@drunk-pulumi/azure 1.0.3 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/Aks/Helper.js +4 -3
- package/Aks/Identity.js +3 -3
- package/Aks/index.d.ts +8 -7
- package/Aks/index.js +73 -57
- package/Automation/index.d.ts +1 -1
- package/Automation/index.js +5 -5
- package/AzAd/EnvRoles.Consts.d.ts +13 -8
- package/AzAd/EnvRoles.Consts.js +51 -51
- package/AzAd/EnvRoles.d.ts +3 -3
- package/AzAd/EnvRoles.js +10 -10
- package/AzAd/Group.d.ts +2 -2
- package/AzAd/Group.js +12 -12
- package/AzAd/Identities/AzDevOpsIdentity.d.ts +1 -1
- package/AzAd/Identities/AzDevOpsIdentity.js +9 -6
- package/AzAd/Identities/AzDevOpsManagedIdentity.d.ts +2 -2
- package/AzAd/Identities/AzDevOpsManagedIdentity.js +6 -3
- package/AzAd/RoleAssignment.d.ts +3 -3
- package/AzAd/RoleAssignment.js +3 -3
- package/AzAd/RoleDefinitions/JustInTimeRequestRole.js +10 -10
- package/Builder/AksBuilder.js +15 -1
- package/Builder/PrivateDnsZoneBuilder.d.ts +2 -1
- package/Builder/PrivateDnsZoneBuilder.js +41 -23
- package/Builder/ResourceBuilder.js +12 -6
- package/Builder/SqlBuilder.js +7 -1
- package/Builder/StorageBuilder.js +14 -14
- package/Builder/VaultBuilder.d.ts +2 -1
- package/Builder/VaultBuilder.js +8 -1
- package/Builder/types/resourceBuilder.d.ts +2 -0
- package/Builder/types/sqlBuilder.d.ts +2 -1
- package/Builder/types/storageBuilder.d.ts +10 -8
- package/Builder/types/vaultBuilder.d.ts +6 -1
- package/Cdn/CdnEndpoint.d.ts +2 -3
- package/Cdn/CdnEndpoint.js +15 -17
- package/Cdn/CdnRules.d.ts +6 -2
- package/Cdn/CdnRules.js +51 -56
- package/Certificate/index.d.ts +2 -2
- package/Certificate/index.js +29 -29
- package/Common/AzureEnv.d.ts +2 -3
- package/Common/AzureEnv.js +21 -8
- package/Common/Naming/index.d.ts +1 -1
- package/Common/Naming/index.js +65 -61
- package/Common/index.d.ts +11 -6
- package/Common/index.js +6 -1
- package/ContainerRegistry/index.d.ts +5 -5
- package/ContainerRegistry/index.js +75 -50
- package/Core/KeyGenerators.d.ts +5 -5
- package/Core/KeyGenerators.js +5 -5
- package/CustomRoles/index.js +3 -3
- package/KeyVault/CustomHelper.d.ts +4 -4
- package/KeyVault/CustomHelper.js +7 -7
- package/KeyVault/Helper.js +12 -9
- package/Logs/Helpers.d.ts +1 -1
- package/RedisCache/index.d.ts +2 -2
- package/RedisCache/index.js +10 -5
- package/SignalR/index.d.ts +4 -4
- package/SignalR/index.js +26 -21
- package/Sql/SqlDb.js +2 -3
- package/Sql/index.d.ts +3 -4
- package/Sql/index.js +11 -11
- package/Storage/Helper.d.ts +1 -1
- package/Storage/index.d.ts +2 -3
- package/Storage/index.js +2 -2
- package/VNet/FirewallPolicies/AksFirewallPolicy.d.ts +4 -3
- package/VNet/FirewallPolicies/AksFirewallPolicy.js +116 -123
- package/VNet/FirewallPolicies/CloudPCFirewallPolicy.d.ts +4 -3
- package/VNet/FirewallPolicies/CloudPCFirewallPolicy.js +150 -132
- package/VNet/Helper.d.ts +1 -0
- package/VNet/Helper.js +25 -19
- package/VNet/index.d.ts +9 -9
- package/VNet/index.js +58 -49
- package/VNet/types.d.ts +9 -6
- package/package.json +6 -6
|
@@ -1,199 +1,192 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
const
|
|
3
|
+
const Common_1 = require("../../Common");
|
|
4
4
|
const FirewallPolicy_1 = require("../FirewallPolicy");
|
|
5
|
-
exports.default = ({ priority, allowAccessPublicRegistries, subnetSpaces, dNATs, }) => {
|
|
5
|
+
exports.default = ({ priority, allowAccessPublicRegistries, subnetSpaces, trustedAcrs = [], dNATs, }) => {
|
|
6
6
|
const dnatRules = new Array();
|
|
7
7
|
const netRules = new Array();
|
|
8
8
|
const appRules = new Array();
|
|
9
9
|
if (dNATs) {
|
|
10
10
|
dNATs.forEach((nat) => {
|
|
11
11
|
dnatRules.push({
|
|
12
|
-
ruleType:
|
|
12
|
+
ruleType: 'NatRule',
|
|
13
13
|
name: `${nat.name}-inbound-443`,
|
|
14
14
|
description: `Forward port 443 external IpAddress of ${nat.name} to internal IpAddress`,
|
|
15
|
-
sourceAddresses: [nat.sourceIpAddress ??
