@drunk-pulumi/azure 0.0.24 → 0.0.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AzAd/EnvRoles.d.ts +8 -4
- package/AzAd/EnvRoles.js +28 -29
- package/AzAd/Group.d.ts +3 -3
- package/AzAd/Group.js +9 -9
- package/AzAd/Identity.js +2 -2
- package/AzAd/KeyVaultRoles.d.ts +8 -0
- package/AzAd/KeyVaultRoles.js +53 -0
- package/AzAd/Role.d.ts +5 -6
- package/AzAd/Role.js +11 -8
- package/AzAd/UserIdentity.d.ts +5 -0
- package/AzAd/UserIdentity.js +12 -0
- package/Cdn/index.d.ts +2 -2
- package/Cdn/index.js +14 -14
- package/Common/AutoTags.js +8 -7
- package/Common/AzureEnv.d.ts +1 -0
- package/Common/AzureEnv.js +5 -2
- package/Common/Naming/AzureRegions.d.ts +4 -0
- package/Common/Naming/AzureRegions.js +49 -0
- package/Common/ResourceEnv.d.ts +1 -4
- package/Common/ResourceEnv.js +9 -4
- package/KeyVault/Helper.d.ts +8 -3
- package/KeyVault/Helper.js +32 -12
- package/KeyVault/VaultPermissions.d.ts +18 -17
- package/KeyVault/VaultPermissions.js +146 -89
- package/KeyVault/index.d.ts +1 -6
- package/KeyVault/index.js +29 -66
- package/MySql/index.d.ts +18 -7
- package/MySql/index.js +94 -32
- package/Postgresql/index.d.ts +7 -4
- package/Postgresql/index.js +29 -12
- package/Sql/SqlDb.d.ts +4 -4
- package/Sql/SqlDb.js +13 -13
- package/Sql/index.d.ts +11 -10
- package/Sql/index.js +88 -56
- package/Storage/index.d.ts +3 -3
- package/Storage/index.js +21 -25
- package/VNet/PrivateEndpoint.js +3 -1
- package/package.json +3 -3
- package/types.d.ts +2 -0
- package/KeyVault/VaultAccess.d.ts +0 -15
- package/KeyVault/VaultAccess.js +0 -47
package/KeyVault/index.js
CHANGED
|
@@ -8,32 +8,13 @@ const Helpers_1 = require("../Logs/Helpers");
|
|
|
8
8
|
const PrivateEndpoint_1 = require("../VNet/PrivateEndpoint");
|
|
9
9
|
const CustomHelper_1 = require("./CustomHelper");
|
|
10
10
|
const VaultPermissions_1 = require("./VaultPermissions");
|
|
11
|
-
const
|
|
12
|
-
const Group_1 = require("../AzAd/Group");
|
|
11
|
+
const KeyVaultRoles_1 = require("../AzAd/KeyVaultRoles");
|
|
13
12
|
exports.default = ({ name,
|
|
14
13
|
//nameConvention,
|
|
15
|
-
group,
|
|
16
|
-
includeOrganization: true,
|
|
17
|
-
//permissions: new Array<PermissionProps>(),
|
|
18
|
-
}, createDefaultValues, network, ...others }) => {
|
|
14
|
+
group, createDefaultValues, network, ...others }) => {
|
|
19
15
|
const vaultName = (0, Naming_1.getKeyVaultName)(name);
|
|
20
|
-
const
|
|
21
|
-
|
|
22
|
-
// new Array<native.types.input.keyvault.AccessPolicyEntryArgs>();
|
|
23
|
-
//Grant Access permission
|
|
24
|
-
// if (!auth?.enableRbac) {
|
|
25
|
-
// accessPolicies.push({
|
|
26
|
-
// objectId: readOnlyGroup.objectId,
|
|
27
|
-
// tenantId,
|
|
28
|
-
// permissions: KeyVaultReadOnlyPolicy,
|
|
29
|
-
// });
|
|
30
|
-
// accessPolicies.push({
|
|
31
|
-
// objectId: adminGroup.objectId,
|
|
32
|
-
// tenantId,
|
|
33
|
-
// permissions: KeyVaultAdminPolicy,
|
|
34
|
-
// });
|
|
35
|
-
// }
|
|
36
|
-
const resource = new native.keyvault.Vault(vaultName, {
|
|
16
|
+
const roles = (0, KeyVaultRoles_1.createVaultRoles)(name);
|
|
17
|
+
const vault = new native.keyvault.Vault(vaultName, {
|
|
37
18
|
vaultName,
|
|
38
19
|
...group,
|
|
39
20
|
...others,
|
|
@@ -65,70 +46,52 @@ group, auth = {
|
|
|
65
46
|
},
|
|
66
47
|
},
|
|
67
48
|
});
|
|
68
|
-
//Grant RBAC permission
|
|
69
|
-
(0, VaultPermissions_1.grantVaultRbacPermission)({
|
|
70
|
-
name: `${name}-ReadOnlyGroup`,
|
|
71
|
-
scope: resource.id,
|
|
72
|
-
objectId: readOnlyGroup.objectId,
|
|
73
|
-
permission: "ReadOnly",
|
|
74
|
-
principalType: "Group",
|
|
75
|
-
});
|
|
76
|
-
(0, VaultPermissions_1.grantVaultRbacPermission)({
|
|
77
|
-
name: `${name}-AdminGroup`,
|
|
78
|
-
scope: resource.id,
|
|
79
|
-
objectId: adminGroup.objectId,
|
|
80
|
-
permission: "ReadWrite",
|
|
81
|
-
principalType: "Group",
|
|
82
|
-
});
|
|
83
|
-
//Add current principal to the admin group
|
|
84
|
-
(0, Group_1.addUserToGroup)({
|
|
85
|
-
name: `${name}-current-principal-as-admin`,
|
|
86
|
-
objectId: AzureEnv_1.currentPrincipal,
|
|
87
|
-
groupObjectId: adminGroup.objectId,
|
|
88
|
-
});
|
|
89
49
|
//To Vault Info
|
|
90
|
-
const toVaultInfo = () => ({
|
|
91
|
-
|
|
92
|
-
const addDiagnostic = (logInfo) => (0, Helpers_1.createDiagnostic)({
|
|
93
|
-
name,
|
|
94
|
-
targetResourceId: resource.id,
|
|
95
|
-
...logInfo,
|
|
96
|
-
logsCategories: ["AuditEvent"],
|
|
97
|
-
});
|
|
98
|
-
// Create Private Link
|
|
99
|
-
const createPrivateLink = (props) => (0, PrivateEndpoint_1.default)({
|
|
100
|
-
name: (0, Naming_1.getPrivateEndpointName)(name),
|
|
50
|
+
const toVaultInfo = () => ({
|
|
51
|
+
name: vaultName,
|
|
101
52
|
group,
|
|
102
|
-
|
|
103
|
-
resourceId: resource.id,
|
|
104
|
-
privateDnsZoneName: "privatelink.vaultcore.azure.net",
|
|
105
|
-
linkServiceGroupIds: ["keyVault"],
|
|
53
|
+
id: vault.id,
|
|
106
54
|
});
|
|
55
|
+
const vaultInfo = toVaultInfo();
|
|
56
|
+
(0, VaultPermissions_1.grantVaultPermissionToRole)({ name, vaultInfo, roles });
|
|
107
57
|
if (createDefaultValues) {
|
|
108
|
-
const vaultInfo = toVaultInfo();
|
|
109
58
|
(0, CustomHelper_1.addCustomSecret)({
|
|
110
59
|
name: "tenant-id",
|
|
111
60
|
value: AzureEnv_1.tenantId,
|
|
112
61
|
vaultInfo,
|
|
113
62
|
contentType: "KeyVault Default Values",
|
|
114
|
-
dependsOn:
|
|
63
|
+
dependsOn: vault,
|
|
115
64
|
});
|
|
116
65
|
(0, CustomHelper_1.addCustomSecret)({
|
|
117
66
|
name: "subscription-id",
|
|
118
67
|
value: AzureEnv_1.subscriptionId,
|
|
119
68
|
vaultInfo,
|
|
120
69
|
contentType: "KeyVault Default Values",
|
|
121
|
-
dependsOn:
|
|
70
|
+
dependsOn: vault,
|
|
122
71
|
});
|
|
123
72
|
}
|
|
73
|
+
//Add Diagnostic
|
|
74
|
+
const addDiagnostic = (logInfo) => (0, Helpers_1.createDiagnostic)({
|
|
75
|
+
name,
|
|
76
|
+
