@drunk-pulumi/azure 0.0.24 → 0.0.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AzAd/EnvRoles.d.ts +8 -4
- package/AzAd/EnvRoles.js +28 -29
- package/AzAd/Group.d.ts +3 -3
- package/AzAd/Group.js +9 -9
- package/AzAd/Identity.js +2 -2
- package/AzAd/KeyVaultRoles.d.ts +8 -0
- package/AzAd/KeyVaultRoles.js +53 -0
- package/AzAd/Role.d.ts +5 -6
- package/AzAd/Role.js +11 -8
- package/AzAd/UserIdentity.d.ts +5 -0
- package/AzAd/UserIdentity.js +12 -0
- package/Cdn/index.d.ts +2 -2
- package/Cdn/index.js +14 -14
- package/Common/AutoTags.js +8 -7
- package/Common/AzureEnv.d.ts +1 -0
- package/Common/AzureEnv.js +5 -2
- package/Common/Naming/AzureRegions.d.ts +4 -0
- package/Common/Naming/AzureRegions.js +49 -0
- package/Common/ResourceEnv.d.ts +1 -4
- package/Common/ResourceEnv.js +9 -4
- package/KeyVault/Helper.d.ts +8 -3
- package/KeyVault/Helper.js +32 -12
- package/KeyVault/VaultPermissions.d.ts +18 -17
- package/KeyVault/VaultPermissions.js +146 -89
- package/KeyVault/index.d.ts +1 -6
- package/KeyVault/index.js +29 -66
- package/MySql/index.d.ts +18 -7
- package/MySql/index.js +94 -32
- package/Postgresql/index.d.ts +7 -4
- package/Postgresql/index.js +29 -12
- package/Sql/SqlDb.d.ts +4 -4
- package/Sql/SqlDb.js +13 -13
- package/Sql/index.d.ts +11 -10
- package/Sql/index.js +88 -56
- package/Storage/index.d.ts +3 -3
- package/Storage/index.js +21 -25
- package/VNet/PrivateEndpoint.js +3 -1
- package/package.json +3 -3
- package/types.d.ts +2 -0
- package/KeyVault/VaultAccess.d.ts +0 -15
- package/KeyVault/VaultAccess.js +0 -47
package/Sql/index.js
CHANGED
|
@@ -2,19 +2,21 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
const sql = require("@pulumi/azure-native/sql");
|
|
4
4
|
const pulumi_1 = require("@pulumi/pulumi");
|
|
5
|
+
const Helper_1 = require("../KeyVault/Helper");
|
|
5
6
|
const Group_1 = require("../AzAd/Group");
|
|
6
7
|
const RoleAssignment_1 = require("../AzAd/RoleAssignment");
|
|
7
8
|
const AzureEnv_1 = require("../Common/AzureEnv");
|
|
8
9
|
const Naming_1 = require("../Common/Naming");
|
|
9
10
|
const Locker_1 = require("../Core/Locker");
|
|
10
|
-
const
|
|
11
|
+
const Helper_2 = require("../VNet/Helper");
|
|
11
12
|
const PrivateEndpoint_1 = require("../VNet/PrivateEndpoint");
|
|
12
13
|
const SqlDb_1 = require("./SqlDb");
|
|
13
14
|
const CustomHelper_1 = require("../KeyVault/CustomHelper");
|
|
14
15
|
const Role_1 = require("../AzAd/Role");
|
|
16
|
+
const VaultPermissions_1 = require("../KeyVault/VaultPermissions");
|
|
15
17
|
const createElasticPool = ({ group, name, sqlName,
|
|
16
18
|
//Minimum is 50 GD
|
|
17
|
-
maxSizeBytesGb = 50, sku = { name: AzureEnv_1.isPrd ?
|
|
19
|
+
maxSizeBytesGb = 50, sku = { name: AzureEnv_1.isPrd ? "Standard" : "Basic", capacity: 50 }, lock = true, }) => {
|
|
18
20
|
//Create Sql Elastic
|
|
19
21
|
const elasticName = (0, Naming_1.getElasticPoolName)(name);
|
|
20
22
|
const ep = new sql.ElasticPool(elasticName, {
|
|
@@ -29,8 +31,9 @@ maxSizeBytesGb = 50, sku = { name: AzureEnv_1.isPrd ? 'Standard' : 'Basic', capa
|
|
|
29
31
|
},
|
|
30
32
|
perDatabaseSettings: {
|
|
31
33
|
minCapacity: 0,
|
|
32
|
-
maxCapacity: sku.name ===
|
|
34
|
+
maxCapacity: sku.name === "Basic" ? 5 : sku.capacity,
|
|
33
35
|
},
|
|
36
|
+
zoneRedundant: AzureEnv_1.isPrd,
|
|
34
37
|
//licenseType: sql.ElasticPoolLicenseType.BasePrice,
|
|
35
38
|
//zoneRedundant: isPrd,
|
|
36
39
|
});
|
|
@@ -39,8 +42,11 @@ maxSizeBytesGb = 50, sku = { name: AzureEnv_1.isPrd ? 'Standard' : 'Basic', capa
|
|
|
39
42
|
}
|
|
40
43
|
return { name: elasticName, resource: ep };
|
|
41
44
|
};
|
|
42
|
-
exports.default = ({ name, auth, group, elasticPool, databases, vaultInfo, network, vulnerabilityAssessment, lock = true, }) => {
|
|
45
|
+
exports.default = ({ name, auth, group, enableEncryption, elasticPool, databases, vaultInfo, network, vulnerabilityAssessment, lock = true, }) => {
|
|
43
46
|
const sqlName = (0, Naming_1.getSqlServerName)(name);
|
|
47
|
+
const encryptKey = enableEncryption
|
|
48
|
+
? (0, Helper_1.getEncryptionKey)(name, vaultInfo)
|
|
49
|
+
: undefined;
|
|
44
50
|
// if (vaultInfo && !auth) {
|
|
45
51
|
// const login = await randomLogin({ name, loginPrefix: 'sql', vaultInfo });
|
|
46
52
|
// auth = {
|
|
@@ -49,25 +55,24 @@ exports.default = ({ name, auth, group, elasticPool, databases, vaultInfo, netwo
|
|
|
49
55
|
// password: login.password,
|
|
50
56
|
// };
|
|
51
57
|
// }
|
|
52
|
-
const adminGroup = auth?.enableAdAdministrator
|
|
58
|
+
const adminGroup = auth?.enableAdAdministrator || auth.azureAdOnlyAuthentication
|
|
53
59
|
? auth.envRoleNames
|
|
54
60
|
? (0, Group_1.getAdGroup)(auth.envRoleNames.admin)
|
|
55
|
-
: (0, Role_1.default)({ env: AzureEnv_1.currentEnv, roleName:
|
|
61
|
+
: (0, Role_1.default)({ env: AzureEnv_1.currentEnv, roleName: "ADMIN", appName: "SQL" })
|
|
56
62
|
: undefined;
|
|
57
|
-
const ignoreChanges = [
|
|
63
|
+
const ignoreChanges = ["administratorLogin", "administrators"];
|
|
58
64
|
if (auth.azureAdOnlyAuthentication)
|
|
59
|
-
ignoreChanges.push(
|
|
65
|
+
ignoreChanges.push("administratorLoginPassword");
|
|
60
66
|
const sqlServer = new sql.Server(sqlName, {
|
|
61
67
|
serverName: sqlName,
|
|
62
68
|
...group,
|
|
63
|
-
version:
|
|
64
|
-
minimalTlsVersion:
|
|
65
|
-
identity: { type:
|
|
69
|
+
version: "12.0",
|
|
70
|
+
minimalTlsVersion: "1.2",
|
|
71
|
+
identity: { type: "SystemAssigned" },
|
|
66
72
|
administratorLogin: auth?.adminLogin,
|
|
67
|
-
administratorLoginPassword: auth
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
administrators: auth?.enableAdAdministrator && adminGroup
|
|
73
|
+
administratorLoginPassword: auth?.password,
|
|
74
|
+
administrators: (auth?.enableAdAdministrator || auth.azureAdOnlyAuthentication) &&
|
|
75
|
+
adminGroup
|
|
71
76
|
? {
|
|
72
77
|
administratorType: sql.AdministratorType.ActiveDirectory,
|
|
73
78
|
azureADOnlyAuthentication: auth.azureAdOnlyAuthentication,
|
|
@@ -84,6 +89,8 @@ exports.default = ({ name, auth, group, elasticPool, databases, vaultInfo, netwo
|
|
|
84
89
|
ignoreChanges,
|
|
85
90
|
protect: lock,
|
|
86
91
|
});
|
|
92
|
+
//Allows to Read Key Vault
|
|
93
|
+
(0, VaultPermissions_1.grantVaultAccessToIdentity)({ name, identity: sqlServer.identity, vaultInfo });
|
|
87
94
|
if (lock) {
|
|
88
95
|
(0, Locker_1.default)({ name: sqlName, resourceId: sqlServer.id, dependsOn: sqlServer });
|
|
89
96
|
}
|
|
@@ -101,10 +108,10 @@ exports.default = ({ name, auth, group, elasticPool, databases, vaultInfo, netwo
|
|
|
101
108
|
group,
|
|
102
109
|
name,
|
|
103
110
|
resourceId: sqlServer.id,
|
|
104
|
-
privateDnsZoneName:
|
|
111
|
+
privateDnsZoneName: "privatelink.database.windows.net",
|
|
105
112
|
...network.privateLink,
|
|
106
113
|
subnetId: network.subnetId,
|
|
107
|
-
linkServiceGroupIds: [
|
|
114
|
+
linkServiceGroupIds: ["sqlServer"],
|
|
108
115
|
});
|
|
109
116
|
}
|
|
110
117
|
else {
|
|
@@ -120,16 +127,16 @@ exports.default = ({ name, auth, group, elasticPool, databases, vaultInfo, netwo
|
|
|
120
127
|
}
|
|
121
128
|
//Allow Public Ip Accessing
|
|
122
129
|
if (network?.acceptAllInternetConnect) {
|
|
123
|
-
new sql.FirewallRule(
|
|
124
|
