBRSxNQUFNLENBQUMsV0FBVyxDQUFBLHNCQUFzQixFQUFFLENBQUMsUUFBUSxFQUFFO1NBQzFFLEVBQ0QsRUFBRSxTQUFTLEVBQUUsRUFBRSxFQUFFLFdBQVcsRUFBRSxHQUFHLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUNsRCxDQUFDO1FBRUYsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQzVCLElBQUksQ0FBQyxXQUFXLENBQUMsRUFBRSxDQUFDLENBQUM7UUFFckIsT0FBTztZQUNMLGtCQUFrQixFQUFFLEVBQUUsQ0FBQyxFQUFFO1lBQ3pCLHdCQUF3QixFQUFFLE1BQU0sQ0FBQyxLQUFLO1NBQ3ZDLENBQUM7SUFDSixDQUFDO0lBRU8sa0JBQWtCLENBQUMsRUFBeUI7UUFDbEQsTUFBTSxFQUFFLGVBQWUsRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUM7UUFDdEMsSUFBSSxDQUFDLGVBQWU7WUFBRSxPQUFPO1FBRTdCLE9BQU8sZUFBZSxDQUFDLEdBQUcsQ0FDeEIsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUNQLElBQUksK0JBQWMsQ0FDaEIsR0FBRyxJQUFJLENBQUMsSUFBSSxJQUFJLElBQUksQ0FBQyxRQUFRLEVBQUUsRUFDL0IsRUFBRSxHQUFHLElBQUksRUFBRSxXQUFXLEVBQUUsRUFBRSxDQUFDLFFBQVEsRUFBRSxhQUFhLEVBQUUsa0JBQWtCLEVBQUUsRUFDeEUsRUFBRSxTQUFTLEVBQUUsRUFBRSxFQUFFLFdBQVcsRUFBRSxFQUFFLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUNqRCxDQUNKLENBQUM7SUFDSixDQUFDO0lBRU8sV0FBVyxDQUFDLEVBQXlCO1FBQzNDLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVE7WUFBRSxPQUFPO1FBQ2hDLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQy9CLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsS0FBSyxDQUN4QixDQUFDLEVBQUUsRUFBRSxFQUFFLENBQ0wsSUFBSSxJQUFJLENBQUMsV0FBVyxDQUNsQixHQUFHLElBQUksQ0FBQyxJQUFJLElBQUksRUFBRSxDQUFDLFFBQVEsRUFBRSxFQUM3QjtZQUNFLGFBQWEsRUFBRSxFQUFFLENBQUMsUUFBUTtZQUMxQixjQUFjLEVBQUUsRUFBRSxDQUFDLFFBQVE7U0FDNUIsRUFDRCxFQUFFLFNBQVMsRUFBRSxFQUFFLEVBQUUsV0FBVyxFQUFFLEVBQUUsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLENBQ2pELENBQ0osQ0FDRixDQUFDO0lBQ0osQ0FBQztJQUVPLFVBQVUsQ0FBQyxFQUNqQixRQUFRLEVBQ1IsWUFBWSxFQUNaLGtCQUFrQixFQUNsQixvQkFBb0IsR0FNckI7UUFDQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTO1lBQUUsT0FBTztRQUNqQyxNQUFNLE1BQU0sR0FBRyxJQUFJLG9CQUFZLENBQzdCLElBQUksQ0FBQyxJQUFJLEVBQ1Q7WUFDRSxTQUFTLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTO1lBQzlCLE9BQU8sRUFBRTtnQkFDUCxDQUFDLFdBQVcsQ0FBQyxFQUFFLEVBQUUsS0FBSyxFQUFFLFFBQVEsRUFBRSxXQUFXLEVBQUUsbUJBQW1CLElBQUksQ0FBQyxJQUFJLEdBQUcsRUFBRTtnQkFDaEYsQ0FBQyxlQUFlLENBQUMsRUFBRSxFQUFFLEtBQUssRUFBRSxZQUFZLEVBQUUsV0FBVyxFQUFFLG1CQUFtQixJQUFJLENBQUMsSUFBSSxHQUFHLEVBQUU7Z0JBQ3hGLENBQUMsY0FBYyxDQUFDLEVBQUU7b0JBQ2hCLEtBQUssRUFBRSxrQkFBa0I7b0JBQ3pCLFdBQVcsRUFBRSxtQkFBbUIsSUFBSSxDQUFDLElBQUksR0FBRztpQkFDN0M7Z0JBQ0QsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFO29CQUNwQixLQUFLLEVBQUUsb0JBQW9CO29CQUMzQixXQUFXLEVBQUUsbUJBQW1CLElBQUksQ0FBQyxJQUFJLEdBQUc7aUJBQzdDO2FBQ0Y7U0FDRixFQUNELEVBQUUsU0FBUyxFQUFFLElBQUksQ0FBQyxJQUFJLEVBQUUsU0FBUyxFQUFFLE1BQU0sRUFBRSxJQUFJLEVBQUUsQ0FDbEQsQ0FBQztRQUNGLElBQUksQ0FBQyxZQUFZLEdBQUcsTUFBTSxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ3hDLE9BQU8sTUFBTSxDQUFDO0lBQ2hCLENBQUM7Q0FDRjtBQWpMRCwwQ0FpTEMifQ==
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { AppRegistration } from './AppRegistration';
|
|
2
|
+
import * as types from '../types';
|
|
3
|
+
import * as pulumi from '@pulumi/pulumi';
|
|
4
|
+
/**
|
|
5
|
+
* Creates an Azure App Registration for Cloudflare Access integration.
