npm - @gradientedge/cdk-utils - Versions diffs - 10.7.0 → 10.8.0 - Mend

@gradientedge/cdk-utils 10.7.0 → 10.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (198) hide show

package/dist/src/lib/azure/construct/rest-api/main.js ADDED Viewed

@@ -0,0 +1,172 @@
+import { HostnameType, LoggerType } from '@pulumi/azure-native/apimanagement/index.js';
+import { getComponentOutput } from '@pulumi/azure-native/applicationinsights/index.js';
+import { getVaultOutput } from '@pulumi/azure-native/keyvault/index.js';
+import * as pulumi from '@pulumi/pulumi';
+import { CommonAzureConstruct } from '../../common/index.js';
+import { RoleDefinitionId } from '../../services/index.js';
+export class AzureRestApi extends CommonAzureConstruct {
+    props;
+    api;
+    applicationInsights;
+    constructor(id, props) {
+        super(id, props);
+        this.props = props;
+        this.id = id;
+    }
+    initResources() {
+        this.createResourceGroup();
+        this.resolveApiKeyVault();
+        this.resolveCommonLogAnalyticsWorkspace();
+        this.resolveApplicationInsights();
+        this.createApiManagement();
+        this.createNamespaceSecretRole();
+        this.createNamespaceSecret();
+        this.createSubscriptionKeySecret();
+        this.createApiManagementLogger();
+        this.createApiDiagnostic();
+        this.createDiagnosticLog();
+    }
+    resolveApiKeyVault() {
+        this.api.authKeyVault = getVaultOutput({
+            vaultName: this.props.apiAuthKeyVault.name,
+            resourceGroupName: this.props.apiAuthKeyVault.resourceGroupName,
+        });
+    }
+    resolveApplicationInsights() {
+        if (!this.props.commonApplicationInsights || !this.props.commonApplicationInsights.resourceName)
+            return;
+        this.applicationInsights = getComponentOutput({
+            resourceName: this.props.commonApplicationInsights.resourceName,
+            resourceGroupName: this.props.commonApplicationInsights.resourceGroupName,
+        });
+    }
+    createApiManagement() {
+        if (this.props.apiManagement.useExistingApiManagement) {
+            if (this.props.apiManagement.apiStackName) {
+                const apiStack = new pulumi.StackReference(this.props.apiManagement.apiStackName);
+                this.api.id = apiStack.getOutput('apiId');
+                this.api.name = apiStack.getOutput('apiName');
+                this.api.resourceGroupName = apiStack.getOutput('apiResourceGroupName');
+            }
+        }
+        else {
+            let hostnameConfigurations;
+            if (this.props.apiManagement.certificateKeyVaultId) {
+                hostnameConfigurations = [
+                    {
+                        hostName: `api-${this.props.locationConfig?.[this.props.location].name}.${this.props.domainName}`,
+                        keyVaultId: this.props.apiManagement.certificateKeyVaultId,
+                        type: HostnameType.Management,
+                    },
+                ];
+            }
+            this.api.apim = this.apiManagementManager.createApiManagementService(this.id, this, {
+                ...this.props.apiManagement,
+                serviceName: this.props.stackName,
+                location: this.resourceGroup.location,
+                resourceGroupName: this.resourceGroup.name,
+                hostnameConfigurations,
+            }, undefined, undefined, { protect: true });
+            this.api.id = this.api.apim.id;
+            this.api.name = this.api.apim.name;
+            this.api.resourceGroupName = this.resourceGroup.name;
+            if (this.props.apiManagement.certificateKeyVaultId) {
+                this.authorisationManager.createRoleAssignment(`${this.id}-kv-role`, this, {
+                    principalId: this.api.apim.identity.apply(identity => identity?.principalId ?? ''),
+                    roleDefinitionId: RoleDefinitionId.KEY_VAULT_CERTIFICATE_USER,
+                    scope: this.props.apiManagement.certificateKeyVaultId,
+                });
+            }
+        }
+        this.registerOutputs({
+            apiId: this.api.id,
+            apiName: this.api.name,
+            apiResourceGroupName: this.api.resourceGroupName,
+        });
+    }
+    createNamespaceSecretRole() {
+        if (this.props.apiManagement.useExistingApiManagement)
+            return;
+        this.api.namedValueRoleAssignment = this.authorisationManager.createRoleAssignment(`${this.id}-key-vault-role-api-namespace`, this, {
+            principalId: this.api.apim.identity.apply(identity => identity?.principalId ?? ''),
+            roleDefinitionId: `/subscriptions/${this.props.subscriptionId}/providers/Microsoft.Authorization/roleDefinitions/4633458b-17de-408a-b874-0445c86b69e6`,
+            scope: this.api.authKeyVault.id,
+        });
+    }
+    createNamespaceSecret() {
+        if (this.props.apiManagement.useExistingApiManagement)
+            return;
+        this.api.namedValueSecret = this.keyVaultManager.createKeyVaultSecret(`${this.id}-key-vault-api-namespace-secret`, this, {
+            vaultName: this.api.authKeyVault.name,
+            secretName: `${this.applicationInsights.name}-${this.props.stackName}-key`,
+            resourceGroupName: this.resourceGroup.name,
+            properties: {
+                value: this.applicationInsights.instrumentationKey,
+            },
+        });
+    }
+    createSubscriptionKeySecret() {
+        if (this.props.apiManagement.useExistingApiManagement)
+            return;
+        const apiManagementSubscription = this.apiManagementManager.createSubscription(this.id, this, {
+            serviceName: this.api.apim.name,
+            resourceGroupName: this.resourceGroup.name,
+            displayName: 'all-apis',
+            state: 'active',
+            allowTracing: false,
+            scope: '', // todo
+        });
+        this.keyVaultManager.createKeyVaultSecret(`${this.id}-key-vault-api-subscription-key-secret`, this, {
+            vaultName: this.api.authKeyVault.name,
+            secretName: `${this.props.stackName}-subscription-key`,
+            resourceGroupName: this.resourceGroup.name,
+            properties: {
+                value: apiManagementSubscription.primaryKey.apply(key => key ?? ''),
+            },
+        });
+    }
+    createApiManagementLogger() {
+        if (this.props.apiManagement.useExistingApiManagement)
+            return;
+        const apiAppNamedValue = this.apiManagementManager.createNamedValue(`${this.id}-am-nv`, this, {
+            displayName: this.applicationInsights.name,
+            resourceGroupName: this.resourceGroup.name,
+            serviceName: this.api.apim.name,
+            namedValueId: `${this.applicationInsights.name}-key`,
+            secret: true,
+            keyVault: {
+                secretIdentifier: this.api.namedValueSecret.id,
+            },
+        });
+        this.api.logger = this.apiManagementManager.createLogger(`${this.id}-am-logger`, this, {
+            resourceGroupName: this.resourceGroup.name,
+            serviceName: this.api.apim.name,
+            resourceId: this.applicationInsights.id,
+            loggerType: LoggerType.ApplicationInsights,
+            credentials: {
+                instrumentationKey: `{{${apiAppNamedValue.displayName}}}`,
+            },
+        });
+    }
+    createApiDiagnostic() {
+        if (this.props.apiManagement.useExistingApiManagement)
+            return;
+        this.apiManagementManager.createApiDiagnostic(`${this.id}-all-apis`, this, {
+            ...this.props.apiManagementDiagnostic,
+            apiId: this.api.apim.id,
+            resourceGroupName: this.resourceGroup.name,
+            serviceName: this.api.apim.name,
+            loggerId: this.api.logger.id,
+        });
+    }
+    createDiagnosticLog() {
+        if (this.props.apiManagement.useExistingApiManagement)
+            return;
+        this.monitorManager.createMonitorDiagnosticSettings(`${this.id}-apim-diagnostic`, this, {
+            ...this.props.apiManagementDiagnosticSettings,
+            name: `${this.props.stackName}-api-management`,
+            resourceUri: this.api.apim.id,
+            workspaceId: this.commonLogAnalyticsWorkspace.id,
+        });
+    }
+}