targetResourceId: vault.id,
|
|
77
|
+
...logInfo,
|
|
78
|
+
logsCategories: ["AuditEvent"],
|
|
79
|
+
});
|
|
80
|
+
// Create Private Link
|
|
81
|
+
const createPrivateLink = (props) => (0, PrivateEndpoint_1.default)({
|
|
82
|
+
name: (0, Naming_1.getPrivateEndpointName)(name),
|
|
83
|
+
group,
|
|
84
|
+
...props,
|
|
85
|
+
resourceId: vault.id,
|
|
86
|
+
privateDnsZoneName: "privatelink.vaultcore.azure.net",
|
|
87
|
+
linkServiceGroupIds: ["keyVault"],
|
|
88
|
+
});
|
|
124
89
|
return {
|
|
125
90
|
name: vaultName,
|
|
126
|
-
vault
|
|
127
|
-
readOnlyGroup,
|
|
128
|
-
adminGroup,
|
|
91
|
+
vault,
|
|
129
92
|
toVaultInfo,
|
|
130
93
|
addDiagnostic,
|
|
131
94
|
createPrivateLink,
|
|
132
95
|
};
|
|
133
96
|
};
|
|
134
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
97
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvS2V5VmF1bHQvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFBQSwrQ0FBK0M7QUFDL0Msc0RBQW1EO0FBRW5ELGlEQUE4RDtBQUM5RCw2Q0FBMkU7QUFDM0UsNkNBQW1EO0FBRW5ELDZEQUFzRDtBQUV0RCxpREFBaUQ7QUFDakQseURBQWdFO0FBQ2hFLHlEQUF5RDtBQVd6RCxrQkFBZSxDQUFDLEVBQ2QsSUFBSTtBQUNKLGlCQUFpQjtBQUNqQixLQUFLLEVBQ0wsbUJBQW1CLEVBQ25CLE9BQU8sRUFDUCxHQUFHLE1BQU0sRUFDSCxFQUFFLEVBQUU7SUFDVixNQUFNLFNBQVMsR0FBRyxJQUFBLHdCQUFlLEVBQUMsSUFBSSxDQUFDLENBQUM7SUFDeEMsTUFBTSxLQUFLLEdBQUcsSUFBQSxnQ0FBZ0IsRUFBQyxJQUFJLENBQUMsQ0FBQztJQUVyQyxNQUFNLEtBQUssR0FBRyxJQUFJLE1BQU0sQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLFNBQVMsRUFBRTtRQUNqRCxTQUFTO1FBQ1QsR0FBRyxLQUFLO1FBQ1IsR0FBRyxNQUFNO1FBRVQsVUFBVSxFQUFFO1lBQ1YsUUFBUSxFQUFSLG1CQUFRO1lBQ1IsR0FBRyxFQUFFLEVBQUUsSUFBSSxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsR0FBRyxFQUFFO1lBQ3RDLFVBQVUsRUFBRSxTQUFTO1lBRXJCLHVCQUF1QixFQUFFLElBQUk7WUFDN0IsY0FBYyxFQUFFLFNBQVM7WUFFekIscUJBQXFCLEVBQUUsSUFBSTtZQUMzQixnQkFBZ0IsRUFBRSxJQUFJO1lBQ3RCLHlCQUF5QixFQUFFLENBQUMsRUFBRSwyRUFBMkU7WUFFekcsb0JBQW9CLEVBQUUsSUFBSTtZQUMxQix3QkFBd0IsRUFBRSxJQUFJO1lBRTlCLFdBQVcsRUFBRSxPQUFPO2dCQUNsQixDQUFDLENBQUM7b0JBQ0UsTUFBTSxFQUFFLGVBQWU7b0JBQ3ZCLGFBQWEsRUFBRSxhQUFLLENBQUMsUUFBUSxDQUFDLGlCQUFpQixDQUFDLElBQUk7b0JBRXBELE9BQU8sRUFBRSxPQUFPLENBQUMsV0FBVzt3QkFDMUIsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLEVBQUUsS0FBSyxFQUFFLENBQUMsRUFBRSxDQUFDLENBQUM7d0JBQ2hELENBQUMsQ0FBQyxFQUFFO29CQUVOLG1CQUFtQixFQUFFLE9BQU8sQ0FBQyxTQUFTO3dCQUNwQyxDQUFDLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQzt3QkFDM0MsQ0FBQyxDQUFDLFNBQVM7aUJBQ2Q7Z0JBQ0gsQ0FBQyxDQUFDO29CQUNFLE1BQU0sRUFBRSxlQUFlO29CQUN2QixhQUFhLEVBQUUsYUFBSyxDQUFDLFFBQVEsQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLO2lCQUN0RDtTQUNOO0tBQ0YsQ0FBQyxDQUFDO0lBRUgsZUFBZTtJQUNmLE1BQU0sV0FBVyxHQUFHLEdBQUcsRUFBRSxDQUFDLENBQUM7UUFDekIsSUFBSSxFQUFFLFNBQVM7UUFDZixLQUFLO1FBQ0wsRUFBRSxFQUFFLEtBQUssQ0FBQyxFQUFFO0tBQ2IsQ0FBQyxDQUFDO0lBQ0gsTUFBTSxTQUFTLEdBQUcsV0FBVyxFQUFFLENBQUM7SUFFaEMsSUFBQSw2Q0FBMEIsRUFBQyxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztJQUV2RCxJQUFJLG1CQUFtQixFQUFFLENBQUM7UUFDeEIsSUFBQSw4QkFBZSxFQUFDO1lBQ2QsSUFBSSxFQUFFLFdBQVc7WUFDakIsS0FBSyxFQUFFLG1CQUFRO1lBQ2YsU0FBUztZQUNULFdBQVcsRUFBRSx5QkFBeUI7WUFDdEMsU0FBUyxFQUFFLEtBQUs7U0FDakIsQ0FBQyxDQUFDO1FBRUgsSUFBQSw4QkFBZSxFQUFDO1lBQ2QsSUFBSSxFQUFFLGlCQUFpQjtZQUN2QixLQUFLLEVBQUUseUJBQWM7WUFDckIsU0FBUztZQUNULFdBQVcsRUFBRSx5QkFBeUI7WUFDdEMsU0FBUyxFQUFFLEtBQUs7U0FDakIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELGdCQUFnQjtJQUNoQixNQUFNLGFBQWEsR0FBRyxDQUFDLE9BQXlCLEVBQUUsRUFBRSxDQUNsRCxJQUFBLDBCQUFnQixFQUFDO1FBQ2YsSUFBSTtRQUNKLGdCQUFnQixFQUFFLEtBQUssQ0FBQyxFQUFFO1FBQzFCLEdBQUcsT0FBTztRQUNWLGNBQWMsRUFBRSxDQUFDLFlBQVksQ0FBQztLQUMvQixDQUFDLENBQUM7SUFFTCxzQkFBc0I7SUFDdEIsTUFBTSxpQkFBaUIsR0FBRyxDQUFDLEtBQXVCLEVBQUUsRUFBRSxDQUNwRCxJQUFBLHlCQUFlLEVBQUM7UUFDZCxJQUFJLEVBQUUsSUFBQSwrQkFBc0IsRUFBQyxJQUFJLENBQUM7UUFDbEMsS0FBSztRQUNMLEdBQUcsS0FBSztRQUNSLFVBQVUsRUFBRSxLQUFLLENBQUMsRUFBRTtRQUNwQixrQkFBa0IsRUFBRSxpQ0FBaUM7UUFDckQsbUJBQW1CLEVBQUUsQ0FBQyxVQUFVLENBQUM7S0FDbEMsQ0FBQyxDQUFDO0lBRUwsT0FBTztRQUNMLElBQUksRUFBRSxTQUFTO1FBQ2YsS0FBSztRQUNMLFdBQVc7UUFDWCxhQUFhO1FBQ2IsaUJBQWlCO0tBQ2xCLENBQUM7QUFDSixDQUFDLENBQUMifQ==
|
package/MySql/index.d.ts
CHANGED
|
@@ -1,20 +1,31 @@
|
|
|
1
|
-
import { BasicResourceArgs, KeyVaultInfo } from
|
|
2
|
-
import * as pulumi from
|
|
3
|
-
import * as
|
|
4
|
-
import * as inputs from
|
|
1
|
+
import { BasicResourceArgs, KeyVaultInfo } from "../types";
|
|
2
|
+
import * as pulumi from "@pulumi/pulumi";
|
|
3
|
+
import * as dbformysql from "@pulumi/azure-native/dbformysql";
|
|
4
|
+
import * as inputs from "@pulumi/azure-native/types/input";
|
|
5
|
+
import { EnvRoleNamesType } from "../AzAd/EnvRoles";
|
|
5
6
|
export interface MySqlProps extends BasicResourceArgs {
|
|
7
|
+
enableEncryption?: boolean;
|
|
8
|
+
vaultInfo: KeyVaultInfo;
|
|
9
|
+
auth: {
|
|
10
|
+
enableAdAdministrator?: boolean;
|
|
11
|
+
envRoleNames?: EnvRoleNamesType;
|
|
12
|
+
adminLogin?: pulumi.Input<string>;
|
|
13
|
+
password?: pulumi.Input<string>;
|
|
14
|
+
};
|
|
6
15
|
sku?: pulumi.Input<inputs.dbformysql.SkuArgs>;
|
|
7
|
-
|
|
8
|
-
version?: azure.dbformysql.ServerVersion;
|
|
16
|
+
version?: dbformysql.ServerVersion;
|
|
9
17
|
storageSizeGB?: number;
|
|
10
18
|
databases?: Array<string>;
|
|
11
19
|
network?: {
|
|
12
20
|
allowsPublicAccess?: boolean;
|
|
21
|
+
privateLink?: {
|
|
22
|
+
subnetId: pulumi.Input<string>;
|
|
23
|
+
};
|
|
13
24
|
firewallRules?: Array<{
|
|
14
25
|
startIpAddress: string;
|
|
15
26
|
endIpAddress: string;
|
|
16
27
|
}>;
|
|
17
28
|
};
|
|
18
29
|
}
|
|
19
|
-
declare const _default: ({ name, group, version, storageSizeGB, sku, network, databases, vaultInfo, dependsOn, }: MySqlProps) => import("@pulumi/azure-native/dbformysql/server").Server;
|
|
30
|
+
declare const _default: ({ name, group, auth, enableEncryption, version, storageSizeGB, sku, network, databases, vaultInfo, dependsOn, }: MySqlProps) => import("@pulumi/azure-native/dbformysql/server").Server;