|
|
6
|
+
* @param name - The Zero Trust Team Name of the Cloudflare.
|
|
7
|
+
* @param props - Additional properties including vault information.
|
|
8
|
+
* @param opts - Optional Pulumi component resource options.
|
|
9
|
+
*/
|
|
10
|
+
export declare function createCloudflareAzIdentity(name: string, props: types.WithVaultInfo, opts?: pulumi.ComponentResourceOptions): AppRegistration;
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.createCloudflareAzIdentity = createCloudflareAzIdentity;
|
|
4
|
+
const AppRegistration_1 = require("./AppRegistration");
|
|
5
|
+
/**
|
|
6
|
+
* Creates an Azure App Registration for Cloudflare Access integration.
|
|
7
|
+
* @param name - The Zero Trust Team Name of the Cloudflare.
|
|
8
|
+
* @param props - Additional properties including vault information.
|
|
9
|
+
* @param opts - Optional Pulumi component resource options.
|
|
10
|
+
*/
|
|
11
|
+
function createCloudflareAzIdentity(name, props, opts = {}) {
|
|
12
|
+
return new AppRegistration_1.AppRegistration(`${name}-cloudflare-idp`, {
|
|
13
|
+
...props,
|
|
14
|
+
appType: 'web',
|
|
15
|
+
redirectUris: [`https://${name}.cloudflareaccess.com/cdn-cgi/access/callback`],
|
|
16
|
+
implicitGrant: {
|
|
17
|
+
accessTokenIssuanceEnabled: true,
|
|
18
|
+
idTokenIssuanceEnabled: true,
|
|
19
|
+
},
|
|
20
|
+
requiredResourceAccesses: [
|
|
21
|
+
{
|
|
22
|
+
resourceAppId: '00000003-0000-0000-c000-000000000000',
|
|
23
|
+
resourceAccesses: [
|
|
24
|
+
{
|
|
25
|
+
id: '0e263e50-5827-48a4-b97c-d940288653c7',
|
|
26
|
+
type: 'Scope',
|
|
27
|
+
},
|
|
28
|
+
{
|
|
29
|
+
id: '64a6cdd6-aab1-4aaf-94b8-3cc8405e90d0',
|
|
30
|
+
type: 'Scope',
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
id: '5f8c59db-677d-491f-a6b8-5f174b11ec1d',
|
|
34
|
+
type: 'Scope',
|
|
35
|
+
},
|
|
36
|
+
{
|
|
37
|
+
id: '7427e0e9-2fba-42fe-b0c0-848c9e6a8182',
|
|
38
|
+
type: 'Scope',
|
|
39
|
+
},
|
|
40
|
+
{
|
|
41
|
+
id: '37f7f235-527c-4136-accd-4a02d197296e',
|
|
42
|
+
type: 'Scope',
|
|
43
|
+
},
|
|
44
|
+
{
|
|
45
|
+
id: '14dad69e-099b-42c9-810b-d002981feec1',
|
|
46
|
+
type: 'Scope',
|
|
47
|
+
},
|
|
48
|
+
{
|
|
49
|
+
id: 'e1fe6dd8-ba31-4d61-89e7-88639da4683d',
|
|
50
|
+
type: 'Scope',
|
|
51
|
+
},
|
|
52
|
+
{
|
|
53
|
+
id: '2f51be20-0bb4-4fed-bf7b-db946066c75e',
|
|
54
|
+
type: 'Role',
|
|
55
|
+
},
|
|
56
|
+
],
|
|
57
|
+
},
|
|
58
|
+
],
|
|
59
|
+
}, opts);
|
|
60
|
+
}
|
|
61