-
firewallRuleName:
|
|
130
|
+
new sql.FirewallRule("accept-all-connection", {
|
|
131
|
+
firewallRuleName: "accept-all-connection",
|
|
125
132
|
serverName: sqlServer.name,
|
|
126
133
|
...group,
|
|
127
|
-
startIpAddress:
|
|
128
|
-
endIpAddress:
|
|
134
|
+
startIpAddress: "0.0.0.0",
|
|
135
|
+
endIpAddress: "255.255.255.255",
|
|
129
136
|
});
|
|
130
137
|
}
|
|
131
138
|
else if (network?.ipAddresses) {
|
|
132
|
-
(0, pulumi_1.all)(network.ipAddresses).apply((ips) => (0,
|
|
139
|
+
(0, pulumi_1.all)(network.ipAddresses).apply((ips) => (0, Helper_2.convertToIpRange)(ips).map((ip, i) => {
|
|
133
140
|
const n = `${sqlName}-fwRule-${i}`;
|
|
134
141
|
return new sql.FirewallRule(n, {
|
|
135
142
|
firewallRuleName: n,
|
|
@@ -145,28 +152,28 @@ exports.default = ({ name, auth, group, elasticPool, databases, vaultInfo, netwo
|
|
|
145
152
|
if (vulnerabilityAssessment.logStorageId) {
|
|
146
153
|
(0, RoleAssignment_1.roleAssignment)({
|
|
147
154
|
name,
|
|
148
|
-
principalId: sqlServer.identity.apply((i) => i?.principalId ||
|
|
149
|
-
principalType:
|
|
150
|
-
roleName:
|
|
155
|
+
principalId: sqlServer.identity.apply((i) => i?.principalId || ""),
|
|
156
|
+
principalType: "ServicePrincipal",
|
|
157
|
+
roleName: "Storage Blob Data Contributor",
|
|
151
158
|
scope: vulnerabilityAssessment.logStorageId,
|
|
152
159
|
});
|
|
153
160
|
}
|
|
154
161
|
//Server Audit
|
|
155
162
|
new sql.ExtendedServerBlobAuditingPolicy(name, {
|
|
156
163
|
auditActionsAndGroups: [
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
164
|
+
"SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP",
|
|
165
|
+
"FAILED_DATABASE_AUTHENTICATION_GROUP",
|
|
166
|
+
"BATCH_COMPLETED_GROUP",
|
|
160
167
|
],
|
|
161
168
|
serverName: sqlServer.name,
|
|
162
169
|
...group,
|
|
163
|
-
blobAuditingPolicyName:
|
|
170
|
+
blobAuditingPolicyName: "default",
|
|
164
171
|
isAzureMonitorTargetEnabled: true,
|
|
165
172
|
isStorageSecondaryKeyInUse: false,
|
|
166
173
|
predicateExpression: "object_name = 'SensitiveData'",
|
|
167
174
|
queueDelayMs: 4000,
|
|
168
175
|
retentionDays: AzureEnv_1.isPrd ? 30 : 6,
|
|
169
|
-
state:
|
|
176
|
+
state: "Enabled",
|
|
170
177
|
isDevopsAuditEnabled: true,
|
|
171
178
|
storageAccountAccessKey: vulnerabilityAssessment.storageAccessKey,
|
|
172
179
|
storageAccountSubscriptionId: AzureEnv_1.subscriptionId,
|
|
@@ -182,7 +189,7 @@ exports.default = ({ name, auth, group, elasticPool, databases, vaultInfo, netwo
|
|
|
182
189
|
retentionDays: 7,
|
|
183
190
|
storageAccountAccessKey: vulnerabilityAssessment.storageAccessKey,
|
|
184
191
|
storageEndpoint: vulnerabilityAssessment.storageEndpoint,
|
|
185
|
-
state:
|
|
192
|
+
state: "Enabled",
|
|
186
193
|
});
|
|
187
194
|
//ServerVulnerabilityAssessment
|
|
188
195
|
new sql.ServerVulnerabilityAssessment(name, {
|
|
@@ -198,31 +205,56 @@ exports.default = ({ name, auth, group, elasticPool, databases, vaultInfo, netwo
|
|
|
198
205
|
storageAccountAccessKey: vulnerabilityAssessment.storageAccessKey,
|
|
199
206
|
});
|
|
200
207
|
}
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
contentType: `Sql ${d.name} Connection String`,
|
|
220
|
-
dependsOn: d.resource,
|
|
221
|
-
});
|
|
222
|
-
}
|
|
223
|
-
return d;
|
|
224
|
-
});
|
|
208
|
+
if (encryptKey) {
|
|
209
|
+
// Enable a server key in the SQL Server with reference to the Key Vault Key
|
|
210
|
+
const keyName = encryptKey.apply((c) => `${vaultInfo.name}_${c.name}_${c.properties.version}`);
|
|
211
|
+
const serverKey = new sql.ServerKey(`${sqlName}-serverKey`, {
|
|
212
|
+
resourceGroupName: group.resourceGroupName,
|
|
213
|
+
serverName: sqlName,
|
|
214
|
+
serverKeyType: "AzureKeyVault",
|
|
215
|
+
keyName,
|
|
216
|
+
uri: encryptKey.apply((c) => `https://${vaultInfo.name}.vault.azure.net/keys/${c.name}/${c.properties.version}`),
|
|
217
|
+
}, { ignoreChanges: ["keyName", "uri"] });
|
|
218
|
+
new sql.EncryptionProtector(`${sqlName}-encryptionProtector`, {
|
|
219
|
+
encryptionProtectorName: "current",
|
|
220
|
+
resourceGroupName: group.resourceGroupName,
|
|
221
|
+
serverName: sqlName,
|
|
222
|
+
serverKeyType: "AzureKeyVault",
|
|
223
|
+
serverKeyName: keyName,
|
|
224
|
+
autoRotationEnabled: true,
|
|
225
|
+
}, { dependsOn: serverKey });
|
|
225
226
|
}
|
|
227
|
+
const dbs = databases?.map((db) => {
|
|
228
|
+
const d = (0, SqlDb_1.default)({
|
|
229
|
+
...db,
|
|
230
|
+
group,
|
|
231
|
+
sqlServerName: sqlName,
|
|
232
|
+
dependsOn: sqlServer,
|
|
233
|
+
elasticPoolId: ep ? ep.resource.id : undefined,
|
|
234
|
+
});
|
|
235
|
+
// if (encryptKey) {
|
|
236
|
+
// //Enable TransparentDataEncryption for each database
|
|
237
|
+
// new sql.TransparentDataEncryption(`${sqlName}-${db.name}`, {
|
|
238
|
+
// serverName: sqlName,
|
|
239
|
+
// databaseName: d.name,
|
|
240
|
+
// resourceGroupName: group.resourceGroupName,
|
|
241
|
+
// state: "Enabled",
|
|
242
|
+
// });
|
|
243
|
+
// }
|
|
244
|
+
if (vaultInfo) {
|
|
245
|
+
const connectionString = auth?.adminLogin
|
|
246
|
+
? (0, pulumi_1.interpolate) `Data Source=${sqlName}.database.windows.net;Initial Catalog=${d.name};User Id=${auth.adminLogin};Password=${auth.password};MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=120;`
|
|
247
|
+
: (0, pulumi_1.interpolate) `Data Source=${sqlName}.database.windows.net;Initial Catalog=${d.name};Authentication=Active Directory Integrated;;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=120;`;
|
|
248
|
+
(0, CustomHelper_1.addCustomSecret)({
|
|
249
|
+
name: d.name,
|
|
250
|
+
value: connectionString,
|
|
251
|
+
vaultInfo,
|
|
252
|
+
contentType: `Sql ${d.name} Connection String`,
|
|
253
|
+
dependsOn: d.resource,
|
|
254
|
+
});
|
|
255
|
+
}
|
|
256
|
+
return d;
|
|
257
|
+
});
|
|
226
258
|
return {
|
|
227
259
|
name: sqlName,
|
|
228
260
|
resource: sqlServer,
|
|
@@ -231,4 +263,4 @@ exports.default = ({ name, auth, group, elasticPool, databases, vaultInfo, netwo
|
|
|
231
263
|
adminGroup,
|
|
232
264
|
};
|
|
233
265
|
};
|
|
234
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvU3FsL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsZ0RBQWdEO0FBQ2hELDJDQUFpRTtBQUdqRSx5Q0FBMkM7QUFDM0MsMkRBQXdEO0FBQ3hELGlEQUs0QjtBQUM1Qiw2Q0FBd0U7QUFDeEUsMkNBQW9DO0FBT3BDLDJDQUFrRDtBQUNsRCw2REFBNkQ7QUFDN0QsbUNBQW1EO0FBQ25ELDJEQUEyRDtBQUMzRCx1Q0FBZ0M7QUFZaEMsTUFBTSxpQkFBaUIsR0FBRyxDQUFDLEVBQ3pCLEtBQUssRUFDTCxJQUFJLEVBQ0osT0FBTztBQUNQLGtCQUFrQjtBQUNsQixjQUFjLEdBQUcsRUFBRSxFQUNuQixHQUFHLEdBQUcsRUFBRSxJQUFJLEVBQUUsZ0JBQUssQ0FBQyxDQUFDLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLEVBQUUsRUFBRSxFQUMxRCxJQUFJLEdBQUcsSUFBSSxHQUNNLEVBQTZDLEVBQUU7SUFDaEUsb0JBQW9CO0lBQ3BCLE1BQU0sV0FBVyxHQUFHLElBQUEsMkJBQWtCLEVBQUMsSUFBSSxDQUFDLENBQUM7SUFFN0MsTUFBTSxFQUFFLEdBQUcsSUFBSSxHQUFHLENBQUMsV0FBVyxDQUFDLFdBQVcsRUFBRTtRQUMxQyxlQUFlLEVBQUUsV0FBVztRQUM1QixVQUFVLEVBQUUsT0FBTztRQUNuQixHQUFHLEtBQUs7UUFFUixZQUFZLEVBQUUsZ0JBQUssQ0FBQyxDQUFDLENBQUMsY0FBYyxHQUFHLElBQUksR0FBRyxJQUFJLEdBQUcsSUFBSSxDQUFDLENBQUMsQ0FBQyxTQUFTO1FBQ3JFLEdBQUcsRUFBRTtZQUNILElBQUksRUFBRSxHQUFHLEdBQUcsQ0FBQyxJQUFJLE1BQU07WUFDdkIsSUFBSSxFQUFFLEdBQUcsQ0FBQyxJQUFJO1lBQ2QsUUFBUSxFQUFFLEdBQUcsQ0FBQyxRQUFRO1NBQ3ZCO1FBQ0QsbUJBQW1CLEVBQUU7WUFDbkIsV0