@gradientedge/cdk-utils-azure 2.6.0 → 2.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/common/construct.js +1 -1
- package/dist/src/construct/event-handler/main.d.ts +1 -0
- package/dist/src/construct/event-handler/main.js +57 -11
- package/dist/src/construct/event-handler/types.d.ts +5 -4
- package/dist/src/construct/rest-api/main.js +4 -4
- package/dist/src/construct/rest-api-function/main.js +3 -3
- package/dist/src/construct/rest-api-with-cache/main.js +1 -1
- package/dist/src/services/authorisation/main.d.ts +2 -2
- package/dist/src/services/key-vault/main.d.ts +2 -2
- package/package.json +2 -2
|
@@ -82,7 +82,7 @@ export class CommonAzureConstruct extends ComponentResource {
|
|
|
82
82
|
if (this.resourceGroup)
|
|
83
83
|
return;
|
|
84
84
|
this.resourceGroup = this.resourceGroupManager.createResourceGroup(`${this.id}`, this, {
|
|
85
|
-
resourceGroupName: this.
|
|
85
|
+
resourceGroupName: this.id,
|
|
86
86
|
location: this.props.location,
|
|
87
87
|
});
|
|
88
88
|
this.registerOutputs({
|
|
@@ -59,4 +59,5 @@ export declare class AzureEventHandler extends AzureFunctionApp {
|
|
|
59
59
|
* @summary Method to enable Microsoft Defender malware scanning on the data storage account
|
|
60
60
|
*/
|
|
61
61
|
protected enableMalwareScanningOnDataStorageAccount(): void;
|
|
62
|
+
protected createFunctionAppSiteConfig(): void;
|
|
62
63
|
}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { Provider } from '@pulumi/azure-native';
|
|
2
2
|
import { getTopicOutput } from '@pulumi/azure-native/eventgrid/index.js';
|
|
3
|
+
import { getNamespaceOutput, getQueueOutput, listNamespaceKeysOutput } from '@pulumi/azure-native/servicebus/index.js';
|
|
3
4
|
import { AzureFunctionApp } from '../function-app/index.js';
|
|
4
5
|
/**
|
|
5
6
|
* Provides a construct to create and deploy an Azure EventGrid Event Handler with Service Bus integration
|
|
@@ -47,6 +48,8 @@ export class AzureEventHandler extends AzureFunctionApp {
|
|
|
47
48
|
* @summary Method to create the dead-letter queue storage account for EventGrid subscriptions
|
|
48
49
|
*/
|
|
49
50
|
createEventGridSubscriptionDlqStorageAccount() {
|
|
51
|
+
if (this.props.serviceBus.useExisting)
|
|
52
|
+
return;
|
|
50
53
|
this.eventGridEventSubscription.dlqStorageAccount = this.storageManager.createStorageAccount(`${this.id}-eventgrid-subscription-dlq-storage-account`, this, {
|
|
51
54
|
...this.props.eventGridSubscription.dlqStorageAccount,
|
|
52
55
|
resourceGroupName: this.resourceGroup.name,
|
|
@@ -57,6 +60,8 @@ export class AzureEventHandler extends AzureFunctionApp {
|
|
|
57
60
|
* @summary Method to create the dead-letter queue storage container for EventGrid subscriptions
|
|
58
61
|
*/
|
|
59
62
|
createEventGridSubscriptionDlqStorageContainer() {
|
|
63
|
+
if (this.props.serviceBus.useExisting)
|
|
64
|
+
return;
|
|
60
65
|
this.eventGridEventSubscription.dlqStorageContainer = this.storageManager.createStorageContainer(`${this.id}-eventgrid-subscription-dlq-container`, this, {
|
|
61
66
|
...this.props.eventGridSubscription.dlqStorageContainer,
|
|
62
67
|
accountName: this.eventGridEventSubscription.dlqStorageAccount.name,
|
|
@@ -68,11 +73,19 @@ export class AzureEventHandler extends AzureFunctionApp {
|
|
|
68
73
|
* @summary Method to create the Service Bus namespace
|
|
69
74
|
*/
|
|
70
75
|
createServiceBusNamespace() {
|
|
71
|
-
this.serviceBus.