package/dist/src/lib/azure/construct/rest-api/types.d.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import { ApiManagementService, Logger } from '@pulumi/azure-native/apimanagement/index.js';
+import { RoleAssignment } from '@pulumi/azure-native/authorization/index.js';
+import { GetVaultResult, Secret } from '@pulumi/azure-native/keyvault/index.js';
+import { Input, Output } from '@pulumi/pulumi';
+import { ApiDiagnosticProps, ApiManagementProps, CommonAzureStackProps, MonitorDiagnosticSettingProps } from '../../index.js';
+export interface ApiAuthKeyVault {
+    name: string;
+    resourceGroupName: string;
+}
+export interface AzureRestApiProps extends CommonAzureStackProps {
+    apiAuthKeyVault: ApiAuthKeyVault;
+    apiManagement: ApiManagementProps;
+    apiManagementDiagnostic: ApiDiagnosticProps;
+    apiManagementDiagnosticSettings: MonitorDiagnosticSettingProps;
+}
+export interface AzureApi {
+    id: Input<string>;
+    name: Input<string>;
+    resourceGroupName: Input<string>;
+    authKeyVault: Output<GetVaultResult>;
+    apim: ApiManagementService;
+    namedValueSecret: Secret;
+    namedValueRoleAssignment: RoleAssignment;
+    logger: Logger;
+}