|
|
20
31
|
export default _default;
|
package/MySql/index.js
CHANGED
|
@@ -1,57 +1,109 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
const Naming_1 = require("../Common/Naming");
|
|
4
|
-
const
|
|
4
|
+
const dbformysql = require("@pulumi/azure-native/dbformysql");
|
|
5
5
|
const Random_1 = require("../Core/Random");
|
|
6
6
|
const CustomHelper_1 = require("../KeyVault/CustomHelper");
|
|
7
7
|
const AzureEnv_1 = require("../Common/AzureEnv");
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
8
|
+
const Group_1 = require("../AzAd/Group");
|
|
9
|
+
const Role_1 = require("../AzAd/Role");
|
|
10
|
+
const Helper_1 = require("../KeyVault/Helper");
|
|
11
|
+
const UserIdentity_1 = require("../AzAd/UserIdentity");
|
|
12
|
+
const VaultPermissions_1 = require("../KeyVault/VaultPermissions");
|
|
13
|
+
const random_1 = require("@pulumi/random");
|
|
14
|
+
const PrivateEndpoint_1 = require("../VNet/PrivateEndpoint");
|
|
15
|
+
exports.default = ({ name, group, auth, enableEncryption, version = dbformysql.ServerVersion.ServerVersion_8_0_21, storageSizeGB = 20,
|
|
11
16
|
/**
|
|
12
|
-
|
|
13
|
-
|
|
17
|
+
[Standard_B1ms, Standard_B1s, Standard_B2ms, Standard_B2s, Standard_B4ms, Standard_B8ms, Standard_D16s_v3, Standard_D2s_v3, Standard_D32s_v3, Standard_D4s_v3, Standard_D64s_v3, Standard_D8s_v3, Standard_E16s_v3, Standard_E2s_v3, Standard_E32s_v3, Standard_E4s_v3, Standard_E64s_v3, Standard_E8s_v3, Standard_M128ms, Standard_M128s, Standard_M64ms, Standard_M64s, Standard_E48s_v3, Standard_D2ds_v4, Standard_D4ds_v4, Standard_D8ds_v4, Standard_D16ds_v4, Standard_D32ds_v4, Standard_D48ds_v4, Standard_D64ds_v4, Standard_E2ds_v4, Standard_E4ds_v4, Standard_E8ds_v4, Standard_E16ds_v4, Standard_E32ds_v4, Standard_E48ds_v4, Standard_E64ds_v4, Standard_D48s_v3, Standard_E20ds_v4, Standard_M8ms, Standard_M16ms, Standard_M32ts, Standard_M32ls, Standard_M32ms, Standard_M64ls, Standard_M64, Standard_M64m, Standard_M128, Standard_M128m, Standard_B12ms, Standard_B16ms, Standard_B20ms, Standard_D2ads_v5, Standard_D4ads_v5, Standard_D8ads_v5, Standard_D16ads_v5, Standard_D32ads_v5, Standard_D48ads_v5, Standard_D64ads_v5, Standard_D96ads_v5, Standard_E2ads_v5, Standard_E4ads_v5, Standard_E8ads_v5, Standard_E16ads_v5, Standard_E20ads_v5, Standard_E32ads_v5, Standard_E48ads_v5, Standard_E64ads_v5, Standard_E96ads_v5, Standard_D2_v5, Standard_D4_v5, Standard_D8_v5, Standard_D16_v5, Standard_D32_v5, Standard_D48_v5, Standard_D64_v5, Standard_D96_v5, Standard_D2ds_v5, Standard_D4ds_v5, Standard_D8ds_v5, Standard_D16ds_v5, Standard_D32ds_v5, Standard_D48ds_v5, Standard_D64ds_v5, Standard_D96ds_v5, Standard_E2ds_v5, Standard_E4ds_v5, Standard_E8ds_v5, Standard_E16ds_v5, Standard_E20ds_v5, Standard_E32ds_v5, Standard_E48ds_v5, Standard_E64ds_v5, Standard_E96ds_v5, Standard_E104ids_v5, Standard_E2bds_v5, Standard_E4bds_v5, Standard_E8bds_v5, Standard_E16bds_v5, Standard_E32bds_v5, Standard_E48bds_v5, Standard_E64bds_v5, Standard_E112iads_v5, Standard_M32dms_v2, Standard_M64ds_v2, Standard_M64dms_v2, Standard_M128ds_v2, Standard_M128dms_v2, Standard_M192ids_v2, Standard_M192idms_v2]
|
|
18
|
+
*/
|
|
14
19
|
sku = {
|
|
15
|
-
name:
|
|
16
|
-
tier:
|
|
20
|
+
name: "Standard_B1ms",
|
|
21
|
+
tier: "Burstable",
|
|
17
22
|
}, network, databases, vaultInfo, dependsOn, }) => {
|
|
18
23
|
name = (0, Naming_1.getMySqlName)(name);
|
|
19
|
-
const username =
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
24
|
+
const username = auth?.adminLogin ||
|
|
25
|
+
new random_1.RandomString(name, {
|
|
26
|
+
special: false,
|
|
27
|
+
length: 5,
|
|
28
|
+
lower: true,
|
|
29
|
+
upper: false,
|
|
30
|
+
}).result.apply((r) => `mysql${r}`);
|
|
31
|
+
const password = auth?.password ??
|
|
32
|
+
(0, Random_1.randomPassword)({
|
|
33
|
+
name,
|
|
34
|
+
length: 25,
|
|
35
|
+
options: { special: false },
|
|
36
|
+
}).result;
|
|
37
|
+
const encryptKey = enableEncryption
|
|
38
|
+
? (0, Helper_1.getEncryptionKey)(name, vaultInfo)
|
|
39
|
+
: undefined;
|
|
40
|
+
const userIdentity = enableEncryption
|
|
41
|
+
? (0, UserIdentity_1.default)({ name, group })
|
|
42
|
+
: undefined;
|
|
43
|
+
if (userIdentity) {
|
|
44
|
+
//Allows to Read Key Vault
|
|
45
|
+
(0, VaultPermissions_1.grantVaultAccessToIdentity)({
|
|
46
|
+
name,
|
|
47
|
+
identity: userIdentity.principalId.apply((i) => ({ principalId: i })),
|
|
48
|
+
vaultInfo,
|
|
49
|
+
});
|
|
50
|
+
}
|
|
51
|
+
const mySql = new dbformysql.Server(name, {
|
|
26
52
|
serverName: name,
|
|
27
53
|
...group,
|
|
28
54
|
version,
|
|
29
|
-
storage: {
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
55
|
+
storage: {
|
|
56
|
+
storageSizeGB,
|
|
57
|
+
autoGrow: AzureEnv_1.isPrd ? "Enabled" : "Disabled",
|
|
58
|
+
autoIoScaling: AzureEnv_1.isPrd ? "Enabled" : "Disabled",
|
|
59
|
+
},
|
|
60
|
+
// identity: {
|
|
61
|
+
// type: dbformysql.ManagedServiceIdentityType.UserAssigned,
|
|
62
|
+
// userAssignedIdentities: {
|
|
63
|
+
// [userAssignedIdentityId]: {},
|
|
64
|
+
// },
|
|
34
65
|
// },
|
|
35
66
|
administratorLogin: username,
|
|
36
67
|
administratorLoginPassword: password,
|
|
37
|
-
dataEncryption:
|
|
68
|
+
dataEncryption: encryptKey
|
|
69
|
+
? {
|
|
70
|
+
type: dbformysql.DataEncryptionType.AzureKeyVault,
|
|
71
|
+
primaryUserAssignedIdentityId: userIdentity?.id,
|
|
72
|
+
primaryKeyURI: encryptKey.apply((c) => `https://${vaultInfo.name}.vault.azure.net/keys/${c.name}/${c.properties.version}`),
|
|
73
|
+
}
|
|
74
|
+
: { type: dbformysql.DataEncryptionType.SystemManaged },
|
|
38
75
|
//maintenanceWindow: { dayOfWeek: 6 },
|
|
39
76
|
sku,
|
|
40
|
-
//network: {},
|
|
41
77
|
backup: {
|
|
42
|
-
geoRedundantBackup: AzureEnv_1.isPrd ?
