@drunk-pulumi/azure 1.0.3 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/Aks/Helper.js +4 -3
- package/Aks/Identity.js +3 -3
- package/Aks/index.d.ts +8 -7
- package/Aks/index.js +73 -57
- package/Automation/index.d.ts +1 -1
- package/Automation/index.js +5 -5
- package/AzAd/EnvRoles.Consts.d.ts +13 -8
- package/AzAd/EnvRoles.Consts.js +51 -51
- package/AzAd/EnvRoles.d.ts +3 -3
- package/AzAd/EnvRoles.js +10 -10
- package/AzAd/Group.d.ts +2 -2
- package/AzAd/Group.js +12 -12
- package/AzAd/Identities/AzDevOpsIdentity.d.ts +1 -1
- package/AzAd/Identities/AzDevOpsIdentity.js +9 -6
- package/AzAd/Identities/AzDevOpsManagedIdentity.d.ts +2 -2
- package/AzAd/Identities/AzDevOpsManagedIdentity.js +6 -3
- package/AzAd/RoleAssignment.d.ts +3 -3
- package/AzAd/RoleAssignment.js +3 -3
- package/AzAd/RoleDefinitions/JustInTimeRequestRole.js +10 -10
- package/Builder/AksBuilder.js +15 -1
- package/Builder/PrivateDnsZoneBuilder.d.ts +2 -1
- package/Builder/PrivateDnsZoneBuilder.js +41 -23
- package/Builder/ResourceBuilder.js +12 -6
- package/Builder/SqlBuilder.js +7 -1
- package/Builder/StorageBuilder.js +14 -14
- package/Builder/VaultBuilder.d.ts +2 -1
- package/Builder/VaultBuilder.js +8 -1
- package/Builder/types/resourceBuilder.d.ts +2 -0
- package/Builder/types/sqlBuilder.d.ts +2 -1
- package/Builder/types/storageBuilder.d.ts +10 -8
- package/Builder/types/vaultBuilder.d.ts +6 -1
- package/Cdn/CdnEndpoint.d.ts +2 -3
- package/Cdn/CdnEndpoint.js +15 -17
- package/Cdn/CdnRules.d.ts +6 -2
- package/Cdn/CdnRules.js +51 -56
- package/Certificate/index.d.ts +2 -2
- package/Certificate/index.js +29 -29
- package/Common/AzureEnv.d.ts +2 -3
- package/Common/AzureEnv.js +21 -8
- package/Common/Naming/index.d.ts +1 -1
- package/Common/Naming/index.js +65 -61
- package/Common/index.d.ts +11 -6
- package/Common/index.js +6 -1
- package/ContainerRegistry/index.d.ts +5 -5
- package/ContainerRegistry/index.js +75 -50
- package/Core/KeyGenerators.d.ts +5 -5
- package/Core/KeyGenerators.js +5 -5
- package/CustomRoles/index.js +3 -3
- package/KeyVault/CustomHelper.d.ts +4 -4
- package/KeyVault/CustomHelper.js +7 -7
- package/KeyVault/Helper.js +12 -9
- package/Logs/Helpers.d.ts +1 -1
- package/RedisCache/index.d.ts +2 -2
- package/RedisCache/index.js +10 -5
- package/SignalR/index.d.ts +4 -4
- package/SignalR/index.js +26 -21
- package/Sql/SqlDb.js +2 -3
- package/Sql/index.d.ts +3 -4
- package/Sql/index.js +11 -11
- package/Storage/Helper.d.ts +1 -1
- package/Storage/index.d.ts +2 -3
- package/Storage/index.js +2 -2
- package/VNet/FirewallPolicies/AksFirewallPolicy.d.ts +4 -3
- package/VNet/FirewallPolicies/AksFirewallPolicy.js +116 -123
- package/VNet/FirewallPolicies/CloudPCFirewallPolicy.d.ts +4 -3
- package/VNet/FirewallPolicies/CloudPCFirewallPolicy.js +150 -132
- package/VNet/Helper.d.ts +1 -0
- package/VNet/Helper.js +25 -19
- package/VNet/index.d.ts +9 -9
- package/VNet/index.js +58 -49
- package/VNet/types.d.ts +9 -6
- package/package.json +6 -6
package/AzAd/EnvRoles.Consts.js
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.grantEnvRolesAccess = exports.getRoleNames = void 0;
|
|
4
4
|
const RoleAssignment_1 = require("./RoleAssignment");
|
|
5
|
-
const
|
|
5
|
+
const Common_1 = require("../Common");
|
|
6
6
|
//Resource Group Role
|
|
7
7
|
const RGRoleNames = {
|
|
8
8
|
readOnly: ['Reader'],
|
|
@@ -12,21 +12,16 @@ const RGRoleNames = {
|
|
|
12
12
|
//AKS Roles
|
|
13
13
|
const AksRoleNames = {
|
|
14
14
|
readOnly: [
|
|
15
|
+
'Azure Kubernetes Service RBAC Reader',
|
|
15
16
|
'Azure Kubernetes Service Cluster User Role',
|
|
16
|
-
'Azure Kubernetes Service Cluster Monitoring User',
|
|
17
17
|
],
|
|
18
18
|
contributor: [
|
|
19
|
-
'Azure Kubernetes Service
|
|
19
|
+
'Azure Kubernetes Service RBAC Writer',
|
|
20
20
|
'Azure Kubernetes Service Cluster User Role',
|
|
21
|
-
'Azure Kubernetes Service Cluster Monitoring User',
|
|
22
|
-
'Azure Kubernetes Service RBAC Reader',
|
|
23
21
|
],
|
|
24
22
|
admin: [
|
|
25
|
-
'Azure Kubernetes Service Contributor Role',
|
|
26
23
|
'Azure Kubernetes Service RBAC Cluster Admin',
|
|
27
|
-
'Azure Kubernetes Service Cluster Admin
|
|
28
|
-
'Azure Kubernetes Service Cluster Monitoring User',
|
|
29
|
-
'Azure Kubernetes Service Cluster User Role',
|
|
24
|
+
'Azure Kubernetes Service RBAC Cluster Admin',
|
|
30
25
|
],
|
|
31
26
|
};
|
|
32
27
|
//IOT Roles
|
|
@@ -91,48 +86,50 @@ const ContainerRegistry = {
|
|
|
91
86
|
'AcrImageSigner',
|
|
92
87
|
'AcrPull',
|
|
93
88
|
'AcrPush',
|
|
94
|
-
'ACR Repository Contributor',
|
|
95
|
-
'ACR Repository Writer',
|
|
96
|
-
'AcrQuarantineWriter',
|
|
89
|
+
//'ACR Repository Contributor',
|
|
90
|
+
//'ACR Repository Writer',
|
|
91
|
+
//'AcrQuarantineWriter',
|
|
97
92
|
],
|
|
98
93
|
admin: ['AcrDelete'],
|
|
99
94
|
};
|
|
100
|
-
|
|
95
|
+
//AppConfig Roles
|
|
96
|
+
const AppConfigRoleNames = {
|
|
97
|
+
readOnly: ['App Configuration Data Reader'],
|
|
98
|
+
contributor: ['App Configuration Data Owner'],
|
|
99
|
+
admin: [],
|
|
100
|
+
};
|
|
101
|
+
const getRoleFor = (roleType, roleCollection, results) => {
|
|
102
|
+
if (!roleType)
|
|
103
|
+
return results;
|
|
104
|
+
const allows = {
|
|
105
|
+
readOnly: typeof roleType === 'boolean' ? roleType : roleType.readOnly,
|
|
106
|
+
contributor: typeof roleType === 'boolean' ? roleType : roleType.contributor,
|
|
107
|
+
admin: typeof roleType === 'boolean' ? roleType : roleType.admin,
|
|
108
|
+
};
|
|
109
|
+
if (allows.readOnly) {
|
|
110
|
+
roleCollection.readOnly.forEach((r) => results.readOnly.add(r));
|
|
111
|
+
}
|
|
112
|
+
if (allows.contributor) {
|
|
113
|
+
roleCollection.contributor.forEach((r) => results.contributor.add(r));
|
|
114
|
+
}
|
|
115
|
+
if (allows.admin) {
|
|
116
|
+
roleCollection.admin.forEach((r) => results.admin.add(r));