|
|
15
|
+
sourceAddresses: [nat.sourceIpAddress ?? '*'],
|
|
16
16
|
destinationAddresses: nat.publicIpAddresses,
|
|
17
|
-
destinationPorts: [
|
|
18
|
-
ipProtocols: [
|
|
17
|
+
destinationPorts: ['443'],
|
|
18
|
+
ipProtocols: ['TCP'],
|
|
19
19
|
translatedAddress: nat.internalIpAddress,
|
|
20
|
-
translatedPort:
|
|
20
|
+
translatedPort: '443',
|
|
21
21
|
});
|
|
22
22
|
if (nat.allowHttp)
|
|
23
23
|
dnatRules.push({
|
|
24
|
-
ruleType:
|
|
24
|
+
ruleType: 'NatRule',
|
|
25
25
|
name: `${nat.name}-inbound-80`,
|
|
26
26
|
description: `Forward port 80 external IpAddress of ${nat.name} to internal IpAddress`,
|
|
27
|
-
sourceAddresses: [nat.sourceIpAddress ??
|
|
27
|
+
sourceAddresses: [nat.sourceIpAddress ?? '*'],
|
|
28
28
|
destinationAddresses: nat.publicIpAddresses,
|
|
29
|
-
destinationPorts: [
|
|
30
|
-
ipProtocols: [
|
|
29
|
+
destinationPorts: ['80'],
|
|
30
|
+
ipProtocols: ['TCP'],
|
|
31
31
|
translatedAddress: nat.internalIpAddress,
|
|
32
|
-
translatedPort:
|
|
32
|
+
translatedPort: '80',
|
|
33
33
|
});
|
|
34
34
|
});
|
|
35
35
|
}
|
|
36
36
|
//AKS Network Rules
|
|
37
37
|
netRules.push({
|
|
38
|
-
ruleType:
|
|
39
|
-
name:
|
|
40
|
-
description:
|
|
41
|
-
ipProtocols: [
|
|
38
|
+
ruleType: 'NetworkRule',
|
|
39
|
+
name: 'aks-vpn',
|
|
40
|
+
description: 'For OPEN VPN tunneled secure communication between the nodes and the control plane for AzureCloud',
|
|
41
|
+
ipProtocols: ['UDP'],
|
|
42
42
|
sourceAddresses: subnetSpaces,
|
|
43
|
-
destinationAddresses: [`AzureCloud.${
|
|
44
|
-
destinationPorts: [
|
|
43
|
+
destinationAddresses: [`AzureCloud.${Common_1.currentRegionCode}`],
|
|
44
|
+
destinationPorts: ['1194'],
|
|
45
45
|
}, {
|
|
46
|
-
ruleType:
|
|
47
|
-
name:
|
|
48
|
-
description:
|
|
49
|
-
ipProtocols: [
|
|
46
|
+
ruleType: 'NetworkRule',
|
|
47
|
+
name: 'aks-tcp',
|
|
48
|
+
description: 'For tunneled secure communication between the nodes and the control plane for AzureCloud',
|
|
49
|
+
ipProtocols: ['TCP'],
|
|
50
50
|
sourceAddresses: subnetSpaces,
|
|
51
|
-
destinationAddresses: [`AzureCloud.${
|
|
52
|
-
destinationPorts:
|
|
51
|
+
destinationAddresses: [`AzureCloud.${Common_1.currentRegionCode}`],
|
|
52
|
+
destinationPorts: Common_1.allAzurePorts,
|
|
53
53
|
}, {
|
|
54
|
-
ruleType:
|
|
55
|
-
name:
|
|
56
|
-
description:
|
|
57
|
-
ipProtocols: [
|
|
54
|
+
ruleType: 'NetworkRule',
|
|
55
|
+
name: 'aks-time',
|
|
56
|
+
description: 'Required for Network Time Protocol (NTP) time synchronization on Linux nodes.',