|
|
78
|
+
geoRedundantBackup: AzureEnv_1.isPrd ? "Enabled" : "Disabled",
|
|
43
79
|
backupRetentionDays: AzureEnv_1.isPrd ? 7 : 1,
|
|
44
80
|
},
|
|
45
|
-
highAvailability: {
|
|
46
|
-
|
|
81
|
+
highAvailability: {
|
|
82
|
+
mode: AzureEnv_1.isPrd ? "ZoneRedundant" : "Disabled",
|
|
83
|
+
standbyAvailabilityZone: "3",
|
|
84
|
+
},
|
|
85
|
+
availabilityZone: "1",
|
|
47
86
|
}, {
|
|
48
87
|
dependsOn,
|
|
49
88
|
protect: true,
|
|
50
|
-
ignoreChanges: [
|
|
89
|
+
ignoreChanges: ["administratorLogin", "dataEncryption"],
|
|
51
90
|
});
|
|
91
|
+
if (auth?.enableAdAdministrator) {
|
|
92
|
+
const adminGroup = auth.envRoleNames
|
|
93
|
+
? (0, Group_1.getAdGroup)(auth.envRoleNames.admin)
|
|
94
|
+
: (0, Role_1.default)({ env: AzureEnv_1.currentEnv, roleName: "ADMIN", appName: "MYSQL" });
|
|
95
|
+
new dbformysql.AzureADAdministrator(name, {
|
|
96
|
+
serverName: mySql.name,
|
|
97
|
+
...group,
|
|
98
|
+
login: username,
|
|
99
|
+
administratorType: "ActiveDirectory",
|
|
100
|
+
sid: adminGroup.objectId,
|
|
101
|
+
tenantId: AzureEnv_1.tenantId,
|
|
102
|
+
});
|
|
103
|
+
}
|
|
52
104
|
if (network) {
|
|
53
105
|
if (network.firewallRules) {
|
|
54
|
-
network.firewallRules.map((f, i) => new
|
|
106
|
+
network.firewallRules.map((f, i) => new dbformysql.FirewallRule(`${name}-firewall-${i}`, {
|
|
55
107
|
firewallRuleName: `${name}-firewall-${i}`,
|
|
56
108
|
serverName: mySql.name,
|
|
57
109
|
...group,
|
|
@@ -59,13 +111,23 @@ sku = {
|
|
|
59
111
|
}));
|
|
60
112
|
}
|
|
61
113
|
if (network.allowsPublicAccess)
|
|
62
|
-
new
|
|
114
|
+
new dbformysql.FirewallRule(`${name}-firewall-allowpublic`, {
|
|
63
115
|
firewallRuleName: `${name}-firewall-allowpublic`,
|
|
64
116
|
serverName: mySql.name,
|
|
65
117
|
...group,
|
|
66
|
-
startIpAddress:
|
|
67
|
-
endIpAddress:
|
|
118
|
+
startIpAddress: "0.0.0.0",
|
|
119
|
+
endIpAddress: "255.255.255.255",
|
|
68
120
|
});
|
|
121
|
+
if (network.privateLink) {
|
|
122
|
+
(0, PrivateEndpoint_1.default)({
|
|
123
|
+
name,
|
|
124
|
+
group,
|
|
125
|
+
resourceId: mySql.id,
|
|
126
|
+
privateDnsZoneName: "mysql.database.azure.com",
|
|
127
|
+
linkServiceGroupIds: ["mysql"],
|
|
128
|
+
subnetId: network.privateLink.subnetId,
|
|
129
|
+
});
|
|
130
|
+
}
|
|
69
131
|
}
|
|
70
132
|
if (vaultInfo) {
|
|
71
133
|
(0, CustomHelper_1.addCustomSecret)({
|
|
@@ -82,7 +144,7 @@ sku = {
|
|
|
82
144
|
});
|
|
83
145
|
}
|
|
84
146
|
if (databases) {
|
|
85
|
-
databases.map((d) => new
|
|
147
|
+
databases.map((d) => new dbformysql.Database(`${name}-${d}`, {
|
|
86
148
|
serverName: mySql.name,
|
|
87
149
|
databaseName: d,
|
|
88
150
|
...group,
|
|
@@ -90,4 +152,4 @@ sku = {
|
|
|
90
152
|
}
|
|
91
153
|
return mySql;
|
|
92
154
|
};
|
|
93
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
155
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvTXlTcWwvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFDQSw2Q0FBZ0Q7QUFFaEQsOERBQThEO0FBQzlELDJDQUFnRDtBQUVoRCwyREFBMkQ7QUFDM0QsaURBQWlFO0FBQ2pFLHlDQUEyQztBQUMzQyx1Q0FBZ0M7QUFFaEMsK0NBQXNEO0FBQ3RELHVEQUFnRDtBQUNoRCxtRUFBMEU7QUFDMUUsMkNBQThDO0FBQzlDLDZEQUFzRDtBQTRCdEQsa0JBQWUsQ0FBQyxFQUNkLElBQUksRUFDSixLQUFLLEVBQ0wsSUFBSSxFQUNKLGdCQUFnQixFQUNoQixPQUFPLEdBQUcsVUFBVSxDQUFDLGFBQWEsQ0FBQyxvQkFBb0IsRUFDdkQsYUFBYSxHQUFHLEVBQUU7QUFDbEI7O0dBRUc7QUFDSCxHQUFHLEdBQUc7SUFDSixJQUFJLEVBQUUsZUFBZTtJQUNyQixJQUFJLEVBQUUsV0FBVztDQUNsQixFQUNELE9BQU8sRUFDUCxTQUFTLEVBQ1QsU0FBUyxFQUNULFNBQVMsR0FDRSxFQUFFLEVBQUU7SUFDZixJQUFJLEdBQUcsSUFBQSxxQkFBWSxFQUFDLElBQUksQ0FBQyxDQUFDO0lBRTFCLE1BQU0sUUFBUSxHQUNaLElBQUksRUFBRSxVQUFVO1FBQ2hCLElBQUkscUJBQVksQ0FBQyxJQUFJLEVBQUU7WUFDckIsT0FBTyxFQUFFLEtBQUs7WUFDZCxNQUFNLEVBQUUsQ0FBQztZQUNULEtBQUssRUFBRSxJQUFJO1lBQ1gsS0FBSyxFQUFFLEtBQUs7U0FDYixDQUFDLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0lBRXRDLE1BQU0sUUFBUSxHQUNaLElBQUksRUFBRSxRQUFRO1FBQ2QsSUFBQSx1QkFBYyxFQUFDO1lBQ2IsSUFBSTtZQUNKLE1BQU0sRUFBRSxFQUFFO1lBQ1YsT0FBTyxFQUFFLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRTtTQUM1QixDQUFDLENBQUMsTUFBTSxDQUFDO0lBRVosTUFBTSxVQUFVLEdBQUcsZ0JBQWdCO1FBQ2pDLENBQUMsQ0FBQyxJQUFBLHlCQUFnQixFQUFDLElBQUksRUFBRSxTQUFTLENBQUM7UUFDbkMsQ0FBQyxDQUFDLFNBQVMsQ0FBQztJQUVkLE1BQU0sWUFBWSxHQUFHLGdCQUFnQjtRQUNuQyxDQUFDLENBQUMsSUFBQSxzQkFBWSxFQUFDLEVBQUUsSUFBSSxFQUFFLEtBQUssRUFBRSxDQUFDO1FBQy9CLENBQUMsQ0FBQyxTQUFTLENBQUM7SUFFZCxJQUFJLFlBQVksRUFBRSxDQUFDO1FBQ2pCLDBCQUEwQjtRQUMxQixJQUFBLDZDQUEwQixFQUFDO1lBQ3pCLElBQUk7WUFDSixRQUFRLEVBQUUsWUFBWSxDQUFDLFdBQVcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsRUFBRSxXQUFXLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUNyRSxTQUFTO1NBQ1YsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELE1BQU0sS0FBSyxHQUFHLElBQUksVUFBVSxDQUFDLE1BQU0sQ0FDakMsSUFBSSxFQUNKO1FBQ0UsVUFBVSxFQUFFLElBQUk7UUFDaEIsR0FBRyxLQUFLO1FBQ1IsT0FBTztRQUNQLE9BQU8sRUFBRTtZQUNQLGFBQWE7WUFDYixRQUFRLEVBQUUsZ0JBQUssQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxVQUFVO1lBQ3hDLGFBQWEsRUFBRSxnQkFBSyxDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLFVBQVU7U0FDOUM7UUFFRCxjQUFjO1FBQ2QsOERBQThEO1FBQzlELDhCQUE4QjtRQUM5QixvQ0FBb0M7UUFDcEMsT0FBTztRQUNQLEtBQUs7UUFFTCxrQkFBa0IsRUFBRSxRQUFRO1FBQzVCLDBCQUEwQixFQUFFLFFBQVE7UUFDcEMsY0FBYyxFQUFFLFVBQVU7WUFDeEIsQ0FBQyxDQUFDO2dCQUNFLElBQUksRUFBRSxVQUFVLENBQUMsa0JBQWtCLENBQUMsYUFBYTtnQkFDakQsNkJBQTZCLEVBQUUsWUFBWSxFQUFFLEVBQUU7Z0JBQy9DLGFBQWEsRUFBRSxVQUFVLENBQUMsS0FBSyxDQUM3QixDQUFDLENBQUMsRUFBRSxFQUFFLENBQ0osV0FBVyxTQUFTLENBQUMsSUFBSSx5QkFBeUIsQ0FBRSxDQUFDLElBQUksSUFDdkQsQ0FBRSxDQUFDLFVBQVUsQ0FBQyxPQUNoQixFQUFFLENBQ0w7YUFDRjtZQUNILENBQUMsQ0FBQyxFQUFFLElBQUksRUFBRSxVQUFVLENBQUMsa0JBQWtCLENBQUMsYUFBYSxFQUFFO1FBQ3pELHNDQUFzQztRQUN0QyxHQUFHO1FBQ0gsTUFBTSxFQUFFO1lBQ04sa0JBQWtCLEVBQUUsZ0JBQUssQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxVQUFVO1lBQ2xELG1CQUFtQixFQUFFLGdCQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUNuQztRQUNELGdCQUFnQixFQUFFO1lBQ2hCLElBQUksRUFBRSxnQkFBSyxDQUFDLENBQUMsQ0FBQyxlQUFlLENBQUMsQ0FBQyxDQUFDLFVBQVU7WUFDMUMsdUJBQXVCLEVBQUUsR0FBRztTQUM3QjtRQUNELGdCQUFnQixFQUFFLEdBQUc7S0FDdEIsRUFDRDtRQUNFLFNBQVM7UUFDVCxPQUFPLEVBQUUsSUFBSTtRQUNiLGFBQWEsRUFBRSxDQUFDLG9CQUFvQixFQUFFLGdCQUFnQixDQUFDO0tBQ3hELENBQ0YsQ0FBQztJQUVGLElBQUksSUFBSSxFQUFFLHFCQUFxQixFQUFFLENBQUM7UUFDaEMsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLFlBQVk7WUFDbEMsQ0FBQyxDQUFDLElBQUEsa0JBQVUsRUFBQyxJQUFJLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQztZQUNyQyxDQUFDLENBQUMsSUFBQSxjQUFJLEVBQUMsRUFBRSxHQUFHLEVBQUUscUJBQVUsRUFBRSxRQUFRLEVBQUUsT0FBTyxFQUFFLE9BQU8sRUFBRSxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBRW5FLElBQUksVUFBVSxDQUFDLG9CQUFvQixDQUFDLElBQUksRUFBRTtZQUN4QyxVQUFVLEVBQUUsS0FBSyxDQUFDLElBQUk7WUFDdEIsR0FBRyxLQUFLO1lBQ1IsS0FBSyxFQUFFLFFBQVE7WUFDZixpQkFBaUIsRUFBRSxpQkFBaUI7WUFDcEMsR0FBRyxFQUFFLFVBQVUsQ0FBQyxRQUFRO1lBQ3hCLFFBQVEsRUFBUixtQkFBUTtTQUNULENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxJQUFJLE9BQU8sRUFBRSxDQUFDO1FBQ1osSUFBSSxPQUFPLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDMUIsT0FBTyxDQUFDLGFBQWEsQ0FBQyxHQUFHLENBQ3ZCLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRSxFQUFFLENBQ1AsSUFBSSxVQUFVLENBQUMsWUFBWSxDQUFDLEdBQUcsSUFBSSxhQUFhLENBQUMsRUFBRSxFQUFFO2dCQUNuRCxnQkFBZ0IsRUFBRSxHQUFHLElBQUksYUFBYSxDQUFDLEVBQUU7Z0JBQ3pDLFVBQVUsRUFBRSxLQUFLLENBQUMsSUFBSTtnQkFDdEIsR0FBRyxLQUFLO2dCQUNSLEdBQUcsQ0FBQzthQUNMLENBQUMsQ0FDTCxDQUFDO1FBQ0osQ0FBQztRQUVELElBQUksT0FBTyxDQUFDLGtCQUFrQjtZQUM1QixJQUFJLFVBQVUsQ0FBQyxZQUFZLENBQUMsR0FBRyxJQUFJLHVCQUF1QixFQUFFO2dCQUMxRCxnQkFBZ0IsRUFBRSxHQUFHLElBQUksdUJBQXVCO2dCQUNoRCxVQUFVLEVBQUUsS0FBSyxDQUFDLElBQUk7Z0JBQ3RCLEdBQUcsS0FBSztnQkFDUixjQUFjLEVBQUUsU0FBUztnQkFDekIsWUFBWSxFQUFFLGlCQUFpQjthQUNoQyxDQUFDLENBQUM7UUFFTCxJQUFJLE9BQU8sQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUN4QixJQUFBLHlCQUFlLEVBQUM7Z0JBQ2QsSUFBSTtnQkFDSixLQUFLO2dCQUNMLFVBQVUsRUFBRSxLQUFLLENBQUMsRUFBRTtnQkFDcEIsa0JBQWtCLEVBQUUsMEJBQTBCO2dCQUM5QyxtQkFBbUIsRUFBRSxDQUFDLE9BQU8sQ0FBQztnQkFDOUIsUUFBUSxFQUFFLE9BQU8sQ0FBQyxXQUFXLENBQUMsUUFBUTthQUN2QyxDQUFDLENBQUM7UUFDTCxDQUFDO0lBQ0gsQ0FBQztJQUVELElBQUksU0FBUyxFQUFFLENBQUM7UUFDZCxJQUFBLDhCQUFlLEVBQUM7WUFDZCxJQUFJLEVBQUUsR0FBRyxJQUFJLFFBQVE7WUFDckIsS0FBSyxFQUFFLFFBQVE7WUFDZixTQUFTO1lBQ1QsV0FBVyxFQUFFLElBQUk7U0FDbEIsQ0FBQyxDQUFDO1FBQ0gsSUFBQSw4QkFBZSxFQUFDO1lBQ2QsSUFBSSxFQUFFLEdBQUcsSUFBSSxPQUFPO1lBQ3BCLEtBQUssRUFBRSxRQUFRO1lBQ2YsU0FBUztZQUNULFdBQVcsRUFBRSxJQUFJO1NBQ2xCLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxJQUFJLFNBQVMsRUFBRSxDQUFDO1FBQ2QsU0FBUyxDQUFDLEdBQUcsQ0FDWCxDQUFDLENBQUMsRUFBRSxFQUFFLENBQ0osSUFBSSxVQUFVLENBQUMsUUFBUSxDQUNyQixHQUFHLElBQUksSUFBSSxDQUFDLEVBQUUsRUFDZDtZQUNFLFVBQVUsRUFBRSxLQUFLLENBQUMsSUFBSTtZQUN0QixZQUFZLEVBQUUsQ0FBQztZQUNmLEdBQUcsS0FBSztTQUNULEVBQ0QsRUFBRSxTQUFTLEVBQUUsS0FBSyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FDcEMsQ0FDSixDQUFDO0lBQ0osQ0FBQztJQUVELE9BQU8sS0FBSyxDQUFDO0FBQ2YsQ0FBQyxDQUFDIn0=
|
package/Postgresql/index.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import { BasicResourceArgs, KeyVaultInfo } from
|
|
2
|
-
import * as pulumi from
|
|
3
|
-
import * as azure from
|
|
4
|
-
import * as inputs from
|
|
1
|
+
import { BasicResourceArgs, KeyVaultInfo } from "../types";
|
|
2
|
+
import * as pulumi from "@pulumi/pulumi";
|
|
3
|
+
import * as azure from "@pulumi/azure-native";
|
|
4
|
+
import * as inputs from "@pulumi/azure-native/types/input";
|
|
5
5
|