|
|
117
|
+
}
|
|
118
|
+
return results;
|
|
119
|
+
};
|
|
120
|
+
const getRoleNames = ({ enableRGRoles, enableIotRoles, enableVaultRoles, enableAksRoles, enableStorageRoles, enableACRRoles, enableAppConfig, }) => {
|
|
101
121
|
const rs = {
|
|
102
122
|
readOnly: new Set(),
|
|
103
123
|
admin: new Set(),
|
|
104
124
|
contributor: new Set(),
|
|
105
125
|
};
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
RGRoleNames.contributor.forEach((r) => rs.contributor.add(r));
|
|
114
|
-
RGRoleNames.admin.forEach((r) => rs.admin.add(r));
|
|
115
|
-
}
|
|
116
|
-
if (enableVaultRoles) {
|
|
117
|
-
KeyVaultRoleNames.readOnly.forEach((r) => rs.readOnly.add(r));
|
|
118
|
-
KeyVaultRoleNames.contributor.forEach((r) => rs.contributor.add(r));
|
|
119
|
-
KeyVaultRoleNames.admin.forEach((r) => rs.admin.add(r));
|
|
120
|
-
}
|
|
121
|
-
if (enableAksRoles) {
|
|
122
|
-
AksRoleNames.readOnly.forEach((r) => rs.readOnly.add(r));
|
|
123
|
-
AksRoleNames.contributor.forEach((r) => rs.contributor.add(r));
|
|
124
|
-
AksRoleNames.admin.forEach((r) => rs.admin.add(r));
|
|
125
|
-
}
|
|
126
|
-
if (enableStorageRoles) {
|
|
127
|
-
StorageRoleNames.readOnly.forEach((r) => rs.readOnly.add(r));
|
|
128
|
-
StorageRoleNames.contributor.forEach((r) => rs.contributor.add(r));
|
|
129
|
-
StorageRoleNames.admin.forEach((r) => rs.admin.add(r));
|
|
130
|
-
}
|
|
131
|
-
if (enableACRRoles) {
|
|
132
|
-
ContainerRegistry.readOnly.forEach((r) => rs.readOnly.add(r));
|
|
133
|
-
ContainerRegistry.contributor.forEach((r) => rs.contributor.add(r));
|
|
134
|
-
ContainerRegistry.admin.forEach((r) => rs.admin.add(r));
|
|
135
|
-
}
|
|
126
|
+
getRoleFor(enableIotRoles, IOTHubRoleNames, rs);
|
|
127
|
+
getRoleFor(enableRGRoles, RGRoleNames, rs);
|
|
128
|
+
getRoleFor(enableVaultRoles, KeyVaultRoleNames, rs);
|
|
129
|
+
getRoleFor(enableAksRoles, AksRoleNames, rs);
|
|
130
|
+
getRoleFor(enableStorageRoles, StorageRoleNames, rs);
|
|
131
|
+
getRoleFor(enableACRRoles, ContainerRegistry, rs);
|
|
132
|
+
getRoleFor(enableAppConfig, AppConfigRoleNames, rs);
|
|
136
133
|
return {
|
|
137
134
|
readOnly: Array.from(rs.readOnly).sort(),
|
|
138
135
|
admin: Array.from(rs.admin).sort(),
|
|
@@ -140,47 +137,50 @@ const getRoleNames = ({ enableRGRoles, enableIotRoles, enableVaultRoles, enableA
|
|
|
140
137
|
};
|
|
141
138
|
};
|
|
142
139
|
exports.getRoleNames = getRoleNames;
|
|
143
|
-
const grantEnvRolesAccess = ({ name, envRoles, ...others }) => {
|
|
140
|
+
const grantEnvRolesAccess = ({ name, envRoles, scope, dependsOn, ...others }) => {
|
|
144
141
|
const roles = (0, exports.getRoleNames)(others);
|
|
145
142
|
if (envRoles.readOnly.objectId) {
|
|
146
143
|
//ReadOnly
|
|
147
144
|
roles.readOnly.forEach((r) => {
|
|
148
|
-
const n = `${name}-readonly-${(0,
|
|
145
|
+
const n = `${name}-readonly-${(0, Common_1.replaceAll)(r, ' ', '')}`;
|
|
149
146
|
(0, RoleAssignment_1.roleAssignment)({
|
|
150
147
|
name: n,
|
|
151
148
|
principalId: envRoles.readOnly.objectId,
|
|
152
149
|
principalType: 'Group',
|
|
153
150
|
roleName: r,
|
|
154
|
-
|
|
151
|
+
scope,
|
|
152
|
+
dependsOn,
|
|
155
153
|
});
|
|
156
154
|
});
|
|
157
155
|
}
|
|
158
156
|
if (envRoles.contributor.objectId) {
|
|
159
157
|
//Contributors
|
|
160
158
|
roles.contributor.forEach((r) => {
|
|
161
|
-
const n = `${name}-contributor-${(0,
|
|
159
|
+
const n = `${name}-contributor-${(0, Common_1.replaceAll)(r, ' ', '')}`;
|
|
162
160
|
(0, RoleAssignment_1.roleAssignment)({
|
|
163
161
|
name: n,
|
|
164
162
|
principalId: envRoles.contributor.objectId,
|
|
165
163
|
principalType: 'Group',
|
|
166
164
|
roleName: r,
|
|
167
|
-
|
|
165
|
+
scope,
|
|
166
|
+
dependsOn,
|
|
168
167
|
});
|
|
169
168
|
});
|
|
170
169
|
}
|
|
171
170
|
if (envRoles.admin.objectId) {
|
|
172
171
|
//Admin
|
|
173
172
|
roles.admin.forEach((r) => {
|
|
174
|
-
const n = `${name}-admin-${(0,
|
|
173
|
+
const n = `${name}-admin-${(0, Common_1.replaceAll)(r, ' ', '')}`;
|
|
175
174
|
(0, RoleAssignment_1.roleAssignment)({
|
|
176
175
|
name: n,
|
|
177
176
|
principalId: envRoles.admin.objectId,
|
|
178
177
|
principalType: 'Group',
|
|
179
178
|
roleName: r,
|
|
180
|
-
|
|
179
|
+
scope,
|
|
180
|
+
dependsOn,
|
|
181
181
|
});
|
|
182
182
|
});
|
|
183
183
|
}
|
|
184
184
|
};
|
|
185
185
|
exports.grantEnvRolesAccess = grantEnvRolesAccess;
|
|
186
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
186
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiRW52Um9sZXMuQ29uc3RzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL0F6QWQvRW52Um9sZXMuQ29uc3RzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUVBLHFEQUF1RTtBQUN2RSxzQ0FBdUM7QUFFdkMscUJBQXFCO0FBQ3JCLE1BQU0sV0FBVyxHQUFzQztJQUNyRCxRQUFRLEVBQUUsQ0FBQyxRQUFRLENBQUM7SUFDcEIsV0FBVyxFQUFFLENBQUMsYUFBYSxDQUFDO0lBQzVCLEtBQUssRUFBRSxDQUFDLE9BQU8sQ0FBQztDQUNqQixDQUFDO0FBRUYsV0FBVztBQUNYLE1BQU0sWUFBWSxHQUFzQztJQUN0RCxRQUFRLEVBQUU7UUFDUixzQ0FBc0M7UUFDdEMsNENBQTRDO0tBQzdDO0lBQ0QsV0FBVyxFQUFFO1FBQ1gsc0NBQXNDO1FBQ3RDLDRDQUE0QztLQUM3QztJQUNELEtBQUssRUFBRTtRQUNMLDZDQUE2QztRQUM3Qyw2Q0FBNkM7S0FDOUM7Q0FDRixDQUFDO0FBRUYsV0FBVztBQUNYLE1BQU0sZUFBZSxHQUFzQztJQUN6RCxRQUFRLEVBQUUsQ0FBQyxxQkFBcUIsQ0FBQztJQUNqQyxXQUFXLEVBQUUsQ0FBQywwQkFBMEIsQ0FBQztJQUN6QyxLQUFLLEVBQUUsQ0FBQyw4QkFBOEIsRUFBRSwwQkFBMEIsQ0FBQztDQUNwRSxDQUFDO0FBRUYsaUJBQWlCO0FBQ2pCLE1BQU0saUJBQWlCLEdBQXNDO0lBQzNELFFBQVEsRUFBRTtRQUNSLDBDQUEwQztRQUMxQyx1Q0FBdUM7UUFDdkMsd0JBQXdCO1FBQ3hCLHVCQUF1QjtRQUN2Qiw0QkFBNEI7UUFDNUIsa0JBQWtCO0tBQ25CO0lBQ0QsV0FBVyxFQUFFO1FBQ1gsZ0NBQWdDO1FBQ2hDLDBCQUEwQjtRQUMxQiwyQkFBMkI7UUFDM0IsdUJBQXVCO0tBQ3hCO0lBQ0QsS0FBSyxFQUFFLENBQUMseUJBQXlCLEVBQUUscUNBQXFDLENBQUM7Q0FDMUUsQ0FBQztBQUVGLGVBQWU7QUFDZixNQUFNLGdCQUFnQixHQUFzQztJQUMxRCxRQUFRLEVBQUU7UUFDUiwwQkFBMEI7UUFDMUIsb0NBQW9DO1FBQ3BDLDJCQUEyQjtRQUMzQiwyQkFBMkI7S0FDNUI7SUFDRCxXQUFXLEVBQUU7UUFDWCxvQ0FBb0M7UUFDcEMsNkJBQTZCO1FBQzdCLG1EQUFtRDtRQUNuRCwrQkFBK0I7UUFDL0IscUNBQXFDO1FBQ3JDLHlDQUF5QztRQUN6QyxrREFBa0Q7UUFDbEQsZ0NBQWdDO1FBQ2hDLHNDQUFzQztRQUN0QyxtQ0FBbUM7UUFDbkMsZ0NBQWdDO0tBQ2pDO0lBQ0QsS0FBSyxFQUFFO1FBQ0wsMkNBQTJDO1FBQzNDLHlCQUF5QjtRQUN6QiwwQ0FBMEM7S0FDM0M7Q0FDRixDQUFDO0FBRUYsMEJBQTBCO0FBQzFCLE1BQU0saUJBQWlCLEdBQXNDO0lBQzNELFFBQVEsRUFBRTtRQUNSLDZCQUE2QjtRQUM3Qix1QkFBdUI7UUFDdkIscUJBQXFCO0tBQ3RCO0lBQ0QsV0FBVyxFQUFFO1FBQ1gsZ0JBQWdCO1FBQ2hCLFNBQVM7UUFDVCxTQUFTO1FBQ1QsK0JBQStCO1FBQy9CLDBCQUEwQjtRQUMxQix3QkFBd0I7S0FDekI7SUFDRCxLQUFLLEVBQUUsQ0FBQyxXQUFXLENBQUM7Q0FDckIsQ0FBQztBQUVGLGlCQUFpQjtBQUNqQixNQUFNLGtCQUFrQixHQUFzQztJQUM1RCxRQUFRLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQztJQUMzQyxXQUFXLEVBQUUsQ0FBQyw4QkFBOEIsQ0FBQztJQUM3QyxLQUFLLEVBQUUsRUFBRTtDQUNWLENBQUM7QUFpQkYsTUFBTSxVQUFVLEdBQUcsQ0FDakIsUUFBb0MsRUFDcEMsY0FBaUQsRUFDakQsT0FBcUIsRUFDckIsRUFBRTtJQUNGLElBQUksQ0FBQyxRQUFRO1FBQUUsT0FBTyxPQUFPLENBQUM7SUFFOUIsTUFBTSxNQUFNLEdBQUc7UUFDYixRQUFRLEVBQUUsT0FBTyxRQUFRLEtBQUssU0FBUyxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxRQUFRO1FBQ3RFLFdBQVcsRUFDVCxPQUFPLFFBQVEsS0FBSyxTQUFTLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsUUFBUSxDQUFDLFdBQVc7UUFDakUsS0FBSyxFQUFFLE9BQU8sUUFBUSxLQUFLLFNBQVMsQ0FBQyxDQUFDLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUMsS0FBSztLQUNqRSxDQUFDO0lBRUYsSUFBSSxNQUFNLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDcEIsY0FBYyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDbEUsQ0FBQztJQUNELElBQUksTUFBTSxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ3ZCLGNBQWMsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ3hFLENBQUM7SUFDRCxJQUFJLE1BQU0sQ0FBQyxLQUFLLEVBQUUsQ0FBQztRQUNqQixjQUFjLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUM1RCxDQUFDO0lBRUQsT0FBTyxPQUFPLENBQUM7QUFDakIsQ0FBQyxDQUFDO0FBRUssTUFBTSxZQUFZLEdBQUcsQ0FBQyxFQUMzQixhQUFhLEVBQ2IsY0FBYyxFQUNkLGdCQUFnQixFQUNoQixjQUFjLEVBQ2Qsa0JBQWtCLEVBQ2xCLGNBQWMsRUFDZCxlQUFlLEdBQ0MsRUFBcUMsRUFBRTtJQUN2RCxNQUFNLEVBQUUsR0FBaUI7UUFDdkIsUUFBUSxFQUFFLElBQUksR0FBRyxFQUFVO1FBQzNCLEtBQUssRUFBRSxJQUFJLEdBQUcsRUFBVTtRQUN4QixXQUFXLEVBQUUsSUFBSSxHQUFHLEVBQVU7S0FDL0IsQ0FBQztJQUVGLFVBQVUsQ0FBQyxjQUFjLEVBQUUsZUFBZSxFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBQ2hELFVBQVUsQ0FBQyxhQUFhLEVBQUUsV0FBVyxFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBQzNDLFVBQVUsQ0FBQyxnQkFBZ0IsRUFBRSxpQkFBaUIsRUFBRSxFQUFFLENBQUMsQ0FBQztJQUNwRCxVQUFVLENBQUMsY0FBYyxFQUFFLFlBQVksRUFBRSxFQUFFLENBQUMsQ0FBQztJQUM3QyxVQUFVLENBQUMsa0JBQWtCLEVBQUUsZ0JBQWdCLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDckQsVUFBVSxDQUFDLGNBQWMsRUFBRSxpQkFBaUIsRUFBRSxFQUFFLENBQUMsQ0FBQztJQUNsRCxVQUFVLENBQUMsZUFBZSxFQUFFLGtCQUFrQixFQUFFLEVBQUUsQ0FBQyxDQUFDO0lBRXBELE9BQU87UUFDTCxRQUFRLEVBQUUsS0FBSyxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsUUFBUSxDQUFDLENBQUMsSUFBSSxFQUFFO1FBQ3hDLEtBQUssRUFBRSxLQUFLLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxJQUFJLEVBQUU7UUFDbEMsV0FBVyxFQUFFLEtBQUssQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLFdBQVcsQ0FBQyxDQUFDLElBQUksRUFBRTtLQUMvQyxDQUFDO0FBQ0osQ0FBQyxDQUFDO0FBNUJXLFFBQUEsWUFBWSxnQkE0QnZCO0FBRUssTUFBTSxtQkFBbUIsR0FBRyxDQUFDLEVBQ2xDLElBQUksRUFDSixRQUFRLEVBQ1IsS0FBSyxFQUNMLFNBQVMsRUFDVCxHQUFHLE1BQU0sRUFJUixFQUFFLEVBQUU7SUFDTCxNQUFNLEtBQUssR0FBRyxJQUFBLG9CQUFZLEVBQUMsTUFBTSxDQUFDLENBQUM7SUFFbkMsSUFBSSxRQUFRLENBQUMsUUFBUSxDQUFDLFFBQVEsRUFBRSxDQUFDO1FBQy9CLFVBQVU7UUFDVixLQUFLLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFO1lBQzNCLE1BQU0sQ0FBQyxHQUFHLEdBQUcsSUFBSSxhQUFhLElBQUEsbUJBQVUsRUFBQyxDQUFDLEVBQUUsR0FBRyxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUM7WUFDdkQsSUFBQSwrQkFBYyxFQUFDO2dCQUNiLElBQUksRUFBRSxDQUFDO2dCQUNQLFdBQVcsRUFBRSxRQUFRLENBQUMsUUFBUSxDQUFDLFFBQVE7Z0JBQ3ZDLGFBQWEsRUFBRSxPQUFPO2dCQUN0QixRQUFRLEVBQUUsQ0FBQztnQkFDWCxLQUFLO2dCQUNMLFNBQVM7YUFDVixDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxJQUFJLFFBQVEsQ0FBQyxXQUFXLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDbEMsY0FBYztRQUNkLEtBQUssQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7WUFDOUIsTUFBTSxDQUFDLEdBQUcsR0FBRyxJQUFJLGdCQUFnQixJQUFBLG1CQUFVLEVBQUMsQ0FBQyxFQUFFLEdBQUcsRUFBRSxFQUFFLENBQUMsRUFBRSxDQUFDO1lBQzFELElBQUEsK0JBQWMsRUFBQztnQkFDYixJQUFJLEVBQUUsQ0FBQztnQkFDUCxXQUFXLEVBQUUsUUFBUSxDQUFDLFdBQVcsQ0FBQyxRQUFRO2dCQUMxQyxhQUFhLEVBQUUsT0FBTztnQkFDdEIsUUFBUSxFQUFFLENBQUM7Z0JBQ1gsS0FBSztnQkFDTCxTQUFTO2FBQ1YsQ0FBQyxDQUFDO1FBQ0wsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsSUFBSSxRQUFRLENBQUMsS0FBSyxDQUFDLFFBQVEsRUFBRSxDQUFDO1FBQzVCLE9BQU87UUFDUCxLQUFLLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFO1lBQ3hCLE1BQU0sQ0FBQyxHQUFHLEdBQUcsSUFBSSxVQUFVLElBQUEsbUJBQVUsRUFBQyxDQUFDLEVBQUUsR0FBRyxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUM7WUFDcEQsSUFBQSwrQkFBYyxFQUFDO2dCQUNiLElBQUksRUFBRSxDQUFDO2dCQUNQLFdBQVcsRUFBRSxRQUFRLENBQUMsS0FBSyxDQUFDLFFBQVE7Z0JBQ3BDLGFBQWEsRUFBRSxPQUFPO2dCQUN0QixRQUFRLEVBQUUsQ0FBQztnQkFDWCxLQUFLO2dCQUNMLFNBQVM7YUFDVixDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7QUFDSCxDQUFDLENBQUM7QUF4RFcsUUFBQSxtQkFBbUIsdUJBd0Q5QiJ9
|
package/AzAd/EnvRoles.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import { KeyVaultInfo } from
|
|
2
|
-
import { Output } from
|
|
3
|
-
export type EnvRoleKeyTypes =
|
|
1
|
+
import { KeyVaultInfo } from '../types';
|
|
2
|
+
import { Output } from '@pulumi/pulumi';
|
|
3
|
+
export type EnvRoleKeyTypes = 'readOnly' | 'contributor' | 'admin';
|
|
4
4
|
type EnvRoleInfoType = {
|
|
5
5
|
objectId: string;
|
|
6
6
|
displayName: string;
|
package/AzAd/EnvRoles.js
CHANGED
|
@@ -6,26 +6,26 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
6
6
|
exports.getEnvRolesOutput = exports.getEnvRole = exports.createEnvRoles = void 0;
|
|
7
7
|
const Role_1 = __importDefault(require("./Role"));
|
|
8
8
|
const pulumi_1 = require("@pulumi/pulumi");
|
|
9
|
-
const
|
|
9
|
+
const Common_1 = require("../Common");
|