|
|
57
|
+
ipProtocols: ['UDP'],
|
|
58
58
|
sourceAddresses: subnetSpaces,
|
|
59
|
-
destinationAddresses: [
|
|
60
|
-
destinationPorts: [
|
|
59
|
+
destinationAddresses: ['ntp.ubuntu.com'],
|
|
60
|
+
destinationPorts: ['123'],
|
|
61
61
|
},
|
|
62
62
|
//TODO: Remove this
|
|
63
|
+
// {
|
|
64
|
+
// ruleType: 'NetworkRule',
|
|
65
|
+
// name: 'aks-time-others',
|
|
66
|
+
// description:
|
|
67
|
+
// 'Required for Network Time Protocol (NTP) time synchronization on Linux nodes.',
|
|
68
|
+
// ipProtocols: ['UDP'],
|
|
69
|
+
// sourceAddresses: subnetSpaces,
|
|
70
|
+
// destinationAddresses: ['*'],
|
|
71
|
+
// destinationPorts: ['123'],
|
|
72
|
+
// },
|
|
63
73
|
{
|
|
64
|
-
ruleType:
|
|
65
|
-
name:
|
|
66
|
-
description:
|
|
67
|
-
ipProtocols: [
|
|
68
|
-
sourceAddresses: subnetSpaces,
|
|
69
|
-
destinationAddresses: ["*"],
|
|
70
|
-
destinationPorts: ["123"],
|
|
71
|
-
}, {
|
|
72
|
-
ruleType: "NetworkRule",
|
|
73
|
-
name: "azure-services-tags",
|
|
74
|
-
description: "Allows internal services to connect to Azure Resources.",
|
|
75
|
-
ipProtocols: ["TCP"],
|
|
74
|
+
ruleType: 'NetworkRule',
|
|
75
|
+
name: 'azure-services-tags',
|
|
76
|
+
description: 'Allows internal services to connect to Azure Resources.',
|
|
77
|
+
ipProtocols: ['TCP'],
|
|
76
78
|
sourceAddresses: subnetSpaces,
|
|
77
79
|
destinationAddresses: [
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
//'AzureConnectors.SoutheastAsia',
|
|
85
|
-
//'AzureSignalR', This already using private endpoint
|
|
86
|
-
//'DataFactory.SoutheastAsia',
|
|
87
|
-
//'EventHub.SoutheastAsia',
|
|
88
|
-
"ServiceBus.SoutheastAsia",
|
|
89
|
-
//'Sql.SoutheastAsia', This already using private endpoint
|
|
90
|
-
"Storage.SoutheastAsia",
|
|
80
|
+
'AzureContainerRegistry',
|
|
81
|
+
'MicrosoftContainerRegistry',
|
|
82
|
+
'AzureActiveDirectory',
|
|
83
|
+
'AzureMonitor',
|
|
84
|
+
'AppConfiguration',
|
|
85
|
+
'AzureKeyVault',
|
|
91
86
|
],
|
|
92
|
-
destinationPorts: [
|
|
87
|
+
destinationPorts: ['443'],
|
|
93
88
|
}, {
|
|
94
|
-
ruleType:
|
|
95
|
-
name:
|
|
96
|
-
description:
|
|
97
|
-
ipProtocols: [
|
|
89
|
+
ruleType: 'NetworkRule',
|
|
90
|
+
name: 'others-dns',
|
|
91
|
+
description: 'Others DNS.',
|
|
92
|
+
ipProtocols: ['TCP', 'UDP'],
|
|
98
93
|
sourceAddresses: subnetSpaces,
|
|
99
|
-
destinationAddresses: [
|
|
100
|
-
destinationPorts: [
|
|
94
|
+
destinationAddresses: ['*'],
|
|
95
|
+