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
+
if (this.props.serviceBus.useExisting && this.props.serviceBus.namespace.namespaceName) {
|
|
77
|
+
this.serviceBus.namespace = getNamespaceOutput({
|
|
78
|
+
namespaceName: this.props.serviceBus.namespace.namespaceName,
|
|
79
|
+
resourceGroupName: this.props.serviceBus.namespace.resourceGroupName,
|
|
80
|
+
});
|
|
81
|
+
}
|
|
82
|
+
else {
|
|
83
|
+
this.serviceBus.namespace = this.serviceBusManager.createServiceBusNamespace(this.id, this, {
|
|
84
|
+
...this.props.serviceBus.namespace,
|
|
85
|
+
namespaceName: this.props.serviceBus.namespace.namespaceName ?? this.id,
|
|
86
|
+
resourceGroupName: this.resourceGroup.name,
|
|
87
|
+
}, { ignoreChanges: ['location'] });
|
|
88
|
+
}
|
|
76
89
|
this.registerOutputs({
|
|
77
90
|
serviceBusNamespaceId: this.serviceBus.namespace.id,
|
|
78
91
|
});
|
|
@@ -81,11 +94,22 @@ export class AzureEventHandler extends AzureFunctionApp {
|
|
|
81
94
|
* @summary Method to create the Service Bus queue
|
|
82
95
|
*/
|
|
83
96
|
createServiceBusQueue() {
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
97
|
+
if (this.props.serviceBus.useExisting &&
|
|
98
|
+
this.props.serviceBus.namespace.namespaceName &&
|
|
99
|
+
this.props.serviceBus.queue.queueName) {
|
|
100
|
+
this.serviceBus.queue = getQueueOutput({
|
|
101
|
+
namespaceName: this.props.serviceBus.namespace.namespaceName,
|
|
102
|
+
queueName: this.props.serviceBus.queue.queueName,
|
|
103
|
+
resourceGroupName: this.props.serviceBus.namespace.resourceGroupName,
|
|
104
|
+
});
|
|
105
|
+
}
|
|
106
|
+
else {
|
|
107
|
+
this.serviceBus.queue = this.serviceBusManager.createServiceBusQueue(this.id, this, {
|
|
108
|
+
...this.props.serviceBus.queue,
|
|
109
|
+
queueName: this.props.serviceBus.queue.queueName ?? this.id,
|
|
110
|
+
namespaceName: this.serviceBus.namespace.name,
|
|
111
|
+
});
|
|
112
|
+
}
|
|
89
113
|
this.registerOutputs({
|
|
90
114
|
serviceBusQueueId: this.serviceBus.queue.id,
|
|
91
115
|
serviceBusQueueName: this.serviceBus.queue.name,
|
|
@@ -124,6 +148,8 @@ export class AzureEventHandler extends AzureFunctionApp {
|
|
|
124
148
|
* @summary Method to create the EventGrid event subscription with Service Bus queue destination
|
|
125
149
|
*/
|
|
126
150
|
createEventGridEventSubscription() {
|
|
151
|
+
if (this.props.serviceBus.useExisting)
|
|
152
|
+
return;
|
|
127
153
|
this.eventGridEventSubscription.eventSubscription = this.eventgridManager.createEventgridSubscription(this.id, this, {
|
|
128
154
|
...this.props.eventGridEventSubscription,
|
|
129
155
|
eventSubscriptionName: this.props.eventGridEventSubscription.eventSubscriptionName ?? this.id,
|
|
@@ -143,8 +169,10 @@ export class AzureEventHandler extends AzureFunctionApp {
|
|
|
143
169
|
* @summary Method to create diagnostic log settings for the Service Bus namespace
|
|
144
170
|
*/
|
|
145
171
|
createServiceBusDiagnosticLog() {
|
|
172
|
+
if (this.props.serviceBus.useExisting)
|
|
173
|
+
return;
|
|
146
174
|
this.monitorManager.createMonitorDiagnosticSettings(this.id, this, {
|
|
147
|
-
name: `${this.
