@drunk-pulumi/azure 0.0.19

package/Storage/ManagementRules.d.ts

@@ -0,0 +1,70 @@
+import * as pulumi from '@pulumi/pulumi';
+import * as storage from '@pulumi/azure-native/storage';
+import { ResourceGroupInfo } from '../types';
+interface DateAfterModificationArgs {
+    /**
+     * Value indicating the age in days after last blob access. This property can only be used in conjunction with last access time tracking policy
+     */
+    daysAfterLastAccessTimeGreaterThan?: pulumi.Input<number>;
+    /**
+     * Value indicating the age in days after last modification
+     */
+    daysAfterModificationGreaterThan?: pulumi.Input<number>;
+}
+interface DateAfterCreationArgs {
+    /**
+     * Value indicating the age in days after creation
+     */
+    daysAfterCreationGreaterThan: pulumi.Input<number>;
+}
+interface PolicyVersionArgs {
+    /**
+     * The function to delete the blob version
+     */
+    delete?: pulumi.Input<DateAfterCreationArgs>;
+    /**
+     * The function to tier blob version to archive storage. Support blob version currently at Hot or Cool tier
+     */
+    tierToArchive?: pulumi.Input<DateAfterCreationArgs>;
+    /**
+     * The function to tier blob version to cool storage. Support blob version currently at Hot tier
+     */
+    tierToCool?: pulumi.Input<DateAfterCreationArgs>;
+}
+type ManagementRuleActions = {
+    baseBlob?: {
+        delete?: DateAfterModificationArgs;
+        tierToArchive?: DateAfterModificationArgs;
+        tierToCool?: DateAfterModificationArgs;
+        enableAutoTierToHotFromCool?: boolean;
+    };
+    snapshot?: PolicyVersionArgs;
+    version?: PolicyVersionArgs;
+};
+type ManagementRuleFilters = {
+    blobTypes: Array<'blockBlob' | 'appendBlob'>;
+    tagFilters?: pulumi.Input<{
+        name: pulumi.Input<string>;
+        op: '==';
+        value: pulumi.Input<string>;
+    }>[];
+};
+interface DefaultManagementRuleFilters extends ManagementRuleFilters {
+    containerNames?: pulumi.Input<string>[];
+}
+export type DefaultManagementRules = {
+    actions: ManagementRuleActions;
+    filters?: DefaultManagementRuleFilters;
+};
+export type ManagementRules = {
+    actions: ManagementRuleActions;
+    filters?: ManagementRuleFilters;
+};
+export declare const createManagementRules: ({ name, storageAccount, group, rules, containerNames, }: {
+    name: string;
+    group: ResourceGroupInfo;
+    storageAccount: storage.StorageAccount;
+    containerNames?: pulumi.Input<string>[] | undefined;
+    rules: Array<ManagementRules | DefaultManagementRules>;
+}) => import("@pulumi/azure-native/storage/managementPolicy").ManagementPolicy;
+export {};

package/Storage/ManagementRules.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createManagementRules = void 0;
+const storage = require("@pulumi/azure-native/storage");
+const createManagementRules = ({ name, storageAccount, group, rules, containerNames, }) => {
+    name = `${name}-mnp`;
+    return new storage.ManagementPolicy(name, {
+        managementPolicyName: name,
+        accountName: storageAccount.name,
+        ...group,
+        policy: {
+            rules: rules.map((m, i) => ({
+                enabled: true,
+                name: `${name}-${i}`,
+                type: 'Lifecycle',
+                definition: {
+                    actions: m.actions,
+                    filters: m.filters
+                        ? {
+                            blobTypes: m.filters.blobTypes,
+                            prefixMatch: containerNames ??
+                                m.filters.containerNames,
+                            blobIndexMatch: m.filters.tagFilters,
+                        }
+                        : undefined,
+                },
+            })),
+        },
+    }, { dependsOn: storageAccount });
+};
+exports.createManagementRules = createManagementRules;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiTWFuYWdlbWVudFJ1bGVzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL1N0b3JhZ2UvTWFuYWdlbWVudFJ1bGVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLHdEQUF3RDtBQW9FakQsTUFBTSxxQkFBcUIsR0FBRyxDQUFDLEVBQ3BDLElBQUksRUFDSixjQUFjLEVBQ2QsS0FBSyxFQUNMLEtBQUssRUFDTCxjQUFjLEdBT2YsRUFBRSxFQUFFO0lBQ0gsSUFBSSxHQUFHLEdBQUcsSUFBSSxNQUFNLENBQUM7SUFDckIsT0FBTyxJQUFJLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FDakMsSUFBSSxFQUNKO1FBQ0Usb0JBQW9CLEVBQUUsSUFBSTtRQUMxQixXQUFXLEVBQUUsY0FBYyxDQUFDLElBQUk7UUFDaEMsR0FBRyxLQUFLO1FBRVIsTUFBTSxFQUFFO1lBQ04sS0FBSyxFQUFFLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDO2dCQUMxQixPQUFPLEVBQUUsSUFBSTtnQkFDYixJQUFJLEVBQUUsR0FBRyxJQUFJLElBQUksQ0FBQyxFQUFFO2dCQUNwQixJQUFJLEVBQUUsV0FBVztnQkFDakIsVUFBVSxFQUFFO29CQUNWLE9BQU8sRUFBRSxDQUFDLENBQUMsT0FBTztvQkFFbEIsT0FBTyxFQUFFLENBQUMsQ0FBQyxPQUFPO3dCQUNoQixDQUFDLENBQUM7NEJBQ0UsU0FBUyxFQUFFLENBQUMsQ0FBQyxPQUFPLENBQUMsU0FBUzs0QkFDOUIsV0FBVyxFQUNULGNBQWM7Z0NBQ2IsQ0FBQyxDQUFDLE9BQXdDLENBQUMsY0FBYzs0QkFDNUQsY0FBYyxFQUFFLENBQUMsQ0FBQyxPQUFPLENBQUMsVUFBVTt5QkFDckM7d0JBQ0gsQ0FBQyxDQUFDLFNBQVM7aUJBQ2Q7YUFDRixDQUFDLENBQUM7U0FDSjtLQUNGLEVBQ0QsRUFBRSxTQUFTLEVBQUUsY0FBYyxFQUFFLENBQzlCLENBQUM7QUFDSixDQUFDLENBQUM7QUE1Q1csUUFBQSxxQkFBcUIseUJBNENoQyJ9