destinationPorts: ['53'],
|
|
101
96
|
});
|
|
102
97
|
//AKS Apps Rules
|
|
103
98
|
appRules.push({
|
|
104
|
-
ruleType:
|
|
105
|
-
name:
|
|
106
|
-
description:
|
|
99
|
+
ruleType: 'ApplicationRule',
|
|
100
|
+
name: 'aks-services-fqdnTags',
|
|
101
|
+
description: 'Allows pods to access AzureKubernetesService',
|
|
107
102
|
sourceAddresses: subnetSpaces,
|
|
108
|
-
fqdnTags: [
|
|
109
|
-
protocols: [{ protocolType:
|
|
103
|
+
fqdnTags: ['AzureKubernetesService'],
|
|
104
|
+
protocols: [{ protocolType: 'Https', port: 443 }],
|
|
110
105
|
}, {
|
|
111
|
-
ruleType:
|
|
112
|
-
name:
|
|
113
|
-
description:
|
|
106
|
+
ruleType: 'ApplicationRule',
|
|
107
|
+
name: 'aks-fqdn',
|
|
108
|
+
description: 'Azure Global required FQDN',
|
|
114
109
|
sourceAddresses: subnetSpaces,
|
|
115
110
|
targetFqdns: [
|
|
116
111
|
//AKS mater
|
|
117
|
-
|
|
112
|
+
`*.hcp.${Common_1.currentRegionCode}.azmk8s.io`,
|
|
118
113
|
//Microsoft Container Registry
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
114
|
+
...trustedAcrs?.map((s) => `${s}.azurecr.io`),
|
|
115
|
+
'mcr.microsoft.com',
|
|
116
|
+
'*.mcr.microsoft.com',
|
|
117
|
+
//'data.mcr.microsoft.com',
|
|
118
|
+
//'*.data.mcr.microsoft.com',
|
|
122
119
|
//Azure management
|
|
123
|
-
|
|
124
|
-
|
|
120
|
+
'management.azure.com',
|
|
121
|
+
'login.microsoftonline.com',
|
|
125
122
|
//Microsoft trusted package repository
|
|
126
|
-
|
|
127
|
-
//Azure CDN
|
|
128
|
-
//"acs-mirror.azureedge.net",
|
|
129
|
-
//CosmosDb
|
|
130
|
-
//"*.documents.azure.com",
|
|
123
|
+
'packages.microsoft.com',
|
|
131
124
|
],
|
|
132
|
-
protocols: [{ protocolType:
|
|
125
|
+
protocols: [{ protocolType: 'Https', port: 443 }],
|
|
133
126
|
}, {
|
|
134
|
-
ruleType:
|
|
135
|
-
name:
|
|
136
|
-
description:
|
|
127
|
+
ruleType: 'ApplicationRule',
|
|
128
|
+
name: 'azure-monitors',
|
|
129
|
+
description: 'Azure AKS Monitoring',
|
|
137
130
|
sourceAddresses: subnetSpaces,
|
|
138
131
|
targetFqdns: [
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
132
|
+
'dc.services.visualstudio.com',
|
|
133
|
+
'*.ods.opinsights.azure.com',
|
|
134
|
+
'*.oms.opinsights.azure.com',
|
|
135
|
+
'*.monitoring.azure.com',
|
|
136
|
+
'*.services.visualstudio.com',
|
|
144
137
|
],
|
|
145
|
-
protocols: [{ protocolType:
|
|
138
|
+
protocols: [{ protocolType: 'Https', port: 443 }],
|
|
146
139
|
}, {
|
|
147
|
-
ruleType:
|
|
148
|
-
name:
|
|
149
|
-
description:
|
|
140
|
+
ruleType: 'ApplicationRule',
|
|
141
|