export interface PostgresProps extends BasicResourceArgs {
|
|
6
6
|
sku?: pulumi.Input<inputs.dbforpostgresql.SkuArgs>;
|
|
7
7
|
vaultInfo?: KeyVaultInfo;
|
|
@@ -10,6 +10,9 @@ export interface PostgresProps extends BasicResourceArgs {
|
|
|
10
10
|
databases?: Array<string>;
|
|
11
11
|
network?: {
|
|
12
12
|
allowsPublicAccess?: boolean;
|
|
13
|
+
privateLink?: {
|
|
14
|
+
subnetId: pulumi.Input<string>;
|
|
15
|
+
};
|
|
13
16
|
firewallRules?: Array<{
|
|
14
17
|
startIpAddress: string;
|
|
15
18
|
endIpAddress: string;
|
package/Postgresql/index.js
CHANGED
|
@@ -5,6 +5,8 @@ const azure = require("@pulumi/azure-native");
|
|
|
5
5
|
const AzureEnv_1 = require("../Common/AzureEnv");
|
|
6
6
|
const Random_1 = require("../Core/Random");
|
|
7
7
|
const CustomHelper_1 = require("../KeyVault/CustomHelper");
|
|
8
|
+
const random_1 = require("@pulumi/random");
|
|
9
|
+
const PrivateEndpoint_1 = require("../VNet/PrivateEndpoint");
|
|
8
10
|
exports.default = ({ name, group,
|
|
9
11
|
//auth,
|
|
10
12
|
version = azure.dbforpostgresql.ServerVersion.ServerVersion_14, storageSizeGB = 128,
|
|
@@ -12,11 +14,16 @@ version = azure.dbforpostgresql.ServerVersion.ServerVersion_14, storageSizeGB =
|
|
|
12
14
|
[Standard_B1ms, Standard_B1s, Standard_B2ms, Standard_B2s, Standard_B4ms, Standard_B8ms, Standard_D16s_v3, Standard_D2s_v3, Standard_D32s_v3, Standard_D4s_v3, Standard_D64s_v3, Standard_D8s_v3, Standard_E16s_v3, Standard_E2s_v3, Standard_E32s_v3, Standard_E4s_v3, Standard_E64s_v3, Standard_E8s_v3, Standard_M128ms, Standard_M128s, Standard_M64ms, Standard_M64s, Standard_E48s_v3, Standard_D2ds_v4, Standard_D4ds_v4, Standard_D8ds_v4, Standard_D16ds_v4, Standard_D32ds_v4, Standard_D48ds_v4, Standard_D64ds_v4, Standard_E2ds_v4, Standard_E4ds_v4, Standard_E8ds_v4, Standard_E16ds_v4, Standard_E32ds_v4, Standard_E48ds_v4, Standard_E64ds_v4, Standard_D48s_v3, Standard_E20ds_v4, Standard_M8ms, Standard_M16ms, Standard_M32ts, Standard_M32ls, Standard_M32ms, Standard_M64ls, Standard_M64, Standard_M64m, Standard_M128, Standard_M128m, Standard_B12ms, Standard_B16ms, Standard_B20ms, Standard_D2ads_v5, Standard_D4ads_v5, Standard_D8ads_v5, Standard_D16ads_v5, Standard_D32ads_v5, Standard_D48ads_v5, Standard_D64ads_v5, Standard_D96ads_v5, Standard_E2ads_v5, Standard_E4ads_v5, Standard_E8ads_v5, Standard_E16ads_v5, Standard_E20ads_v5, Standard_E32ads_v5, Standard_E48ads_v5, Standard_E64ads_v5, Standard_E96ads_v5, Standard_D2_v5, Standard_D4_v5, Standard_D8_v5, Standard_D16_v5, Standard_D32_v5, Standard_D48_v5, Standard_D64_v5, Standard_D96_v5, Standard_D2ds_v5, Standard_D4ds_v5, Standard_D8ds_v5, Standard_D16ds_v5, Standard_D32ds_v5, Standard_D48ds_v5, Standard_D64ds_v5, Standard_D96ds_v5, Standard_E2ds_v5, Standard_E4ds_v5, Standard_E8ds_v5, Standard_E16ds_v5, Standard_E20ds_v5, Standard_E32ds_v5, Standard_E48ds_v5, Standard_E64ds_v5, Standard_E96ds_v5, Standard_E104ids_v5, Standard_E2bds_v5, Standard_E4bds_v5, Standard_E8bds_v5, Standard_E16bds_v5, Standard_E32bds_v5, Standard_E48bds_v5, Standard_E64bds_v5, Standard_E112iads_v5, Standard_M32dms_v2, Standard_M64ds_v2, Standard_M64dms_v2, Standard_M128ds_v2, Standard_M128dms_v2, Standard_M192ids_v2, Standard_M192idms_v2]
|
|
13
15
|
*/
|
|
14
16
|
sku = {
|
|
15
|
-
name:
|
|
16
|
-
tier:
|
|
17
|
+
name: "Standard_B1ms",
|
|
18
|
+
tier: "Burstable",
|
|
17
19
|
}, network, databases, vaultInfo, dependsOn, }) => {
|
|
18
20
|
name = (0, Naming_1.getPostgresqlName)(name);
|
|
19
|
-
const username =
|
|
21
|
+
const username = new random_1.RandomString(name, {
|
|
22
|
+
special: false,
|
|
23
|
+
length: 5,
|
|
24
|
+
lower: true,
|
|
25
|
+
upper: false,
|
|
26
|
+
}).result.apply((r) => `postgres${r}`);
|
|
20
27
|
const password = (0, Random_1.randomPassword)({
|
|
21
28
|
name,
|
|
22
29
|
length: 25,
|
|
@@ -28,26 +35,26 @@ sku = {
|
|
|
28
35
|
version,
|
|
29
36
|
storage: { storageSizeGB },
|
|
30
37
|
authConfig: {
|
|
31
|
-
passwordAuth:
|
|
32
|
-
activeDirectoryAuth:
|
|
38
|
+
passwordAuth: "Enabled",
|
|
39
|
+
activeDirectoryAuth: "Enabled",
|
|
33
40
|
tenantId: AzureEnv_1.tenantId,
|
|
34
41
|
},
|
|
35
42
|
administratorLogin: username,
|
|
36
43
|
administratorLoginPassword: password,
|
|
37
|
-
dataEncryption: { type:
|
|
44
|
+
dataEncryption: { type: "SystemManaged" },
|
|
38
45
|
//maintenanceWindow: { dayOfWeek: 6 },
|
|
39
46
|
sku,
|
|
40
47
|
//network: {},
|
|
41
48
|
backup: {
|
|
42
|
-
geoRedundantBackup: AzureEnv_1.isPrd ?
|
|
49
|
+
geoRedundantBackup: AzureEnv_1.isPrd ? "Enabled" : "Disabled",
|
|
43
50
|
backupRetentionDays: 7,
|
|
44
51
|
},
|
|
45
|
-
highAvailability: { mode: AzureEnv_1.isPrd ?