package/Storage/index.d.ts

@@ -0,0 +1,55 @@
+import { KeyVaultInfo, BasicResourceArgs } from '../types';
+import { Input } from '@pulumi/pulumi';
+import { DefaultManagementRules, ManagementRules } from './ManagementRules';
+type ContainerProps = {
+    name: string;
+    public?: boolean;
+    /** The management rule applied to Container level*/
+    managementRules?: Array<ManagementRules>;
+};
+interface StorageProps extends BasicResourceArgs {
+    customDomain?: string;
+    allowsCors?: string[];
+    vaultInfo: KeyVaultInfo;
+    /** The management rule applied to Storage level (all containers)*/
+    defaultManagementRules?: Array<DefaultManagementRules>;
+    containers?: Array<ContainerProps>;
+    queues?: Array<string>;
+    fileShares?: Array<string>;
+    featureFlags?: {
+        allowSharedKeyAccess?: boolean;
+        /** Enable this storage as static website. */
+        enableStaticWebsite?: boolean;
+        /**Only available when static site using CDN*/
+        includesDefaultResponseHeaders?: boolean;
+        /** The CDN is automatic enabled when the customDomain is provided. However, turn this on to force to enable CDN regardless to customDomain. */
+        forceUseCdn?: boolean;
+        /** This option only able to enable once Account is created, and the Principal added to the Key Vault Read Permission Group */
+        enableKeyVaultEncryption?: boolean;
+    };
+    policies?: {
+        keyExpirationPeriodInDays?: number;
+        isBlobVersioningEnabled?: boolean;
+        blobSoftDeleteDays?: number;
+        allowBlobPublicAccess?: boolean;
+        containerSoftDeleteDays?: number;
+        fileShareSoftDeleteDays?: number;
+    };
+    network?: {
+        subnetId?: Input<string>;
+        ipAddresses?: Array<string>;
+    };
+    lock?: boolean;
+}
+/** Storage Creator */
+declare const _default: ({ name, group, customDomain, allowsCors, vaultInfo, defaultManagementRules, containers, queues, fileShares, network, featureFlags, policies, lock, }: StorageProps) => {
+    storage: import("@pulumi/azure-native/storage/storageAccount").StorageAccount;
+    vaultNames: {
+        primaryKeyName: string;
+        secondaryKeyName: string;
+        primaryConnectionKeyName: string;
+        secondConnectionKeyName: string;
+    };
+    getConnectionString: (name?: string) => Promise<import("@azure/keyvault-secrets").KeyVaultSecret | undefined> | undefined;
+};
+export default _default;