package/dist/src/lib/azure/construct/rest-api/types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/src/lib/azure/construct/rest-api-function/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './main.js';
2	+ export * from './types.js';

package/dist/src/lib/azure/construct/rest-api-function/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './main.js';
2	+ export * from './types.js';

package/dist/src/lib/azure/construct/rest-api-function/main.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import { ApiManagementApiOperationProps } from '../../services/index.js';
+import { AzureFunctionApp } from '../function-app/index.js';
+import { AzureApiFunction, AzureRestApiFunctionProps } from './types.js';
+export declare class AzureRestApiFunction extends AzureFunctionApp {
+    props: AzureRestApiFunctionProps;
+    api: AzureApiFunction;
+    constructor(id: string, props: AzureRestApiFunctionProps);
+    initResources(): void;
+    protected resolveApiKeyVault(): void;
+    protected createNamespaceSecret(): void;
+    protected createApiManagement(): void;
+    protected createApiManagementNamespace(): void;
+    protected createApiManagementRoutes(): void;
+    protected createApiOperation(operation: ApiManagementApiOperationProps): void;
+    protected createApiOperationCachePolicy(operation: ApiManagementApiOperationProps): void;
+    protected createCorsPolicy(): void;
+    protected createApiPolicy(): void;
+    protected dashboardVariables(): Record<string, any>;
+}