FBVyxFQUFFLENBQUM7WUFDZCxXQUFXLEVBQUUsR0FBRyxDQUFDLElBQUksS0FBSyxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDLFFBQVE7U0FDckQ7UUFFRCxvREFBb0Q7UUFDcEQsdUJBQXVCO0tBQ3hCLENBQUMsQ0FBQztJQUVILElBQUksSUFBSSxFQUFFLENBQUM7UUFDVCxJQUFBLGdCQUFNLEVBQUMsRUFBRSxJQUFJLEVBQUUsVUFBVSxFQUFFLEVBQUUsQ0FBQyxFQUFFLEVBQUUsU0FBUyxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDckQsQ0FBQztJQUVELE9BQU8sRUFBRSxJQUFJLEVBQUUsV0FBVyxFQUFFLFFBQVEsRUFBRSxFQUFFLEVBQUUsQ0FBQztBQUM3QyxDQUFDLENBQUM7QUEwQ0Ysa0JBQWUsQ0FBQyxFQUNkLElBQUksRUFDSixJQUFJLEVBQ0osS0FBSyxFQUVMLFdBQVcsRUFDWCxTQUFTLEVBQ1QsU0FBUyxFQUVULE9BQU8sRUFDUCx1QkFBdUIsRUFDdkIsSUFBSSxHQUFHLElBQUksR0FDTCxFQUFFLEVBQUU7SUFDVixNQUFNLE9BQU8sR0FBRyxJQUFBLHlCQUFnQixFQUFDLElBQUksQ0FBQyxDQUFDO0lBRXZDLDRCQUE0QjtJQUM1Qiw4RUFBOEU7SUFDOUUsYUFBYTtJQUNiLG1DQUFtQztJQUNuQyxrQ0FBa0M7SUFDbEMsZ0NBQWdDO0lBQ2hDLE9BQU87SUFDUCxJQUFJO0lBRUosTUFBTSxVQUFVLEdBQUcsSUFBSSxFQUFFLHFCQUFxQjtRQUM1QyxDQUFDLENBQUMsSUFBSSxDQUFDLFlBQVk7WUFDakIsQ0FBQyxDQUFDLElBQUEsa0JBQVUsRUFBQyxJQUFJLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQztZQUNyQyxDQUFDLENBQUMsSUFBQSxjQUFJLEVBQUMsRUFBRSxHQUFHLEVBQUUscUJBQVUsRUFBRSxRQUFRLEVBQUUsT0FBTyxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsQ0FBQztRQUNoRSxDQUFDLENBQUMsU0FBUyxDQUFDO0lBRWQsTUFBTSxhQUFhLEdBQUcsQ0FBQyxvQkFBb0IsRUFBRSxnQkFBZ0IsQ0FBQyxDQUFDO0lBQy9ELElBQUksSUFBSSxDQUFDLHlCQUF5QjtRQUNoQyxhQUFhLENBQUMsSUFBSSxDQUFDLDRCQUE0QixDQUFDLENBQUM7SUFFbkQsTUFBTSxTQUFTLEdBQUcsSUFBSSxHQUFHLENBQUMsTUFBTSxDQUM5QixPQUFPLEVBQ1A7UUFDRSxVQUFVLEVBQUUsT0FBTztRQUNuQixHQUFHLEtBQUs7UUFDUixPQUFPLEVBQUUsTUFBTTtRQUNmLGlCQUFpQixFQUFFLEtBQUs7UUFFeEIsUUFBUSxFQUFFLEVBQUUsSUFBSSxFQUFFLGdCQUFnQixFQUFFO1FBQ3BDLGtCQUFrQixFQUFFLElBQUksRUFBRSxVQUFVO1FBQ3BDLDBCQUEwQixFQUFFLElBQUksQ0FBQyx5QkFBeUI7WUFDeEQsQ0FBQyxDQUFDLFNBQVM7WUFDWCxDQUFDLENBQUMsSUFBSSxFQUFFLFFBQVE7UUFFbEIsY0FBYyxFQUNaLElBQUksRUFBRSxxQkFBcUIsSUFBSSxVQUFVO1lBQ3ZDLENBQUMsQ0FBQztnQkFDRSxpQkFBaUIsRUFBRSxHQUFHLENBQUMsaUJBQWlCLENBQUMsZUFBZTtnQkFDeEQseUJBQXlCLEVBQUUsSUFBSSxDQUFDLHlCQUF5QjtnQkFFekQsYUFBYSxFQUFFLEdBQUcsQ0FBQyxhQUFhLENBQUMsS0FBSztnQkFDdEMsUUFBUSxFQUFSLG1CQUFRO2dCQUNSLEdBQUcsRUFBRSxVQUFVLENBQUMsUUFBUTtnQkFDeEIsS0FBSyxFQUFFLFVBQVUsQ0FBQyxXQUFXO2FBQzlCO1lBQ0gsQ0FBQyxDQUFDLFNBQVM7UUFFZixtQkFBbUIsRUFBRSxPQUFPLEVBQUUsV0FBVztZQUN2QyxDQUFDLENBQUMsR0FBRyxDQUFDLHVCQUF1QixDQUFDLFFBQVE7WUFDdEMsQ0FBQyxDQUFDLEdBQUcsQ0FBQyx1QkFBdUIsQ0FBQyxPQUFPO0tBRXhDLEVBQ0Q7UUFDRSxhQUFhO1FBQ2IsT0FBTyxFQUFFLElBQUk7S0FDZCxDQUNGLENBQUM7SUFFRixJQUFJLElBQUksRUFBRSxDQUFDO1FBQ1QsSUFBQSxnQkFBTSxFQUFDLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRSxVQUFVLEVBQUUsU0FBUyxDQUFDLEVBQUUsRUFBRSxTQUFTLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQztJQUM1RSxDQUFDO0lBRUQsTUFBTSxFQUFFLEdBQUcsV0FBVztRQUNwQixDQUFDLENBQUMsaUJBQWlCLENBQUM7WUFDaEIsSUFBSTtZQUNKLEtBQUs7WUFDTCxPQUFPLEVBQUUsU0FBUyxDQUFDLElBQUk7WUFDdkIsR0FBRyxFQUFFLFdBQVc7U0FDakIsQ0FBQztRQUNKLENBQUMsQ0FBQyxTQUFTLENBQUM7SUFFZCxJQUFJLE9BQU8sRUFBRSxRQUFRLEVBQUUsQ0FBQztRQUN0QixJQUFJLE9BQU8sQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUN4QixJQUFBLHlCQUFzQixFQUFDO2dCQUNyQixLQUFLO2dCQUNMLElBQUk7Z0JBQ0osVUFBVSxFQUFFLFNBQVMsQ0FBQyxFQUFFO2dCQUN4QixrQkFBa0IsRUFBRSxrQ0FBa0M7Z0JBQ3RELEdBQUcsT0FBTyxDQUFDLFdBQVc7Z0JBQ3RCLFFBQVEsRUFBRSxPQUFPLENBQUMsUUFBUTtnQkFDMUIsbUJBQW1CLEVBQUUsQ0FBQyxXQUFXLENBQUM7YUFDbkMsQ0FBQyxDQUFDO1FBQ0wsQ0FBQzthQUFNLENBQUM7WUFDTixjQUFjO1lBQ2QsSUFBSSxHQUFHLENBQUMsa0JBQWtCLENBQUMsT0FBTyxFQUFFO2dCQUNsQyxzQkFBc0IsRUFBRSxHQUFHLE9BQU8sV0FBVztnQkFDN0MsVUFBVSxFQUFFLFNBQVMsQ0FBQyxJQUFJO2dCQUMxQixHQUFHLEtBQUs7Z0JBRVIsc0JBQXNCLEVBQUUsT0FBTyxDQUFDLFFBQVE7Z0JBQ3hDLGdDQUFnQyxFQUFFLEtBQUs7YUFDeEMsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztJQUNILENBQUM7SUFFRCwyQkFBMkI7SUFDM0IsSUFBSSxPQUFPLEVBQUUsd0JBQXdCLEVBQUUsQ0FBQztRQUN0QyxJQUFJLEdBQUcsQ0FBQyxZQUFZLENBQUMsdUJBQXVCLEVBQUU7WUFDNUMsZ0JBQWdCLEVBQUUsdUJBQXVCO1lBQ3pDLFVBQVUsRUFBRSxTQUFTLENBQUMsSUFBSTtZQUMxQixHQUFHLEtBQUs7WUFDUixjQUFjLEVBQUUsU0FBUztZQUN6QixZQUFZLEVBQUUsaUJBQWlCO1NBQ2hDLENBQUMsQ0FBQztJQUNMLENBQUM7U0FBTSxJQUFJLE9BQU8sRUFBRSxXQUFXLEVBQUUsQ0FBQztRQUNoQyxJQUFBLFlBQUcsRUFBQyxPQUFPLENBQUMsV0FBVyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FDckMsSUFBQSx5QkFBZ0IsRUFBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxFQUFFLEVBQUU7WUFDbEMsTUFBTSxDQUFDLEdBQUcsR0FBRyxPQUFPLFdBQVcsQ0FBQyxFQUFFLENBQUM7WUFFbkMsT0FBTyxJQUFJLEdBQUcsQ0FBQyxZQUFZLENBQUMsQ0FBQyxFQUFFO2dCQUM3QixnQkFBZ0IsRUFBRSxDQUFDO2dCQUNuQixVQUFVLEVBQUUsU0FBUyxDQUFDLElBQUk7Z0JBQzFCLEdBQUcsS0FBSztnQkFDUixjQUFjLEVBQUUsRUFBRSxDQUFDLEtBQUs7Z0JBQ3hCLFlBQVksRUFBRSxFQUFFLENBQUMsR0FBRzthQUNyQixDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FDSCxDQUFDO0lBQ0osQ0FBQztJQUVELElBQUksdUJBQXVCLEVBQUUsQ0FBQztRQUM1QiwwQkFBMEI7UUFDMUIsSUFBSSx1QkFBdUIsQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUN6QyxJQUFBLCtCQUFjLEVBQUM7Z0JBQ2IsSUFBSTtnQkFDSixXQUFXLEVBQUUsU0FBUyxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsRUFBRSxXQUFXLElBQUksRUFBRSxDQUFDO2dCQUNsRSxhQUFhLEVBQUUsa0JBQWtCO2dCQUNqQyxRQUFRLEVBQUUsK0JBQStCO2dCQUN6QyxLQUFLLEVBQUUsdUJBQXVCLENBQUMsWUFBWTthQUM1QyxDQUFDLENBQUM7UUFDTCxDQUFDO1FBRUQsY0FBYztRQUNkLElBQUksR0FBRyxDQUFDLGdDQUFnQyxDQUFDLElBQUksRUFBRTtZQUM3QyxxQkFBcUIsRUFBRTtnQkFDckIsMENBQTBDO2dCQUMxQyxzQ0FBc0M7Z0JBQ3RDLHVCQUF1QjthQUN4QjtZQUNELFVBQVUsRUFBRSxTQUFTLENBQUMsSUFBSTtZQUMxQixHQUFHLEtBQUs7WUFFUixzQkFBc0IsRUFBRSxTQUFTO1lBQ2pDLDJCQUEyQixFQUFFLElBQUk7WUFDakMsMEJBQTBCLEVBQUUsS0FBSztZQUNqQyxtQkFBbUIsRUFBRSwrQkFBK0I7WUFDcEQsWUFBWSxFQUFFLElBQUk7WUFDbEIsYUFBYSxFQUFFLGdCQUFLLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUM3QixLQUFLLEVBQUUsU0FBUztZQUNoQixvQkFBb0IsRUFBRSxJQUFJO1lBRTFCLHVCQUF1QixFQUFFLHVCQUF1QixDQUFDLGdCQUFnQjtZQUNqRSw0QkFBNEIsRUFBRSx5QkFBYztZQUM1QyxlQUFlLEVBQUUsdUJBQXVCLENBQUMsZUFBZTtTQUN6RCxDQUFDLENBQUM7UUFFSCwyQkFBMkI7UUFDM0IsSUFBSSxHQUFHLENBQUMseUJBQXlCLENBQUMsSUFBSSxFQUFFO1lBQ3RDLHVCQUF1QixFQUFFLElBQUk7WUFDN0IsR0FBRyxLQUFLO1lBQ1IsVUFBVSxFQUFFLFNBQVMsQ0FBQyxJQUFJO1lBQzFCLGtCQUFrQixFQUFFLENBQUMsdUJBQXVCLENBQUMsV0FBVztZQUN4RCxjQUFjLEVBQUUsdUJBQXVCLENBQUMsV0FBVztZQUVuRCxhQUFhLEVBQUUsQ0FBQztZQUVoQix1QkFBdUIsRUFBRSx1QkFBdUIsQ0FBQyxnQkFBZ0I7WUFDakUsZUFBZSxFQUFFLHVCQUF1QixDQUFDLGVBQWU7WUFDeEQsS0FBSyxFQUFFLFNBQVM7U0FDakIsQ0FBQyxDQUFDO1FBRUgsK0JBQStCO1FBQy9CLElBQUksR0FBRyxDQUFDLDZCQUE2QixDQUFDLElBQUksRUFBRTtZQUMxQywyQkFBMkIsRUFBRSxJQUFJO1lBQ2pDLEdBQUcsS0FBSztZQUNSLFVBQVUsRUFBRSxTQUFTLENBQUMsSUFBSTtZQUUxQixjQUFjLEVBQUU7Z0JBQ2QsU0FBUyxFQUFFLElBQUk7Z0JBQ2YsdUJBQXVCLEVBQUUsQ0FBQyx1QkFBdUIsQ0FBQyxXQUFXO2dCQUM3RCxNQUFNLEVBQUUsdUJBQXVCLENBQUMsV0FBVzthQUM1QztZQUVELG9CQUFvQixFQUFFLElBQUEsb0JBQVcsRUFBQSxHQUFHLHVCQUF1QixDQUFDLGVBQWUsSUFBSSxPQUFPLEVBQUU7WUFDeEYsdUJBQXVCLEVBQUUsdUJBQXVCLENBQUMsZ0JBQWdCO1NBQ2xFLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxJQUFJLEdBQThELENBQUM7SUFDbkUsSUFBSSxTQUFTLEVBQUUsQ0FBQztRQUNkLEdBQUcsR0FBRyxTQUFTLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUU7WUFDekIsTUFBTSxDQUFDLEdBQUcsSUFBQSxlQUFZLEVBQUM7Z0JBQ3JCLEdBQUcsRUFBRTtnQkFDTCxLQUFLO2dCQUNMLGFBQWEsRUFBRSxPQUFPO2dCQUN0QixTQUFTLEVBQUUsU0FBUztnQkFDcEIsYUFBYSxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLFNBQVM7YUFDL0MsQ0FBQyxDQUFDO1lBRUgsSUFBSSxTQUFTLEVBQUUsQ0FBQztnQkFDZCxNQUFNLGdCQUFnQixHQUFHLElBQUksRUFBRSxVQUFVO29CQUN2QyxDQUFDLENBQUMsSUFBQSxvQkFBVyxFQUFBLGVBQWUsT0FBTyx5Q0FBeUMsQ0FBQyxDQUFDLElBQUksWUFBWSxJQUFJLENBQUMsVUFBVSxhQUFhLElBQUksQ0FBQyxRQUFRLG1HQUFtRztvQkFDMU8sQ0FBQyxDQUFDLElBQUEsb0JBQVcsRUFBQSxlQUFlLE9BQU8seUNBQXlDLENBQUMsQ0FBQyxJQUFJLCtJQUErSSxDQUFDO2dCQUVwTyxJQUFBLDhCQUFlLEVBQUM7b0JBQ2QsSUFBSSxFQUFFLENBQUMsQ0FBQyxJQUFJO29CQUNaLEtBQUssRUFBRSxnQkFBZ0I7b0JBQ3ZCLFNBQVM7b0JBQ1QsV0FBVyxFQUFFLE9BQU8sQ0FBQyxDQUFDLElBQUksb0JBQW9CO29CQUM5QyxTQUFTLEVBQUUsQ0FBQyxDQUFDLFFBQVE7aUJBRXRCLENBQUMsQ0FBQztZQUNMLENBQUM7WUFFRCxPQUFPLENBQUMsQ0FBQztRQUNYLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELE9BQU87UUFDTCxJQUFJLEVBQUUsT0FBTztRQUNiLFFBQVEsRUFBRSxTQUFTO1FBQ25CLFdBQVcsRUFBRSxFQUFFO1FBQ2YsU0FBUyxFQUFFLEdBQUc7UUFDZCxVQUFVO0tBQ1gsQ0FBQztBQUNKLENBQUMsQ0FBQyJ9