|
|
52
|
+
highAvailability: { mode: AzureEnv_1.isPrd ? "ZoneRedundant" : "Disabled" },
|
|
46
53
|
//availabilityZone: isPrd ? 3 : 1,
|
|
47
54
|
}, {
|
|
48
55
|
dependsOn,
|
|
49
56
|
protect: true,
|
|
50
|
-
ignoreChanges: [
|
|
57
|
+
ignoreChanges: ["administratorLogin", "dataEncryption"],
|
|
51
58
|
});
|
|
52
59
|
if (network) {
|
|
53
60
|
if (network.firewallRules) {
|
|
@@ -63,9 +70,19 @@ sku = {
|
|
|
63
70
|
firewallRuleName: `${name}-firewall-allowpublic`,
|
|
64
71
|
serverName: postgres.name,
|
|
65
72
|
...group,
|
|
66
|
-
startIpAddress:
|
|
67
|
-
endIpAddress:
|
|
73
|
+
startIpAddress: "0.0.0.0",
|
|
74
|
+
endIpAddress: "255.255.255.255",
|
|
68
75
|
});
|
|
76
|
+
if (network.privateLink) {
|
|
77
|
+
(0, PrivateEndpoint_1.default)({
|
|
78
|
+
name,
|
|
79
|
+
group,
|
|
80
|
+
resourceId: postgres.id,
|
|
81
|
+
privateDnsZoneName: "postgres.database.azure.com",
|
|
82
|
+
linkServiceGroupIds: ["postgresql"],
|
|
83
|
+
subnetId: network.privateLink.subnetId,
|
|
84
|
+
});
|
|
85
|
+
}
|
|
69
86
|
}
|
|
70
87
|
if (vaultInfo) {
|
|
71
88
|
(0, CustomHelper_1.addCustomSecret)({
|
|
@@ -90,4 +107,4 @@ sku = {
|
|
|
90
107
|
}
|
|
91
108
|
return postgres;
|
|
92
109
|
};
|
|
93
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
110
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvUG9zdGdyZXNxbC9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUNBLDZDQUFxRDtBQUVyRCw4Q0FBOEM7QUFDOUMsaURBQXFEO0FBQ3JELDJDQUFnRDtBQUVoRCwyREFBMkQ7QUFDM0QsMkNBQThDO0FBQzlDLDZEQUFzRDtBQXdCdEQsa0JBQWUsQ0FBQyxFQUNkLElBQUksRUFDSixLQUFLO0FBQ0wsT0FBTztBQUNQLE9BQU8sR0FBRyxLQUFLLENBQUMsZUFBZSxDQUFDLGFBQWEsQ0FBQyxnQkFBZ0IsRUFDOUQsYUFBYSxHQUFHLEdBQUc7QUFDbkI7O0dBRUc7QUFDSCxHQUFHLEdBQUc7SUFDSixJQUFJLEVBQUUsZUFBZTtJQUNyQixJQUFJLEVBQUUsV0FBVztDQUNsQixFQUNELE9BQU8sRUFDUCxTQUFTLEVBQ1QsU0FBUyxFQUNULFNBQVMsR0FDSyxFQUFFLEVBQUU7SUFDbEIsSUFBSSxHQUFHLElBQUEsMEJBQWlCLEVBQUMsSUFBSSxDQUFDLENBQUM7SUFFL0IsTUFBTSxRQUFRLEdBQUcsSUFBSSxxQkFBWSxDQUFDLElBQUksRUFBRTtRQUN0QyxPQUFPLEVBQUUsS0FBSztRQUNkLE1BQU0sRUFBRSxDQUFDO1FBQ1QsS0FBSyxFQUFFLElBQUk7UUFDWCxLQUFLLEVBQUUsS0FBSztLQUNiLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxXQUFXLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDdkMsTUFBTSxRQUFRLEdBQUcsSUFBQSx1QkFBYyxFQUFDO1FBQzlCLElBQUk7UUFDSixNQUFNLEVBQUUsRUFBRTtRQUNWLE9BQU8sRUFBRSxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUU7S0FDNUIsQ0FBQyxDQUFDLE1BQU0sQ0FBQztJQUVWLE1BQU0sUUFBUSxHQUFHLElBQUksS0FBSyxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQy9DLElBQUksRUFDSjtRQUNFLFVBQVUsRUFBRSxJQUFJO1FBQ2hCLEdBQUcsS0FBSztRQUNSLE9BQU87UUFDUCxPQUFPLEVBQUUsRUFBRSxhQUFhLEVBQUU7UUFFMUIsVUFBVSxFQUFFO1lBQ1YsWUFBWSxFQUFFLFNBQVM7WUFDdkIsbUJBQW1CLEVBQUUsU0FBUztZQUM5QixRQUFRLEVBQVIsbUJBQVE7U0FDVDtRQUNELGtCQUFrQixFQUFFLFFBQVE7UUFDNUIsMEJBQTBCLEVBQUUsUUFBUTtRQUNwQyxjQUFjLEVBQUUsRUFBRSxJQUFJLEVBQUUsZUFBZSxFQUFFO1FBQ3pDLHNDQUFzQztRQUN0QyxHQUFHO1FBQ0gsY0FBYztRQUNkLE1BQU0sRUFBRTtZQUNOLGtCQUFrQixFQUFFLGdCQUFLLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsVUFBVTtZQUNsRCxtQkFBbUIsRUFBRSxDQUFDO1NBQ3ZCO1FBQ0QsZ0JBQWdCLEVBQUUsRUFBRSxJQUFJLEVBQUUsZ0JBQUssQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFDLENBQUMsQ0FBQyxVQUFVLEVBQUU7UUFDaEUsa0NBQWtDO0tBQ25DLEVBQ0Q7UUFDRSxTQUFTO1FBQ1QsT0FBTyxFQUFFLElBQUk7UUFDYixhQUFhLEVBQUUsQ0FBQyxvQkFBb0IsRUFBRSxnQkFBZ0IsQ0FBQztLQUN4RCxDQUNGLENBQUM7SUFFRixJQUFJLE9BQU8sRUFBRSxDQUFDO1FBQ1osSUFBSSxPQUFPLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDMUIsT0FBTyxDQUFDLGFBQWEsQ0FBQyxHQUFHLENBQ3ZCLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRSxFQUFFLENBQ1AsSUFBSSxLQUFLLENBQUMsZUFBZSxDQUFDLFlBQVksQ0FBQyxHQUFHLElBQUksYUFBYSxDQUFDLEVBQUUsRUFBRTtnQkFDOUQsZ0JBQWdCLEVBQUUsR0FBRyxJQUFJLGFBQWEsQ0FBQyxFQUFFO2dCQUN6QyxVQUFVLEVBQUUsUUFBUSxDQUFDLElBQUk7Z0JBQ3pCLEdBQUcsS0FBSztnQkFDUixHQUFHLENBQUM7YUFDTCxDQUFDLENBQ0wsQ0FBQztRQUNKLENBQUM7UUFFRCxJQUFJLE9BQU8sQ0FBQyxrQkFBa0I7WUFDNUIsSUFBSSxLQUFLLENBQUMsZUFBZSxDQUFDLFlBQVksQ0FBQyxHQUFHLElBQUksdUJBQXVCLEVBQUU7Z0JBQ3JFLGdCQUFnQixFQUFFLEdBQUcsSUFBSSx1QkFBdUI7Z0JBQ2hELFVBQVUsRUFBRSxRQUFRLENBQUMsSUFBSTtnQkFDekIsR0FBRyxLQUFLO2dCQUNSLGNBQWMsRUFBRSxTQUFTO2dCQUN6QixZQUFZLEVBQUUsaUJBQWlCO2FBQ2hDLENBQUMsQ0FBQztRQUVMLElBQUksT0FBTyxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQ3hCLElBQUEseUJBQWUsRUFBQztnQkFDZCxJQUFJO2dCQUNKLEtBQUs7Z0JBQ0wsVUFBVSxFQUFFLFFBQVEsQ0FBQyxFQUFFO2dCQUN2QixrQkFBa0IsRUFBRSw2QkFBNkI7Z0JBQ2pELG1CQUFtQixFQUFFLENBQUMsWUFBWSxDQUFDO2dCQUNuQyxRQUFRLEVBQUUsT0FBTyxDQUFDLFdBQVcsQ0FBQyxRQUFRO2FBQ3ZDLENBQUMsQ0FBQztRQUNMLENBQUM7SUFDSCxDQUFDO0lBRUQsSUFBSSxTQUFTLEVBQUUsQ0FBQztRQUNkLElBQUEsOEJBQWUsRUFBQztZQUNkLElBQUksRUFBRSxHQUFHLElBQUksUUFBUTtZQUNyQixLQUFLLEVBQUUsUUFBUTtZQUNmLFNBQVM7WUFDVCxXQUFXLEVBQUUsSUFBSTtTQUNsQixDQUFDLENBQUM7UUFDSCxJQUFBLDhCQUFlLEVBQUM7WUFDZCxJQUFJLEVBQUUsR0FBRyxJQUFJLE9BQU87WUFDcEIsS0FBSyxFQUFFLFFBQVE7WUFDZixTQUFTO1lBQ1QsV0FBVyxFQUFFLElBQUk7U0FDbEIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELElBQUksU0FBUyxFQUFFLENBQUM7UUFDZCxTQUFTLENBQUMsR0FBRyxDQUNYLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FDSixJQUFJLEtBQUssQ0FBQyxlQUFlLENBQUMsUUFBUSxDQUNoQyxHQUFHLElBQUksSUFBSSxDQUFDLEVBQUUsRUFDZDtZQUNFLFVBQVUsRUFBRSxRQUFRLENBQUMsSUFBSTtZQUN6QixZQUFZLEVBQUUsQ0FBQztZQUNmLEdBQUcsS0FBSztTQUNULEVBQ0QsRUFBRSxTQUFTLEVBQUUsUUFBUSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FDdkMsQ0FDSixDQUFDO0lBQ0osQ0FBQztJQUVELE9BQU8sUUFBUSxDQUFDO0FBQ2xCLENBQUMsQ0FBQyJ9
|
package/Sql/SqlDb.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import * as sql from
|
|
2
|
-
import { BasicResourceArgs, BasicResourceResultProps } from
|
|
3
|
-
import { Input, Output, Resource } from
|
|
4
|
-
export type SqlDbSku =
|
|
1
|
+
import * as sql from "@pulumi/azure-native/sql";
|
|
2
|
+
import { BasicResourceArgs, BasicResourceResultProps } from "../types";
|
|
3
|
+
import { Input, Output, Resource } from "@pulumi/pulumi";
|
|
4
|
+
export type SqlDbSku = "Basic" | "S0" | "S1" | "S2" | "S3" | "P1" | "P2" | "P4" | "P6" | "P11";
|
|
5
5
|
export interface SqlDbProps extends BasicResourceArgs {
|
|
6
6
|
sqlServerName: Input<string>;
|
|
7
7
|
elasticPoolId?: Output<string>;
|
package/Sql/SqlDb.js
CHANGED
|
@@ -5,11 +5,11 @@ const AzureEnv_1 = require("../Common/AzureEnv");
|
|
|
5
5
|
const Naming_1 = require("../Common/Naming");
|
|
6
6
|
const Locker_1 = require("../Core/Locker");
|
|
7
7
|
//https://blog.bredvid.no/handling-azure-managed-identity-access-to-azure-sql-in-an-azure-devops-pipeline-1e74e1beb10b
|
|
8
|
-
exports.default = ({ group, name, sqlServerName, elasticPoolId, sku =
|
|
8
|
+
exports.default = ({ group, name, sqlServerName, elasticPoolId, sku = "S0", lock, dependsOn, }) => {
|
|
9
9
|
name = (0, Naming_1.getSqlDbName)(name);
|
|
10
10
|
const sqlDb = new sql.Database(name, {
|
|
11
11
|
databaseName: name,
|
|
12
|
-
createMode:
|
|
12
|
+
createMode: "Default",
|
|
13
13
|
...group,
|
|
14
14
|
serverName: sqlServerName,
|
|
15
15
|
elasticPoolId,
|
|
@@ -21,21 +21,21 @@ exports.default = ({ group, name, sqlServerName, elasticPoolId, sku = 'S0', lock
|
|
|
21
21
|
// capacity: 5,
|
|
22
22
|
},
|
|
23
23
|
//zoneRedundant: isPrd,
|
|
24
|
-
requestedBackupStorageRedundancy: AzureEnv_1.isPrd ?