|
10
10
|
const CustomHelper_1 = require("../KeyVault/CustomHelper");
|
|
11
11
|
const Helper_1 = require("../KeyVault/Helper");
|
|
12
12
|
const envRoleConfig = {
|
|
13
13
|
readOnly: {
|
|
14
|
-
roleName:
|
|
15
|
-
appName:
|
|
14
|
+
roleName: 'Readonly',
|
|
15
|
+
appName: 'Azure',
|
|
16
16
|
},
|
|
17
17
|
contributor: {
|
|
18
|
-
roleName:
|
|
19
|
-
appName:
|
|
18
|
+
roleName: 'Contributor',
|
|
19
|
+
appName: 'Azure',
|
|
20
20
|
},
|
|
21
21
|
admin: {
|
|
22
|
-
roleName:
|
|
23
|
-
appName:
|
|
22
|
+
roleName: 'Admin',
|
|
23
|
+
appName: 'Azure',
|
|
24
24
|
},
|
|
25
25
|
};
|
|
26
26
|
const getRoleSecretName = (name) => ({
|
|
27
|
-
objectIdName: (0,
|
|
28
|
-
displayName: (0,
|
|
27
|
+
objectIdName: (0, Common_1.getSecretName)(`envRoles-${name}-object-id`),
|
|
28
|
+
displayName: (0, Common_1.getSecretName)(`envRoles-${name}-display-name`),
|
|
29
29
|
});
|
|
30
30
|
const createEnvRoles = () => {
|
|
31
31
|
const groups = {};
|
|
@@ -85,4 +85,4 @@ const getEnvRolesOutput = (vaultInfo) => {
|
|
|
85
85
|
return rs;
|
|
86
86
|
};
|
|
87
87
|
exports.getEnvRolesOutput = getEnvRolesOutput;
|
|
88
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
88
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiRW52Um9sZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvQXpBZC9FbnZSb2xlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7QUFBQSxrREFBeUM7QUFFekMsMkNBQWdEO0FBQ2hELHNDQUEwQztBQUMxQywyREFBMkQ7QUFDM0QsK0NBQStDO0FBSS9DLE1BQU0sYUFBYSxHQUF1QztJQUN4RCxRQUFRLEVBQUU7UUFDUixRQUFRLEVBQUUsVUFBVTtRQUNwQixPQUFPLEVBQUUsT0FBTztLQUNqQjtJQUNELFdBQVcsRUFBRTtRQUNYLFFBQVEsRUFBRSxhQUFhO1FBQ3ZCLE9BQU8sRUFBRSxPQUFPO0tBQ2pCO0lBQ0QsS0FBSyxFQUFFO1FBQ0wsUUFBUSxFQUFFLE9BQU87UUFDakIsT0FBTyxFQUFFLE9BQU87S0FDakI7Q0FDRixDQUFDO0FBUUYsTUFBTSxpQkFBaUIsR0FBRyxDQUFDLElBQVksRUFBRSxFQUFFLENBQUMsQ0FBQztJQUMzQyxZQUFZLEVBQUUsSUFBQSxzQkFBYSxFQUFDLFlBQVksSUFBSSxZQUFZLENBQUM7SUFDekQsV0FBVyxFQUFFLElBQUEsc0JBQWEsRUFBQyxZQUFZLElBQUksZUFBZSxDQUFDO0NBQzVELENBQUMsQ0FBQztBQVNJLE1BQU0sY0FBYyxHQUFHLEdBQUcsRUFBRTtJQUNqQyxNQUFNLE1BQU0sR0FBNEMsRUFBRSxDQUFDO0lBRTNELE1BQU0sQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUU7UUFDekMsTUFBTSxNQUFNLEdBQUcsYUFBYSxDQUFDLEdBQXNCLENBQUMsQ0FBQztRQUNyRCxNQUFNLENBQUMsR0FBRyxJQUFBLGNBQUksRUFBQyxNQUFNLENBQUMsQ0FBQztRQUV2QixNQUFNLENBQUMsR0FBRyxDQUFDLEdBQUcsSUFBQSxlQUFNLEVBQUMsQ0FBQyxDQUFDLENBQUMsUUFBUSxFQUFFLENBQUMsQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1lBQ25FLFFBQVEsRUFBRSxDQUFDO1lBQ1gsV0FBVyxFQUFFLENBQUM7U0FDZixDQUFDLENBQUMsQ0FBQztJQUNOLENBQUMsQ0FBQyxDQUFDO0lBRUgsTUFBTSxlQUFlLEdBQUcsQ0FBQyxTQUF1QixFQUFFLEVBQUU7UUFDbEQsTUFBTSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRTtZQUNsQyxNQUFNLElBQUksR0FBRyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDekIsa0JBQWtCO1lBQ2xCLE1BQU0sV0FBVyxHQUFHLGlCQUFpQixDQUFDLEdBQUcsQ0FBQyxDQUFDO1lBQzNDLElBQUEsOEJBQWUsRUFBQztnQkFDZCxJQUFJLEVBQUUsV0FBVyxDQUFDLFlBQVk7Z0JBQzlCLEtBQUssRUFBRSxJQUFJLENBQUMsUUFBUTtnQkFDcEIsV0FBVyxFQUFFLFdBQVcsQ0FBQyxZQUFZO2dCQUNyQyxTQUFTO2FBQ1YsQ0FBQyxDQUFDO1lBQ0gsSUFBQSw4QkFBZSxFQUFDO2dCQUNkLElBQUksRUFBRSxXQUFXLENBQUMsV0FBVztnQkFDN0IsS0FBSyxFQUFFLElBQUksQ0FBQyxXQUFXO2dCQUN2QixXQUFXLEVBQUUsV0FBVyxDQUFDLFdBQVc7Z0JBQ3BDLFNBQVM7YUFDVixDQUFDLENBQUM7UUFDTCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUMsQ0FBQztJQUVGLE9BQU87UUFDTCxHQUFHLE1BQU07UUFDVCxlQUFlO0tBQ00sQ0FBQztBQUMxQixDQUFDLENBQUM7QUFyQ1csUUFBQSxjQUFjLGtCQXFDekI7QUFFRixpQ0FBaUM7QUFDMUIsTUFBTSxVQUFVLEdBQUcsS0FBSyxFQUFFLElBQVksRUFBRSxTQUF1QixFQUFFLEVBQUU7SUFDeEUsTUFBTSxXQUFXLEdBQUcsaUJBQWlCLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDNUMsMENBQTBDO0lBRTFDLE1BQU0sQ0FBQyxRQUFRLEVBQUUsV0FBVyxDQUFDLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDO1FBQ2hELElBQUEsa0JBQVMsRUFBQyxFQUFFLElBQUksRUFBRSxXQUFXLENBQUMsWUFBWSxFQUFFLFNBQVMsRUFBRSxDQUFDO1FBQ3hELElBQUEsa0JBQVMsRUFBQyxFQUFFLElBQUksRUFBRSxXQUFXLENBQUMsV0FBVyxFQUFFLFNBQVMsRUFBRSxDQUFDO0tBQ3hELENBQUMsQ0FBQztJQUVILE9BQU87UUFDTCxXQUFXLEVBQUUsV0FBVyxFQUFFLEtBQU07UUFDaEMsUUFBUSxFQUFFLFFBQVEsRUFBRSxLQUFNO0tBQzNCLENBQUM7QUFDSixDQUFDLENBQUM7QUFiVyxRQUFBLFVBQVUsY0FhckI7QUFFRiwrQkFBK0I7QUFDeEIsTUFBTSxpQkFBaUIsR0FBRyxDQUFDLFNBQXVCLEVBQUUsRUFBRTtJQUMzRCxNQUFNLEVBQUUsR0FBNEMsRUFBRSxDQUFDO0lBRXZELE1BQU0sQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUU7UUFDekMsRUFBRSxDQUFDLEdBQUcsQ0FBQyxHQUFHLElBQUEsZUFBTSxFQUFDLElBQUEsa0JBQVUsRUFBQyxHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztJQUMvQyxDQUFDLENBQUMsQ0FBQztJQUVILE9BQU8sRUFBcUIsQ0FBQztBQUMvQixDQUFDLENBQUM7QUFSVyxRQUFBLGlCQUFpQixxQkFRNUIifQ==
|
package/AzAd/Group.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import * as azuread from
|
|
2
|
-
import { Input, Output } from
|
|
1
|
+
import * as azuread from '@pulumi/azuread';
|
|
2
|
+
import { Input, Output } from '@pulumi/pulumi';
|
|
3
3
|
export interface GroupPermissionProps {
|
|
4
4
|
/** The name of the roles would like to assign to this group*/
|
|
5
5
|
roleName: string;
|
package/AzAd/Group.js
CHANGED
|
@@ -26,9 +26,9 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
26
26
|
exports.assignRolesToGroup = exports.addGroupToGroup = exports.addMemberToGroup = exports.getAdGroup = void 0;
|
|
27
27
|
const azuread = __importStar(require("@pulumi/azuread"));
|
|
28
28
|
const pulumi_1 = require("@pulumi/pulumi");
|
|
29
|
-
const
|
|
29
|
+
const Common_1 = require("../Common");
|
|
30
30
|
const RoleAssignment_1 = require("./RoleAssignment");
|
|
31
|
-
const
|
|
31
|
+
const Common_2 = require("../Common");
|
|
32
32
|
exports.default = async ({ name, permissions, members, owners }) => {
|
|
33
33
|
const group = new azuread.Group(name, {
|
|
34
34
|
displayName: name,
|
|
@@ -49,27 +49,27 @@ exports.default = async ({ name, permissions, members, owners }) => {
|
|
|
49
49
|
await Promise.all(permissions.map((p) => (0, RoleAssignment_1.roleAssignment)({
|
|
50
50
|
name,
|
|
51