package/Storage/index.js

@@ -0,0 +1,264 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const storage = require("@pulumi/azure-native/storage");
+const pulumi_1 = require("@pulumi/pulumi");
+const Helpers_1 = require("../Logs/Helpers");
+const Helper_1 = require("../KeyVault/Helper");
+const AzureEnv_1 = require("../Common/AzureEnv");
+const CdnEndpoint_1 = require("./CdnEndpoint");
+const Naming_1 = require("../Common/Naming");
+const CustomHelper_1 = require("../KeyVault/CustomHelper");
+const Locker_1 = require("../Core/Locker");
+const ManagementRules_1 = require("./ManagementRules");
+const KeyVaultBase_1 = require("@drunk-pulumi/azure-providers/AzBase/KeyVaultBase");
+const getEncryptionKey = (name, vaultInfo) => {
+    const n = `${name}-encrypt-key`;
+    return (0, pulumi_1.output)((0, KeyVaultBase_1.getKeyVaultBase)(vaultInfo.name).getOrCreateKey(n));
+};
+/** Storage Creator */
+exports.default = ({ name, group, customDomain, allowsCors, vaultInfo, defaultManagementRules, containers = [], queues = [], fileShares = [], 
+//appInsight,
+network, featureFlags = {}, policies = { keyExpirationPeriodInDays: 365 }, lock = true, }) => {
+    name = (0, Naming_1.getStorageName)(name);
+    const primaryKeyName = (0, Naming_1.getKeyName)(name, 'primary');
+    const secondaryKeyName = (0, Naming_1.getKeyName)(name, 'secondary');
+    const primaryConnectionKeyName = (0, Naming_1.getConnectionName)(name, 'primary');
+    const secondConnectionKeyName = (0, Naming_1.getConnectionName)(name, 'secondary');
+    const encryptionKey = featureFlags.enableKeyVaultEncryption
+        ? getEncryptionKey(name, vaultInfo)
+        : undefined;
+    //To fix identity issue then using this approach https://github.com/pulumi/pulumi-azure-native/blob/master/examples/keyvault/index.ts
+    const stg = new storage.StorageAccount(name, {
+        accountName: name,
+        ...group,
+        kind: storage.Kind.StorageV2,
+        sku: {
+            name: AzureEnv_1.isPrd
+                ? storage.SkuName.Standard_ZRS //Zone redundant in PRD
+                : storage.SkuName.Standard_LRS,
+        },
+        accessTier: 'Hot',
+        isHnsEnabled: true,
+        enableHttpsTrafficOnly: true,
+        allowBlobPublicAccess: policies?.allowBlobPublicAccess,
+        allowSharedKeyAccess: featureFlags.allowSharedKeyAccess,
+        identity: { type: 'SystemAssigned' },
+        minimumTlsVersion: 'TLS1_2',
+        //1 Year Months
+        keyPolicy: {
+            keyExpirationPeriodInDays: policies.keyExpirationPeriodInDays || 365,
+        },
+        encryption: encryptionKey
+            ? {
+                services: {
+                    blob: {
+                        enabled: true,
+                        keyType: storage.KeyType.Account,
+                    },
+                    file: {
+                        enabled: true,
+                        keyType: storage.KeyType.Account,
+                    },
+                },
+                keySource: storage.KeySource.Microsoft_Keyvault,
+                keyVaultProperties: encryptionKey.apply((k) => ({
+                    keyName: k.name,
+                    keyVaultUri: k.properties.vaultUrl,
+                })),
+            }
+            : undefined,
+        sasPolicy: {
+            expirationAction: storage.ExpirationAction.Log,
+            sasExpirationPeriod: '00.00:30:00',
+        },
+        customDomain: customDomain && !featureFlags.enableStaticWebsite
+            ? { name: customDomain, useSubDomainName: true }
+            : undefined,
+        // routingPreference: {
+        //   routingChoice: enableStaticWebsite
+        //     ? native.storage.RoutingChoice.InternetRouting
+        //     : native.storage.RoutingChoice.MicrosoftRouting,
+        //   publishInternetEndpoints: false,
+        //   publishMicrosoftEndpoints: false,
+        // },
+        networkRuleSet: network
+            ? {
+                bypass: 'Logging, Metrics',
+                defaultAction: 'Allow',
+                virtualNetworkRules: network.subnetId
+                    ? [{ virtualNetworkResourceId: network.subnetId }]
+                    : undefined,
+                ipRules: network.ipAddresses
+                    ? network.ipAddresses.map((i) => ({
+                        iPAddressOrRange: i,
+                        action: 'Allow',
+                    }))
+                    : undefined,
+            }
+            : { defaultAction: 'Allow' },
+        tags: AzureEnv_1.defaultTags,
+    });
+    //Soft Delete
+    if (policies) {
+        // new storage.BlobServiceProperties(
+        //   `${name}-Blob-Props`,
+        //   {
+        //     accountName: stg.name,
+        //     ...group,
+        //
+        //     deleteRetentionPolicy: policies.blobSoftDeleteDays
+        //       ? {
+        //           enabled: policies.blobSoftDeleteDays > 0,
+        //           days: policies.blobSoftDeleteDays,
+        //         }
+        //       : undefined,
+        //     isVersioningEnabled: policies.isBlobVersioningEnabled,
+        //   },
+        //   { dependsOn: stg }
+        // );
+        //
+        // new storage.FileServiceProperties(
+        //   `${name}-File-Props`,
+        //   {
+        //     accountName: stg.name,
+        //     ...group,
+        //
+        //     shareDeleteRetentionPolicy: policies.fileShareSoftDeleteDays
+        //       ? {
+        //           enabled: policies.fileShareSoftDeleteDays > 0,
+        //           days: policies.fileShareSoftDeleteDays,
+        //         }
+        //       : undefined,
+        //   },
+        //   { dependsOn: stg }
+        // );
+    }
+    //Life Cycle Management
+    if (defaultManagementRules) {
+        (0, ManagementRules_1.createManagementRules)({
+            name,
+            storageAccount: stg,
+            group,
+            rules: defaultManagementRules,
+        });
+    }
+    if (lock) {
+        (0, Locker_1.default)({ name, resourceId: stg.id, dependsOn: stg });
+    }
+    //Enable Static Website for SPA
+    if (featureFlags.enableStaticWebsite) {
+        new storage.StorageAccountStaticWebsite(name, {
+            accountName: stg.name,
+            ...group,
+            indexDocument: 'index.html',
+            error404Document: 'index.html',
+        }, { dependsOn: stg });
+        // if (appInsight && customDomain) {