|
|
266
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvU3FsL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsZ0RBQWdEO0FBQ2hELDJDQUFpRTtBQUNqRSwrQ0FBc0Q7QUFFdEQseUNBQTJDO0FBQzNDLDJEQUF3RDtBQUN4RCxpREFLNEI7QUFDNUIsNkNBQXdFO0FBQ3hFLDJDQUFvQztBQU9wQywyQ0FBa0Q7QUFDbEQsNkRBQTZEO0FBQzdELG1DQUFtRDtBQUNuRCwyREFBMkQ7QUFDM0QsdUNBQWdDO0FBQ2hDLG1FQUEwRTtBQVkxRSxNQUFNLGlCQUFpQixHQUFHLENBQUMsRUFDekIsS0FBSyxFQUNMLElBQUksRUFDSixPQUFPO0FBQ1Asa0JBQWtCO0FBQ2xCLGNBQWMsR0FBRyxFQUFFLEVBQ25CLEdBQUcsR0FBRyxFQUFFLElBQUksRUFBRSxnQkFBSyxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxRQUFRLEVBQUUsRUFBRSxFQUFFLEVBQzFELElBQUksR0FBRyxJQUFJLEdBQ00sRUFBNkMsRUFBRTtJQUNoRSxvQkFBb0I7SUFDcEIsTUFBTSxXQUFXLEdBQUcsSUFBQSwyQkFBa0IsRUFBQyxJQUFJLENBQUMsQ0FBQztJQUU3QyxNQUFNLEVBQUUsR0FBRyxJQUFJLEdBQUcsQ0FBQyxXQUFXLENBQUMsV0FBVyxFQUFFO1FBQzFDLGVBQWUsRUFBRSxXQUFXO1FBQzVCLFVBQVUsRUFBRSxPQUFPO1FBQ25CLEdBQUcsS0FBSztRQUVSLFlBQVksRUFBRSxnQkFBSyxDQUFDLENBQUMsQ0FBQyxjQUFjLEdBQUcsSUFBSSxHQUFHLElBQUksR0FBRyxJQUFJLENBQUMsQ0FBQyxDQUFDLFNBQVM7UUFDckUsR0FBRyxFQUFFO1lBQ0gsSUFBSSxFQUFFLEdBQUcsR0FBRyxDQUFDLElBQUksTUFBTTtZQUN2QixJQUFJLEVBQUUsR0FBRyxDQUFDLElBQUk7WUFDZCxRQUFRLEVBQUUsR0FBRyxDQUFDLFFBQVE7U0FDdkI7UUFDRCxtQkFBbUIsRUFBRTtZQUNuQixXQUFXLEVBQUUsQ0FBQztZQUNkLFdBQVcsRUFBRSxHQUFHLENBQUMsSUFBSSxLQUFLLE9BQU8sQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUMsUUFBUTtTQUNyRDtRQUNELGFBQWEsRUFBRSxnQkFBSztRQUNwQixvREFBb0Q7UUFDcEQsdUJBQXVCO0tBQ3hCLENBQUMsQ0FBQztJQUVILElBQUksSUFBSSxFQUFFLENBQUM7UUFDVCxJQUFBLGdCQUFNLEVBQUMsRUFBRSxJQUFJLEVBQUUsVUFBVSxFQUFFLEVBQUUsQ0FBQyxFQUFFLEVBQUUsU0FBUyxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDckQsQ0FBQztJQUVELE9BQU8sRUFBRSxJQUFJLEVBQUUsV0FBVyxFQUFFLFFBQVEsRUFBRSxFQUFFLEVBQUUsQ0FBQztBQUM3QyxDQUFDLENBQUM7QUEyQ0Ysa0JBQWUsQ0FBQyxFQUNkLElBQUksRUFDSixJQUFJLEVBQ0osS0FBSyxFQUNMLGdCQUFnQixFQUNoQixXQUFXLEVBQ1gsU0FBUyxFQUNULFNBQVMsRUFFVCxPQUFPLEVBQ1AsdUJBQXVCLEVBQ3ZCLElBQUksR0FBRyxJQUFJLEdBQ0wsRUFBRSxFQUFFO0lBQ1YsTUFBTSxPQUFPLEdBQUcsSUFBQSx5QkFBZ0IsRUFBQyxJQUFJLENBQUMsQ0FBQztJQUN2QyxNQUFNLFVBQVUsR0FBRyxnQkFBZ0I7UUFDakMsQ0FBQyxDQUFDLElBQUEseUJBQWdCLEVBQUMsSUFBSSxFQUFFLFNBQVMsQ0FBQztRQUNuQyxDQUFDLENBQUMsU0FBUyxDQUFDO0lBQ2QsNEJBQTRCO0lBQzVCLDhFQUE4RTtJQUM5RSxhQUFhO0lBQ2IsbUNBQW1DO0lBQ25DLGtDQUFrQztJQUNsQyxnQ0FBZ0M7SUFDaEMsT0FBTztJQUNQLElBQUk7SUFFSixNQUFNLFVBQVUsR0FDZCxJQUFJLEVBQUUscUJBQXFCLElBQUksSUFBSSxDQUFDLHlCQUF5QjtRQUMzRCxDQUFDLENBQUMsSUFBSSxDQUFDLFlBQVk7WUFDakIsQ0FBQyxDQUFDLElBQUEsa0JBQVUsRUFBQyxJQUFJLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQztZQUNyQyxDQUFDLENBQUMsSUFBQSxjQUFJLEVBQUMsRUFBRSxHQUFHLEVBQUUscUJBQVUsRUFBRSxRQUFRLEVBQUUsT0FBTyxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsQ0FBQztRQUNoRSxDQUFDLENBQUMsU0FBUyxDQUFDO0lBRWhCLE1BQU0sYUFBYSxHQUFHLENBQUMsb0JBQW9CLEVBQUUsZ0JBQWdCLENBQUMsQ0FBQztJQUMvRCxJQUFJLElBQUksQ0FBQyx5QkFBeUI7UUFDaEMsYUFBYSxDQUFDLElBQUksQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDO0lBRW5ELE1BQU0sU0FBUyxHQUFHLElBQUksR0FBRyxDQUFDLE1BQU0sQ0FDOUIsT0FBTyxFQUNQO1FBQ0UsVUFBVSxFQUFFLE9BQU87UUFDbkIsR0FBRyxLQUFLO1FBQ1IsT0FBTyxFQUFFLE1BQU07UUFDZixpQkFBaUIsRUFBRSxLQUFLO1FBRXhCLFFBQVEsRUFBRSxFQUFFLElBQUksRUFBRSxnQkFBZ0IsRUFBRTtRQUNwQyxrQkFBa0IsRUFBRSxJQUFJLEVBQUUsVUFBVTtRQUNwQywwQkFBMEIsRUFBRSxJQUFJLEVBQUUsUUFBUTtRQUUxQyxjQUFjLEVBQ1osQ0FBQyxJQUFJLEVBQUUscUJBQXFCLElBQUksSUFBSSxDQUFDLHlCQUF5QixDQUFDO1lBQy9ELFVBQVU7WUFDUixDQUFDLENBQUM7Z0JBQ0UsaUJBQWlCLEVBQUUsR0FBRyxDQUFDLGlCQUFpQixDQUFDLGVBQWU7Z0JBQ3hELHlCQUF5QixFQUFFLElBQUksQ0FBQyx5QkFBeUI7Z0JBRXpELGFBQWEsRUFBRSxHQUFHLENBQUMsYUFBYSxDQUFDLEtBQUs7Z0JBQ3RDLFFBQVEsRUFBUixtQkFBUTtnQkFDUixHQUFHLEVBQUUsVUFBVSxDQUFDLFFBQVE7Z0JBQ3hCLEtBQUssRUFBRSxVQUFVLENBQUMsV0FBVzthQUM5QjtZQUNILENBQUMsQ0FBQyxTQUFTO1FBRWYsbUJBQW1CLEVBQUUsT0FBTyxFQUFFLFdBQVc7WUFDdkMsQ0FBQyxDQUFDLEdBQUcsQ0FBQyx1QkFBdUIsQ0FBQyxRQUFRO1lBQ3RDLENBQUMsQ0FBQyxHQUFHLENBQUMsdUJBQXVCLENBQUMsT0FBTztLQUN4QyxFQUNEO1FBQ0UsYUFBYTtRQUNiLE9BQU8sRUFBRSxJQUFJO0tBQ2QsQ0FDRixDQUFDO0lBRUYsMEJBQTBCO0lBQzFCLElBQUEsNkNBQTBCLEVBQUMsRUFBRSxJQUFJLEVBQUUsUUFBUSxFQUFFLFNBQVMsQ0FBQyxRQUFRLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQztJQUU5RSxJQUFJLElBQUksRUFBRSxDQUFDO1FBQ1QsSUFBQSxnQkFBTSxFQUFDLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRSxVQUFVLEVBQUUsU0FBUyxDQUFDLEVBQUUsRUFBRSxTQUFTLEVBQUUsU0FBUyxFQUFFLENBQUMsQ0FBQztJQUM1RSxDQUFDO0lBRUQsTUFBTSxFQUFFLEdBQUcsV0FBVztRQUNwQixDQUFDLENBQUMsaUJBQWlCLENBQUM7WUFDaEIsSUFBSTtZQUNKLEtBQUs7WUFDTCxPQUFPLEVBQUUsU0FBUyxDQUFDLElBQUk7WUFDdkIsR0FBRyxFQUFFLFdBQVc7U0FDakIsQ0FBQztRQUNKLENBQUMsQ0FBQyxTQUFTLENBQUM7SUFFZCxJQUFJLE9BQU8sRUFBRSxRQUFRLEVBQUUsQ0FBQztRQUN0QixJQUFJLE9BQU8sQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUN4QixJQUFBLHlCQUFzQixFQUFDO2dCQUNyQixLQUFLO2dCQUNMLElBQUk7Z0JBQ0osVUFBVSxFQUFFLFNBQVMsQ0FBQyxFQUFFO2dCQUN4QixrQkFBa0IsRUFBRSxrQ0FBa0M7Z0JBQ3RELEdBQUcsT0FBTyxDQUFDLFdBQVc7Z0JBQ3RCLFFBQVEsRUFBRSxPQUFPLENBQUMsUUFBUTtnQkFDMUIsbUJBQW1CLEVBQUUsQ0FBQyxXQUFXLENBQUM7YUFDbkMsQ0FBQyxDQUFDO1FBQ0wsQ0FBQzthQUFNLENBQUM7WUFDTixjQUFjO1lBQ2QsSUFBSSxHQUFHLENBQUMsa0JBQWtCLENBQUMsT0FBTyxFQUFFO2dCQUNsQyxzQkFBc0IsRUFBRSxHQUFHLE9BQU8sV0FBVztnQkFDN0MsVUFBVSxFQUFFLFNBQVMsQ0FBQyxJQUFJO2dCQUMxQixHQUFHLEtBQUs7Z0JBRVIsc0JBQXNCLEVBQUUsT0FBTyxDQUFDLFFBQVE7Z0JBQ3hDLGdDQUFnQyxFQUFFLEtBQUs7YUFDeEMsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztJQUNILENBQUM7SUFFRCwyQkFBMkI7SUFDM0IsSUFBSSxPQUFPLEVBQUUsd0JBQXdCLEVBQUUsQ0FBQztRQUN0QyxJQUFJLEdBQUcsQ0FBQyxZQUFZLENBQUMsdUJBQXVCLEVBQUU7WUFDNUMsZ0JBQWdCLEVBQUUsdUJBQXVCO1lBQ3pDLFVBQVUsRUFBRSxTQUFTLENBQUMsSUFBSTtZQUMxQixHQUFHLEtBQUs7WUFDUixjQUFjLEVBQUUsU0FBUztZQUN6QixZQUFZLEVBQUUsaUJBQWlCO1NBQ2hDLENBQUMsQ0FBQztJQUNMLENBQUM7U0FBTSxJQUFJLE9BQU8sRUFBRSxXQUFXLEVBQUUsQ0FBQztRQUNoQyxJQUFBLFlBQUcsRUFBQyxPQUFPLENBQUMsV0FBVyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FDckMsSUFBQSx5QkFBZ0IsRUFBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxFQUFFLEVBQUU7WUFDbEMsTUFBTSxDQUFDLEdBQUcsR0FBRyxPQUFPLFdBQVcsQ0FBQyxFQUFFLENBQUM7WUFFbkMsT0FBTyxJQUFJLEdBQUcsQ0FBQyxZQUFZLENBQUMsQ0FBQyxFQUFFO2dCQUM3QixnQkFBZ0IsRUFBRSxDQUFDO2dCQUNuQixVQUFVLEVBQUUsU0FBUyxDQUFDLElBQUk7Z0JBQzFCLEdBQUcsS0FBSztnQkFDUixjQUFjLEVBQUUsRUFBRSxDQUFDLEtBQUs7Z0JBQ3hCLFlBQVksRUFBRSxFQUFFLENBQUMsR0FBRzthQUNyQixDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FDSCxDQUFDO0lBQ0osQ0FBQztJQUVELElBQUksdUJBQXVCLEVBQUUsQ0FBQztRQUM1QiwwQkFBMEI7UUFDMUIsSUFBSSx1QkFBdUIsQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUN6QyxJQUFBLCtCQUFjLEVBQUM7Z0JBQ2IsSUFBSTtnQkFDSixXQUFXLEVBQUUsU0FBUyxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsRUFBRSxXQUFXLElBQUksRUFBRSxDQUFDO2dCQUNsRSxhQUFhLEVBQUUsa0JBQWtCO2dCQUNqQyxRQUFRLEVBQUUsK0JBQStCO2dCQUN6QyxLQUFLLEVBQUUsdUJBQXVCLENBQUMsWUFBWTthQUM1QyxDQUFDLENBQUM7UUFDTCxDQUFDO1FBRUQsY0FBYztRQUNkLElBQUksR0FBRyxDQUFDLGdDQUFnQyxDQUFDLElBQUksRUFBRTtZQUM3QyxxQkFBcUIsRUFBRTtnQkFDckIsMENBQTBDO2dCQUMxQyxzQ0FBc0M7Z0JBQ3RDLHVCQUF1QjthQUN4QjtZQUNELFVBQVUsRUFBRSxTQUFTLENBQUMsSUFBSTtZQUMxQixHQUFHLEtBQUs7WUFFUixzQkFBc0IsRUFBRSxTQUFTO1lBQ2pDLDJCQUEyQixFQUFFLElBQUk7WUFDakMsMEJBQTBCLEVBQUUsS0FBSztZQUNqQyxtQkFBbUIsRUFBRSwrQkFBK0I7WUFDcEQsWUFBWSxFQUFFLElBQUk7WUFDbEIsYUFBYSxFQUFFLGdCQUFLLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUM3QixLQUFLLEVBQUUsU0FBUztZQUNoQixvQkFBb0IsRUFBRSxJQUFJO1lBRTFCLHVCQUF1QixFQUFFLHVCQUF1QixDQUFDLGdCQUFnQjtZQUNqRSw0QkFBNEIsRUFBRSx5QkFBYztZQUM1QyxlQUFlLEVBQUUsdUJBQXVCLENBQUMsZUFBZTtTQUN6RCxDQUFDLENBQUM7UUFFSCwyQkFBMkI7UUFDM0IsSUFBSSxHQUFHLENBQUMseUJBQXlCLENBQUMsSUFBSSxFQUFFO1lBQ3RDLHVCQUF1QixFQUFFLElBQUk7WUFDN0IsR0FBRyxLQUFLO1lBQ1IsVUFBVSxFQUFFLFNBQVMsQ0FBQyxJQUFJO1lBQzFCLGtCQUFrQixFQUFFLENBQUMsdUJBQXVCLENBQUMsV0FBVztZQUN4RCxjQUFjLEVBQUUsdUJBQXVCLENBQUMsV0FBVztZQUVuRCxhQUFhLEVBQUUsQ0FBQztZQUVoQix1QkFBdUIsRUFBRSx1QkFBdUIsQ0FBQyxnQkFBZ0I7WUFDakUsZUFBZSxFQUFFLHVCQUF1QixDQUFDLGVBQWU7WUFDeEQsS0FBSyxFQUFFLFNBQVM7U0FDakIsQ0FBQyxDQUFDO1FBRUgsK0JBQStCO1FBQy9CLElBQUksR0FBRyxDQUFDLDZCQUE2QixDQUFDLElBQUksRUFBRTtZQUMxQywyQkFBMkIsRUFBRSxJQUFJO1lBQ2pDLEdBQUcsS0FBSztZQUNSLFVBQVUsRUFBRSxTQUFTLENBQUMsSUFBSTtZQUUxQixjQUFjLEVBQUU7Z0JBQ2QsU0FBUyxFQUFFLElBQUk7Z0JBQ2YsdUJBQXVCLEVBQUUsQ0FBQyx1QkFBdUIsQ0FBQyxXQUFXO2dCQUM3RCxNQUFNLEVBQUUsdUJBQXVCLENBQUMsV0FBVzthQUM1QztZQUVELG9CQUFvQixFQUFFLElBQUEsb0JBQVcsRUFBQSxHQUFHLHVCQUF1QixDQUFDLGVBQWUsSUFBSSxPQUFPLEVBQUU7WUFDeEYsdUJBQXVCLEVBQUUsdUJBQXVCLENBQUMsZ0JBQWdCO1NBQ2xFLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxJQUFJLFVBQVUsRUFBRSxDQUFDO1FBQ2YsNEVBQTRFO1FBQzVFLE1BQU0sT0FBTyxHQUFHLFVBQVUsQ0FBQyxLQUFLLENBQzlCLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxHQUFHLFNBQVMsQ0FBQyxJQUFJLElBQUksQ0FBRSxDQUFDLElBQUksSUFBSSxDQUFFLENBQUMsVUFBVSxDQUFDLE9BQU8sRUFBRSxDQUMvRCxDQUFDO1FBRUYsTUFBTSxTQUFTLEdBQUcsSUFBSSxHQUFHLENBQUMsU0FBUyxDQUNqQyxHQUFHLE9BQU8sWUFBWSxFQUN0QjtZQUNFLGlCQUFpQixFQUFFLEtBQUssQ0FBQyxpQkFBaUI7WUFDMUMsVUFBVSxFQUFFLE9BQU87WUFDbkIsYUFBYSxFQUFFLGVBQWU7WUFDOUIsT0FBTztZQUNQLEdBQUcsRUFBRSxVQUFVLENBQUMsS0FBSyxDQUNuQixDQUFDLENBQUMsRUFBRSxFQUFFLENBQ0osV0FBVyxTQUFTLENBQUMsSUFBSSx5QkFBeUIsQ0FBRSxDQUFDLElBQUksSUFBSSxDQUFFLENBQUMsVUFBVSxDQUFDLE9BQU8sRUFBRSxDQUN2RjtTQUNGLEVBQ0QsRUFBRSxhQUFhLEVBQUUsQ0FBQyxTQUFTLEVBQUUsS0FBSyxDQUFDLEVBQUUsQ0FDdEMsQ0FBQztRQUVGLElBQUksR0FBRyxDQUFDLG1CQUFtQixDQUN6QixHQUFHLE9BQU8sc0JBQXNCLEVBQ2hDO1lBQ0UsdUJBQXVCLEVBQUUsU0FBUztZQUNsQyxpQkFBaUIsRUFBRSxLQUFLLENBQUMsaUJBQWlCO1lBQzFDLFVBQVUsRUFBRSxPQUFPO1lBQ25CLGFBQWEsRUFBRSxlQUFlO1lBQzlCLGFBQWEsRUFBRSxPQUFPO1lBQ3RCLG1CQUFtQixFQUFFLElBQUk7U0FDMUIsRUFDRCxFQUFFLFNBQVMsRUFBRSxTQUFTLEVBQUUsQ0FDekIsQ0FBQztJQUNKLENBQUM7SUFFRCxNQUFNLEdBQUcsR0FBRyxTQUFTLEVBQUUsR0FBRyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUU7UUFDaEMsTUFBTSxDQUFDLEdBQUcsSUFBQSxlQUFZLEVBQUM7WUFDckIsR0FBRyxFQUFFO1lBQ0wsS0FBSztZQUNMLGFBQWEsRUFBRSxPQUFPO1lBQ3RCLFNBQVMsRUFBRSxTQUFTO1lBQ3BCLGFBQWEsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxTQUFTO1NBQy9DLENBQUMsQ0FBQztRQUVILG9CQUFvQjtRQUNwQix5REFBeUQ7UUFDekQsaUVBQWlFO1FBQ2pFLDJCQUEyQjtRQUMzQiw0QkFBNEI7UUFDNUIsa0RBQWtEO1FBQ2xELHdCQUF3QjtRQUN4QixRQUFRO1FBQ1IsSUFBSTtRQUVKLElBQUksU0FBUyxFQUFFLENBQUM7WUFDZCxNQUFNLGdCQUFnQixHQUFHLElBQUksRUFBRSxVQUFVO2dCQUN2QyxDQUFDLENBQUMsSUFBQSxvQkFBVyxFQUFBLGVBQWUsT0FBTyx5Q0FBeUMsQ0FBQyxDQUFDLElBQUksWUFBWSxJQUFJLENBQUMsVUFBVSxhQUFhLElBQUksQ0FBQyxRQUFRLG1HQUFtRztnQkFDMU8sQ0FBQyxDQUFDLElBQUEsb0JBQVcsRUFBQSxlQUFlLE9BQU8seUNBQXlDLENBQUMsQ0FBQyxJQUFJLCtJQUErSSxDQUFDO1lBRXBPLElBQUEsOEJBQWUsRUFBQztnQkFDZCxJQUFJLEVBQUUsQ0FBQyxDQUFDLElBQUk7Z0JBQ1osS0FBSyxFQUFFLGdCQUFnQjtnQkFDdkIsU0FBUztnQkFDVCxXQUFXLEVBQUUsT0FBTyxDQUFDLENBQUMsSUFBSSxvQkFBb0I7Z0JBQzlDLFNBQVMsRUFBRSxDQUFDLENBQUMsUUFBUTthQUN0QixDQUFDLENBQUM7UUFDTCxDQUFDO1FBRUQsT0FBTyxDQUFDLENBQUM7SUFDWCxDQUFDLENBQUMsQ0FBQztJQUVILE9BQU87UUFDTCxJQUFJLEVBQUUsT0FBTztRQUNiLFFBQVEsRUFBRSxTQUFTO1FBQ25CLFdBQVcsRUFBRSxFQUFFO1FBQ2YsU0FBUyxFQUFFLEdBQUc7UUFDZCxVQUFVO0tBQ1gsQ0FBQztBQUNKLENBQUMsQ0FBQyJ9
|
package/Storage/index.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import { KeyVaultInfo, BasicResourceArgs } from
|
|
2
|
-
import { Input } from
|
|
3
|
-
import { DefaultManagementRules, ManagementRules } from
|
|
1
|
+
import { KeyVaultInfo, BasicResourceArgs } from "../types";
|
|
2
|
+
import { Input } from "@pulumi/pulumi";
|
|
3
|
+
import { DefaultManagementRules, ManagementRules } from "./ManagementRules";
|
|
4
4
|
type ContainerProps = {
|
|
5
5
|
name: string;
|
|
6
6
|
public?: boolean;
|
package/Storage/index.js
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
const storage = require("@pulumi/azure-native/storage");
|
|
4
|
-
const pulumi_1 = require("@pulumi/pulumi");
|
|
5
4
|
const Helpers_1 = require("../Logs/Helpers");
|
|
6
5
|
const Helper_1 = require("../KeyVault/Helper");
|
|
7
6
|
const AzureEnv_1 = require("../Common/AzureEnv");
|
|
@@ -10,22 +9,18 @@ const Naming_1 = require("../Common/Naming");
|
|
|
10
9
|
const CustomHelper_1 = require("../KeyVault/CustomHelper");
|
|
11
10
|
const Locker_1 = require("../Core/Locker");
|
|
12
11
|
const ManagementRules_1 = require("./ManagementRules");
|
|
13
|
-
const
|
|
14
|
-
const getEncryptionKey = (name, vaultInfo) => {
|
|
15
|
-
const n = `${name}-encrypt-key`;
|
|
16
|
-
return (0, pulumi_1.output)((0, KeyVaultBase_1.getKeyVaultBase)(vaultInfo.name).getOrCreateKey(n));
|
|
17
|
-
};
|
|
12
|
+
const VaultPermissions_1 = require("../KeyVault/VaultPermissions");
|
|
18
13
|
/** Storage Creator */
|
|
19
14
|
exports.default = ({ name, group, customDomain, allowsCors, vaultInfo, defaultManagementRules, containers = [], queues = [], fileShares = [],
|
|
20
15
|
//appInsight,
|
|
21
16
|
network, featureFlags = {}, policies = { keyExpirationPeriodInDays: 365 }, lock = true, }) => {
|
|
22
17
|
name = (0, Naming_1.getStorageName)(name);
|
|
23
|
-
const primaryKeyName = (0, Naming_1.getKeyName)(name,
|
|
24
|
-
const secondaryKeyName = (0, Naming_1.getKeyName)(name,
|
|
25
|
-
const primaryConnectionKeyName = (0, Naming_1.getConnectionName)(name,
|
|
26
|
-
const secondConnectionKeyName = (0, Naming_1.getConnectionName)(name,
|
|
18
|
+
const primaryKeyName = (0, Naming_1.getKeyName)(name, "primary");
|
|
19
|
+
const secondaryKeyName = (0, Naming_1.getKeyName)(name, "secondary");
|
|
20
|
+
const primaryConnectionKeyName = (0, Naming_1.getConnectionName)(name, "primary");
|
|
21
|
+
const secondConnectionKeyName = (0, Naming_1.getConnectionName)(name, "secondary");
|
|
27
22
|
const encryptionKey = featureFlags.enableKeyVaultEncryption
|
|
28
|
-
? getEncryptionKey(name, vaultInfo)
|
|
23
|
+
? (0, Helper_1.getEncryptionKey)(name, vaultInfo)
|
|
29
24
|
: undefined;
|
|
30
25
|
//To fix identity issue then using this approach https://github.com/pulumi/pulumi-azure-native/blob/master/examples/keyvault/index.ts
|
|
31
26
|
const stg = new storage.StorageAccount(name, {
|
|
@@ -37,13 +32,13 @@ network, featureFlags = {}, policies = { keyExpirationPeriodInDays: 365 }, lock
|
|
|
37
32
|
? storage.SkuName.Standard_ZRS //Zone redundant in PRD
|
|
38
33
|
: storage.SkuName.Standard_LRS,
|
|
39
34
|
},
|
|
40
|
-
accessTier:
|
|
35
|
+
accessTier: "Hot",
|