51
|
principalId: group.objectId,
|
|
52
|
-
principalType:
|
|
52
|
+
principalType: 'Group',
|
|
53
53
|
roleName: p.roleName,
|
|
54
|
-
scope: p.scope ||
|
|
54
|
+
scope: p.scope || Common_1.defaultSubScope,
|
|
55
55
|
})));
|
|
56
56
|
}
|
|
57
57
|
return group;
|
|
58
58
|
};
|
|
59
59
|
const getAdGroup = (displayName) => {
|
|
60
|
-
if (
|
|
60
|
+
if (Common_2.isDryRun)
|
|
61
61
|
return (0, pulumi_1.output)({
|
|
62
62
|
displayName,
|
|
63
|
-
objectId:
|
|
63
|
+
objectId: '00000000-0000-0000-0000-000000000000',
|
|
64
64
|
});
|
|
65
65
|
return (0, pulumi_1.output)(azuread.getGroup({ displayName }));
|
|
66
66
|
};
|
|
67
67
|
exports.getAdGroup = getAdGroup;
|
|
68
68
|
const addMemberToGroup = ({ name, userName, objectId, groupObjectId, }) => {
|
|
69
|
-
if (userName && !userName.includes(
|
|
70
|
-
throw new Error(
|
|
69
|
+
if (userName && !userName.includes('@'))
|
|
70
|
+
throw new Error('UserName must include suffix @domain.name');
|
|
71
71
|
else if (!objectId)
|
|
72
|
-
throw new Error(
|
|
72
|
+
throw new Error('Either UserName or ObjectId must be defined.');
|
|
73
73
|
const user = userName
|
|
74
74
|
? (0, pulumi_1.output)(azuread.getUser({ userPrincipalName: userName }))
|
|
75
75
|
: { objectId: objectId };
|
|
@@ -92,10 +92,10 @@ const assignRolesToGroup = ({ roles, groupName, scope, }) => (0, pulumi_1.output
|
|
|
92
92
|
return await Promise.all(roles.map((p) => (0, RoleAssignment_1.roleAssignment)({
|
|
93
93
|
name: groupName,
|
|
94
94
|
principalId: group.objectId,
|
|
95
|
-
principalType:
|
|
95
|
+
principalType: 'Group',
|
|
96
96
|
roleName: p,
|
|
97
|
-
scope: scope ??
|
|
97
|
+
scope: scope ?? Common_1.defaultSubScope,
|
|
98
98
|
})));
|
|
99
99
|
});
|
|
100
100
|
exports.assignRolesToGroup = assignRolesToGroup;
|
|
101
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
101
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiR3JvdXAuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvQXpBZC9Hcm91cC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHlEQUEyQztBQUMzQywyQ0FBdUQ7QUFDdkQsc0NBQTRDO0FBQzVDLHFEQUFrRDtBQUNsRCxzQ0FBcUM7QUFrQnJDLGtCQUFlLEtBQUssRUFBRSxFQUFFLElBQUksRUFBRSxXQUFXLEVBQUUsT0FBTyxFQUFFLE1BQU0sRUFBZ0IsRUFBRSxFQUFFO0lBQzVFLE1BQU0sS0FBSyxHQUFHLElBQUksT0FBTyxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUU7UUFDcEMsV0FBVyxFQUFFLElBQUk7UUFDakIsc0JBQXNCLEVBQUUsS0FBSztRQUM3Qiw2QkFBNkI7UUFDN0IsK0JBQStCO1FBQy9CLFdBQVcsRUFBRSxLQUFLO1FBQ2xCLGVBQWUsRUFBRSxJQUFJO1FBQ3JCLE1BQU07S0FDUCxDQUFDLENBQUM7SUFFSCxJQUFJLE9BQU8sRUFBRSxDQUFDO1FBQ1osT0FBTyxDQUFDLEdBQUcsQ0FDVCxDQUFDLENBQUMsRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUNQLElBQUksT0FBTyxDQUFDLFdBQVcsQ0FBQyxHQUFHLElBQUksV0FBVyxDQUFDLEVBQUUsRUFBRTtZQUM3QyxhQUFhLEVBQUUsS0FBSyxDQUFDLEVBQUU7WUFDdkIsY0FBYyxFQUFFLENBQUM7U0FDbEIsQ0FBQyxDQUNMLENBQUM7SUFDSixDQUFDO0lBRUQsSUFBSSxXQUFXLEVBQUUsQ0FBQztRQUNoQixNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQ2YsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQ3BCLElBQUEsK0JBQWMsRUFBQztZQUNiLElBQUk7WUFDSixXQUFXLEVBQUUsS0FBSyxDQUFDLFFBQVE7WUFDM0IsYUFBYSxFQUFFLE9BQU87WUFDdEIsUUFBUSxFQUFFLENBQUMsQ0FBQyxRQUFRO1lBQ3BCLEtBQUssRUFBRSxDQUFDLENBQUMsS0FBSyxJQUFJLHdCQUFlO1NBQ2xDLENBQUMsQ0FDSCxDQUNGLENBQUM7SUFDSixDQUFDO0lBRUQsT0FBTyxLQUFLLENBQUM7QUFDZixDQUFDLENBQUM7QUFFSyxNQUFNLFVBQVUsR0FBRyxDQUFDLFdBQW1CLEVBQUUsRUFBRTtJQUNoRCxJQUFJLGlCQUFRO1FBQ1YsT0FBTyxJQUFBLGVBQU0sRUFBQztZQUNaLFdBQVc7WUFDWCxRQUFRLEVBQUUsc0NBQXNDO1NBQy9CLENBQUMsQ0FBQztJQUN2QixPQUFPLElBQUEsZUFBTSxFQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsRUFBRSxXQUFXLEVBQUUsQ0FBQyxDQUFDLENBQUM7QUFDbkQsQ0FBQyxDQUFDO0FBUFcsUUFBQSxVQUFVLGNBT3JCO0FBRUssTUFBTSxnQkFBZ0IsR0FBRyxDQUFDLEVBQy9CLElBQUksRUFDSixRQUFRLEVBQ1IsUUFBUSxFQUNSLGFBQWEsR0FNZCxFQUFFLEVBQUU7SUFDSCxJQUFJLFFBQVEsSUFBSSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDO1FBQ3JDLE1BQU0sSUFBSSxLQUFLLENBQUMsMkNBQTJDLENBQUMsQ0FBQztTQUMxRCxJQUFJLENBQUMsUUFBUTtRQUNoQixNQUFNLElBQUksS0FBSyxDQUFDLDhDQUE4QyxDQUFDLENBQUM7SUFFbEUsTUFBTSxJQUFJLEdBQUcsUUFBUTtRQUNuQixDQUFDLENBQUMsSUFBQSxlQUFNLEVBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxFQUFFLGlCQUFpQixFQUFFLFFBQVEsRUFBRSxDQUFDLENBQUM7UUFDMUQsQ0FBQyxDQUFDLEVBQUUsUUFBUSxFQUFFLFFBQVEsRUFBRSxDQUFDO0lBRTNCLE9BQU8sSUFBSSxPQUFPLENBQUMsV0FBVyxDQUFDLElBQUksRUFBRTtRQUNuQyxhQUFhO1FBQ2IsY0FBYyxFQUFFLElBQUksQ0FBQyxRQUFRO0tBQzlCLENBQUMsQ0FBQztBQUNMLENBQUMsQ0FBQztBQXhCVyxRQUFBLGdCQUFnQixvQkF3QjNCO0FBRUssTUFBTSxlQUFlLEdBQUcsQ0FDN0IsZUFBdUIsRUFDdkIsYUFBNkIsRUFDN0IsRUFBRTtJQUNGLE1BQU0sS0FBSyxHQUFHLElBQUEsa0JBQVUsRUFBQyxlQUFlLENBQUMsQ0FBQztJQUUxQyxPQUFPLGFBQWEsQ0FBQyxLQUFLLENBQ3hCLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FDSixJQUFJLE9BQU8sQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLElBQUksZUFBZSxFQUFFLEVBQUU7UUFDakQsYUFBYSxFQUFFLENBQUM7UUFDaEIsY0FBYyxFQUFFLEtBQUssQ0FBQyxRQUFRO0tBQy9CLENBQUMsQ0FDTCxDQUFDO0FBQ0osQ0FBQyxDQUFDO0FBYlcsUUFBQSxlQUFlLG1CQWExQjtBQUVLLE1BQU0sa0JBQWtCLEdBQUcsQ0FBQyxFQUNqQyxLQUFLLEVBQ0wsU0FBUyxFQUNULEtBQUssR0FLTixFQUFFLEVBQUUsQ0FDSCxJQUFBLGVBQU0sRUFBQyxLQUFLLElBQUksRUFBRTtJQUNoQixNQUFNLEtBQUssR0FBRyxJQUFBLGtCQUFVLEVBQUMsU0FBUyxDQUFDLENBQUM7SUFDcEMsT0FBTyxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQ3RCLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUNkLElBQUEsK0JBQWMsRUFBQztRQUNiLElBQUksRUFBRSxTQUFTO1FBQ2YsV0FBVyxFQUFFLEtBQUssQ0FBQyxRQUFRO1FBQzNCLGFBQWEsRUFBRSxPQUFPO1FBQ3RCLFFBQVEsRUFBRSxDQUFDO1FBQ1gsS0FBSyxFQUFFLEtBQUssSUFBSSx3QkFBZTtLQUNoQyxDQUFDLENBQ0gsQ0FDRixDQUFDO0FBQ0osQ0FBQyxDQUFDLENBQUM7QUF0QlEsUUFBQSxrQkFBa0Isc0JBc0IxQiJ9
|
|
@@ -8,7 +8,7 @@ const Identity_1 = __importDefault(require("../Identity"));
|
|
|
8
8
|
const GraphDefinition_1 = require("../GraphDefinition");
|
|
9
9
|
const Helper_1 = require("../Helper");
|
|
10
10
|
const AzureEnv_1 = require("../../Common/AzureEnv");
|
|
11
|
-
exports.defaultAzAdoName =
|
|
11
|
+