+        //   addInsightMonitor({ name, appInsight, url: customDomain });
+        // }
+    }
+    else if (AzureEnv_1.isPrd)
+        (0, Helpers_1.createThreatProtection)({ name, targetResourceId: stg.id });
+    //Create Azure CDN if customDomain provided
+    if ((featureFlags.enableStaticWebsite && customDomain) ||
+        featureFlags.forceUseCdn) {
+        const origin = stg.name.apply((n) => `${n}.z23.web.core.windows.net`);
+        (0, CdnEndpoint_1.default)({
+            name,
+            domainName: customDomain,
+            origin,
+            cors: allowsCors,
+            httpsEnabled: true,
+            includesDefaultResponseHeaders: featureFlags.includesDefaultResponseHeaders,
+        });
+    }
+    //Create Containers
+    containers.map((c) => {
+        const container = new storage.BlobContainer(c.name, {
+            containerName: c.name.toLowerCase(),
+            ...group,
+            accountName: stg.name,
+            //denyEncryptionScopeOverride: true,
+            publicAccess: c.public ? 'Blob' : 'None',
+        });
+        if (c.managementRules) {
+            (0, ManagementRules_1.createManagementRules)({
+                name,
+                storageAccount: stg,
+                group,
+                containerNames: [container.name],
+                rules: c.managementRules,
+            });
+        }
+        return container;
+    });
+    //Create Queues
+    queues.map((q) => {
+        new storage.Queue(q, {
+            queueName: q.toLowerCase(),
+            accountName: stg.name,
+            ...group,
+        });
+    });
+    //File Share
+    fileShares.map((s) => {
+        new storage.FileShare(s, {
+            shareName: s.toLowerCase(),
+            accountName: stg.name,
+            ...group,
+        });
+    });
+    //Add Key to
+    stg.id.apply(async (id) => {
+        if (!id)
+            return;
+        stg.identity.apply((i) => console.log('Add this ID into Key Vault ReadOnly Group to allows custom key encryption:', i.principalId));
+        const keys = (await storage.listStorageAccountKeys({
+            accountName: name,
+            resourceGroupName: group.resourceGroupName,
+        })).keys.map((k) => ({
+            name: k.keyName,
+            key: k.value,
+            connectionString: `DefaultEndpointsProtocol=https;AccountName=${name};AccountKey=${k.value};EndpointSuffix=core.windows.net`,
+        }));
+        if (vaultInfo) {
+            //Keys
+            (0, CustomHelper_1.addCustomSecrets)({
+                vaultInfo,
+                contentType: 'Storage',
+                formattedName: true,
+                items: [
+                    {
+                        name: primaryKeyName,
+                        value: keys[0].key,
+                    },
+                    {
+                        name: secondaryKeyName,
+                        value: keys[1].key,
+                    },
+                    {
+                        name: primaryConnectionKeyName,
+                        value: keys[0].connectionString,
+                    },
+                    {
+                        name: secondConnectionKeyName,
+                        value: keys[1].connectionString,
+                    },
+                ],
+            });
+        }
+    });
+    return {
+        storage: stg,
+        vaultNames: {
+            primaryKeyName,
+            secondaryKeyName,
+            primaryConnectionKeyName,
+            secondConnectionKeyName,
+        },
+        getConnectionString: (name = primaryConnectionKeyName) => vaultInfo
+            ? (0, Helper_1.getSecret)({ name, nameFormatted: true, vaultInfo })
+            : undefined,
+    };
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvU3RvcmFnZS9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLHdEQUF3RDtBQUd4RCwyQ0FBK0M7QUFDL0MsNkNBQXlEO0FBQ3pELCtDQUErQztBQUMvQyxpREFBd0Q7QUFDeEQsK0NBQXVDO0FBRXZDLDZDQUkwQjtBQUMxQiwyREFBNEQ7QUFDNUQsMkNBQW9DO0FBQ3BDLHVEQUkyQjtBQUMzQixvRkFBb0Y7QUF1RHBGLE1BQU0sZ0JBQWdCLEdBQUcsQ0FBQyxJQUFZLEVBQUUsU0FBdUIsRUFBRSxFQUFFO0lBQ2pFLE1BQU0sQ0FBQyxHQUFHLEdBQUcsSUFBSSxjQUFjLENBQUM7SUFDaEMsT0FBTyxJQUFBLGVBQU0sRUFBQyxJQUFBLDhCQUFlLEVBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0FBQ25FLENBQUMsQ0FBQztBQUVGLHNCQUFzQjtBQUN0QixrQkFBZSxDQUFDLEVBQ2QsSUFBSSxFQUNKLEtBQUssRUFDTCxZQUFZLEVBQ1osVUFBVSxFQUNWLFNBQVMsRUFDVCxzQkFBc0IsRUFDdEIsVUFBVSxHQUFHLEVBQUUsRUFDZixNQUFNLEdBQUcsRUFBRSxFQUNYLFVBQVUsR0FBRyxFQUFFO0FBQ2YsYUFBYTtBQUNiLE9BQU8sRUFDUCxZQUFZLEdBQUcsRUFBRSxFQUNqQixRQUFRLEdBQUcsRUFBRSx5QkFBeUIsRUFBRSxHQUFHLEVBQUUsRUFDN0MsSUFBSSxHQUFHLElBQUksR0FDRSxFQUFFLEVBQUU7SUFDakIsSUFBSSxHQUFHLElBQUEsdUJBQWMsRUFBQyxJQUFJLENBQUMsQ0FBQztJQUU1QixNQUFNLGNBQWMsR0FBRyxJQUFBLG1CQUFVLEVBQUMsSUFBSSxFQUFFLFNBQVMsQ0FBQyxDQUFDO0lBQ25ELE1BQU0sZ0JBQWdCLEdBQUcsSUFBQSxtQkFBVSxFQUFDLElBQUksRUFBRSxXQUFXLENBQUMsQ0FBQztJQUN2RCxNQUFNLHdCQUF3QixHQUFHLElBQUEsMEJBQWlCLEVBQUMsSUFBSSxFQUFFLFNBQVMsQ0FBQyxDQUFDO0lBQ3BFLE1BQU0sdUJBQXVCLEdBQUcsSUFBQSwwQkFBaUIsRUFBQyxJQUFJLEVBQUUsV0FBVyxDQUFDLENBQUM7SUFDckUsTUFBTSxhQUFhLEdBQUcsWUFBWSxDQUFDLHdCQUF3QjtRQUN6RCxDQUFDLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxFQUFFLFNBQVMsQ0FBQztRQUNuQyxDQUFDLENBQUMsU0FBUyxDQUFDO0lBRWQscUlBQXFJO0lBQ3JJLE1BQU0sR0FBRyxHQUFHLElBQUksT0FBTyxDQUFDLGNBQWMsQ0FBQyxJQUFJLEVBQUU7UUFDM0MsV0FBVyxFQUFFLElBQUk7UUFDakIsR0FBRyxLQUFLO1FBRVIsSUFBSSxFQUFFLE9BQU8sQ0FBQyxJQUFJLENBQUMsU0FBUztRQUM1QixHQUFHLEVBQUU7WUFDSCxJQUFJLEVBQUUsZ0JBQUs7Z0JBQ1QsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsWUFBWSxDQUFDLHVCQUF1QjtnQkFDdEQsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsWUFBWTtTQUNqQztRQUNELFVBQVUsRUFBRSxLQUFLO1FBRWpCLFlBQVksRUFBRSxJQUFJO1FBQ2xCLHNCQUFzQixFQUFFLElBQUk7UUFDNUIscUJBQXFCLEVBQUUsUUFBUSxFQUFFLHFCQUFxQjtRQUN0RCxvQkFBb0IsRUFBRSxZQUFZLENBQUMsb0JBQW9CO1FBQ3ZELFFBQVEsRUFBRSxFQUFFLElBQUksRUFBRSxnQkFBZ0IsRUFBRTtRQUNwQyxpQkFBaUIsRUFBRSxRQUFRO1FBRTNCLGVBQWU7UUFDZixTQUFTLEVBQUU7WUFDVCx5QkFBeUIsRUFBRSxRQUFRLENBQUMseUJBQXlCLElBQUksR0FBRztTQUNyRTtRQUVELFVBQVUsRUFBRSxhQUFhO1lBQ3ZCLENBQUMsQ0FBQztnQkFDRSxRQUFRLEVBQUU7b0JBQ1IsSUFBSSxFQUFFO3dCQUNKLE9BQU8sRUFBRSxJQUFJO3dCQUNiLE9BQU8sRUFBRSxPQUFPLENBQUMsT0FBTyxDQUFDLE9BQU87cUJBQ2pDO29CQUNELElBQUksRUFBRTt3QkFDSixPQUFPLEVBQUUsSUFBSTt3QkFDYixPQUFPLEVBQUUsT0FBTyxDQUFDLE9BQU8sQ0FBQyxPQUFPO3FCQUNqQztpQkFDRjtnQkFDRCxTQUFTLEVBQUUsT0FBTyxDQUFDLFNBQVMsQ0FBQyxrQkFBa0I7Z0JBQy9DLGtCQUFrQixFQUFFLGFBQWEsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7b0JBQzlDLE9BQU8sRUFBRSxDQUFFLENBQUMsSUFBSTtvQkFDaEIsV0FBVyxFQUFFLENBQUUsQ0FBQyxVQUFVLENBQUMsUUFBUTtpQkFDcEMsQ0FBQyxDQUFDO2FBQ0o7WUFDSCxDQUFDLENBQUMsU0FBUztRQUViLFNBQVMsRUFBRTtZQUNULGdCQUFnQixFQUFFLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxHQUFHO1lBQzlDLG1CQUFtQixFQUFFLGFBQWE7U0FDbkM7UUFFRCxZQUFZLEVBQ1YsWUFBWSxJQUFJLENBQUMsWUFBWSxDQUFDLG1CQUFtQjtZQUMvQyxDQUFDLENBQUMsRUFBRSxJQUFJLEVBQUUsWUFBWSxFQUFFLGdCQUFnQixFQUFFLElBQUksRUFBRTtZQUNoRCxDQUFDLENBQUMsU0FBUztRQUVmLHVCQUF1QjtRQUN2Qix1Q0FBdUM7UUFDdkMscURBQXFEO1FBQ3JELHVEQUF1RDtRQUN2RCxxQ0FBcUM7UUFDckMsc0NBQXNDO1FBQ3RDLEtBQUs7UUFFTCxjQUFjLEVBQUUsT0FBTztZQUNyQixDQUFDLENBQUM7Z0JBQ0UsTUFBTSxFQUFFLGtCQUFrQjtnQkFDMUIsYUFBYSxFQUFFLE9BQU87Z0JBRXRCLG1CQUFtQixFQUFFLE9BQU8sQ0FBQyxRQUFRO29CQUNuQyxDQUFDLENBQUMsQ0FBQyxFQUFFLHdCQUF3QixFQUFFLE9BQU8sQ0FBQyxRQUFRLEVBQUUsQ0FBQztvQkFDbEQsQ0FBQyxDQUFDLFNBQVM7Z0JBRWIsT0FBTyxFQUFFLE9BQU8sQ0FBQyxXQUFXO29CQUMxQixDQUFDLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7d0JBQzlCLGdCQUFnQixFQUFFLENBQUM7d0JBQ25CLE1BQU0sRUFBRSxPQUFPO3FCQUNoQixDQUFDLENBQUM7b0JBQ0wsQ0FBQyxDQUFDLFNBQVM7YUFDZDtZQUNILENBQUMsQ0FBQyxFQUFFLGFBQWEsRUFBRSxPQUFPLEVBQUU7UUFFOUIsSUFBSSxFQUFFLHNCQUFXO0tBQ2xCLENBQUMsQ0FBQztJQUVILGFBQWE7SUFDYixJQUFJLFFBQVEsRUFBRSxDQUFDO1FBQ2IscUNBQXFDO1FBQ3JDLDBCQUEwQjtRQUMxQixNQUFNO1FBQ04sNkJBQTZCO1FBQzdCLGdCQUFnQjtRQUNoQixFQUFFO1FBQ0YseURBQXlEO1FBQ3pELFlBQVk7UUFDWixzREFBc0Q7UUFDdEQsK0NBQStDO1FBQy9DLFlBQVk7UUFDWixxQkFBcUI7UUFDckIsNkRBQTZEO1FBQzdELE9BQU87UUFDUCx1QkFBdUI7UUFDdkIsS0FBSztRQUNMLEVBQUU7UUFDRixxQ0FBcUM7UUFDckMsMEJBQTBCO1FBQzFCLE1BQU07UUFDTiw2QkFBNkI7UUFDN0IsZ0JBQWdCO1FBQ2hCLEVBQUU7UUFDRixtRUFBbUU7UUFDbkUsWUFBWTtRQUNaLDJEQUEyRDtRQUMzRCxvREFBb0Q7UUFDcEQsWUFBWTtRQUNaLHFCQUFxQjtRQUNyQixPQUFPO1FBQ1AsdUJBQXVCO1FBQ3ZCLEtBQUs7SUFDUCxDQUFDO0lBRUQsdUJBQXVCO0lBQ3ZCLElBQUksc0JBQXNCLEVBQUUsQ0FBQztRQUMzQixJQUFBLHVDQUFxQixFQUFDO1lBQ3BCLElBQUk7WUFDSixjQUFjLEVBQUUsR0FBRztZQUNuQixLQUFLO1lBQ0wsS0FBSyxFQUFFLHNCQUFzQjtTQUM5QixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsSUFBSSxJQUFJLEVBQUUsQ0FBQztRQUNULElBQUEsZ0JBQU0sRUFBQyxFQUFFLElBQUksRUFBRSxVQUFVLEVBQUUsR0FBRyxDQUFDLEVBQUUsRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLENBQUMsQ0FBQztJQUN2RCxDQUFDO0lBRUQsK0JBQStCO0lBQy9CLElBQUksWUFBWSxDQUFDLG1CQUFtQixFQUFFLENBQUM7UUFDckMsSUFBSSxPQUFPLENBQUMsMkJBQTJCLENBQ3JDLElBQUksRUFDSjtZQUNFLFdBQVcsRUFBRSxHQUFHLENBQUMsSUFBSTtZQUNyQixHQUFHLEtBQUs7WUFDUixhQUFhLEVBQUUsWUFBWTtZQUMzQixnQkFBZ0IsRUFBRSxZQUFZO1NBQy9CLEVBQ0QsRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLENBQ25CLENBQUM7UUFFRixvQ0FBb0M7UUFDcEMsZ0VBQWdFO1FBQ2hFLElBQUk7SUFDTixDQUFDO1NBQU0sSUFBSSxnQkFBSztRQUFFLElBQUEsZ0NBQXNCLEVBQUMsRUFBRSxJQUFJLEVBQUUsZ0JBQWdCLEVBQUUsR0FBRyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFFN0UsMkNBQTJDO0lBQzNDLElBQ0UsQ0FBQyxZQUFZLENBQUMsbUJBQW1CLElBQUksWUFBWSxDQUFDO1FBQ2xELFlBQVksQ0FBQyxXQUFXLEVBQ3hCLENBQUM7UUFDRCxNQUFNLE1BQU0sR0FBRyxHQUFHLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsR0FBRyxDQUFDLDJCQUEyQixDQUFDLENBQUM7UUFDdEUsSUFBQSxxQkFBVSxFQUFDO1lBQ1QsSUFBSTtZQUNKLFVBQVUsRUFBRSxZQUFhO1lBQ3pCLE1BQU07WUFDTixJQUFJLEVBQUUsVUFBVTtZQUNoQixZQUFZLEVBQUUsSUFBSTtZQUNsQiw4QkFBOEIsRUFDNUIsWUFBWSxDQUFDLDhCQUE4QjtTQUM5QyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsbUJBQW1CO0lBQ25CLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRTtRQUNuQixNQUFNLFNBQVMsR0FBRyxJQUFJLE9BQU8sQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDLElBQUksRUFBRTtZQUNsRCxhQUFhLEVBQUUsQ0FBQyxDQUFDLElBQUksQ0FBQyxXQUFXLEVBQUU7WUFDbkMsR0FBRyxLQUFLO1lBQ1IsV0FBVyxFQUFFLEdBQUcsQ0FBQyxJQUFJO1lBQ3JCLG9DQUFvQztZQUNwQyxZQUFZLEVBQUUsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxNQUFNO1NBQ3pDLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxDQUFDLGVBQWUsRUFBRSxDQUFDO1lBQ3RCLElBQUEsdUNBQXFCLEVBQUM7Z0JBQ3BCLElBQUk7Z0JBQ0osY0FBYyxFQUFFLEdBQUc7Z0JBQ25CLEtBQUs7Z0JBQ0wsY0FBYyxFQUFFLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQztnQkFDaEMsS0FBSyxFQUFFLENBQUMsQ0FBQyxlQUFlO2FBQ3pCLENBQUMsQ0FBQztRQUNMLENBQUM7UUFDRCxPQUFPLFNBQVMsQ0FBQztJQUNuQixDQUFDLENBQUMsQ0FBQztJQUVILGVBQWU7SUFDZixNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7UUFDZixJQUFJLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFO1lBQ25CLFNBQVMsRUFBRSxDQUFDLENBQUMsV0FBVyxFQUFFO1lBQzFCLFdBQVcsRUFBRSxHQUFHLENBQUMsSUFBSTtZQUNyQixHQUFHLEtBQUs7U0FDVCxDQUFDLENBQUM7SUFDTCxDQUFDLENBQUMsQ0FBQztJQUVILFlBQVk7SUFDWixVQUFVLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7UUFDbkIsSUFBSSxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUMsRUFBRTtZQUN2QixTQUFTLEVBQUUsQ0FBQyxDQUFDLFdBQVcsRUFBRTtZQUMxQixXQUFXLEVBQUUsR0FBRyxDQUFDLElBQUk7WUFDckIsR0FBRyxLQUFLO1NBQ1QsQ0FBQyxDQUFDO0lBQ0wsQ0FBQyxDQUFDLENBQUM7SUFFSCxZQUFZO0lBQ1osR0FBRyxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRSxFQUFFO1FBQ3hCLElBQUksQ0FBQyxFQUFFO1lBQUUsT0FBTztRQUVoQixHQUFHLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQ3ZCLE9BQU8sQ0FBQyxHQUFHLENBQ1QsNEVBQTRFLEVBQzVFLENBQUUsQ0FBQyxXQUFXLENBQ2YsQ0FDRixDQUFDO1FBRUYsTUFBTSxJQUFJLEdBQUcsQ0FDWCxNQUFNLE9BQU8sQ0FBQyxzQkFBc0IsQ0FBQztZQUNuQyxXQUFXLEVBQUUsSUFBSTtZQUNqQixpQkFBaUIsRUFBRSxLQUFLLENBQUMsaUJBQWlCO1NBQzNDLENBQUMsQ0FDSCxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7WUFDakIsSUFBSSxFQUFFLENBQUMsQ0FBQyxPQUFPO1lBQ2YsR0FBRyxFQUFFLENBQUMsQ0FBQyxLQUFLO1lBQ1osZ0JBQWdCLEVBQUUsOENBQThDLElBQUksZUFBZSxDQUFDLENBQUMsS0FBSyxrQ0FBa0M7U0FDN0gsQ0FBQyxDQUFDLENBQUM7UUFFSixJQUFJLFNBQVMsRUFBRSxDQUFDO1lBQ2QsTUFBTTtZQUNOLElBQUEsK0JBQWdCLEVBQUM7Z0JBQ2YsU0FBUztnQkFDVCxXQUFXLEVBQUUsU0FBUztnQkFDdEIsYUFBYSxFQUFFLElBQUk7Z0JBQ25CLEtBQUssRUFBRTtvQkFDTDt3QkFDRSxJQUFJLEVBQUUsY0FBYzt3QkFDcEIsS0FBSyxFQUFFLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxHQUFHO3FCQUNuQjtvQkFDRDt3QkFDRSxJQUFJLEVBQUUsZ0JBQWdCO3dCQUN0QixLQUFLLEVBQUUsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDLEdBQUc7cUJBQ25CO29CQUNEO3dCQUNFLElBQUksRUFBRSx3QkFBd0I7d0JBQzlCLEtBQUssRUFBRSxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsZ0JBQWdCO3FCQUNoQztvQkFDRDt3QkFDRSxJQUFJLEVBQUUsdUJBQXVCO3dCQUM3QixLQUFLLEVBQUUsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDLGdCQUFnQjtxQkFDaEM7aUJBQ0Y7YUFDRixDQUFDLENBQUM7UUFDTCxDQUFDO0lBQ0gsQ0FBQyxDQUFDLENBQUM7SUFFSCxPQUFPO1FBQ0wsT0FBTyxFQUFFLEdBQUc7UUFDWixVQUFVLEVBQUU7WUFDVixjQUFjO1lBQ2QsZ0JBQWdCO1lBQ2hCLHdCQUF3QjtZQUN4Qix1QkFBdUI7U0FDeEI7UUFDRCxtQkFBbUIsRUFBRSxDQUFDLE9BQWUsd0JBQXdCLEVBQUUsRUFBRSxDQUMvRCxTQUFTO1lBQ1AsQ0FBQyxDQUFDLElBQUEsa0JBQVMsRUFBQyxFQUFFLElBQUksRUFBRSxhQUFhLEVBQUUsSUFBSSxFQUFFLFNBQVMsRUFBRSxDQUFDO1lBQ3JELENBQUMsQ0FBQyxTQUFTO0tBQ2hCLENBQUM7QUFDSixDQUFDLENBQUMifQ==