|
|
24
|
+
requestedBackupStorageRedundancy: AzureEnv_1.isPrd ? "Zone" : "Local",
|
|
25
25
|
}, { dependsOn });
|
|
26
26
|
if (lock) {
|
|
27
27
|
(0, Locker_1.default)({ name, resourceId: sqlDb.id, dependsOn: sqlDb });
|
|
28
28
|
}
|
|
29
29
|
//By Default is 7 Day
|
|
30
|
-
if (
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
}
|
|
30
|
+
// if (isPrd) {
|
|
31
|
+
// new sql.BackupShortTermRetentionPolicy(name, {
|
|
32
|
+
// policyName: 'default',
|
|
33
|
+
// serverName: sqlServerName,
|
|
34
|
+
// ...group,
|
|
35
|
+
// databaseName: sqlDb.name,
|
|
36
|
+
// retentionDays: 7,
|
|
37
|
+
// });
|
|
38
|
+
// }
|
|
39
39
|
return { name, resource: sqlDb };
|
|
40
40
|
};
|
|
41
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
41
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU3FsRGIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvU3FsL1NxbERiLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsZ0RBQWdEO0FBS2hELGlEQUEyQztBQUMzQyw2Q0FBZ0Q7QUFDaEQsMkNBQW9DO0FBdUJwQyxzSEFBc0g7QUFDdEgsa0JBQWUsQ0FBQyxFQUNkLEtBQUssRUFDTCxJQUFJLEVBQ0osYUFBYSxFQUNiLGFBQWEsRUFDYixHQUFHLEdBQUcsSUFBSSxFQUNWLElBQUksRUFDSixTQUFTLEdBQ0UsRUFBMEMsRUFBRTtJQUN2RCxJQUFJLEdBQUcsSUFBQSxxQkFBWSxFQUFDLElBQUksQ0FBQyxDQUFDO0lBRTFCLE1BQU0sS0FBSyxHQUFHLElBQUksR0FBRyxDQUFDLFFBQVEsQ0FDNUIsSUFBSSxFQUNKO1FBQ0UsWUFBWSxFQUFFLElBQUk7UUFDbEIsVUFBVSxFQUFFLFNBQVM7UUFDckIsR0FBRyxLQUFLO1FBQ1IsVUFBVSxFQUFFLGFBQWE7UUFDekIsYUFBYTtRQUViLEdBQUcsRUFBRSxhQUFhO1lBQ2hCLENBQUMsQ0FBQyxTQUFTO1lBQ1gsQ0FBQyxDQUFDO2dCQUNFLElBQUksRUFBRSxHQUFHO2dCQUNULGlCQUFpQjtnQkFDakIsZUFBZTthQUNoQjtRQUNMLHVCQUF1QjtRQUN2QixnQ0FBZ0MsRUFBRSxnQkFBSyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLE9BQU87S0FDM0QsRUFDRCxFQUFFLFNBQVMsRUFBRSxDQUNkLENBQUM7SUFFRixJQUFJLElBQUksRUFBRSxDQUFDO1FBQ1QsSUFBQSxnQkFBTSxFQUFDLEVBQUUsSUFBSSxFQUFFLFVBQVUsRUFBRSxLQUFLLENBQUMsRUFBRSxFQUFFLFNBQVMsRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO0lBQzNELENBQUM7SUFFRCxxQkFBcUI7SUFDckIsZUFBZTtJQUNmLG1EQUFtRDtJQUNuRCw2QkFBNkI7SUFDN0IsaUNBQWlDO0lBQ2pDLGdCQUFnQjtJQUNoQixnQ0FBZ0M7SUFDaEMsd0JBQXdCO0lBQ3hCLFFBQVE7SUFDUixJQUFJO0lBRUosT0FBTyxFQUFFLElBQUksRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLENBQUM7QUFDbkMsQ0FBQyxDQUFDIn0=
|
package/Sql/index.d.ts
CHANGED
|
@@ -1,10 +1,11 @@
|
|
|
1
|
-
import { Input, Output } from
|
|
2
|
-
import { EnvRoleNamesType } from
|
|
3
|
-
import { BasicResourceArgs, BasicResourceResultProps, KeyVaultInfo, PrivateLinkProps } from
|
|
4
|
-
import { SqlDbProps } from
|
|
1
|
+
import { Input, Output } from "@pulumi/pulumi";
|
|
2
|
+
import { EnvRoleNamesType } from "../AzAd/EnvRoles";
|
|
3
|
+
import { BasicResourceArgs, BasicResourceResultProps, KeyVaultInfo, PrivateLinkProps } from "../types";
|
|
4
|
+
import { SqlDbProps } from "./SqlDb";
|
|
5
5
|
type ElasticPoolCapacityProps = 50 | 100 | 200 | 300 | 400 | 800 | 1200;
|
|
6
6
|
interface Props extends BasicResourceArgs {
|
|
7
|
-
vaultInfo
|
|
7
|
+
vaultInfo: KeyVaultInfo;
|
|
8
|
+
enableEncryption?: boolean;
|
|
8
9
|
/** if Auth is not provided it will be auto generated */
|
|
9
10
|
auth: {
|
|
10
11
|
envRoleNames?: EnvRoleNamesType;
|
|
@@ -15,16 +16,16 @@ interface Props extends BasicResourceArgs {
|
|
|
15
16
|
password: Input<string>;
|
|
16
17
|
};
|
|
17
18
|
elasticPool?: {
|
|
18
|
-
name:
|
|
19
|
+
name: "Standard" | "Basic";
|
|
19
20
|
capacity: ElasticPoolCapacityProps;
|
|
20
21
|
};
|
|
21
|
-
databases: Array<Omit<SqlDbProps,
|
|
22
|
+
databases: Array<Omit<SqlDbProps, "sqlServerName" | "group" | "elasticPoolId" | "dependsOn">>;
|
|
22
23
|
network?: {
|
|
23
24
|
acceptAllInternetConnect?: boolean;
|
|
24
25
|
subnetId?: Input<string>;
|
|
25
26
|
ipAddresses?: Input<string>[];
|
|
26
27
|
/** To enable Private Link need to ensure the subnetId is provided. */
|
|
27
|
-
privateLink?: Omit<PrivateLinkProps,
|
|
28
|
+
privateLink?: Omit<PrivateLinkProps, "subnetId">;
|
|
28
29
|
};
|
|
29
30
|
vulnerabilityAssessment?: {
|
|
30
31
|
alertEmails: Array<string>;
|
|
@@ -34,11 +35,11 @@ interface Props extends BasicResourceArgs {
|
|
|
34
35
|
};
|
|
35
36
|
lock?: boolean;
|
|
36
37
|
}
|
|
37
|
-
declare const _default: ({ name, auth, group, elasticPool, databases, vaultInfo, network, vulnerabilityAssessment, lock, }: Props) => {
|
|
38
|
+
declare const _default: ({ name, auth, group, enableEncryption, elasticPool, databases, vaultInfo, network, vulnerabilityAssessment, lock, }: Props) => {
|
|
38
39
|
name: string;
|
|
39
40
|
resource: import("@pulumi/azure-native/sql/server").Server;
|
|
40
41
|
elasticPool: BasicResourceResultProps<import("@pulumi/azure-native/sql/elasticPool").ElasticPool> | undefined;
|
|
41
|
-
databases: BasicResourceResultProps<import("@pulumi/azure-native/sql/database").Database>[]
|
|
42
|
+
databases: BasicResourceResultProps<import("@pulumi/azure-native/sql/database").Database>[];
|
|
42
43
|
adminGroup: Output<import("@pulumi/pulumi").UnwrappedObject<import("@pulumi/azuread").GetGroupResult>> | Output<import("@pulumi/azuread/group").Group> | undefined;
|
|
43
44
|
};
|
|
44
45
|
export default _default;
|