|
|
175
|
+
name: `${this.id}-servicebus`,
|
|
148
176
|
resourceUri: this.serviceBus.namespace.id,
|
|
149
177
|
workspaceId: this.commonLogAnalyticsWorkspace.id,
|
|
150
178
|
logAnalyticsDestinationType: 'Dedicated',
|
|
@@ -178,4 +206,22 @@ export class AzureEventHandler extends AzureFunctionApp {
|
|
|
178
206
|
},
|
|
179
207
|
});
|
|
180
208
|
}
|
|
209
|
+
createFunctionAppSiteConfig() {
|
|
210
|
+
super.createFunctionAppSiteConfig();
|
|
211
|
+
this.appEnvironmentVariables = {
|
|
212
|
+
...this.appEnvironmentVariables,
|
|
213
|
+
EVENT_INGEST_QUEUE_NAME: this.serviceBus.queue.name,
|
|
214
|
+
};
|
|
215
|
+
this.appConnectionStrings = [
|
|
216
|
+
{
|
|
217
|
+
name: 'EVENT_INGEST_SERVICE_BUS',
|
|
218
|
+
value: listNamespaceKeysOutput({
|
|
219
|
+
resourceGroupName: this.props.serviceBus.namespace.resourceGroupName,
|
|
220
|
+
namespaceName: this.serviceBus.namespace.name,
|
|
221
|
+
authorizationRuleName: 'RootManageSharedAccessKey',
|
|
222
|
+
}).primaryConnectionString,
|
|
223
|
+
type: 'ServiceBus',
|
|
224
|
+
},
|
|
225
|
+
];
|
|
226
|
+
}
|
|
181
227
|
}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { EventSubscription } from '@pulumi/azure-native/eventgrid/index.js';
|
|
2
|
-
import { Namespace, Queue } from '@pulumi/azure-native/servicebus/index.js';
|
|
2
|
+
import { GetNamespaceResult, GetQueueResult, Namespace, Queue } from '@pulumi/azure-native/servicebus/index.js';
|
|
3
3
|
import { BlobContainer, StorageAccount } from '@pulumi/azure-native/storage/index.js';
|
|
4
|
-
import { Input } from '@pulumi/pulumi';
|
|
4
|
+
import { Input, Output } from '@pulumi/pulumi';
|
|
5
5
|
import { DefenderForStorageProps, EventgridEventSubscriptionProps, EventgridTopicProps, ServiceBusNamespaceProps, ServiceBusQueueProps, StorageAccountProps, StorageContainerProps } from '../../services/index.js';
|
|
6
6
|
import { AzureFunctionAppProps } from '../function-app/index.js';
|
|
7
7
|
/** @category Interface */
|
|
@@ -19,11 +19,12 @@ export interface EventHandlerEventGridSubscription {
|
|
|
19
19
|
export interface EventHandlerServiceBusProps {
|
|
20
20
|
namespace: ServiceBusNamespaceProps;
|
|
21
21
|
queue: ServiceBusQueueProps;
|
|
22
|
+
useExisting?: boolean;
|
|
22
23
|
}
|
|
23
24
|
/** @category Interface */
|
|
24
25
|
export interface EventHandlerServiceBus {
|
|
25
|
-
namespace: Namespace
|
|
26
|
-
queue: Queue
|
|
26
|
+
namespace: Namespace | Output<GetNamespaceResult>;
|
|
27
|
+
queue: Queue | Output<GetQueueResult>;
|
|
27
28
|
}
|
|
28
29
|
/** @category Interface */
|
|
29
30
|
export interface EventHandlerEventGridTopicProps extends EventgridTopicProps {
|
|
@@ -89,7 +89,7 @@ export class AzureRestApi extends CommonAzureConstruct {
|
|
|
89
89
|
}
|
|
90
90
|
this.api.apim = this.apiManagementManager.createApiManagementService(this.id, this, {
|
|
91
91
|
...this.props.apiManagement,
|
|
92
|
-
serviceName: this.
|
|
92
|
+
serviceName: this.id,
|
|
93
93
|
location: this.resourceGroup.location,
|
|
94
94
|
resourceGroupName: this.resourceGroup.name,
|
|
95
95
|
hostnameConfigurations,
|
|
@@ -131,7 +131,7 @@ export class AzureRestApi extends CommonAzureConstruct {
|
|
|
131
131
|
return;
|
|
132
132
|
this.api.namedValueSecret = this.keyVaultManager.createKeyVaultSecret(`${this.id}-key-vault-api-namespace-secret`, this, {
|
|
133
133
|
vaultName: this.api.authKeyVault.name,
|
|
134
|
-
secretName: `${this.applicationInsights.name}-${this.