package/VM/index.d.ts

@@ -0,0 +1,37 @@
+import { Input, Resource } from "@pulumi/pulumi";
+import * as native from "@pulumi/azure-native";
+import { BasicResourceArgs, KeyVaultInfo } from "../types";
+interface Props extends BasicResourceArgs {
+    subnetId: Input<string>;
+    storageAccountType?: native.compute.StorageAccountTypes;
+    vmSize?: Input<string>;
+    login: {
+        userName: Input<string>;
+        password?: Input<string>;
+    };
+    windows?: {
+        offer: "WindowsServer";
+        publisher: "MicrosoftWindowsServer";
+        sku: "2019-Datacenter";
+    };
+    linux?: {
+        offer: "UbuntuServer";
+        publisher: "Canonical";
+        sku: "18.04-LTS";
+    };
+    vaultInfo?: KeyVaultInfo;
+    /**The time zone ID: https://stackoverflow.com/questions/7908343/list-of-timezone-ids-for-use-with-findtimezonebyid-in-c*/
+    timeZone?: Input<string>;
+    osDiskSizeGB?: number;
+    dataDiskSizeGB?: number;
+    schedule?: {
+        autoShutdownTime: Input<string>;
+    };
+    lock?: boolean;
+    tags?: {
+        [key: string]: Input<string>;
+    };
+    dependsOn?: Input<Input<Resource>[]> | Input<Resource>;
+}
+declare const _default: ({ name, group, subnetId, vmSize, timeZone, storageAccountType, osDiskSizeGB, dataDiskSizeGB, schedule, login, windows, linux, lock, tags, dependsOn, ...others }: Props) => import("@pulumi/azure-native/compute/virtualMachine").VirtualMachine;
+export default _default;