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ2xvdWRmbGFyZUF6SWRlbnRpdHkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvYXpBZC9DbG91ZGZsYXJlQXpJZGVudGl0eS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQVdBLGdFQXlEQztBQXBFRCx1REFBb0Q7QUFJcEQ7Ozs7O0dBS0c7QUFFSCxTQUFnQiwwQkFBMEIsQ0FDeEMsSUFBWSxFQUNaLEtBQTBCLEVBQzFCLE9BQXdDLEVBQUU7SUFFMUMsT0FBTyxJQUFJLGlDQUFlLENBQ3hCLEdBQUcsSUFBSSxpQkFBaUIsRUFDeEI7UUFDRSxHQUFHLEtBQUs7UUFDUixPQUFPLEVBQUUsS0FBSztRQUNkLFlBQVksRUFBRSxDQUFDLFdBQVcsSUFBSSwrQ0FBK0MsQ0FBQztRQUM5RSxhQUFhLEVBQUU7WUFDYiwwQkFBMEIsRUFBRSxJQUFJO1lBQ2hDLHNCQUFzQixFQUFFLElBQUk7U0FDN0I7UUFDRCx3QkFBd0IsRUFBRTtZQUN4QjtnQkFDRSxhQUFhLEVBQUUsc0NBQXNDO2dCQUNyRCxnQkFBZ0IsRUFBRTtvQkFDaEI7d0JBQ0UsRUFBRSxFQUFFLHNDQUFzQzt3QkFDMUMsSUFBSSxFQUFFLE9BQU87cUJBQ2Q7b0JBQ0Q7d0JBQ0UsRUFBRSxFQUFFLHNDQUFzQzt3QkFDMUMsSUFBSSxFQUFFLE9BQU87cUJBQ2Q7b0JBQ0Q7d0JBQ0UsRUFBRSxFQUFFLHNDQUFzQzt3QkFDMUMsSUFBSSxFQUFFLE9BQU87cUJBQ2Q7b0JBQ0Q7d0JBQ0UsRUFBRSxFQUFFLHNDQUFzQzt3QkFDMUMsSUFBSSxFQUFFLE9BQU87cUJBQ2Q7b0JBQ0Q7d0JBQ0UsRUFBRSxFQUFFLHNDQUFzQzt3QkFDMUMsSUFBSSxFQUFFLE9BQU87cUJBQ2Q7b0JBQ0Q7d0JBQ0UsRUFBRSxFQUFFLHNDQUFzQzt3QkFDMUMsSUFBSSxFQUFFLE9BQU87cUJBQ2Q7b0JBQ0Q7d0JBQ0UsRUFBRSxFQUFFLHNDQUFzQzt3QkFDMUMsSUFBSSxFQUFFLE9BQU87cUJBQ2Q7b0JBQ0Q7d0JBQ0UsRUFBRSxFQUFFLHNDQUFzQzt3QkFDMUMsSUFBSSxFQUFFLE1BQU07cUJBQ2I7aUJBQ0Y7YUFDRjtTQUNGO0tBQ0YsRUFDRCxJQUFJLENBQ0wsQ0FBQztBQUNKLENBQUMifQ==
|
package/azAd/GroupRole.d.ts
CHANGED
|
@@ -2,7 +2,7 @@ import * as pulumi from '@pulumi/pulumi';
|
|
|
2
2
|
import { BaseComponent } from '../base';
|
|
3
3
|
import * as types from '../types';
|
|
4
4
|
import { AzRoleArgs } from './AzRole';
|
|
5
|
-
export interface GroupRoleArgs extends Pick<AzRoleArgs, 'owners' | 'preventDuplicateNames'
|
|
5
|
+
export interface GroupRoleArgs extends Partial<Pick<AzRoleArgs, 'owners' | 'preventDuplicateNames'>>, Partial<Record<types.GroupRoleTypes, Pick<AzRoleArgs, 'members'>>> {
|
|
6
6
|
preventDuplicateNames?: pulumi.Input<boolean>;
|
|
7
7
|
}
|
|
8
8
|
export declare class GroupRole extends BaseComponent<GroupRoleArgs> {
|
package/azAd/GroupRole.js
CHANGED
|
@@ -53,7 +53,7 @@ class GroupRole extends base_1.BaseComponent {
|
|
|
53
53
|
owners: args.owners,
|
|
54
54
|
members: args[role]?.members,
|
|
55
55
|
preventDuplicateNames: args.preventDuplicateNames,
|
|
56
|
-
}, { parent: this }),
|
|
56
|
+
}, { ...this.opts, parent: this, deletedWith: this }),
|
|
57
57
|
]));
|
|
58
58
|
this.admin = pulumi.output({
|
|
59
59
|
objectId: roleInstances.admin.objectId,
|
|
@@ -78,20 +78,19 @@ class GroupRole extends base_1.BaseComponent {
|
|
|
78
78
|
};
|
|
79
79
|
}
|
|
80
80
|
configHierarchyRoles(roles) {
|
|
81
|
-
const deps = Object.values(roles);
|
|
82
81
|
if (this.admin && this.contributor) {
|
|
83
82
|
new azAd.GroupMember(`${this.name}-admin2contributor`, {
|
|
84
83
|
groupObjectId: this.contributor.objectId,
|
|
85
84
|
memberObjectId: this.admin.objectId,
|
|
86
|
-
}, { dependsOn:
|
|
85
|
+
}, { dependsOn: roles['admin'], parent: this, retainOnDelete: true });
|
|
87
86
|
}
|
|
88
87
|
if (this.contributor && this.readOnly) {
|