|
41
36
|
isHnsEnabled: true,
|
|
42
37
|
enableHttpsTrafficOnly: true,
|
|
43
38
|
allowBlobPublicAccess: policies?.allowBlobPublicAccess,
|
|
44
39
|
allowSharedKeyAccess: featureFlags.allowSharedKeyAccess,
|
|
45
|
-
identity: { type:
|
|
46
|
-
minimumTlsVersion:
|
|
40
|
+
identity: { type: "SystemAssigned" },
|
|
41
|
+
minimumTlsVersion: "TLS1_2",
|
|
47
42
|
//1 Year Months
|
|
48
43
|
keyPolicy: {
|
|
49
44
|
keyExpirationPeriodInDays: policies.keyExpirationPeriodInDays || 365,
|
|
@@ -69,7 +64,7 @@ network, featureFlags = {}, policies = { keyExpirationPeriodInDays: 365 }, lock
|
|
|
69
64
|
: undefined,
|
|
70
65
|
sasPolicy: {
|
|
71
66
|
expirationAction: storage.ExpirationAction.Log,
|
|
72
|
-
sasExpirationPeriod:
|
|
67
|
+
sasExpirationPeriod: "00.00:30:00",
|
|
73
68
|
},
|
|
74
69
|
customDomain: customDomain && !featureFlags.enableStaticWebsite
|
|
75
70
|
? { name: customDomain, useSubDomainName: true }
|
|
@@ -83,19 +78,19 @@ network, featureFlags = {}, policies = { keyExpirationPeriodInDays: 365 }, lock
|
|
|
83
78
|
// },
|
|
84
79
|
networkRuleSet: network
|
|
85
80
|
? {
|
|
86
|
-
bypass:
|
|
87
|
-
defaultAction:
|
|
81
|
+
bypass: "Logging, Metrics",
|
|
82
|
+
defaultAction: "Allow",
|
|
88
83
|
virtualNetworkRules: network.subnetId
|
|
89
84
|
? [{ virtualNetworkResourceId: network.subnetId }]
|
|
90
85
|
: undefined,
|
|
91
86
|
ipRules: network.ipAddresses
|
|
92
87
|
? network.ipAddresses.map((i) => ({
|
|
93
88
|
iPAddressOrRange: i,
|
|
94
|
-
action:
|
|
89
|
+
action: "Allow",
|
|
95
90
|
}))
|
|
96
91
|
: undefined,
|
|
97
92
|
}
|
|
98
|
-
: { defaultAction:
|
|
93
|
+
: { defaultAction: "Allow" },
|
|
99
94
|
});
|
|
100
95
|
//Soft Delete
|
|
101
96
|
if (policies) {
|
|
@@ -149,8 +144,8 @@ network, featureFlags = {}, policies = { keyExpirationPeriodInDays: 365 }, lock
|
|
|
149
144
|
new storage.StorageAccountStaticWebsite(name, {
|
|
150
145
|
accountName: stg.name,
|
|
151
146
|
...group,
|
|
152
|
-
indexDocument:
|
|
153
|
-
error404Document:
|
|
147
|
+
indexDocument: "index.html",
|
|
148
|
+
error404Document: "index.html",
|
|
154
149
|
}, { dependsOn: stg });
|
|
155
150
|
// if (appInsight && customDomain) {
|
|
156
151
|
// addInsightMonitor({ name, appInsight, url: customDomain });
|
|
@@ -178,7 +173,7 @@ network, featureFlags = {}, policies = { keyExpirationPeriodInDays: 365 }, lock
|
|
|
178
173
|
...group,
|
|
179
174
|
accountName: stg.name,
|
|
180
175
|
//denyEncryptionScopeOverride: true,
|
|
181
|
-
publicAccess: c.public ?
|
|
176
|
+
publicAccess: c.public ? "Blob" : "None",
|
|
182
177
|
});
|
|
183
178
|
if (c.managementRules) {
|
|
184
179
|
(0, ManagementRules_1.createManagementRules)({
|
|
@@ -211,7 +206,8 @@ network, featureFlags = {}, policies = { keyExpirationPeriodInDays: 365 }, lock
|
|
|
211
206
|
stg.id.apply(async (id) => {
|
|
212
207
|
if (!id)
|
|
213
208
|
return;
|
|
214
|
-
|
|
209
|
+
//Allows to Read Key Vault
|
|
210
|
+
(0, VaultPermissions_1.grantVaultAccessToIdentity)({ name, identity: stg.identity, vaultInfo });
|
|
215
211
|
const keys = (await storage.listStorageAccountKeys({
|
|
216
212
|
accountName: name,
|
|
217
213
|
resourceGroupName: group.resourceGroupName,
|
|
@@ -224,7 +220,7 @@ network, featureFlags = {}, policies = { keyExpirationPeriodInDays: 365 }, lock
|
|
|
224
220
|
//Keys
|
|
225
221
|
(0, CustomHelper_1.addCustomSecrets)({
|
|
226
222
|
vaultInfo,
|
|
227
|
-
contentType:
|
|
223
|
+
contentType: "Storage",
|
|
228
224
|
formattedName: true,
|
|
229
225
|
items: [
|
|
230
226
|
{
|
|
@@ -260,4 +256,4 @@ network, featureFlags = {}, policies = { keyExpirationPeriodInDays: 365 }, lock
|
|
|
260
256
|
: undefined,
|
|
261
257
|
};
|
|
262
258
|
};
|
|
263
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
259
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvU3RvcmFnZS9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLHdEQUF3RDtBQUl4RCw2Q0FBeUQ7QUFDekQsK0NBQWlFO0FBQ2pFLGlEQUEyQztBQUMzQywrQ0FBdUM7QUFFdkMsNkNBSTBCO0FBQzFCLDJEQUE0RDtBQUM1RCwyQ0FBb0M7QUFDcEMsdURBSTJCO0FBQzNCLG1FQUEwRTtBQXVEMUUsc0JBQXNCO0FBQ3RCLGtCQUFlLENBQUMsRUFDZCxJQUFJLEVBQ0osS0FBSyxFQUNMLFlBQVksRUFDWixVQUFVLEVBQ1YsU0FBUyxFQUNULHNCQUFzQixFQUN0QixVQUFVLEdBQUcsRUFBRSxFQUNmLE1BQU0sR0FBRyxFQUFFLEVBQ1gsVUFBVSxHQUFHLEVBQUU7QUFDZixhQUFhO0FBQ2IsT0FBTyxFQUNQLFlBQVksR0FBRyxFQUFFLEVBQ2pCLFFBQVEsR0FBRyxFQUFFLHlCQUF5QixFQUFFLEdBQUcsRUFBRSxFQUM3QyxJQUFJLEdBQUcsSUFBSSxHQUNFLEVBQUUsRUFBRTtJQUNqQixJQUFJLEdBQUcsSUFBQSx1QkFBYyxFQUFDLElBQUksQ0FBQyxDQUFDO0lBRTVCLE1BQU0sY0FBYyxHQUFHLElBQUEsbUJBQVUsRUFBQyxJQUFJLEVBQUUsU0FBUyxDQUFDLENBQUM7SUFDbkQsTUFBTSxnQkFBZ0IsR0FBRyxJQUFBLG1CQUFVLEVBQUMsSUFBSSxFQUFFLFdBQVcsQ0FBQyxDQUFDO0lBQ3ZELE1BQU0sd0JBQXdCLEdBQUcsSUFBQSwwQkFBaUIsRUFBQyxJQUFJLEVBQUUsU0FBUyxDQUFDLENBQUM7SUFDcEUsTUFBTSx1QkFBdUIsR0FBRyxJQUFBLDBCQUFpQixFQUFDLElBQUksRUFBRSxXQUFXLENBQUMsQ0FBQztJQUNyRSxNQUFNLGFBQWEsR0FBRyxZQUFZLENBQUMsd0JBQXdCO1FBQ3pELENBQUMsQ0FBQyxJQUFBLHlCQUFnQixFQUFDLElBQUksRUFBRSxTQUFTLENBQUM7UUFDbkMsQ0FBQyxDQUFDLFNBQVMsQ0FBQztJQUVkLHFJQUFxSTtJQUNySSxNQUFNLEdBQUcsR0FBRyxJQUFJLE9BQU8sQ0FBQyxjQUFjLENBQUMsSUFBSSxFQUFFO1FBQzNDLFdBQVcsRUFBRSxJQUFJO1FBQ2pCLEdBQUcsS0FBSztRQUVSLElBQUksRUFBRSxPQUFPLENBQUMsSUFBSSxDQUFDLFNBQVM7UUFDNUIsR0FBRyxFQUFFO1lBQ0gsSUFBSSxFQUFFLGdCQUFLO2dCQUNULENBQUMsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLFlBQVksQ0FBQyx1QkFBdUI7Z0JBQ3RELENBQUMsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLFlBQVk7U0FDakM7UUFDRCxVQUFVLEVBQUUsS0FBSztRQUVqQixZQUFZLEVBQUUsSUFBSTtRQUNsQixzQkFBc0IsRUFBRSxJQUFJO1FBQzVCLHFCQUFxQixFQUFFLFFBQVEsRUFBRSxxQkFBcUI7UUFDdEQsb0JBQW9CLEVBQUUsWUFBWSxDQUFDLG9CQUFvQjtRQUN2RCxRQUFRLEVBQUUsRUFBRSxJQUFJLEVBQUUsZ0JBQWdCLEVBQUU7UUFDcEMsaUJBQWlCLEVBQUUsUUFBUTtRQUUzQixlQUFlO1FBQ2YsU0FBUyxFQUFFO1lBQ1QseUJBQXlCLEVBQUUsUUFBUSxDQUFDLHlCQUF5QixJQUFJLEdBQUc7U0FDckU7UUFFRCxVQUFVLEVBQUUsYUFBYTtZQUN2QixDQUFDLENBQUM7Z0JBQ0UsUUFBUSxFQUFFO29CQUNSLElBQUksRUFBRTt3QkFDSixPQUFPLEVBQUUsSUFBSTt3QkFDYixPQUFPLEVBQUUsT0FBTyxDQUFDLE9BQU8sQ0FBQyxPQUFPO3FCQUNqQztvQkFDRCxJQUFJLEVBQUU7d0JBQ0osT0FBTyxFQUFFLElBQUk7d0JBQ2IsT0FBTyxFQUFFLE9BQU8sQ0FBQyxPQUFPLENBQUMsT0FBTztxQkFDakM7aUJBQ0Y7Z0JBQ0QsU0FBUyxFQUFFLE9BQU8sQ0FBQyxTQUFTLENBQUMsa0JBQWtCO2dCQUMvQyxrQkFBa0IsRUFBRSxhQUFhLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDO29CQUM5QyxPQUFPLEVBQUUsQ0FBRSxDQUFDLElBQUk7b0JBQ2hCLFdBQVcsRUFBRSxDQUFFLENBQUMsVUFBVSxDQUFDLFFBQVE7aUJBQ3BDLENBQUMsQ0FBQzthQUNKO1lBQ0gsQ0FBQyxDQUFDLFNBQVM7UUFFYixTQUFTLEVBQUU7WUFDVCxnQkFBZ0IsRUFBRSxPQUFPLENBQUMsZ0JBQWdCLENBQUMsR0FBRztZQUM5QyxtQkFBbUIsRUFBRSxhQUFhO1NBQ25DO1FBRUQsWUFBWSxFQUNWLFlBQVksSUFBSSxDQUFDLFlBQVksQ0FBQyxtQkFBbUI7WUFDL0MsQ0FBQyxDQUFDLEVBQUUsSUFBSSxFQUFFLFlBQVksRUFBRSxnQkFBZ0IsRUFBRSxJQUFJLEVBQUU7WUFDaEQsQ0FBQyxDQUFDLFNBQVM7UUFFZix1QkFBdUI7UUFDdkIsdUNBQXVDO1FBQ3ZDLHFEQUFxRDtRQUNyRCx1REFBdUQ7UUFDdkQscUNBQXFDO1FBQ3JDLHNDQUFzQztRQUN0QyxLQUFLO1FBRUwsY0FBYyxFQUFFLE9BQU87WUFDckIsQ0FBQyxDQUFDO2dCQUNFLE1BQU0sRUFBRSxrQkFBa0I7Z0JBQzFCLGFBQWEsRUFBRSxPQUFPO2dCQUV0QixtQkFBbUIsRUFBRSxPQUFPLENBQUMsUUFBUTtvQkFDbkMsQ0FBQyxDQUFDLENBQUMsRUFBRSx3QkFBd0IsRUFBRSxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7b0JBQ2xELENBQUMsQ0FBQyxTQUFTO2dCQUViLE9BQU8sRUFBRSxPQUFPLENBQUMsV0FBVztvQkFDMUIsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDO3dCQUM5QixnQkFBZ0IsRUFBRSxDQUFDO3dCQUNuQixNQUFNLEVBQUUsT0FBTztxQkFDaEIsQ0FBQyxDQUFDO29CQUNMLENBQUMsQ0FBQyxTQUFTO2FBQ2Q7WUFDSCxDQUFDLENBQUMsRUFBRSxhQUFhLEVBQUUsT0FBTyxFQUFFO0tBQy9CLENBQUMsQ0FBQztJQUVILGFBQWE7SUFDYixJQUFJLFFBQVEsRUFBRSxDQUFDO1FBQ2IscUNBQXFDO1FBQ3JDLDBCQUEwQjtRQUMxQixNQUFNO1FBQ04sNkJBQTZCO1FBQzdCLGdCQUFnQjtRQUNoQixFQUFFO1FBQ0YseURBQXlEO1FBQ3pELFlBQVk7UUFDWixzREFBc0Q7UUFDdEQsK0NBQStDO1FBQy9DLFlBQVk7UUFDWixxQkFBcUI7UUFDckIsNkRBQTZEO1FBQzdELE9BQU87UUFDUCx1QkFBdUI7UUFDdkIsS0FBSztRQUNMLEVBQUU7UUFDRixxQ0FBcUM7UUFDckMsMEJBQTBCO1FBQzFCLE1BQU07UUFDTiw2QkFBNkI7UUFDN0IsZ0JBQWdCO1FBQ2hCLEVBQUU7UUFDRixtRUFBbUU7UUFDbkUsWUFBWTtRQUNaLDJEQUEyRDtRQUMzRCxvREFBb0Q7UUFDcEQsWUFBWTtRQUNaLHFCQUFxQjtRQUNyQixPQUFPO1FBQ1AsdUJBQXVCO1FBQ3ZCLEtBQUs7SUFDUCxDQUFDO0lBRUQsdUJBQXVCO0lBQ3ZCLElBQUksc0JBQXNCLEVBQUUsQ0FBQztRQUMzQixJQUFBLHVDQUFxQixFQUFDO1lBQ3BCLElBQUk7WUFDSixjQUFjLEVBQUUsR0FBRztZQUNuQixLQUFLO1lBQ0wsS0FBSyxFQUFFLHNCQUFzQjtTQUM5QixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsSUFBSSxJQUFJLEVBQUUsQ0FBQztRQUNULElBQUEsZ0JBQU0sRUFBQyxFQUFFLElBQUksRUFBRSxVQUFVLEVBQUUsR0FBRyxDQUFDLEVBQUUsRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLENBQUMsQ0FBQztJQUN2RCxDQUFDO0lBRUQsK0JBQStCO0lBQy9CLElBQUksWUFBWSxDQUFDLG1CQUFtQixFQUFFLENBQUM7UUFDckMsSUFBSSxPQUFPLENBQUMsMkJBQTJCLENBQ3JDLElBQUksRUFDSjtZQUNFLFdBQVcsRUFBRSxHQUFHLENBQUMsSUFBSTtZQUNyQixHQUFHLEtBQUs7WUFDUixhQUFhLEVBQUUsWUFBWTtZQUMzQixnQkFBZ0IsRUFBRSxZQUFZO1NBQy9CLEVBQ0QsRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLENBQ25CLENBQUM7UUFFRixvQ0FBb0M7UUFDcEMsZ0VBQWdFO1FBQ2hFLElBQUk7SUFDTixDQUFDO1NBQU0sSUFBSSxnQkFBSztRQUFFLElBQUEsZ0NBQXNCLEVBQUMsRUFBRSxJQUFJLEVBQUUsZ0JBQWdCLEVBQUUsR0FBRyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFFN0UsMkNBQTJDO0lBQzNDLElBQ0UsQ0FBQyxZQUFZLENBQUMsbUJBQW1CLElBQUksWUFBWSxDQUFDO1FBQ2xELFlBQVksQ0FBQyxXQUFXLEVBQ3hCLENBQUM7UUFDRCxNQUFNLE1BQU0sR0FBRyxHQUFHLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsR0FBRyxDQUFDLDJCQUEyQixDQUFDLENBQUM7UUFDdEUsSUFBQSxxQkFBVSxFQUFDO1lBQ1QsSUFBSTtZQUNKLFVBQVUsRUFBRSxZQUFhO1lBQ3pCLE1BQU07WUFDTixJQUFJLEVBQUUsVUFBVTtZQUNoQixZQUFZLEVBQUUsSUFBSTtZQUNsQiw4QkFBOEIsRUFDNUIsWUFBWSxDQUFDLDhCQUE4QjtTQUM5QyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsbUJBQW1CO0lBQ25CLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRTtRQUNuQixNQUFNLFNBQVMsR0FBRyxJQUFJLE9BQU8sQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDLElBQUksRUFBRTtZQUNsRCxhQUFhLEVBQUUsQ0FBQyxDQUFDLElBQUksQ0FBQyxXQUFXLEVBQUU7WUFDbkMsR0FBRyxLQUFLO1lBQ1IsV0FBVyxFQUFFLEdBQUcsQ0FBQyxJQUFJO1lBQ3JCLG9DQUFvQztZQUNwQyxZQUFZLEVBQUUsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxNQUFNO1NBQ3pDLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxDQUFDLGVBQWUsRUFBRSxDQUFDO1lBQ3RCLElBQUEsdUNBQXFCLEVBQUM7Z0JBQ3BCLElBQUk7Z0JBQ0osY0FBYyxFQUFFLEdBQUc7Z0JBQ25CLEtBQUs7Z0JBQ0wsY0FBYyxFQUFFLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQztnQkFDaEMsS0FBSyxFQUFFLENBQUMsQ0FBQyxlQUFlO2FBQ3pCLENBQUMsQ0FBQztRQUNMLENBQUM7UUFDRCxPQUFPLFNBQVMsQ0FBQztJQUNuQixDQUFDLENBQUMsQ0FBQztJQUVILGVBQWU7SUFDZixNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7UUFDZixJQUFJLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFO1lBQ25CLFNBQVMsRUFBRSxDQUFDLENBQUMsV0FBVyxFQUFFO1lBQzFCLFdBQVcsRUFBRSxHQUFHLENBQUMsSUFBSTtZQUNyQixHQUFHLEtBQUs7U0FDVCxDQUFDLENBQUM7SUFDTCxDQUFDLENBQUMsQ0FBQztJQUVILFlBQVk7SUFDWixVQUFVLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7UUFDbkIsSUFBSSxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUMsRUFBRTtZQUN2QixTQUFTLEVBQUUsQ0FBQyxDQUFDLFdBQVcsRUFBRTtZQUMxQixXQUFXLEVBQUUsR0FBRyxDQUFDLElBQUk7WUFDckIsR0FBRyxLQUFLO1NBQ1QsQ0FBQyxDQUFDO0lBQ0wsQ0FBQyxDQUFDLENBQUM7SUFFSCxZQUFZO0lBQ1osR0FBRyxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRSxFQUFFO1FBQ3hCLElBQUksQ0FBQyxFQUFFO1lBQUUsT0FBTztRQUNoQiwwQkFBMEI7UUFDMUIsSUFBQSw2Q0FBMEIsRUFBQyxFQUFFLElBQUksRUFBRSxRQUFRLEVBQUUsR0FBRyxDQUFDLFFBQVEsRUFBRSxTQUFTLEVBQUUsQ0FBQyxDQUFDO1FBRXhFLE1BQU0sSUFBSSxHQUFHLENBQ1gsTUFBTSxPQUFPLENBQUMsc0JBQXNCLENBQUM7WUFDbkMsV0FBVyxFQUFFLElBQUk7WUFDakIsaUJBQWlCLEVBQUUsS0FBSyxDQUFDLGlCQUFpQjtTQUMzQyxDQUFDLENBQ0gsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1lBQ2pCLElBQUksRUFBRSxDQUFDLENBQUMsT0FBTztZQUNmLEdBQUcsRUFBRSxDQUFDLENBQUMsS0FBSztZQUNaLGdCQUFnQixFQUFFLDhDQUE4QyxJQUFJLGVBQWUsQ0FBQyxDQUFDLEtBQUssa0NBQWtDO1NBQzdILENBQUMsQ0FBQyxDQUFDO1FBRUosSUFBSSxTQUFTLEVBQUUsQ0FBQztZQUNkLE1BQU07WUFDTixJQUFBLCtCQUFnQixFQUFDO2dCQUNmLFNBQVM7Z0JBQ1QsV0FBVyxFQUFFLFNBQVM7Z0JBQ3RCLGFBQWEsRUFBRSxJQUFJO2dCQUNuQixLQUFLLEVBQUU7b0JBQ0w7d0JBQ0UsSUFBSSxFQUFFLGNBQWM7d0JBQ3BCLEtBQUssRUFBRSxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsR0FBRztxQkFDbkI7b0JBQ0Q7d0JBQ0UsSUFBSSxFQUFFLGdCQUFnQjt3QkFDdEIsS0FBSyxFQUFFLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxHQUFHO3FCQUNuQjtvQkFDRDt3QkFDRSxJQUFJLEVBQUUsd0JBQXdCO3dCQUM5QixLQUFLLEVBQUUsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDLGdCQUFnQjtxQkFDaEM7b0JBQ0Q7d0JBQ0UsSUFBSSxFQUFFLHVCQUF1Qjt3QkFDN0IsS0FBSyxFQUFFLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxnQkFBZ0I7cUJBQ2hDO2lCQUNGO2FBQ0YsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztJQUNILENBQUMsQ0FBQyxDQUFDO0lBRUgsT0FBTztRQUNMLE9BQU8sRUFBRSxHQUFHO1FBQ1osVUFBVSxFQUFFO1lBQ1YsY0FBYztZQUNkLGdCQUFnQjtZQUNoQix3QkFBd0I7WUFDeEIsdUJBQXVCO1NBQ3hCO1FBQ0QsbUJBQW1CLEVBQUUsQ0FBQyxPQUFlLHdCQUF3QixFQUFFLEVBQUUsQ0FDL0QsU0FBUztZQUNQLENBQUMsQ0FBQyxJQUFBLGtCQUFTLEVBQUMsRUFBRSxJQUFJLEVBQUUsYUFBYSxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsQ0FBQztZQUNyRCxDQUFDLENBQUMsU0FBUztLQUNoQixDQUFDO0FBQ0osQ0FBQyxDQUFDIn0=
|
package/VNet/PrivateEndpoint.js
CHANGED
|
@@ -5,7 +5,9 @@ const pulumi_1 = require("@pulumi/pulumi");
|
|
|
5
5
|
const Helper_1 = require("./Helper");
|
|
6
6
|
const PrivateDns_1 = require("./PrivateDns");
|
|
7
7
|
const AzureEnv_1 = require("../Common/AzureEnv");
|
|
8
|
+
const Naming_1 = require("../Common/Naming");
|
|
8
9
|
exports.default = ({ name, group, resourceId, subnetId, privateDnsZoneName, useGlobalDnsZone, linkServiceGroupIds, }) => {
|
|
10
|
+
name = (0, Naming_1.getPrivateEndpointName)(name);
|
|
9
11
|
const endpoint = new network.PrivateEndpoint(name, {
|
|
10
12
|
privateEndpointName: name,
|
|
11
13
|
...group,
|
|
@@ -66,4 +68,4 @@ exports.default = ({ name, group, resourceId, subnetId, privateDnsZoneName, useG
|
|
|
66
68
|
//TODO: Create private DNS Zone in the same resource group and link to VNet
|
|
67
69
|
return endpoint;
|
|
68
70
|
};
|
|
69
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
71