|
|
134
|
+
secretName: `${this.applicationInsights.name}-${this.id}-key`,
|
|
135
135
|
resourceGroupName: this.resourceGroup.name,
|
|
136
136
|
properties: {
|
|
137
137
|
value: this.applicationInsights.instrumentationKey,
|
|
@@ -154,7 +154,7 @@ export class AzureRestApi extends CommonAzureConstruct {
|
|
|
154
154
|
});
|
|
155
155
|
this.keyVaultManager.createKeyVaultSecret(`${this.id}-key-vault-api-subscription-key-secret`, this, {
|
|
156
156
|
vaultName: this.api.authKeyVault.name,
|
|
157
|
-
secretName: `${this.
|
|
157
|
+
secretName: `${this.id}-subscription-key`,
|
|
158
158
|
resourceGroupName: this.resourceGroup.name,
|
|
159
159
|
properties: {
|
|
160
160
|
value: apiManagementSubscription.primaryKey.apply(key => key ?? ''),
|
|
@@ -209,7 +209,7 @@ export class AzureRestApi extends CommonAzureConstruct {
|
|
|
209
209
|
return;
|
|
210
210
|
this.monitorManager.createMonitorDiagnosticSettings(`${this.id}-apim-diagnostic`, this, {
|
|
211
211
|
...this.props.apiManagementDiagnosticSettings,
|
|
212
|
-
name: `${this.
|
|
212
|
+
name: `${this.id}-api-management`,
|
|
213
213
|
resourceUri: this.api.apim.id,
|
|
214
214
|
workspaceId: this.commonLogAnalyticsWorkspace.id,
|
|
215
215
|
});
|
|
@@ -111,7 +111,7 @@ export class AzureRestApiFunction extends AzureFunctionApp {
|
|
|
111
111
|
}
|
|
112
112
|
this.api.apim = this.apiManagementManager.createApiManagementService(this.id, this, {
|
|
113
113
|
...this.props.apiManagement,
|
|
114
|
-
serviceName: this.
|
|
114
|
+
serviceName: this.id,
|
|
115
115
|
location: this.resourceGroup.location,
|
|
116
116
|
resourceGroupName: this.resourceGroup.name,
|
|
117
117
|
hostnameConfigurations,
|
|
@@ -143,7 +143,7 @@ export class AzureRestApiFunction extends AzureFunctionApp {
|
|
|
143
143
|
});
|
|
144
144
|
this.api.backend = this.apiManagementManager.createBackend(this.id, this, {
|
|
145
145
|
...this.props.apiManagementBackend,
|
|
146
|
-
title: this.
|
|
146
|
+
title: this.id,
|
|
147
147
|
resourceGroupName: this.api.resourceGroupName,
|
|
148
148
|
serviceName: this.api.name,
|
|
149
149
|
url: pulumi.interpolate `https://${this.app.name}.azurewebsites.net/${this.props.apiManagementBackend.backendUrlPath}`,
|
|
@@ -161,7 +161,7 @@ export class AzureRestApiFunction extends AzureFunctionApp {
|
|
|
161
161
|
createApiManagementRoutes() {
|
|
162
162
|
this.api.managementApi = this.apiManagementManager.createApi(`${this.id}-apim-api`, this, {
|
|
163
163
|
...this.props.apiManagementApi,
|
|
164
|
-
displayName: this.props.apiManagementApi.displayName ?? this.
|
|
164
|
+
displayName: this.props.apiManagementApi.displayName ?? this.id,
|
|
165
165
|
serviceName: this.api.name,
|
|
166
166
|
resourceGroupName: this.api.resourceGroupName,
|
|
167
167
|
isCurrent: this.props.apiManagementApi.isCurrent ?? true,
|
|
@@ -37,7 +37,7 @@ export class AzureRestApiWithCache extends AzureRestApi {
|
|
|
37
37
|
createRedisCache() {
|
|
38
38
|
this.api.redis = this.redisManager.createManagedRedis(this.id, this, {
|
|
39
39
|
...this.props.apiManagementManagedRedis,
|
|
40
|
-
name: this.