package/dist/src/lib/azure/construct/rest-api-function/main.js ADDED Viewed

@@ -0,0 +1,255 @@
+import { HostnameType, NamedValue } from '@pulumi/azure-native/apimanagement/index.js';
+import { getVaultOutput } from '@pulumi/azure-native/keyvault/index.js';
+import { listWebAppHostKeysOutput } from '@pulumi/azure-native/web/index.js';
+import * as pulumi from '@pulumi/pulumi';
+import _ from 'lodash';
+import { RoleDefinitionId } from '../../services/index.js';
+import { AzureFunctionApp } from '../function-app/index.js';
+export class AzureRestApiFunction extends AzureFunctionApp {
+    props;
+    api;
+    constructor(id, props) {
+        super(id, props);
+        this.props = props;
+        this.id = id;
+    }
+    initResources() {
+        this.createResourceGroup();
+        this.resolveCommonLogAnalyticsWorkspace();
+        this.resolveApplicationInsights();
+        this.createAppServicePlan();
+        this.createdParsedAppConfigurations();
+        this.createAppConfiguration();
+        this.createAppConfigurations();
+        this.createStorageAccount();
+        this.createStorageDeploymentContainer();
+        this.createStorageContainer();
+        this.createDataStorageAccount();
+        this.createDataStorageContainer();
+        this.generateStorageContainerSas();
+        this.createFunctionHosts();
+        this.createCodePackage();
+        this.createFunctionAppSiteConfig();
+        this.createFunctionApp();
+        this.createRoleAssignments();
+        this.resolveApiKeyVault();
+        this.createNamespaceSecret();
+        this.createApiManagement();
+        this.createApiManagementNamespace();
+        this.createApiManagementRoutes();
+        this.createCorsPolicy();
+        this.createFunctionDashboard();
+    }
+    resolveApiKeyVault() {
+        this.api.authKeyVault = getVaultOutput({
+            vaultName: this.props.apiAuthKeyVault.name,
+            resourceGroupName: this.props.apiAuthKeyVault.resourceGroupName,
+        });
+    }
+    createNamespaceSecret() {
+        if (!this.props.apiManagement.useExistingApiManagement)
+            return;
+        const functionDefaultKey = listWebAppHostKeysOutput({
+            name: this.app.name,
+            resourceGroupName: this.resourceGroup.name,
+        });
+        this.api.namedValueSecret = this.keyVaultManager.createKeyVaultSecret(`${this.id}-key-vault-api-namespace-secret`, this, {
+            vaultName: this.api.authKeyVault.name,
+            secretName: pulumi.interpolate `${this.app.name}key`,
+            resourceGroupName: this.resourceGroup.name,
+            properties: {
+                value: functionDefaultKey.functionKeys?.apply(keys => keys?.['default'] ?? ''),
+            },
+        });
+    }
+    createApiManagement() {
+        if (this.props.apiManagement.useExistingApiManagement) {
+            if (this.props.apiManagement.apiStackName) {
+                const apiStack = new pulumi.StackReference(this.props.apiManagement.apiStackName);
+                this.api.id = apiStack.getOutput('apiId');
+                this.api.name = apiStack.getOutput('apiName');
+                this.api.resourceGroupName = apiStack.getOutput('apiResourceGroupName');
+            }
+        }
+        else {
+            let hostnameConfigurations;
+            if (this.props.apiManagement.certificateKeyVaultId) {
+                hostnameConfigurations = [
+                    {
+                        hostName: `api-${this.props.locationConfig?.[this.props.location].name}.${this.props.domainName}`,
+                        keyVaultId: this.props.apiManagement.certificateKeyVaultId,
+                        type: HostnameType.Management,
+                    },
+                ];
+            }
+            this.api.apim = this.apiManagementManager.createApiManagementService(this.id, this, {
+                ...this.props.apiManagement,
+                serviceName: this.props.stackName,
+                location: this.resourceGroup.location,
+                resourceGroupName: this.resourceGroup.name,
+                hostnameConfigurations,
+            }, undefined, undefined, { protect: true });
+            this.api.id = this.api.apim.id;
+            this.api.name = this.api.apim.name;
+            this.api.resourceGroupName = this.resourceGroup.name;
+            if (this.props.apiManagement.certificateKeyVaultId) {
+                this.authorisationManager.createRoleAssignment(`${this.id}-kv-role`, this, {
+                    principalId: this.api.apim.identity.apply(identity => identity?.principalId ?? ''),
+                    roleDefinitionId: RoleDefinitionId.KEY_VAULT_CERTIFICATE_USER,
+                    scope: this.props.apiManagement.certificateKeyVaultId,
+                });
+            }
+        }
+    }
+    createApiManagementNamespace() {
+        this.api.namedValue = new NamedValue(`${this.id}-am-nv`, {
+            displayName: this.app.name,
+            keyVault: {
+                secretIdentifier: this.api.namedValueSecret.id,
+            },
+            resourceGroupName: this.api.resourceGroupName,
+            secret: true,
+            serviceName: this.api.name,
+        });
+        this.api.backend = this.apiManagementManager.createBackend(this.id, this, {
+            ...this.props.apiManagementBackend,
+            title: this.props.stackName,
+            resourceGroupName: this.api.resourceGroupName,
+            serviceName: this.api.name,