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUHJpdmF0ZUVuZHBvaW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL1ZOZXQvUHJpdmF0ZUVuZHBvaW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsd0RBQXdEO0FBQ3hELDJDQUErQztBQUUvQyxxQ0FBaUQ7QUFDakQsNkNBQTZFO0FBQzdFLGlEQUEyRDtBQUMzRCw2Q0FBMEQ7QUFRMUQsa0JBQWUsQ0FBQyxFQUNkLElBQUksRUFDSixLQUFLLEVBQ0wsVUFBVSxFQUNWLFFBQVEsRUFDUixrQkFBa0IsRUFDbEIsZ0JBQWdCLEVBQ2hCLG1CQUFtQixHQUNiLEVBQUUsRUFBRTtJQUNWLElBQUksR0FBRyxJQUFBLCtCQUFzQixFQUFDLElBQUksQ0FBQyxDQUFDO0lBRXBDLE1BQU0sUUFBUSxHQUFHLElBQUksT0FBTyxDQUFDLGVBQWUsQ0FBQyxJQUFJLEVBQUU7UUFDakQsbUJBQW1CLEVBQUUsSUFBSTtRQUN6QixHQUFHLEtBQUs7UUFFUixNQUFNLEVBQUUsRUFBRSxFQUFFLEVBQUUsUUFBUSxFQUFFO1FBQ3hCLDZCQUE2QixFQUFFO1lBQzdCO2dCQUNFLFFBQVEsRUFBRSxtQkFBbUI7Z0JBQzdCLElBQUksRUFBRSxHQUFHLElBQUksT0FBTztnQkFDcEIsb0JBQW9CLEVBQUUsVUFBVTthQUNqQztTQUNGO0tBQ0YsQ0FBQyxDQUFDO0lBRUgsa0JBQWtCO0lBQ2xCLE1BQU0sV0FBVyxHQUFHLFFBQVEsQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUN4RCxDQUFFLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsV0FBWSxDQUFDLENBQ2xDLENBQUM7SUFFRixJQUFBLGVBQU0sRUFBQyxVQUFVLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRTtRQUM5QixNQUFNLFlBQVksR0FBRyxJQUFBLGdDQUFxQixFQUFDLEVBQUUsQ0FBQyxDQUFDO1FBRS9DLElBQUksZ0JBQWdCLEVBQUUsQ0FBQztZQUNyQixjQUFjO1lBQ2QsSUFBQSx1QkFBVSxFQUFDO2dCQUNULFdBQVc7Z0JBQ1gsVUFBVSxFQUFFLFlBQVksRUFBRSxJQUFJLElBQUksRUFBRTtnQkFDcEMsUUFBUSxFQUFFLGtCQUFrQjthQUM3QixDQUFDLENBQUM7WUFFSCxjQUFjO1lBQ2QsSUFBQSxlQUFNLEVBQUMsUUFBUSxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUU7Z0JBQzdCLE1BQU0sTUFBTSxHQUFHLElBQUEsOEJBQXFCLEVBQUMsR0FBRyxDQUFDLENBQUM7Z0JBQzFDLElBQUEsaUNBQW9CLEVBQUM7b0JBQ25CLFFBQVEsRUFBRSxrQkFBa0I7b0JBQzVCLE1BQU07aUJBQ1AsQ0FBQyxDQUFDO1lBQ0wsQ0FBQyxDQUFDLENBQUM7UUFDTCxDQUFDO2FBQU0sQ0FBQztZQUNOLGFBQWE7WUFDYixNQUFNLElBQUksR0FBRyxJQUFBLG9CQUFXLEVBQUM7Z0JBQ3ZCLElBQUksRUFBRSxHQUFHLFlBQVksRUFBRSxJQUFJLElBQUksa0JBQWtCLEVBQUU7Z0JBQ25ELEtBQUs7YUFDTixDQUFDLENBQUM7WUFFSCxpQkFBaUI7WUFDakIsSUFBQSx1QkFBVSxFQUFDO2dCQUNULFdBQVc7Z0JBQ1gsVUFBVSxFQUFFLEdBQUc7Z0JBQ2YsUUFBUSxFQUFFLGtCQUFrQjtnQkFDNUIsU0FBUyxFQUFFLElBQUk7YUFDaEIsQ0FBQyxDQUFDO1lBQ0gsY0FBYztZQUNkLElBQUEsZUFBTSxFQUFDLFFBQVEsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFO2dCQUM3QixNQUFNLE1BQU0sR0FBRyxJQUFBLDhCQUFxQixFQUFDLEdBQUcsQ0FBQyxDQUFDO2dCQUMxQyxJQUFBLGlDQUFvQixFQUFDO29CQUNuQixRQUFRLEVBQUUsa0JBQWtCO29CQUM1QixNQUFNO29CQUNOLEtBQUs7b0JBQ0wsU0FBUyxFQUFFLElBQUk7aUJBQ2hCLENBQUMsQ0FBQztZQUNMLENBQUMsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztJQUNILENBQUMsQ0FBQyxDQUFDO0lBQ0gsMkVBQTJFO0lBQzNFLE9BQU8sUUFBUSxDQUFDO0FBQ2xCLENBQUMsQ0FBQyJ9
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@drunk-pulumi/azure",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.26",
|
|
4
4
|
"author": "drunkcoding@outlook.com",
|
|
5
5
|
"description": "The custom helpers pulumi-azure",
|
|
6
6
|
"license": "MIT",
|
|
@@ -17,8 +17,8 @@
|
|
|
17
17
|
"url": "https://github.com/baoduy/drunk-pulumi-azure.git"
|
|
18
18
|
},
|
|
19
19
|
"dependencies": {
|
|
20
|
-
"@drunk-pulumi/azure-providers": "^0.0.
|
|
21
|
-
"@pulumi/azure-native": "^2.
|
|
20
|
+
"@drunk-pulumi/azure-providers": "^0.0.6",
|
|
21
|
+
"@pulumi/azure-native": "^2.33.0",
|
|
22
22
|
"@pulumi/azuread": "5.47.2",
|
|
23
23
|
"@pulumi/pulumi": "^3.111.1",
|
|
24
24
|
"@pulumi/random": "^4.16.0",
|
package/types.d.ts
CHANGED
|
@@ -11,6 +11,8 @@ export interface ResourceGroupInfo {
|
|
|
11
11
|
export interface ConventionProps {
|
|
12
12
|
prefix?: string;
|
|
13
13
|
suffix?: string;
|
|
14
|
+
/**Whether include the Azure Region name at the end of the name or not*/
|
|
15
|
+
includeRegion?: boolean;
|
|
14
16
|
/**Whether include the organization name at the end of the name or not*/
|
|
15
17
|
includeOrgName?: boolean;
|
|
16
18
|
}
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
import { EnvRoleNamesType } from '../AzAd/EnvRoles';
|
|
2
|
-
export type VaultAccessType = {
|
|
3
|
-
/** Grant permission of this group into Environment Roles groups*/
|
|
4
|
-
envRoleNames?: EnvRoleNamesType;
|
|
5
|
-
includeOrganization?: boolean;
|
|
6
|
-
};
|
|
7
|
-
interface Props {
|
|
8
|
-
name: string;
|
|
9
|
-
auth: VaultAccessType;
|
|
10
|
-
}
|
|
11
|
-
declare const _default: ({ name, auth }: Props) => {
|
|
12
|
-
readOnlyGroup: import("@pulumi/pulumi").Output<import("@pulumi/pulumi").UnwrappedObject<import("@pulumi/azuread").GetGroupResult>> | import("@pulumi/pulumi").Output<import("@pulumi/azuread/group").Group>;
|
|
13
|
-
adminGroup: import("@pulumi/pulumi").Output<import("@pulumi/pulumi").UnwrappedObject<import("@pulumi/azuread").GetGroupResult>> | import("@pulumi/pulumi").Output<import("@pulumi/azuread/group").Group>;
|
|
14
|
-
};
|
|
15
|
-
export default _default;
|
package/KeyVault/VaultAccess.js
DELETED
|
@@ -1,47 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
const Role_1 = require("../AzAd/Role");
|
|
4
|
-
const AzureEnv_1 = require("../Common/AzureEnv");
|
|
5
|
-
const Group_1 = require("../AzAd/Group");
|
|
6
|
-
exports.default = ({ name, auth }) => {
|
|
7
|
-
//Permission Groups
|
|
8
|
-
const readOnlyGroup = auth.envRoleNames
|
|
9
|
-
? (0, Group_1.getAdGroup)(auth.envRoleNames.readOnly)
|
|
10
|
-
: (0, Role_1.default)({
|
|
11
|
-
env: AzureEnv_1.currentEnv,
|
|
12
|
-
appName: `${name}-vault`,
|
|
13
|
-
roleName: 'ReadOnly',
|
|
14
|
-
includeOrganization: auth.includeOrganization,
|
|
15
|
-
});
|
|
16
|
-
const adminGroup = auth.envRoleNames
|
|
17
|
-
? (0, Group_1.getAdGroup)(auth.envRoleNames.contributor)
|
|
18
|
-
: (0, Role_1.default)({
|
|
19
|
-
env: AzureEnv_1.currentEnv,
|
|
20
|
-
appName: `${name}-vault`,
|
|
21
|
-
roleName: 'Admin',
|
|
22
|
-
includeOrganization: auth.includeOrganization,
|
|
23
|
-
});
|
|
24
|
-
//Add current service principal in
|
|
25
|
-
// if (auth.permissions == undefined) {
|
|
26
|
-
// auth.permissions = [
|
|
27
|
-
// // {
|
|
28
|
-
// // objectId: currentServicePrincipal,
|
|
29
|
-
// // permission: 'ReadWrite',
|
|
30
|
-
// // },
|
|
31
|
-
// ];
|
|
32
|
-
// }
|
|
33
|
-
//Add Permission to Groups
|
|
34
|
-
// auth.permissions.forEach(
|
|
35
|
-
// ({ objectId, applicationId, permission, ...others }, index) =>
|
|
36
|
-
// new azuread.GroupMember(`${name}-${permission}-${index}`, {
|
|
37
|
-
// groupObjectId:
|
|
38
|
-
// permission === 'ReadOnly'
|
|
39
|
-
// ? readOnlyGroup.objectId
|
|
40
|
-
// : adminGroup.objectId,
|
|
41
|
-
// memberObjectId: objectId ?? applicationId,
|
|
42
|
-
// ...others,
|
|
43
|
-
// })
|
|
44
|
-
// );
|
|
45
|
-
return { readOnlyGroup, adminGroup };
|
|
46
|
-
};
|
|
47
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVmF1bHRBY2Nlc3MuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvS2V5VmF1bHQvVmF1bHRBY2Nlc3MudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFDQSx1Q0FBcUM7QUFDckMsaURBQWdEO0FBQ2hELHlDQUEyQztBQWUzQyxrQkFBZSxDQUFDLEVBQUUsSUFBSSxFQUFFLElBQUksRUFBUyxFQUFFLEVBQUU7SUFDdkMsbUJBQW1CO0lBQ25CLE1BQU0sYUFBYSxHQUFHLElBQUksQ0FBQyxZQUFZO1FBQ3JDLENBQUMsQ0FBQyxJQUFBLGtCQUFVLEVBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxRQUFRLENBQUM7UUFDeEMsQ0FBQyxDQUFDLElBQUEsY0FBUyxFQUFDO1lBQ1IsR0FBRyxFQUFFLHFCQUFVO1lBQ2YsT0FBTyxFQUFFLEdBQUcsSUFBSSxRQUFRO1lBQ3hCLFFBQVEsRUFBRSxVQUFVO1lBQ3BCLG1CQUFtQixFQUFFLElBQUksQ0FBQyxtQkFBbUI7U0FDOUMsQ0FBQyxDQUFDO0lBRVAsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLFlBQVk7UUFDbEMsQ0FBQyxDQUFDLElBQUEsa0JBQVUsRUFBQyxJQUFJLENBQUMsWUFBWSxDQUFDLFdBQVcsQ0FBQztRQUMzQyxDQUFDLENBQUMsSUFBQSxjQUFTLEVBQUM7WUFDUixHQUFHLEVBQUUscUJBQVU7WUFDZixPQUFPLEVBQUUsR0FBRyxJQUFJLFFBQVE7WUFDeEIsUUFBUSxFQUFFLE9BQU87WUFDakIsbUJBQW1CLEVBQUUsSUFBSSxDQUFDLG1CQUFtQjtTQUM5QyxDQUFDLENBQUM7SUFFUCxrQ0FBa0M7SUFDbEMsdUNBQXVDO0lBQ3ZDLHlCQUF5QjtJQUN6QixXQUFXO0lBQ1gsOENBQThDO0lBQzlDLG9DQUFvQztJQUNwQyxZQUFZO0lBQ1osT0FBTztJQUNQLElBQUk7SUFFSiwwQkFBMEI7SUFDMUIsNEJBQTRCO0lBQzVCLG1FQUFtRTtJQUNuRSxrRUFBa0U7SUFDbEUsdUJBQXVCO0lBQ3ZCLG9DQUFvQztJQUNwQyxxQ0FBcUM7SUFDckMsbUNBQW1DO0lBQ25DLG1EQUFtRDtJQUNuRCxtQkFBbUI7SUFDbkIsU0FBUztJQUNULEtBQUs7SUFFTCxPQUFPLEVBQUUsYUFBYSxFQUFFLFVBQVUsRUFBRSxDQUFDO0FBQ3ZDLENBQUMsQ0FBQyJ9
|