exports.defaultAzAdoName = 'azure-devops';
|
|
12
12
|
/** Get Global ADO Identity */
|
|
13
13
|
const getAdoIdentityInfo = (vaultInfo) => (0, Helper_1.getIdentityInfoOutput)({
|
|
14
14
|
name: exports.defaultAzAdoName,
|
|
@@ -17,19 +17,22 @@ const getAdoIdentityInfo = (vaultInfo) => (0, Helper_1.getIdentityInfoOutput)({
|
|
|
17
17
|
});
|
|
18
18
|
exports.getAdoIdentityInfo = getAdoIdentityInfo;
|
|
19
19
|
/** Create Global ADO Identity */
|
|
20
|
-
exports.default = ({ name = exports.defaultAzAdoName, vaultInfo, additionRoles = [
|
|
21
|
-
const graphAccess = (0, GraphDefinition_1.getGraphPermissions)({ name:
|
|
20
|
+
exports.default = ({ name = exports.defaultAzAdoName, vaultInfo, additionRoles = ['Owner'], ...others }) => {
|
|
21
|
+
const graphAccess = (0, GraphDefinition_1.getGraphPermissions)({ name: 'User.Read', type: 'Scope' });
|
|
22
22
|
const ado = (0, Identity_1.default)({
|
|
23
23
|
name,
|
|
24
|
-
appType:
|
|
24
|
+
appType: 'web',
|
|
25
25
|
createClientSecret: true,
|
|
26
26
|
createPrincipal: true,
|
|
27
27
|
requiredResourceAccesses: [graphAccess],
|
|
28
|
-
roles: additionRoles.map((role) => ({
|
|
28
|
+
roles: additionRoles.map((role) => ({
|
|
29
|
+
name: role,
|
|
30
|
+
scope: AzureEnv_1.defaultSubScope,
|
|
31
|
+
})),
|
|
29
32
|
vaultInfo,
|
|
30
33
|
...others,
|
|
31
34
|
});
|
|
32
35
|
console.log(`Add this principal ${name} to [User administrator, Application administrator, Cloud application administrator and Global Reader] of Azure AD to allow to Add/Update and Delete Groups, Users`);
|
|
33
36
|
return ado;
|
|
34
37
|
};
|
|
35
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
38
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXpEZXZPcHNJZGVudGl0eS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9BekFkL0lkZW50aXRpZXMvQXpEZXZPcHNJZGVudGl0eS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7QUFDQSwyREFBbUM7QUFDbkMsd0RBQXlEO0FBQ3pELHNDQUFrRDtBQUNsRCxvREFBd0Q7QUFFM0MsUUFBQSxnQkFBZ0IsR0FBRyxjQUFjLENBQUM7QUFRL0MsK0JBQStCO0FBQ3hCLE1BQU0sa0JBQWtCLEdBQUcsQ0FBQyxTQUF1QixFQUFFLEVBQUUsQ0FDNUQsSUFBQSw4QkFBcUIsRUFBQztJQUNwQixJQUFJLEVBQUUsd0JBQWdCO0lBQ3RCLFNBQVM7SUFDVCxnQkFBZ0IsRUFBRSxJQUFJO0NBQ3ZCLENBQUMsQ0FBQztBQUxRLFFBQUEsa0JBQWtCLHNCQUsxQjtBQUVMLGlDQUFpQztBQUNqQyxrQkFBZSxDQUFDLEVBQ2QsSUFBSSxHQUFHLHdCQUFnQixFQUN2QixTQUFTLEVBQ1QsYUFBYSxHQUFHLENBQUMsT0FBTyxDQUFDLEVBQ3pCLEdBQUcsTUFBTSxFQUNILEVBQUUsRUFBRTtJQUNWLE1BQU0sV0FBVyxHQUFHLElBQUEscUNBQW1CLEVBQUMsRUFBRSxJQUFJLEVBQUUsV0FBVyxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUUsQ0FBQyxDQUFDO0lBRTlFLE1BQU0sR0FBRyxHQUFHLElBQUEsa0JBQVEsRUFBQztRQUNuQixJQUFJO1FBQ0osT0FBTyxFQUFFLEtBQUs7UUFDZCxrQkFBa0IsRUFBRSxJQUFJO1FBQ3hCLGVBQWUsRUFBRSxJQUFJO1FBQ3JCLHdCQUF3QixFQUFFLENBQUMsV0FBVyxDQUFDO1FBQ3ZDLEtBQUssRUFBRSxhQUFhLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxDQUFDO1lBQ2xDLElBQUksRUFBRSxJQUFJO1lBQ1YsS0FBSyxFQUFFLDBCQUFlO1NBQ3ZCLENBQUMsQ0FBQztRQUNILFNBQVM7UUFDVCxHQUFHLE1BQU07S0FDVixDQUFDLENBQUM7SUFFSCxPQUFPLENBQUMsR0FBRyxDQUNULHNCQUFzQixJQUFJLG9LQUFvSyxDQUMvTCxDQUFDO0lBRUYsT0FBTyxHQUFHLENBQUM7QUFDYixDQUFDLENBQUMifQ==
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { BasicResourceArgs } from
|
|
2
|
-
interface Props extends Omit<BasicResourceArgs,
|
|
1
|
+
import { BasicResourceArgs } from '../../types';
|
|
2
|
+
interface Props extends Omit<BasicResourceArgs, 'name'> {
|
|
3
3
|
name?: string;
|
|
4
4
|
}
|
|
5
5
|
declare const _default: ({ name, ...others }: Props) => import("@pulumi/azure-native/managedidentity/userAssignedIdentity").UserAssignedIdentity;
|
|
@@ -7,11 +7,14 @@ const UserAssignedIdentity_1 = __importDefault(require("../UserAssignedIdentity"
|
|
|
7
7
|
const AzDevOpsIdentity_1 = require("./AzDevOpsIdentity");
|
|
8
8
|
const AzureEnv_1 = require("../../Common/AzureEnv");
|
|
9
9
|
exports.default = ({ name = AzDevOpsIdentity_1.defaultAzAdoName, ...others }) => {
|
|
10
|
-
const additionRoles = [
|
|
10
|
+
const additionRoles = ['Owner'];
|
|
11
11
|
return (0, UserAssignedIdentity_1.default)({
|
|
12
12
|
name,
|
|
13
|
-
roles: additionRoles.map((role) => ({
|
|
13
|
+
roles: additionRoles.map((role) => ({
|
|
14
|
+
name: role,
|
|
15
|
+
scope: AzureEnv_1.defaultSubScope,
|
|
16
|
+
})),
|
|
14
17
|
...others,
|
|
15
18
|
});
|
|
16
19
|
};
|
|
17
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
20
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXpEZXZPcHNNYW5hZ2VkSWRlbnRpdHkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvQXpBZC9JZGVudGl0aWVzL0F6RGV2T3BzTWFuYWdlZElkZW50aXR5LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQ0EsbUZBQTJEO0FBQzNELHlEQUFzRDtBQUN0RCxvREFBd0Q7QUFNeEQsa0JBQWUsQ0FBQyxFQUFFLElBQUksR0FBRyxtQ0FBZ0IsRUFBRSxHQUFHLE1BQU0sRUFBUyxFQUFFLEVBQUU7SUFDL0QsTUFBTSxhQUFhLEdBQUcsQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUVoQyxPQUFPLElBQUEsOEJBQW9CLEVBQUM7UUFDMUIsSUFBSTtRQUNKLEtBQUssRUFBRSxhQUFhLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxDQUFDO1lBQ2xDLElBQUksRUFBRSxJQUFJO1lBQ1YsS0FBSyxFQUFFLDBCQUFlO1NBQ3ZCLENBQUMsQ0FBQztRQUNILEdBQUcsTUFBTTtLQUNWLENBQUMsQ0FBQztBQUNMLENBQUMsQ0FBQyJ9
|
package/AzAd/RoleAssignment.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import * as native from
|
|
2
|
-
import * as pulumi from
|
|
3
|
-
import { Input, Resource } from
|
|
1
|
+
import * as native from '@pulumi/azure-native';
|
|
2
|
+
import * as pulumi from '@pulumi/pulumi';
|
|
3
|
+
import { Input, Resource } from '@pulumi/pulumi';
|
|
4
4
|
type GetRoleProps = {
|
|
5
5
|
roleName: string;
|
|
6
6
|
};
|
package/AzAd/RoleAssignment.js
CHANGED
|
@@ -39,12 +39,12 @@ const getRoleDefinitionByName = ({ roleName }) => {
|
|
|
39
39
|
throw new Error(`The role ${roleName} is not found.`);
|
|
40
40
|
};
|
|
41
41
|
exports.getRoleDefinitionByName = getRoleDefinitionByName;
|
|
42
|
-
const roleAssignment = ({ name, roleName, scope = AzureEnv_1.