+
name: 'azure-policy',
|
|
142
|
+
description: 'Azure AKS Policy Management',
|
|
150
143
|
sourceAddresses: subnetSpaces,
|
|
151
144
|
targetFqdns: [
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
145
|
+
'*.policy.core.windows.net',
|
|
146
|
+
'gov-prod-policy-data.trafficmanager.net',
|
|
147
|
+
'raw.githubusercontent.com',
|
|
148
|
+
'dc.services.visualstudio.com',
|
|
156
149
|
],
|
|
157
|
-
protocols: [{ protocolType:
|
|
150
|
+
protocols: [{ protocolType: 'Https', port: 443 }],
|
|
158
151
|
});
|
|
159
152
|
if (allowAccessPublicRegistries) {
|
|
160
153
|
appRules.push({
|
|
161
|
-
ruleType:
|
|
162
|
-
name:
|
|
154
|
+
ruleType: 'ApplicationRule',
|
|
155
|
+
name: 'docker-services',
|
|
163
156
|
sourceAddresses: subnetSpaces,
|
|
164
|
-
targetFqdns: [
|
|
165
|
-
protocols: [{ protocolType:
|
|
157
|
+
targetFqdns: ['*.docker.io', 'docker.io', '*.docker.com', '*.pkg.dev'],
|
|
158
|
+
protocols: [{ protocolType: 'Https', port: 443 }],
|
|
166
159
|
}, {
|
|
167
|
-
ruleType:
|
|
168
|
-
name:
|
|
160
|
+
ruleType: 'ApplicationRule',
|
|
161
|
+
name: 'k8s-services',
|
|
169
162
|
sourceAddresses: subnetSpaces,
|
|
170
163
|
targetFqdns: [
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
164
|
+
'quay.io', //For Cert Manager
|
|
165
|
+
'*.quay.io',
|
|
166
|
+
'k8s.gcr.io', //nginx images
|
|
167
|
+
'*.k8s.io',
|
|
168
|
+
'*.cloudfront.net',
|
|
169
|
+
'*.amazonaws.com',
|
|
170
|
+
'*.gcr.io',
|
|
171
|
+
'*.googleapis.com',
|
|
179
172
|
],
|
|
180
|
-
protocols: [{ protocolType:
|
|
173
|
+
protocols: [{ protocolType: 'Https', port: 443 }],
|
|
181
174
|
}, {
|
|
182
|
-
ruleType:
|
|
183
|
-
name:
|
|
175
|
+
ruleType: 'ApplicationRule',
|
|
176
|
+
name: 'ubuntu-services',
|
|
184
177
|
sourceAddresses: subnetSpaces,
|
|
185
178
|
targetFqdns: [
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
179
|
+
'security.ubuntu.com',
|
|
180
|
+
'azure.archive.ubuntu.com',
|
|
181
|
+
'changelogs.ubuntu.com',
|
|
189
182
|
],
|
|
190
|
-
protocols: [{ protocolType:
|
|
183
|
+
protocols: [{ protocolType: 'Https', port: 443 }],
|
|
191
184
|
});
|
|
192
185
|
}
|
|
193
186
|
return (0, FirewallPolicy_1.FirewallPolicyGroup)({
|
|
194
|
-
policy: { name:
|
|
187
|
+
policy: { name: 'aks-firewall-policy', dnatRules, netRules, appRules },
|
|
195
188
|
priority,
|
|
196
|
-
action:
|
|
189
|
+
action: 'Allow',
|
|
197
190
|
});
|
|
198
191
|
};
|
|
199
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
192