|
89
88
|
new azAd.GroupMember(`${this.name}-contributor2readOnly`, {
|
|
90
89
|
groupObjectId: this.readOnly.objectId,
|
|
91
90
|
memberObjectId: this.contributor.objectId,
|
|
92
|
-
}, { dependsOn:
|
|
91
|
+
}, { dependsOn: roles['contributor'], parent: this, retainOnDelete: true });
|
|
93
92
|
}
|
|
94
93
|
}
|
|
95
94
|
}
|
|
96
95
|
exports.GroupRole = GroupRole;
|
|
97
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
96
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiR3JvdXBSb2xlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2F6QWQvR3JvdXBSb2xlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHNEQUF3QztBQUN4Qyx1REFBeUM7QUFDekMsa0NBQXdDO0FBQ3hDLDZDQUEyRDtBQUMzRCx3Q0FBdUM7QUFFdkMscUNBQThDO0FBUzlDLE1BQWEsU0FBVSxTQUFRLG9CQUE0QjtJQUN6QyxLQUFLLENBQXVDO0lBQzVDLFdBQVcsQ0FBdUM7SUFDbEQsUUFBUSxDQUF1QztJQUUvRCxZQUFZLE9BQWUsbUJBQVMsQ0FBQyxLQUFLLEVBQUUsT0FBc0IsRUFBRSxFQUFFLElBQXNDO1FBQzFHLEtBQUssQ0FBQyxJQUFBLGtDQUF3QixFQUFDLFdBQVcsQ0FBQyxFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFL0QsTUFBTSxLQUFLLEdBQUcsQ0FBQyxPQUFPLEVBQUUsYUFBYSxFQUFFLFVBQVUsQ0FBVSxDQUFDO1FBRTVELE1BQU0sYUFBYSxHQUFHLE1BQU0sQ0FBQyxXQUFXLENBQ3RDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDO1lBQ2xCLElBQUk7WUFDSixJQUFJLGVBQU0sQ0FDUixHQUFHLElBQUksSUFBSSxJQUFJLEVBQUUsRUFDakI7Z0JBQ0UsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2dCQUNuQixPQUFPLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLE9BQU87Z0JBQzVCLHFCQUFxQixFQUFFLElBQUksQ0FBQyxxQkFBcUI7YUFDbEQsRUFDRCxFQUFFLEdBQUcsSUFBSSxDQUFDLElBQUksRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLFdBQVcsRUFBRSxJQUFJLEVBQUUsQ0FDbEQ7U0FDRixDQUFDLENBQ0gsQ0FBQztRQUVGLElBQUksQ0FBQyxLQUFLLEdBQUcsTUFBTSxDQUFDLE1BQU0sQ0FBQztZQUN6QixRQUFRLEVBQUUsYUFBYSxDQUFDLEtBQUssQ0FBQyxRQUFRO1lBQ3RDLFdBQVcsRUFBRSxhQUFhLENBQUMsS0FBSyxDQUFDLFdBQVc7U0FDN0MsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFdBQVcsR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDO1lBQy9CLFFBQVEsRUFBRSxhQUFhLENBQUMsV0FBVyxDQUFDLFFBQVE7WUFDNUMsV0FBVyxFQUFFLGFBQWEsQ0FBQyxXQUFXLENBQUMsV0FBVztTQUNuRCxDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsUUFBUSxHQUFHLE1BQU0sQ0FBQyxNQUFNLENBQUM7WUFDNUIsUUFBUSxFQUFFLGFBQWEsQ0FBQyxRQUFRLENBQUMsUUFBUTtZQUN6QyxXQUFXLEVBQUUsYUFBYSxDQUFDLFFBQVEsQ0FBQyxXQUFXO1NBQ2hELENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUV6QyxJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7SUFDekIsQ0FBQztJQUVNLFVBQVU7UUFDZixPQUFPO1lBQ0wsS0FBSyxFQUFFLElBQUksQ0FBQyxLQUFLO1lBQ2pCLFdBQVcsRUFBRSxJQUFJLENBQUMsV0FBVztZQUM3QixRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVE7U0FDeEIsQ0FBQztJQUNKLENBQUM7SUFFTyxvQkFBb0IsQ0FBQyxLQUE4QjtRQUN6RCxJQUFJLElBQUksQ0FBQyxLQUFLLElBQUksSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQ25DLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