|
|
42
|
+
const roleAssignment = ({ name, roleName, scope = AzureEnv_1.defaultSubScope, principalId, principalType, dependsOn, }) => {
|
|
43
43
|
const role = (0, exports.getRoleDefinitionByName)({ roleName });
|
|
44
44
|
return pulumi.output(principalId).apply((id) => {
|
|
45
45
|
if (!id)
|
|
46
46
|
return undefined;
|
|
47
|
-
return new native.authorization.RoleAssignment(`${name}-${roleName.split(
|
|
47
|
+
return new native.authorization.RoleAssignment(`${name}-${roleName.split(' ').join('')}`, {
|
|
48
48
|
principalId,
|
|
49
49
|
principalType,
|
|
50
50
|
roleDefinitionId: role.id,
|
|
@@ -53,4 +53,4 @@ const roleAssignment = ({ name, roleName, scope = AzureEnv_1.defaultScope, princ
|
|
|
53
53
|
});
|
|
54
54
|
};
|
|
55
55
|
exports.roleAssignment = roleAssignment;
|
|
56
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
56
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUm9sZUFzc2lnbm1lbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvQXpBZC9Sb2xlQXNzaWdubWVudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLDZEQUErQztBQUMvQyx1REFBeUM7QUFFekMsaURBQXFEO0FBQ3JELGtFQUEwQztBQU0xQyxtRUFBbUU7QUFDNUQsTUFBTSx1QkFBdUIsR0FBRyxDQUFDLEVBQUUsUUFBUSxFQUFnQixFQUFFLEVBQUU7SUFDcEUsTUFBTSxJQUFJLEdBQUcsc0JBQVksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsUUFBUSxLQUFLLFFBQVEsQ0FBQyxDQUFDO0lBQzFFLElBQUksSUFBSTtRQUFFLE9BQU8sSUFBSSxDQUFDO0lBQ3RCLE1BQU0sSUFBSSxLQUFLLENBQUMsWUFBWSxRQUFRLGdCQUFnQixDQUFDLENBQUM7QUFDeEQsQ0FBQyxDQUFDO0FBSlcsUUFBQSx1QkFBdUIsMkJBSWxDO0FBWUssTUFBTSxjQUFjLEdBQUcsQ0FBQyxFQUM3QixJQUFJLEVBQ0osUUFBUSxFQUNSLEtBQUssR0FBRywwQkFBZSxFQUN2QixXQUFXLEVBQ1gsYUFBYSxFQUNiLFNBQVMsR0FDVyxFQUFFLEVBQUU7SUFDeEIsTUFBTSxJQUFJLEdBQUcsSUFBQSwrQkFBdUIsRUFBQyxFQUFFLFFBQVEsRUFBRSxDQUFDLENBQUM7SUFDbkQsT0FBTyxNQUFNLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFO1FBQzdDLElBQUksQ0FBQyxFQUFFO1lBQUUsT0FBTyxTQUFTLENBQUM7UUFDMUIsT0FBTyxJQUFJLE1BQU0sQ0FBQyxhQUFhLENBQUMsY0FBYyxDQUM1QyxHQUFHLElBQUksSUFBSSxRQUFRLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsRUFBRSxFQUN6QztZQUNFLFdBQVc7WUFDWCxhQUFhO1lBQ2IsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLEVBQUU7WUFDekIsS0FBSztTQUNOLEVBQ0QsRUFBRSxTQUFTLEVBQUUsQ0FDZCxDQUFDO0lBQ0osQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDLENBQUM7QUF0QlcsUUFBQSxjQUFjLGtCQXNCekIifQ==
|
|
@@ -25,23 +25,23 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
25
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
26
|
const AzureEnv_1 = require("../../Common/AzureEnv");
|
|
27
27
|
const authorization = __importStar(require("@pulumi/azure-native/authorization"));
|
|
28
|
-
exports.default = () => new authorization.RoleDefinition(
|
|
29
|
-
roleName:
|
|
30
|
-
description:
|
|
28
|
+
exports.default = () => new authorization.RoleDefinition('Just_In_Time_Request_Role', {
|
|
29
|
+
roleName: 'Just In Time Request Role',
|
|
30
|
+
description: 'Just In Time Request Role',
|
|
31
31
|
permissions: [
|
|
32
32
|
{
|
|
33
33
|
actions: [
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
34
|
+
'Microsoft.Security/locations/jitNetworkAccessPolicies/initiate/action',
|
|
35
|
+
'Microsoft.Security/locations/jitNetworkAccessPolicies/read',
|
|
36
|
+
'Microsoft.Security/policies/read',
|
|
37
|
+
'Microsoft.Compute/virtualMachines/read',
|
|
38
38
|
],
|
|
39
39
|
notActions: [],
|
|
40
40
|
dataActions: [],
|
|
41
41
|
notDataActions: [],
|
|
42
42
|
},
|
|
43
43
|
],
|
|
44
|
-
assignableScopes: [AzureEnv_1.
|
|
45
|
-
scope: AzureEnv_1.
|
|
44
|
+
assignableScopes: [AzureEnv_1.defaultSubScope],
|
|
45
|
+
scope: AzureEnv_1.defaultSubScope,
|
|
46
46
|
});
|
|
47
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
47
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiSnVzdEluVGltZVJlcXVlc3RSb2xlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL0F6QWQvUm9sZURlZmluaXRpb25zL0p1c3RJblRpbWVSZXF1ZXN0Um9sZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsb0RBQXdEO0FBQ3hELGtGQUFvRTtBQUVwRSxrQkFBZSxHQUFHLEVBQUUsQ0FDbEIsSUFBSSxhQUFhLENBQUMsY0FBYyxDQUFDLDJCQUEyQixFQUFFO0lBQzVELFFBQVEsRUFBRSwyQkFBMkI7SUFDckMsV0FBVyxFQUFFLDJCQUEyQjtJQUN4QyxXQUFXLEVBQUU7UUFDWDtZQUNFLE9BQU8sRUFBRTtnQkFDUCx1RUFBdUU7Z0JBQ3ZFLDREQUE0RDtnQkFDNUQsa0NBQWtDO2dCQUNsQyx3Q0FBd0M7YUFDekM7WUFDRCxVQUFVLEVBQUUsRUFBRTtZQUNkLFdBQVcsRUFBRSxFQUFFO1lBQ2YsY0FBYyxFQUFFLEVBQUU7U0FDbkI7S0FDRjtJQUNELGdCQUFnQixFQUFFLENBQUMsMEJBQWUsQ0FBQztJQUNuQyxLQUFLLEVBQUUsMEJBQWU7Q0FDdkIsQ0FBQyxDQUFDIn0=
|
package/Builder/AksBuilder.js
CHANGED
|
@@ -3,6 +3,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
const pulumi_1 = require("@pulumi/pulumi");
|
|
7
|
+
const EnvRoles_Consts_1 = require("../AzAd/EnvRoles.Consts");
|
|
8
|
+
const Common_1 = require("../Common");
|
|
6
9
|
const types_1 = require("./types");
|
|
7
10
|
const KeyGenerators_1 = require("../Core/KeyGenerators");
|
|
8
11
|
const containerservice_1 = require("@pulumi/azure-native/containerservice");
|
|
@@ -96,6 +99,17 @@ class AksBuilder extends types_1.BuilderAsync {
|
|
|
96
99
|
ignoreChanges: this._importProps?.ignoreChanges,
|
|
97
100
|
lock: this._lock,
|
|
98
101
|
});
|
|
102
|
+
//Grant read permission to AKS Node Group
|
|
103
|
+
if (this.commonProps.envRoles &&
|
|
104
|
+
this._askInstance.instance.nodeResourceGroup) {
|
|
105
|
+
(0, EnvRoles_Consts_1.grantEnvRolesAccess)({
|
|
106
|
+
name: `${this._askInstance.name}-node-group`,
|
|
107
|
+
dependsOn: this._askInstance.instance,
|
|
108
|
+
envRoles: this.commonProps.envRoles,
|
|
109
|
+
enableRGRoles: { readOnly: true },
|
|
110
|
+