package/VM/index.js

@@ -0,0 +1,138 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const native = require("@pulumi/azure-native");
+const Naming_1 = require("../Common/Naming");
+const AzureEnv_1 = require("../Common/AzureEnv");
+const Locker_1 = require("../Core/Locker");
+exports.default = ({ name, group, subnetId, vmSize = "Standard_B2s", timeZone = "Singapore Standard Time", 
+//licenseType = 'None',
+storageAccountType = native.compute.StorageAccountTypes.Premium_LRS, osDiskSizeGB = 128, dataDiskSizeGB, schedule, login, windows, linux, 
+//vaultInfo,
+lock = true, tags = {}, dependsOn, ...others }) => {
+    const vmName = (0, Naming_1.getVMName)(name);
+    const nicName = (0, Naming_1.getNICName)(name);
+    const nic = new native.network.NetworkInterface(nicName, {
+        networkInterfaceName: nicName,
+        ...group,
+        ipConfigurations: [
+            { name: "ipconfig", subnet: { id: subnetId }, primary: true },
+        ],
+        nicType: native.network.NetworkInterfaceNicType.Standard,
+    });
+    const vm = new native.compute.VirtualMachine(vmName, {
+        vmName,
+        ...group,
+        ...others,
+        hardwareProfile: { vmSize },
+        identity: { type: "SystemAssigned" },
+        licenseType: "None",
+        networkProfile: {
+            networkInterfaces: [{ id: nic.id, primary: true }],
+        },
+        osProfile: {
+            computerName: name,
+            adminUsername: login.userName,
+            adminPassword: login.password,
+            allowExtensionOperations: true,
+            //Need to be enabled at subscription level
+            //requireGuestProvisionSignal: true,
+            linuxConfiguration: linux
+                ? {
+                    //ssh: { publicKeys: [{ keyData: linux.sshPublicKey! }] },
+                    disablePasswordAuthentication: false,
+                    provisionVMAgent: true,
+                    patchSettings: {
+                        //assessmentMode: "AutomaticByPlatform",
+                        patchMode: "AutomaticByPlatform",
+                    },
+                }
+                : undefined,
+            windowsConfiguration: windows
+                ? {
+                    enableAutomaticUpdates: true,
+                    provisionVMAgent: true,
+                    timeZone,
+                    patchSettings: {
+                        enableHotpatching: false,
+                        //Need to be enabled at subscription level
+                        //assessmentMode: 'AutomaticByPlatform',
+                        patchMode: "AutomaticByPlatform",
+                    },
+                }
+                : undefined,
+        },
+        storageProfile: {
+            imageReference: {
+                ...(windows || linux),
+                version: "latest",
+            },
+            osDisk: {
+                name: `${name}osdisk`,
+                diskSizeGB: osDiskSizeGB,
+                caching: "ReadWrite",
+                createOption: "FromImage",
+                osType: windows ? "Windows" : "Linux",
+                managedDisk: {
+                    //Changes storage account type need to be done manually through portal.
+                    storageAccountType,
+                },
+            },
+            dataDisks: dataDiskSizeGB
+                ? [
+                    {
+                        name: `${name}datadisk`,
+                        diskSizeGB: dataDiskSizeGB,
+                        createOption: native.compute.DiskCreateOptionTypes.Empty,
+                        lun: 1,
+                    },
+                ]
+                : [],
+        },
+        diagnosticsProfile: { bootDiagnostics: { enabled: true } },
+        // securityProfile: {
+        //   //Need to be enabled at subscription level
+        //   encryptionAtHost: false,
+        //   //securityType: native.compute.SecurityTypes.TrustedLaunch,
+        // },
+        tags: { ...AzureEnv_1.defaultTags, ...tags },
+    }, {
+        dependsOn,
+        ignoreChanges: [
+            "storageProfile.osDisk.managedDisk.storageAccountType",
+            "storageProfile.osDisk.managedDisk.id",
+        ],
+    });
+    if (lock) {
+        (0, Locker_1.default)({ name: vmName, resourceId: vm.id, dependsOn: vm });
+    }
+    if (schedule) {
+        new native.devtestlab.GlobalSchedule(`shutdown-computevm-${vmName}`, {
+            name: `shutdown-computevm-${vmName}`,
+            ...group,
+            dailyRecurrence: { time: schedule.autoShutdownTime },
+            timeZoneId: timeZone,
+            status: "Enabled",
+            targetResourceId: vm.id,
+            taskType: "ComputeVmShutdownTask",
+            notificationSettings: {
+                status: "Disabled",
+                emailRecipient: "",
+                notificationLocale: "en",
+                timeInMinutes: 30,
+                webhookUrl: "",
+            },
+        }, { dependsOn: vm });
+        // if (schedule.autoStartupTime) {
+        //   new native.devtestlab.GlobalSchedule(`${vmName}-auto-startup`, {
+        //     name: `${vmName}-auto-startup`,
+        //     ...group,
+        //     dailyRecurrence: { time: schedule.autoStartupTime },
+        //     timeZoneId: timeZone,
+        //     targetResourceId: vm.id,
+        //     taskType: 'LabVmAutoStart',
+        //   });
+        // }
+    }
+    return vm;
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvVk0vaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFDQSwrQ0FBK0M7QUFFL0MsNkNBQXlEO0FBQ3pELGlEQUFpRDtBQUNqRCwyQ0FBb0M7QUFvQ3BDLGtCQUFlLENBQUMsRUFDZCxJQUFJLEVBQ0osS0FBSyxFQUNMLFFBQVEsRUFDUixNQUFNLEdBQUcsY0FBYyxFQUN2QixRQUFRLEdBQUcseUJBQXlCO0FBQ3BDLHVCQUF1QjtBQUN2QixrQkFBa0IsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLG1CQUFtQixDQUFDLFdBQVcsRUFDbkUsWUFBWSxHQUFHLEdBQUcsRUFDbEIsY0FBYyxFQUNkLFFBQVEsRUFDUixLQUFLLEVBQ0wsT0FBTyxFQUNQLEtBQUs7QUFFTCxZQUFZO0FBQ1osSUFBSSxHQUFHLElBQUksRUFDWCxJQUFJLEdBQUcsRUFBRSxFQUNULFNBQVMsRUFDVCxHQUFHLE1BQU0sRUFDSCxFQUFFLEVBQUU7SUFDVixNQUFNLE1BQU0sR0FBRyxJQUFBLGtCQUFTLEVBQUMsSUFBSSxDQUFDLENBQUM7SUFDL0IsTUFBTSxPQUFPLEdBQUcsSUFBQSxtQkFBVSxFQUFDLElBQUksQ0FBQyxDQUFDO0lBRWpDLE1BQU0sR0FBRyxHQUFHLElBQUksTUFBTSxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLEVBQUU7UUFDdkQsb0JBQW9CLEVBQUUsT0FBTztRQUM3QixHQUFHLEtBQUs7UUFDUixnQkFBZ0IsRUFBRTtZQUNoQixFQUFFLElBQUksRUFBRSxVQUFVLEVBQUUsTUFBTSxFQUFFLEVBQUUsRUFBRSxFQUFFLFFBQVEsRUFBRSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUU7U0FDOUQ7UUFDRCxPQUFPLEVBQUUsTUFBTSxDQUFDLE9BQU8sQ0FBQyx1QkFBdUIsQ0FBQyxRQUFRO0tBQ3pELENBQUMsQ0FBQztJQUVILE1BQU0sRUFBRSxHQUFHLElBQUksTUFBTSxDQUFDLE9BQU8sQ0FBQyxjQUFjLENBQzFDLE1BQU0sRUFDTjtRQUNFLE1BQU07UUFDTixHQUFHLEtBQUs7UUFDUixHQUFHLE1BQU07UUFFVCxlQUFlLEVBQUUsRUFBRSxNQUFNLEVBQUU7UUFDM0IsUUFBUSxFQUFFLEVBQUUsSUFBSSxFQUFFLGdCQUFnQixFQUFFO1FBQ3BDLFdBQVcsRUFBRSxNQUFNO1FBRW5CLGNBQWMsRUFBRTtZQUNkLGlCQUFpQixFQUFFLENBQUMsRUFBRSxFQUFFLEVBQUUsR0FBRyxDQUFDLEVBQUUsRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLENBQUM7U0FDbkQ7UUFFRCxTQUFTLEVBQUU7WUFDVCxZQUFZLEVBQUUsSUFBSTtZQUNsQixhQUFhLEVBQUUsS0FBSyxDQUFDLFFBQVE7WUFDN0IsYUFBYSxFQUFFLEtBQUssQ0FBQyxRQUFRO1lBRTdCLHdCQUF3QixFQUFFLElBQUk7WUFDOUIsMENBQTBDO1lBQzFDLG9DQUFvQztZQUNwQyxrQkFBa0IsRUFBRSxLQUFLO2dCQUN2QixDQUFDLENBQUM7b0JBQ0UsMERBQTBEO29CQUMxRCw2QkFBNkIsRUFBRSxLQUFLO29CQUNwQyxnQkFBZ0IsRUFBRSxJQUFJO29CQUN0QixhQUFhLEVBQUU7d0JBQ2Isd0NBQXdDO3dCQUN4QyxTQUFTLEVBQUUscUJBQXFCO3FCQUNqQztpQkFDRjtnQkFDSCxDQUFDLENBQUMsU0FBUztZQUViLG9CQUFvQixFQUFFLE9BQU87Z0JBQzNCLENBQUMsQ0FBQztvQkFDRSxzQkFBc0IsRUFBRSxJQUFJO29CQUM1QixnQkFBZ0IsRUFBRSxJQUFJO29CQUN0QixRQUFRO29CQUNSLGFBQWEsRUFBRTt3QkFDYixpQkFBaUIsRUFBRSxLQUFLO3dCQUN4QiwwQ0FBMEM7d0JBQzFDLHdDQUF3Qzt3QkFDeEMsU0FBUyxFQUFFLHFCQUFxQjtxQkFDakM7aUJBQ0Y7Z0JBQ0gsQ0FBQyxDQUFDLFNBQVM7U0FDZDtRQUVELGNBQWMsRUFBRTtZQUNkLGNBQWMsRUFBRTtnQkFDZCxHQUFHLENBQUMsT0FBTyxJQUFJLEtBQUssQ0FBQztnQkFDckIsT0FBTyxFQUFFLFFBQVE7YUFDbEI7WUFDRCxNQUFNLEVBQUU7Z0JBQ04sSUFBSSxFQUFFLEdBQUcsSUFBSSxRQUFRO2dCQUNyQixVQUFVLEVBQUUsWUFBWTtnQkFDeEIsT0FBTyxFQUFFLFdBQVc7Z0JBQ3BCLFlBQVksRUFBRSxXQUFXO2dCQUN6QixNQUFNLEVBQUUsT0FBTyxDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLE9BQU87Z0JBQ3JDLFdBQVcsRUFBRTtvQkFDWCx1RUFBdUU7b0JBQ3ZFLGtCQUFrQjtpQkFDbkI7YUFDRjtZQUVELFNBQVMsRUFBRSxjQUFjO2dCQUN2QixDQUFDLENBQUM7b0JBQ0U7d0JBQ0UsSUFBSSxFQUFFLEdBQUcsSUFBSSxVQUFVO3dCQUN2QixVQUFVLEVBQUUsY0FBYzt3QkFDMUIsWUFBWSxFQUFFLE1BQU0sQ0FBQyxPQUFPLENBQUMscUJBQXFCLENBQUMsS0FBSzt3QkFDeEQsR0FBRyxFQUFFLENBQUM7cUJBQ1A7aUJBQ0Y7Z0JBQ0gsQ0FBQyxDQUFDLEVBQUU7U0FDUDtRQUVELGtCQUFrQixFQUFFLEVBQUUsZUFBZSxFQUFFLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxFQUFFO1FBQzFELHFCQUFxQjtRQUNyQiwrQ0FBK0M7UUFDL0MsNkJBQTZCO1FBQzdCLGdFQUFnRTtRQUNoRSxLQUFLO1FBQ0wsSUFBSSxFQUFFLEVBQUUsR0FBRyxzQkFBVyxFQUFFLEdBQUcsSUFBSSxFQUFFO0tBQ2xDLEVBQ0Q7UUFDRSxTQUFTO1FBQ1QsYUFBYSxFQUFFO1lBQ2Isc0RBQXNEO1lBQ3RELHNDQUFzQztTQUN2QztLQUNGLENBQ0YsQ0FBQztJQUVGLElBQUksSUFBSSxFQUFFLENBQUM7UUFDVCxJQUFBLGdCQUFNLEVBQUMsRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLFVBQVUsRUFBRSxFQUFFLENBQUMsRUFBRSxFQUFFLFNBQVMsRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBQzdELENBQUM7SUFFRCxJQUFJLFFBQVEsRUFBRSxDQUFDO1FBQ2IsSUFBSSxNQUFNLENBQUMsVUFBVSxDQUFDLGNBQWMsQ0FDbEMsc0JBQXNCLE1BQU0sRUFBRSxFQUM5QjtZQUNFLElBQUksRUFBRSxzQkFBc0IsTUFBTSxFQUFFO1lBQ3BDLEdBQUcsS0FBSztZQUNSLGVBQWUsRUFBRSxFQUFFLElBQUksRUFBRSxRQUFRLENBQUMsZ0JBQWdCLEVBQUU7WUFDcEQsVUFBVSxFQUFFLFFBQVE7WUFDcEIsTUFBTSxFQUFFLFNBQVM7WUFDakIsZ0JBQWdCLEVBQUUsRUFBRSxDQUFDLEVBQUU7WUFDdkIsUUFBUSxFQUFFLHVCQUF1QjtZQUNqQyxvQkFBb0IsRUFBRTtnQkFDcEIsTUFBTSxFQUFFLFVBQVU7Z0JBQ2xCLGNBQWMsRUFBRSxFQUFFO2dCQUNsQixrQkFBa0IsRUFBRSxJQUFJO2dCQUN4QixhQUFhLEVBQUUsRUFBRTtnQkFDakIsVUFBVSxFQUFFLEVBQUU7YUFDZjtTQUNGLEVBQ0QsRUFBRSxTQUFTLEVBQUUsRUFBRSxFQUFFLENBQ2xCLENBQUM7UUFFRixrQ0FBa0M7UUFDbEMscUVBQXFFO1FBQ3JFLHNDQUFzQztRQUN0QyxnQkFBZ0I7UUFDaEIsMkRBQTJEO1FBQzNELDRCQUE0QjtRQUM1QiwrQkFBK0I7UUFDL0Isa0NBQWtDO1FBQ2xDLFFBQVE7UUFDUixJQUFJO0lBQ04sQ0FBQztJQUVELE9BQU8sRUFBRSxDQUFDO0FBQ1osQ0FBQyxDQUFDIn0=