FDbEIsR0FBRyxJQUFJLENBQUMsSUFBSSxvQkFBb0IsRUFDaEM7Z0JBQ0UsYUFBYSxFQUFFLElBQUksQ0FBQyxXQUFXLENBQUMsUUFBUTtnQkFDeEMsY0FBYyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsUUFBUTthQUNwQyxFQUNELEVBQUUsU0FBUyxFQUFFLEtBQUssQ0FBQyxPQUFPLENBQUMsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLGNBQWMsRUFBRSxJQUFJLEVBQUUsQ0FDbEUsQ0FBQztRQUNKLENBQUM7UUFFRCxJQUFJLElBQUksQ0FBQyxXQUFXLElBQUksSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ3RDLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FDbEIsR0FBRyxJQUFJLENBQUMsSUFBSSx1QkFBdUIsRUFDbkM7Z0JBQ0UsYUFBYSxFQUFFLElBQUksQ0FBQyxRQUFRLENBQUMsUUFBUTtnQkFDckMsY0FBYyxFQUFFLElBQUksQ0FBQyxXQUFXLENBQUMsUUFBUTthQUMxQyxFQUNELEVBQUUsU0FBUyxFQUFFLEtBQUssQ0FBQyxhQUFhLENBQUMsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLGNBQWMsRUFBRSxJQUFJLEVBQUUsQ0FDeEUsQ0FBQztRQUNKLENBQUM7SUFDSCxDQUFDO0NBQ0Y7QUE1RUQsOEJBNEVDIn0=
|
|
@@ -56,7 +56,7 @@ class UserAssignedIdentity extends base_1.BaseResourceComponent {
|
|
|
56
56
|
this.id = managedIdentity.id;
|
|
57
57
|
this.clientId = managedIdentity.clientId;
|
|
58
58
|
this.principalId = managedIdentity.principalId;
|
|
59
|
-
this.addMemberOf();
|
|
59
|
+
this.addMemberOf(managedIdentity);
|
|
60
60
|
this.registerOutputs();
|
|
61
61
|
}
|
|
62
62
|
getOutputs() {
|
|
@@ -79,14 +79,14 @@ class UserAssignedIdentity extends base_1.BaseResourceComponent {
|
|
|
79
79
|
resourceName: managedIdentity.name,
|
|
80
80
|
}, { dependsOn: managedIdentity, parent: this, deletedWith: managedIdentity }));
|
|
81
81
|
}
|
|
82
|
-
addMemberOf() {
|
|
82
|
+
addMemberOf(uid) {
|
|
83
83
|
if (!this.args.memberof)
|
|
84
84
|
return;
|
|
85
|
-
this.args.memberof.map((group) => pulumi.output(group).apply((id) => new azAd.GroupMember(`${this.name}-${id.objectId}`, {
|
|
85
|
+
return this.args.memberof.map((group) => pulumi.output(group).apply((id) => new azAd.GroupMember(`${this.name}-${id.objectId}`, {
|
|
86
86
|
groupObjectId: id.objectId,
|
|
87
|
-
memberObjectId:
|
|
88
|
-
}, { parent: this,
|
|
87
|
+
memberObjectId: uid.principalId,
|
|
88
|
+
}, { dependsOn: uid, parent: this, retainOnDelete: true })));
|
|
89
89
|
}
|
|
90
90
|
}
|
|
91
91
|
exports.UserAssignedIdentity = UserAssignedIdentity;
|
|
92
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
92
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVXNlckFzc2lnbmVkSWRlbnRpdHkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvYXpBZC9Vc2VyQXNzaWduZWRJZGVudGl0eS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxzREFBd0M7QUFDeEMsMEVBQTREO0FBQzVELHVEQUF5QztBQUV6QyxrQ0FBMEQ7QUFFMUQsd0NBQWlEO0FBVWpELE1BQWEsb0JBQXFCLFNBQVEsNEJBQStDO0lBQ3ZFLEVBQUUsQ0FBd0I7SUFDMUIsUUFBUSxDQUF3QjtJQUNoQyxXQUFXLENBQXdCO0lBRW5ELFlBQVksSUFBWSxFQUFFLElBQThCLEVBQUUsSUFBc0M7UUFDOUYsS0FBSyxDQUFDLHNCQUFzQixFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFDaEQsTUFBTSxFQUFFLE9BQU8sRUFBRSxHQUFHLElBQUksQ0FBQztRQUV6QixNQUFNLGVBQWUsR0FBRyxJQUFJLEdBQUcsQ0FBQyxvQkFBb0IsQ0FBQyxJQUFJLEVBQUUsRUFBRSxHQUFHLE9BQU8sRUFBRSxFQUFFLEVBQUUsR0FBRyxJQUFJLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7UUFFdEcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsQ0FBQyxDQUFDO1FBRXhDLElBQUksQ0FBQyxVQUFVLENBQUM7WUFDZCxDQUFDLFFBQVEsQ0FBQyxFQUFFLGVBQWUsQ0FBQyxFQUFFO1lBQzlCLENBQUMsY0FBYyxDQUFDLEVBQUUsZUFBZSxDQUFDLFFBQVE7WUFDMUMsQ0FBQyxpQkFBaUIsQ0FBQyxFQUFFLGVBQWUsQ0FBQyxXQUFXO1NBQ2pELENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxFQUFFLEdBQUcsZUFBZSxDQUFDLEVBQUUsQ0FBQztRQUM3QixJQUFJLENBQUMsUUFBUSxHQUFHLGVBQWUsQ0FBQyxRQUFRLENBQUM7UUFDekMsSUFBSSxDQUFDLFdBQVcsR0FBRyxlQUFlLENBQUMsV0FBVyxDQUFDO1FBRS9DLElBQUksQ0FBQyxXQUFXLENBQUMsZUFBZSxDQUFDLENBQUM7UUFDbEMsSUFBSSxDQUFDLGVBQWUsRUFBRSxDQUFDO0lBQ3pCLENBQUM7SUFFTSxVQUFVO1FBQ2YsT0FBTztZQUNMLEVBQUUsRUFBRSxJQUFJLENBQUMsRUFBRTtZQUNYLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUN2QixXQUFXLEVBQUUsSUFBSSxDQUFDLFdBQVc7U0FDOUIsQ0FBQztJQUNKLENBQUM7SUFFTyxpQkFBaUIsQ0FBQyxlQUF5QztRQUNqRSxNQUFNLEVBQUUsT0FBTyxFQUFFLFdBQVcsRUFBRSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUM7UUFDM0MsSUFBSSxDQUFDLFdBQVc7WUFBRSxPQUFPLFNBQVMsQ0FBQztRQUNuQyxPQUFPLG1CQUFTLENBQUMsVUFBVSxDQUN6QixXQUFXLEVBQ1gsQ0FBQyxJQUFJLEVBQUUsS0FBSyxFQUFFLEVBQUUsQ0FDZCxJQUFJLEdBQUcsQ0FBQywyQkFBMkIsQ0FDakMsR0FBRyxJQUFJLENBQUMsSUFBSSxJQUFJLElBQUksRUFBRSxFQUN0QjtZQUNFLEdBQUcsT0FBTztZQUNWLHVDQUF1QyxFQUFFLElBQUk7WUFDN0MsU0FBUyxFQUFFLENBQUMsNEJBQTRCLENBQUM7WUFDekMsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNLElBQUksTUFBTSxDQUFDLFdBQVcsQ0FBQSxxQ0FBcUMsa0JBQVEsQ0FBQyxRQUFRLE9BQU87WUFDdkcsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO1lBQ3RCLFlBQVksRUFBRSxlQUFlLENBQUMsSUFBSTtTQUNuQyxFQUNELEVBQUUsU0FBUyxFQUFFLGVBQWUsRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLFdBQVcsRUFBRSxlQUFlLEVBQUUsQ0FDM0UsQ0FDSixDQUFDO0lBQ0osQ0FBQztJQUVPLFdBQVcsQ0FBQyxHQUE2QjtRQUMvQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRO1lBQUUsT0FBTztRQUNoQyxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQ3RDLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsS0FBSyxDQUN4QixDQUFDLEVBQUUsRUFBRSxFQUFFLENBQ0wsSUFBSSxJQUFJLENBQUMsV0FBVyxDQUNsQixHQUFHLElBQUksQ0FBQyxJQUFJLElBQUksRUFBRSxDQUFDLFFBQVEsRUFBRSxFQUM3QjtZQUNFLGFBQWEsRUFBRSxFQUFFLENBQUMsUUFBUTtZQUMxQixjQUFjLEVBQUUsR0FBRyxDQUFDLFdBQVc7U0FDaEMsRUFDRCxFQUFFLFNBQVMsRUFBRSxHQUFHLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxjQUFjLEVBQUUsSUFBSSxFQUFFLENBQ3ZELENBQ0osQ0FDRixDQUFDO0lBQ0osQ0FBQztDQUNGO0FBeEVELG9EQXdFQyJ9
|
|
@@ -14,8 +14,8 @@ const rsRoles = {
|
|
|
14
14
|
'Azure Kubernetes Service Cluster User Role',
|
|
15
15
|