scope: (0, pulumi_1.interpolate) `/subscriptions/${Common_1.subscriptionId}/resourceGroups/${this._askInstance.instance.nodeResourceGroup}`,
|
|
111
|
+
});
|
|
112
|
+
}
|
|
99
113
|
}
|
|
100
114
|
async build() {
|
|
101
115
|
this.buildSsh();
|
|
@@ -104,4 +118,4 @@ class AksBuilder extends types_1.BuilderAsync {
|
|
|
104
118
|
}
|
|
105
119
|
}
|
|
106
120
|
exports.default = (props) => new AksBuilder(props);
|
|
107
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
121
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQWtzQnVpbGRlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9CdWlsZGVyL0Frc0J1aWxkZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSwyQ0FBNkM7QUFDN0MsNkRBQThEO0FBQzlELHNDQUEyQztBQUMzQyxtQ0FVaUI7QUFDakIseURBQWdFO0FBQ2hFLDRFQUE4RTtBQUM5RSxpREFRZ0I7QUFFaEIsTUFBTSxVQUNKLFNBQVEsb0JBQXdCO0lBT2hDLFdBQVc7SUFDSCxZQUFZLEdBQTJCLFNBQVMsQ0FBQztJQUNqRCxZQUFZLEdBQTJCLFNBQVMsQ0FBQztJQUV6RCxPQUFPO0lBQ0MsU0FBUyxHQUFnQyxTQUFTLENBQUM7SUFDbkQsZUFBZSxHQUF1QixFQUFFLENBQUM7SUFDekMsV0FBVyxHQUE4QixTQUFTLENBQUM7SUFDbkQsYUFBYSxHQUFnQyxTQUFTLENBQUM7SUFDdkQsVUFBVSxHQUFpRCxFQUFFLENBQUM7SUFDOUQsS0FBSyxHQUEwQix3Q0FBcUIsQ0FBQyxJQUFJLENBQUM7SUFDMUQsYUFBYSxHQUFnQyxTQUFTLENBQUM7SUFDdkQsWUFBWSxHQUF3QyxTQUFTLENBQUM7SUFDOUQsWUFBWSxHQUErQixTQUFTLENBQUM7SUFDckQsS0FBSyxHQUFZLEtBQUssQ0FBQztJQUUvQixZQUFZLEtBQW1CO1FBQzdCLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUNmLENBQUM7SUFFRCx5QkFBeUI7SUFDbEIsVUFBVSxDQUFDLEtBQXNCO1FBQ3RDLElBQUksQ0FBQyxTQUFTLEdBQUcsS0FBSyxDQUFDO1FBQ3ZCLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVNLFlBQVksQ0FBQyxLQUF1QjtRQUN6QyxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNqQyxPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFDTSxTQUFTLENBQUMsS0FBb0I7UUFDbkMsSUFBSSxDQUFDLFdBQVcsR0FBRyxLQUFLLENBQUM7UUFDekIsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBQ00sV0FBVyxDQUFDLEtBQXNCO1FBQ3ZDLElBQUksQ0FBQyxhQUFhLEdBQUcsS0FBSyxDQUFDO1FBQzNCLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUNNLFFBQVEsQ0FBQyxLQUF1QztRQUNyRCxJQUFJLENBQUMsVUFBVSxHQUFHLEtBQUssQ0FBQztRQUN4QixPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFDTSxRQUFRLENBQUMsSUFBMkI7UUFDekMsSUFBSSxDQUFDLEtBQUssR0FBRyxJQUFJLENBQUM7UUFDbEIsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBQ00sV0FBVyxDQUFDLEtBQXNCO1FBQ3ZDLElBQUksQ0FBQyxhQUFhLEdBQUcsS0FBSyxDQUFDO1FBQzNCLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUNNLG1CQUFtQixDQUFDLEtBQThCO1FBQ3ZELElBQUksQ0FBQyxZQUFZLEdBQUcsS0FBSyxDQUFDO1FBQzFCLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUNNLElBQUk7UUFDVCxJQUFJLENBQUMsS0FBSyxHQUFHLElBQUksQ0FBQztRQUNsQixPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFDTSxNQUFNLENBQUMsS0FBcUI7UUFDakMsSUFBSSxDQUFDLFlBQVksR0FBRyxLQUFLLENBQUM7UUFDMUIsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBQ0QsZUFBZTtJQUNQLFFBQVE7UUFDZCxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLFNBQVMsQ0FBQztRQUM3QyxJQUFJLENBQUMsU0FBUztZQUNaLE1BQU0sSUFBSSxLQUFLLENBQUMsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLElBQUksc0JBQXNCLENBQUMsQ0FBQztRQUVsRSxJQUFJLENBQUMsWUFBWSxHQUFHLElBQUEsMkJBQVcsRUFBQztZQUM5QixHQUFHLElBQUksQ0FBQyxXQUFXO1lBQ25CLEdBQUcsSUFBSSxDQUFDLFNBQVM7WUFDakIsU0FBUztTQUNWLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTyxLQUFLLENBQUMsUUFBUTtRQUNwQixNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsWUFBYSxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUV2RCxJQUFJLENBQUMsWUFBWSxHQUFHLE1BQU0sSUFBQSxhQUFHLEVBQUM7WUFDNUIsR0FBRyxJQUFJLENBQUMsV0FBVztZQUNuQixLQUFLLEVBQUUsSUFBSSxDQUFDLFdBQVc7WUFDdkIsU0FBUyxFQUFFLEVBQUUsR0FBRyxJQUFJLENBQUMsVUFBVSxFQUFFLFFBQVEsRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLFFBQVEsRUFBRTtZQUN0RSxJQUFJLEVBQUUsSUFBSSxDQUFDLEtBQUs7WUFDaEIsS0FBSyxFQUFFO2dCQUNMLGFBQWEsRUFBRSxJQUFJLENBQUMsWUFBYSxDQUFDLFFBQVE7Z0JBQzFDLE9BQU8sRUFBRSxDQUFDLE1BQU0sQ0FBQzthQUNsQjtZQUNELGVBQWUsRUFBRSxJQUFJLENBQUMsWUFBYTtZQUNuQyxTQUFTLEVBQUUsSUFBSSxDQUFDLGVBQWU7WUFDL0IsUUFBUSxFQUFFLElBQUksQ0FBQyxhQUFhO1lBQzVCLE9BQU8sRUFBRSxJQUFJLENBQUMsYUFBYztZQUU1QixTQUFTLEVBQUUsSUFBSSxDQUFDLFlBQVksRUFBRSxFQUFFO1lBQ2hDLGFBQWEsRUFBRSxJQUFJLENBQUMsWUFBWSxFQUFFLGFBQWE7WUFDL0MsSUFBSSxFQUFFLElBQUksQ0FBQyxLQUFLO1NBQ2pCLENBQUMsQ0FBQztRQUVILHlDQUF5QztRQUN6QyxJQUNFLElBQUksQ0FBQyxXQUFXLENBQUMsUUFBUTtZQUN6QixJQUFJLENBQUMsWUFBWSxDQUFDLFFBQVEsQ0FBQyxpQkFBaUIsRUFDNUMsQ0FBQztZQUNELElBQUEscUNBQW1CLEVBQUM7Z0JBQ2xCLElBQUksRUFBRSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsSUFBSSxhQUFhO2dCQUM1QyxTQUFTLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxRQUFRO2dCQUNyQyxRQUFRLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxRQUFRO2dCQUNuQyxhQUFhLEVBQUUsRUFBRSxRQUFRLEVBQUUsSUFBSSxFQUFFO2dCQUNqQyxLQUFLLEVBQUUsSUFBQSxvQkFBVyxFQUFBLGtCQUFrQix1QkFBYyxtQkFBbUIsSUFBSSxDQUFDLFlBQVksQ0FBQyxRQUFRLENBQUMsaUJBQWlCLEVBQUU7YUFDcEgsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztJQUNILENBQUM7SUFFTSxLQUFLLENBQUMsS0FBSztRQUNoQixJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDaEIsTUFBTSxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7UUFFdEIsT0FBTyxJQUFJLENBQUMsWUFBYSxDQUFDO0lBQzVCLENBQUM7Q0FDRjtBQUVELGtCQUFlLENBQUMsS0FBbUIsRUFBRSxFQUFFLENBQUMsSUFBSSxVQUFVLENBQUMsS0FBSyxDQUFnQixDQUFDIn0=
|
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import { BasicResourceArgs } from '../types';
|
|
1
|
+
import { BasicResourceArgs, ResourceInfo } from '../types';
|
|
2
2
|
import { IPrivateDnsZoneBuilder } from './types/privateDnsZoneBuilder';
|
|
3
|
+
export declare const from: (info: ResourceInfo) => IPrivateDnsZoneBuilder;
|
|
3
4
|
declare const _default: (props: BasicResourceArgs) => IPrivateDnsZoneBuilder;
|
|
4
5
|
export default _default;
|