|
|
40
|
+
name: this.id,
|
|
41
41
|
location: this.resourceGroup.location,
|
|
42
42
|
resourceGroupName: this.resourceGroup.name,
|
|
43
43
|
}, { ignoreChanges: ['location'] });
|
|
@@ -40,7 +40,7 @@ export declare class AzureAuthorisationManager {
|
|
|
40
40
|
* @param roleDefinitionId the role definition id
|
|
41
41
|
* @param resourceOptions Optional settings to control resource behaviour
|
|
42
42
|
*/
|
|
43
|
-
grantRoleAssignmentToKeyVault(id: string, scope: CommonAzureConstruct, vaultName: string, resourceGroupName: string
|
|
43
|
+
grantRoleAssignmentToKeyVault(id: string, scope: CommonAzureConstruct, vaultName: string, resourceGroupName: Input<string>, principalId: Input<string>, roleDefinitionId: RoleDefinitionId, resourceOptions?: ResourceOptions): import("@pulumi/azure-native/authorization/roleAssignment.js").RoleAssignment;
|
|
44
44
|
/**
|
|
45
45
|
* @summary Method to grant a role assignment to event grid topic
|
|
46
46
|
* @param id scoped id of the resource
|
|
@@ -51,7 +51,7 @@ export declare class AzureAuthorisationManager {
|
|
|
51
51
|
* @param roleDefinitionId the role definition id
|
|
52
52
|
* @param resourceOptions Optional settings to control resource behaviour
|
|
53
53
|
*/
|
|
54
|
-
grantRoleAssignmentToEventgridTopic(id: string, scope: CommonAzureConstruct, topicName: string
|
|
54
|
+
grantRoleAssignmentToEventgridTopic(id: string, scope: CommonAzureConstruct, topicName: Input<string>, resourceGroupName: Input<string>, principalId: Input<string>, roleDefinitionId: RoleDefinitionId, resourceOptions?: ResourceOptions): import("@pulumi/azure-native/authorization/roleAssignment.js").RoleAssignment;
|
|
55
55
|
/**
|
|
56
56
|
* @summary Method to grant a role assignment to application configuration
|
|
57
57
|
* @param id scoped id of the resource
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { ResourceOptions } from '@pulumi/pulumi';
|
|
1
|
+
import { Input, ResourceOptions } from '@pulumi/pulumi';
|
|
2
2
|
import { CommonAzureConstruct } from '../../common/index.js';
|
|
3
3
|
import { KeyVaultProps, SecretProps } from './types.js';
|
|
4
4
|
/**
|
|
@@ -46,5 +46,5 @@ export declare class AzureKeyVaultManager {
|
|
|
46
46
|
* @param resourceGroupName the resource group name
|
|
47
47
|
* @param resourceOptions Optional settings to control resource behaviour
|
|
48
48
|
*/
|
|
49
|
-
resolveKeyVault(scope: CommonAzureConstruct, vaultName: string, resourceGroupName: string
|
|
49
|
+
resolveKeyVault(scope: CommonAzureConstruct, vaultName: string, resourceGroupName: Input<string>, resourceOptions?: ResourceOptions): import("@pulumi/pulumi").Output<import("@pulumi/azure-native/keyvault/getVault.js").GetVaultResult>;
|
|
50
50
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@gradientedge/cdk-utils-azure",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.8.0",
|
|
4
4
|
"description": "Azure Pulumi utilities for @gradientedge/cdk-utils",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/src/index.js",
|
|
@@ -16,7 +16,7 @@
|
|
|
16
16
|
"dependencies": {
|
|
17
17
|
"@pulumi/archive": "0.3.7",
|
|
18
18
|
"@pulumi/azure-native": "3.16.0",
|
|
19
|
-
"@pulumi/pulumi": "3.
|
|
19
|
+
"@pulumi/pulumi": "3.230.0",
|
|
20
20
|
"@types/lodash": "4.17.24",
|
|
21
21
|
"app-root-path": "3.1.0",
|
|
22
22
|
"lodash": "4.18.1",
|