'Azure Kubernetes Service RBAC Reader',
|
|
16
16
|
],
|
|
17
|
-
contributor: ['Azure Arc Kubernetes Writer'],
|
|
18
|
-
admin: ['Azure Arc Kubernetes Admin'],
|
|
17
|
+
contributor: ['Azure Arc Kubernetes Writer', 'Azure Kubernetes Service RBAC Writer'],
|
|
18
|
+
admin: ['Azure Arc Kubernetes Admin', 'Azure Kubernetes Service RBAC Admin'],
|
|
19
19
|
},
|
|
20
20
|
iotHub: {
|
|
21
21
|
readOnly: ['IoT Hub Data Reader'],
|
|
@@ -31,12 +31,7 @@ const rsRoles = {
|
|
|
31
31
|
'Key Vault Certificate User',
|
|
32
32
|
'Key Vault Reader',
|
|
33
33
|
],
|
|
34
|
-
contributor: [
|
|
35
|
-
'Key Vault Certificates Officer',
|
|
36
|
-
'Key Vault Crypto Officer',
|
|
37
|
-
'Key Vault Secrets Officer',
|
|
38
|
-
'Key Vault Contributor',
|
|
39
|
-
],
|
|
34
|
+
contributor: ['Key Vault Certificates Officer', 'Key Vault Crypto Officer', 'Key Vault Secrets Officer'],
|
|
40
35
|
admin: ['Key Vault Administrator', 'Key Vault Data Access Administrator'],
|
|
41
36
|
},
|
|
42
37
|
storage: {
|
|
@@ -133,4 +128,4 @@ function getRsRoleDefinitions() {
|
|
|
133
128
|
}));
|
|
134
129
|
}
|
|
135
130
|
exports.rsRoleDefinitions = getRsRoleDefinitions();
|
|
136
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
131
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicnNSb2xlRGVmaW5pdGlvbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9hekFkL2hlbHBlcnMvcnNSb2xlRGVmaW5pdGlvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFFQSx1REFBcUQ7QUFJckQsTUFBTSxPQUFPLEdBQUc7SUFDZCxPQUFPLEVBQUU7UUFDUCxLQUFLLEVBQUUsRUFBRTtRQUNULFdBQVcsRUFBRSxDQUFDLGFBQWEsQ0FBQztRQUM1QixRQUFRLEVBQUUsQ0FBQyxRQUFRLENBQUM7S0FDckI7SUFDRCxHQUFHLEVBQUU7UUFDSCxRQUFRLEVBQUU7WUFDUiw2QkFBNkI7WUFDN0IsNENBQTRDO1lBQzVDLHNDQUFzQztTQUN2QztRQUNELFdBQVcsRUFBRSxDQUFDLDZCQUE2QixFQUFFLHNDQUFzQyxDQUFDO1FBQ3BGLEtBQUssRUFBRSxDQUFDLDRCQUE0QixFQUFFLHFDQUFxQyxDQUFDO0tBQzdFO0lBQ0QsTUFBTSxFQUFFO1FBQ04sUUFBUSxFQUFFLENBQUMscUJBQXFCLENBQUM7UUFDakMsV0FBVyxFQUFFLENBQUMsMEJBQTBCLENBQUM7UUFDekMsS0FBSyxFQUFFLENBQUMsOEJBQThCLEVBQUUsMEJBQTBCLENBQUM7S0FDcEU7SUFDRCxRQUFRLEVBQUU7UUFDUixRQUFRLEVBQUU7WUFDUiwwQ0FBMEM7WUFDMUMsdUNBQXVDO1lBQ3ZDLHdCQUF3QjtZQUN4Qix1QkFBdUI7WUFDdkIsNEJBQTRCO1lBQzVCLGtCQUFrQjtTQUNuQjtRQUNELFdBQVcsRUFBRSxDQUFDLGdDQUFnQyxFQUFFLDBCQUEwQixFQUFFLDJCQUEyQixDQUFDO1FBQ3hHLEtBQUssRUFBRSxDQUFDLHlCQUF5QixFQUFFLHFDQUFxQyxDQUFDO0tBQzFFO0lBQ0QsT0FBTyxFQUFFO1FBQ1AsUUFBUSxFQUFFO1lBQ1IsMEJBQTBCO1lBQzFCLG9DQUFvQztZQUNwQywyQkFBMkI7WUFDM0IsMkJBQTJCO1NBQzVCO1FBQ0QsV0FBVyxFQUFFO1lBQ1gsb0NBQW9DO1lBQ3BDLDZCQUE2QjtZQUM3QixtREFBbUQ7WUFDbkQsK0JBQStCO1lBQy9CLHFDQUFxQztZQUNyQyx5Q0FBeUM7WUFDekMsa0RBQWtEO1lBQ2xELGdDQUFnQztZQUNoQyxzQ0FBc0M7WUFDdEMsbUNBQW1DO1lBQ25DLGdDQUFnQztTQUNqQztRQUNELEtBQUssRUFBRTtZQUNMLDJDQUEyQztZQUMzQyx5QkFBeUI7WUFDekIsMENBQTBDO1NBQzNDO0tBQ0Y7SUFDRCxpQkFBaUIsRUFBRTtRQUNqQixRQUFRLEVBQUUsQ0FBQyxzQ0FBc0MsRUFBRSxTQUFTLENBQUM7UUFDN0QsV0FBVyxFQUFFO1lBQ1gsc0NBQXNDO1lBQ3RDLFNBQVM7WUFDVCwyQ0FBMkM7WUFDM0Msa0RBQWtEO1NBQ25EO1FBQ0QsS0FBSyxFQUFFLENBQUMsV0FBVyxDQUFDO0tBQ3JCO0lBQ0QsU0FBUyxFQUFFO1FBQ1QsUUFBUSxFQUFFLENBQUMsK0JBQStCLENBQUM7UUFDM0MsV0FBVyxFQUFFLENBQUMsOEJBQThCLENBQUM7UUFDN0MsS0FBSyxFQUFFLEVBQUU7S0FDVjtJQUNELFVBQVUsRUFBRTtRQUNWLFFBQVEsRUFBRSxDQUFDLGlDQUFpQyxDQUFDO1FBQzdDLFdBQVcsRUFBRSxDQUFDLCtCQUErQixDQUFDO1FBQzlDLEtBQUssRUFBRSxDQUFDLDhCQUE4QixDQUFDO0tBQ3hDO0lBQ0QsT0FBTyxFQUFFO1FBQ1AsUUFBUSxFQUFFLENBQUMseUJBQXlCLENBQUM7UUFDckMsV0FBVyxFQUFFLENBQUMsb0JBQW9CLENBQUM7UUFDbkMsS0FBSyxFQUFFLENBQUMsd0JBQXdCLENBQUM7S0FDbEM7SUFDRCxLQUFLLEVBQUU7UUFDTCxRQUFRLEVBQUUsRUFBRTtRQUNaLFdBQVcsRUFBRSxDQUFDLHlCQUF5QixDQUFDO1FBQ3hDLEtBQUssRUFBRSxFQUFFO0tBQ1Y7SUFDRCxjQUFjLEVBQUU7UUFDZCxRQUFRLEVBQUUsQ0FBQyw0QkFBNEIsRUFBRSxrQ0FBa0MsQ0FBQztRQUM1RSxXQUFXLEVBQUUsQ0FBQyw2QkFBNkIsQ0FBQztRQUM1QyxLQUFLLEVBQUUsRUFBRTtLQUNWO0NBQ0YsQ0FBQztBQVdGLFNBQVMsb0JBQW9CO0lBQzNCLGlFQUFpRTtJQUNqRSx5Q0FBeUM7SUFDekMsZ0JBQWdCO0lBQ2hCLDRCQUE0QjtJQUM1QixtQkFBbUI7SUFDbkIseUJBQXlCO0lBQ3pCLGtDQUFrQztJQUNsQyxVQUFVO0lBQ1YsK0JBQStCO0lBQy9CLG1CQUFtQjtJQUNuQix3Q0FBd0M7SUFDeEMsa0NBQWtDO0lBQ2xDLFVBQVU7SUFDVixPQUFPO0lBQ1AsZ0JBQWdCO0lBQ2hCLG9DQUFvQztJQUNwQyxPQUFPLElBQUEsc0JBQVUsRUFDZixPQUFPLEVBQ1AsQ0FBQyxHQUFHLEVBQUUsS0FBSyxFQUFFLEVBQUUsQ0FDYixDQUFDO1FBQ0MsR0FBRyxLQUFLO1FBQ1IsV0FBVyxFQUFFLEdBQUcsRUFBRSxDQUFDLENBQUM7WUFDbEIsS0FBSyxFQUFFLEVBQUU7WUFDVCxXQUFXLEVBQUUsRUFBRTtZQUNmLFFBQVEsRUFBRSxLQUFLLENBQUMsUUFBUTtTQUN6QixDQUFDO1FBQ0YsY0FBYyxFQUFFLEdBQUcsRUFBRSxDQUFDLENBQUM7WUFDckIsS0FBSyxFQUFFLEVBQUU7WUFDVCxXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7WUFDOUIsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO1NBQ3pCLENBQUM7S0FDSCxDQUFnQyxDQUNwQyxDQUFDO0FBQ0osQ0FBQztBQUVZLFFBQUEsaUJBQWlCLEdBQUcsb0JBQW9CLEVBQUUsQ0FBQyJ9
|
package/azAd/index.d.ts
CHANGED
package/azAd/index.js
CHANGED
|
@@ -17,8 +17,9 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
17
17
|
__exportStar(require("./helpers"), exports);
|
|
18
18
|
__exportStar(require("./AppRegistration"), exports);
|
|
19
19
|
__exportStar(require("./AzRole"), exports);
|
|
20
|
+
__exportStar(require("./CloudflareAzIdentity"), exports);
|
|
20
21
|
__exportStar(require("./CustomRoles"), exports);
|
|
21
22
|
__exportStar(require("./GroupRole"), exports);
|
|
22
23
|
__exportStar(require("./RoleAssignment"), exports);
|
|
23
24
|
__exportStar(require("./UserAssignedIdentity"), exports);
|
|
24
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
25
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvYXpBZC9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsNENBQTBCO0FBQzFCLG9EQUFrQztBQUNsQywyQ0FBeUI7QUFDekIseURBQXVDO0FBQ3ZDLGdEQUE4QjtBQUM5Qiw4Q0FBNEI7QUFDNUIsbURBQWlDO0FBQ2pDLHlEQUF1QyJ9
|