package/VNet/Bastion.d.ts

@@ -0,0 +1,8 @@
+import { BasicResourceArgs } from "../types";
+import { Input, Resource } from "@pulumi/pulumi";
+interface Props extends BasicResourceArgs {
+    subnetId: Input<string>;
+    dependsOn?: Input<Resource> | Input<Input<Resource>[]>;
+}
+declare const _default: ({ name, group, subnetId, dependsOn }: Props) => import("@pulumi/azure-native/network/bastionHost").BastionHost;
+export default _default;

package/VNet/Bastion.js

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const IpAddress_1 = require("./IpAddress");
+const network = require("@pulumi/azure-native/network");
+const Naming_1 = require("../Common/Naming");
+const AzureEnv_1 = require("../Common/AzureEnv");
+exports.default = ({ name, group, subnetId, dependsOn }) => {
+    name = (0, Naming_1.getBastionName)(name);
+    const ipAddress = (0, IpAddress_1.default)({
+        name,
+        group,
+        sku: { name: "Standard", tier: "Regional" },
+        lock: false,
+    });
+    return new network.BastionHost(name, {
+        bastionHostName: name,
+        ...group,
+        //dnsName: name,
+        ipConfigurations: [
+            {
+                name: "IpConfig",
+                publicIPAddress: { id: ipAddress.id },
+                subnet: { id: subnetId },
+                privateIPAllocationMethod: network.IPAllocationMethod.Dynamic,
+            },
+        ],
+        tags: AzureEnv_1.defaultTags,
+    }, { dependsOn: dependsOn || ipAddress, deleteBeforeReplace: true });
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQmFzdGlvbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9WTmV0L0Jhc3Rpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFDQSwyQ0FBb0M7QUFDcEMsd0RBQXdEO0FBRXhELDZDQUFrRDtBQUNsRCxpREFBaUQ7QUFPakQsa0JBQWUsQ0FBQyxFQUFFLElBQUksRUFBRSxLQUFLLEVBQUUsUUFBUSxFQUFFLFNBQVMsRUFBUyxFQUFFLEVBQUU7SUFDN0QsSUFBSSxHQUFHLElBQUEsdUJBQWMsRUFBQyxJQUFJLENBQUMsQ0FBQztJQUU1QixNQUFNLFNBQVMsR0FBRyxJQUFBLG1CQUFTLEVBQUM7UUFDMUIsSUFBSTtRQUNKLEtBQUs7UUFDTCxHQUFHLEVBQUUsRUFBRSxJQUFJLEVBQUUsVUFBVSxFQUFFLElBQUksRUFBRSxVQUFVLEVBQUU7UUFDM0MsSUFBSSxFQUFFLEtBQUs7S0FDWixDQUFDLENBQUM7SUFFSCxPQUFPLElBQUksT0FBTyxDQUFDLFdBQVcsQ0FDNUIsSUFBSSxFQUNKO1FBQ0UsZUFBZSxFQUFFLElBQUk7UUFDckIsR0FBRyxLQUFLO1FBQ1IsZ0JBQWdCO1FBRWhCLGdCQUFnQixFQUFFO1lBQ2hCO2dCQUNFLElBQUksRUFBRSxVQUFVO2dCQUNoQixlQUFlLEVBQUUsRUFBRSxFQUFFLEVBQUUsU0FBUyxDQUFDLEVBQUUsRUFBRTtnQkFDckMsTUFBTSxFQUFFLEVBQUUsRUFBRSxFQUFFLFFBQVEsRUFBRTtnQkFDeEIseUJBQXlCLEVBQUUsT0FBTyxDQUFDLGtCQUFrQixDQUFDLE9BQU87YUFDOUQ7U0FDRjtRQUVELElBQUksRUFBRSxzQkFBVztLQUNsQixFQUNELEVBQUUsU0FBUyxFQUFFLFNBQVMsSUFBSSxTQUFTLEVBQUUsbUJBQW1CLEVBQUUsSUFBSSxFQUFFLENBQ2pFLENBQUM7QUFDSixDQUFDLENBQUMifQ==