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQWtzRmlyZXdhbGxQb2xpY3kuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvVk5ldC9GaXJld2FsbFBvbGljaWVzL0Frc0ZpcmV3YWxsUG9saWN5LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBRUEseUNBQWdFO0FBTWhFLHNEQUF3RDtBQXNCeEQsa0JBQWUsQ0FBQyxFQUNkLFFBQVEsRUFDUiwyQkFBMkIsRUFDM0IsWUFBWSxFQUNaLFdBQVcsR0FBRyxFQUFFLEVBQ2hCLEtBQUssR0FDb0IsRUFBdUMsRUFBRTtJQUNsRSxNQUFNLFNBQVMsR0FBRyxJQUFJLEtBQUssRUFBcUMsQ0FBQztJQUNqRSxNQUFNLFFBQVEsR0FBRyxJQUFJLEtBQUssRUFBMEIsQ0FBQztJQUNyRCxNQUFNLFFBQVEsR0FBRyxJQUFJLEtBQUssRUFBOEIsQ0FBQztJQUV6RCxJQUFJLEtBQUssRUFBRSxDQUFDO1FBQ1YsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFO1lBQ3BCLFNBQVMsQ0FBQyxJQUFJLENBQUM7Z0JBQ2IsUUFBUSxFQUFFLFNBQVM7Z0JBQ25CLElBQUksRUFBRSxHQUFHLEdBQUcsQ0FBQyxJQUFJLGNBQWM7Z0JBQy9CLFdBQVcsRUFBRSwwQ0FBMEMsR0FBRyxDQUFDLElBQUksd0JBQXdCO2dCQUN2RixlQUFlLEVBQUUsQ0FBQyxHQUFHLENBQUMsZUFBZSxJQUFJLEdBQUcsQ0FBQztnQkFDN0Msb0JBQW9CLEVBQUUsR0FBRyxDQUFDLGlCQUFpQjtnQkFDM0MsZ0JBQWdCLEVBQUUsQ0FBQyxLQUFLLENBQUM7Z0JBQ3pCLFdBQVcsRUFBRSxDQUFDLEtBQUssQ0FBQztnQkFDcEIsaUJBQWlCLEVBQUUsR0FBRyxDQUFDLGlCQUFpQjtnQkFDeEMsY0FBYyxFQUFFLEtBQUs7YUFDdEIsQ0FBQyxDQUFDO1lBRUgsSUFBSSxHQUFHLENBQUMsU0FBUztnQkFDZixTQUFTLENBQUMsSUFBSSxDQUFDO29CQUNiLFFBQVEsRUFBRSxTQUFTO29CQUNuQixJQUFJLEVBQUUsR0FBRyxHQUFHLENBQUMsSUFBSSxhQUFhO29CQUM5QixXQUFXLEVBQUUseUNBQXlDLEdBQUcsQ0FBQyxJQUFJLHdCQUF3QjtvQkFDdEYsZUFBZSxFQUFFLENBQUMsR0FBRyxDQUFDLGVBQWUsSUFBSSxHQUFHLENBQUM7b0JBQzdDLG9CQUFvQixFQUFFLEdBQUcsQ0FBQyxpQkFBaUI7b0JBQzNDLGdCQUFnQixFQUFFLENBQUMsSUFBSSxDQUFDO29CQUN4QixXQUFXLEVBQUUsQ0FBQyxLQUFLLENBQUM7b0JBQ3BCLGlCQUFpQixFQUFFLEdBQUcsQ0FBQyxpQkFBaUI7b0JBQ3hDLGNBQWMsRUFBRSxJQUFJO2lCQUNyQixDQUFDLENBQUM7UUFDUCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxtQkFBbUI7SUFDbkIsUUFBUSxDQUFDLElBQUksQ0FDWDtRQUNFLFFBQVEsRUFBRSxhQUFhO1FBQ3ZCLElBQUksRUFBRSxTQUFTO1FBQ2YsV0FBVyxFQUNULG1HQUFtRztRQUNyRyxXQUFXLEVBQUUsQ0FBQyxLQUFLLENBQUM7UUFDcEIsZUFBZSxFQUFFLFlBQVk7UUFDN0Isb0JBQW9CLEVBQUUsQ0FBQyxjQUFjLDBCQUFpQixFQUFFLENBQUM7UUFDekQsZ0JBQWdCLEVBQUUsQ0FBQyxNQUFNLENBQUM7S0FDM0IsRUFDRDtRQUNFLFFBQVEsRUFBRSxhQUFhO1FBQ3ZCLElBQUksRUFBRSxTQUFTO1FBQ2YsV0FBVyxFQUNULDBGQUEwRjtRQUM1RixXQUFXLEVBQUUsQ0FBQyxLQUFLLENBQUM7UUFDcEIsZUFBZSxFQUFFLFlBQVk7UUFDN0Isb0JBQW9CLEVBQUUsQ0FBQyxjQUFjLDBCQUFpQixFQUFFLENBQUM7UUFDekQsZ0JBQWdCLEVBQUUsc0JBQWE7S0FDaEMsRUFDRDtRQUNFLFFBQVEsRUFBRSxhQUFhO1FBQ3ZCLElBQUksRUFBRSxVQUFVO1FBQ2hCLFdBQVcsRUFDVCwrRUFBK0U7UUFDakYsV0FBVyxFQUFFLENBQUMsS0FBSyxDQUFDO1FBQ3BCLGVBQWUsRUFBRSxZQUFZO1FBQzdCLG9CQUFvQixFQUFFLENBQUMsZ0JBQWdCLENBQUM7UUFDeEMsZ0JBQWdCLEVBQUUsQ0FBQyxLQUFLLENBQUM7S0FDMUI7SUFDRCxtQkFBbUI7SUFDbkIsSUFBSTtJQUNKLDZCQUE2QjtJQUM3Qiw2QkFBNkI7SUFDN0IsaUJBQWlCO0lBQ2pCLHVGQUF1RjtJQUN2RiwwQkFBMEI7SUFDMUIsbUNBQW1DO0lBQ25DLGlDQUFpQztJQUNqQywrQkFBK0I7SUFDL0IsS0FBSztJQUNMO1FBQ0UsUUFBUSxFQUFFLGFBQWE7UUFDdkIsSUFBSSxFQUFFLHFCQUFxQjtRQUMzQixXQUFXLEVBQUUseURBQXlEO1FBQ3RFLFdBQVcsRUFBRSxDQUFDLEtBQUssQ0FBQztRQUNwQixlQUFlLEVBQUUsWUFBWTtRQUM3QixvQkFBb0IsRUFBRTtZQUNwQix3QkFBd0I7WUFDeEIsNEJBQTRCO1lBQzVCLHNCQUFzQjtZQUN0QixjQUFjO1lBQ2Qsa0JBQWtCO1lBQ2xCLGVBQWU7U0FDaEI7UUFDRCxnQkFBZ0IsRUFBRSxDQUFDLEtBQUssQ0FBQztLQUMxQixFQUNEO1FBQ0UsUUFBUSxFQUFFLGFBQWE7UUFDdkIsSUFBSSxFQUFFLFlBQVk7UUFDbEIsV0FBVyxFQUFFLGFBQWE7UUFDMUIsV0FBVyxFQUFFLENBQUMsS0FBSyxFQUFFLEtBQUssQ0FBQztRQUMzQixlQUFlLEVBQUUsWUFBWTtRQUM3QixvQkFBb0IsRUFBRSxDQUFDLEdBQUcsQ0FBQztRQUMzQixnQkFBZ0IsRUFBRSxDQUFDLElBQUksQ0FBQztLQUN6QixDQUNGLENBQUM7SUFFRixnQkFBZ0I7SUFDaEIsUUFBUSxDQUFDLElBQUksQ0FDWDtRQUNFLFFBQVEsRUFBRSxpQkFBaUI7UUFDM0IsSUFBSSxFQUFFLHVCQUF1QjtRQUM3QixXQUFXLEVBQUUsOENBQThDO1FBQzNELGVBQWUsRUFBRSxZQUFZO1FBQzdCLFFBQVEsRUFBRSxDQUFDLHdCQUF3QixDQUFDO1FBQ3BDLFNBQVMsRUFBRSxDQUFDLEVBQUUsWUFBWSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsR0FBRyxFQUFFLENBQUM7S0FDbEQsRUFDRDtRQUNFLFFBQVEsRUFBRSxpQkFBaUI7UUFDM0IsSUFBSSxFQUFFLFVBQVU7UUFDaEIsV0FBVyxFQUFFLDRCQUE0QjtRQUN6QyxlQUFlLEVBQUUsWUFBWTtRQUM3QixXQUFXLEVBQUU7WUFDWCxXQUFXO1lBQ1gsU0FBUywwQkFBaUIsWUFBWTtZQUN0Qyw4QkFBOEI7WUFDOUIsR0FBRyxXQUFXLEVBQUUsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxHQUFHLENBQUMsYUFBYSxDQUFDO1lBQzdDLG1CQUFtQjtZQUNuQixxQkFBcUI7WUFDckIsMkJBQTJCO1lBQzNCLDZCQUE2QjtZQUM3QixrQkFBa0I7WUFDbEIsc0JBQXNCO1lBQ3RCLDJCQUEyQjtZQUMzQixzQ0FBc0M7WUFDdEMsd0JBQXdCO1NBQ3pCO1FBQ0QsU0FBUyxFQUFFLENBQUMsRUFBRSxZQUFZLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxHQUFHLEVBQUUsQ0FBQztLQUNsRCxFQUNEO1FBQ0UsUUFBUSxFQUFFLGlCQUFpQjtRQUMzQixJQUFJLEVBQUUsZ0JBQWdCO1FBQ3RCLFdBQVcsRUFBRSxzQkFBc0I7UUFDbkMsZUFBZSxFQUFFLFlBQVk7UUFDN0IsV0FBVyxFQUFFO1lBQ1gsOEJBQThCO1lBQzlCLDRCQUE0QjtZQUM1Qiw0QkFBNEI7WUFDNUIsd0JBQXdCO1lBQ3hCLDZCQUE2QjtTQUM5QjtRQUNELFNBQVMsRUFBRSxDQUFDLEVBQUUsWUFBWSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsR0FBRyxFQUFFLENBQUM7S0FDbEQsRUFDRDtRQUNFLFFBQVEsRUFBRSxpQkFBaUI7UUFDM0IsSUFBSSxFQUFFLGNBQWM7UUFDcEIsV0FBVyxFQUFFLDZCQUE2QjtRQUMxQyxlQUFlLEVBQUUsWUFBWTtRQUM3QixXQUFXLEVBQUU7WUFDWCwyQkFBMkI7WUFDM0IseUNBQXlDO1lBQ3pDLDJCQUEyQjtZQUMzQiw4QkFBOEI7U0FDL0I7UUFDRCxTQUFTLEVBQUUsQ0FBQyxFQUFFLFlBQVksRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLEdBQUcsRUFBRSxDQUFDO0tBQ2xELENBQ0YsQ0FBQztJQUVGLElBQUksMkJBQTJCLEVBQUUsQ0FBQztRQUNoQyxRQUFRLENBQUMsSUFBSSxDQUNYO1lBQ0UsUUFBUSxFQUFFLGlCQUFpQjtZQUMzQixJQUFJLEVBQUUsaUJBQWlCO1lBQ3ZCLGVBQWUsRUFBRSxZQUFZO1lBQzdCLFdBQVcsRUFBRSxDQUFDLGFBQWEsRUFBRSxXQUFXLEVBQUUsY0FBYyxFQUFFLFdBQVcsQ0FBQztZQUN0RSxTQUFTLEVBQUUsQ0FBQyxFQUFFLFlBQVksRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLEdBQUcsRUFBRSxDQUFDO1NBQ2xELEVBQ0Q7WUFDRSxRQUFRLEVBQUUsaUJBQWlCO1lBQzNCLElBQUksRUFBRSxjQUFjO1lBQ3BCLGVBQWUsRUFBRSxZQUFZO1lBQzdCLFdBQVcsRUFBRTtnQkFDWCxTQUFTLEVBQUUsa0JBQWtCO2dCQUM3QixXQUFXO2dCQUNYLFlBQVksRUFBRSxjQUFjO2dCQUM1QixVQUFVO2dCQUNWLGtCQUFrQjtnQkFDbEIsaUJBQWlCO2dCQUNqQixVQUFVO2dCQUNWLGtCQUFrQjthQUNuQjtZQUNELFNBQVMsRUFBRSxDQUFDLEVBQUUsWUFBWSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsR0FBRyxFQUFFLENBQUM7U0FDbEQsRUFDRDtZQUNFLFFBQVEsRUFBRSxpQkFBaUI7WUFDM0IsSUFBSSxFQUFFLGlCQUFpQjtZQUN2QixlQUFlLEVBQUUsWUFBWTtZQUM3QixXQUFXLEVBQUU7Z0JBQ1gscUJBQXFCO2dCQUNyQiwwQkFBMEI7Z0JBQzFCLHVCQUF1QjthQUN4QjtZQUNELFNBQVMsRUFBRSxDQUFDLEVBQUUsWUFBWSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsR0FBRyxFQUFFLENBQUM7U0FDbEQsQ0FDRixDQUFDO0lBQ0osQ0FBQztJQUVELE9BQU8sSUFBQSxvQ0FBbUIsRUFBQztRQUN6QixNQUFNLEVBQUUsRUFBRSxJQUFJLEVBQUUscUJBQXFCLEVBQUUsU0FBUyxFQUFFLFFBQVEsRUFBRSxRQUFRLEVBQUU7UUFDdEUsUUFBUTtRQUNSLE1BQU0sRUFBRSxPQUFPO0tBQ2hCLENBQUMsQ0FBQztBQUNMLENBQUMsQ0FBQyJ9
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { Input } from
|
|
2
|
-
import { FirewallPolicyRuleCollectionResults } from
|
|
1
|
+
import { Input } from '@pulumi/pulumi';
|
|
2
|
+
import { FirewallPolicyRuleCollectionResults } from '../types';
|
|
3
3
|
interface Props {
|
|
4
4
|
name?: string;
|
|
5
5
|
priority: number;
|
|
@@ -9,9 +9,10 @@ interface Props {
|
|
|
9
9
|
allowsAzure?: boolean;
|
|
10
10
|
allowsAzDevOps?: boolean;
|
|
11
11
|
allowsK8sTools?: boolean;
|
|
12
|
+
allowsDevTools?: boolean;
|
|
12
13
|
allowsSearch?: boolean;
|
|
13
14
|
allowsOffice365?: boolean;
|
|
14
15
|
allowsWindows365?: boolean;
|
|
15
16
|
}
|
|
16
|
-
declare const _default: ({ name, priority, subnetSpaces, allowsOffice365, allowsWindows365, allowsAzure, allowsAzDevOps, allowsK8sTools, allowIpCheckApi, allowsSearch, allowAllOutbound, }: Props) => FirewallPolicyRuleCollectionResults;
|
|
17
|
+
declare const _default: ({ name, priority, subnetSpaces, allowsOffice365, allowsWindows365, allowsAzure, allowsAzDevOps, allowsK8sTools, allowsDevTools, allowIpCheckApi, allowsSearch, allowAllOutbound, }: Props) => FirewallPolicyRuleCollectionResults;
|
|
17
18
|
export default _default;
|