+            url: pulumi.interpolate `https://${this.app.name}.azurewebsites.net/${this.props.apiManagementBackend.backendUrlPath}`,
+            resourceId: pulumi.interpolate `https://management.azure.com/subscriptions/${this.props.subscriptionId}/resourceGroups/${this.resourceGroup.name}/providers/Microsoft.Web/sites/${this.app.name}`,
+            credentials: {
+                header: {
+                    'x-functions-key': [`{{${this.api.namedValue.name}}}`],
+                },
+            },
+        });
+    }
+    createApiManagementRoutes() {
+        this.api.managementApi = this.apiManagementManager.createApi(`${this.id}-apim-api`, this, {
+            ...this.props.apiManagementApi,
+            displayName: this.props.apiManagementApi.displayName ?? this.props.stackName,
+            serviceName: this.api.name,
+            resourceGroupName: this.api.resourceGroupName,
+            isCurrent: this.props.apiManagementApi.isCurrent ?? true,
+            protocols: this.props.apiManagementApi.protocols ?? ['https'],
+        });
+        _.forEach(this.props.apiManagementApi.operations, operation => {
+            this.createApiOperation(operation);
+            this.createApiOperationCachePolicy(operation);
+        });
+    }
+    createApiOperation(operation) {
+        this.api.apiOperations[operation.displayName.toString()] = this.apiManagementManager.createOperation(`${this.id}-apim-api-apim-api-operation-${operation.displayName}-${operation.method}`, this, {
+            operationId: `${operation.displayName}-${operation.method}`,
+            method: operation.method.toString().toUpperCase(),
+            serviceName: this.api.name,
+            resourceGroupName: this.api.resourceGroupName,
+            apiId: this.api.id,
+            displayName: operation.displayName,
+            urlTemplate: operation.urlTemplate,
+            templateParameters: operation.templateParameters,
+        });
+    }
+    createApiOperationCachePolicy(operation) {
+        if (!operation.caching || !operation.caching.enableCacheSet)
+            return;
+        this.apiManagementManager.createOperationPolicy(`${this.id}-apim-api-operation-policy-${operation.displayName}-${operation.method}`, this, {
+            apiId: this.api.id,
+            resourceGroupName: this.api.resourceGroupName,
+            serviceName: this.api.name,
+            operationId: `${operation.displayName}-${operation.method}`,
+            value: `
+        <policies>
+          <policies>
+            <inbound>
+              <base />
+                ${this.props.apiManagementApi.cacheSetInboundPolicy}
+            </inbound>
+            <backend>
+              <base />
+            </backend>
+            <outbound>
+              <base />
+                ${this.props.apiManagementApi.cacheSetOutboundPolicy}
+            </outbound>
+            <on-error>
+              <base />
+            </on-error>
+        </policies>`.replace(/\n[ \t]*\n/g, '\n'), // move to utils
+        });
+    }
+    createCorsPolicy() {
+        if (!this.props.apiManagementCors?.enableCors)
+            return;
+        const allowedOrigins = [];
+        if (this.props.apiManagementCors.allowedOrigins) {
+            _.forEach(this.props.apiManagementCors.allowedOrigins, (origin) => {
+                allowedOrigins.push(`<origin>${origin}</origin>`);
+            });
+        }
+        else if (this.props.apiManagementCors.originSubdomain) {
+            _.forEach(this.props.locales, (locale) => {
+                allowedOrigins.push(`<origin>https://${this.props.apiManagementCors?.originSubdomain}-${locale}.${this.props.domainName}</origin>`);
+            });
+        }
+        const allowedHeaders = [];
+        _.forEach(this.props.apiManagementCors.allowedHeaders, (header) => {
+            allowedHeaders.push(`<header>${header}</header>`);
+        });
+        const allowedMethods = [];
+        _.forEach(this.props.apiManagementCors.allowedMethods, (method) => {
+            allowedMethods.push(`<method>${method}</method>`);
+        });
+        this.api.corsPolicyXmlContent = `
+        <cors allow-credentials="${this.props.apiManagementCors.allowCredentials}">
+          <allowed-origins>
+            ${allowedOrigins.toString().replaceAll(',', '')}
+          </allowed-origins>
+          <allowed-methods>
+            ${allowedMethods.toString().replaceAll(',', '')}
+          </allowed-methods>
+          <allowed-headers>
+            ${allowedHeaders.toString().replaceAll(',', '')}
+          </allowed-headers>
+        </cors>`.replace(/\n[ \t]*\n/g, '\n'); // move to utils
+    }
+    createApiPolicy() {
+        const policyXmlContent = pulumi.interpolate `
+      <policies>
+        <inbound>
+          <base />
+          ${this.api.corsPolicyXmlContent ?? ''}
+          <set-backend-service backend-id="${this.api.backend.name}" />
+          <set-header name="traceparent" exists-action="override">
+            <value>@(context.Request.Headers.GetValueOrDefault("traceparent", ""))</value>
+          </set-header>
+        </inbound>
+        <backend>
+            <base />
+        </backend>
+        <outbound>
+          <base />
+          <set-header name="traceparent" exists-action="override">
+            <value>@(context.Request.Headers.GetValueOrDefault("traceparent", ""))</value>
+          </set-header>
+        </outbound>
+        <on-error>
+            <base />
+        </on-error>
+      </policies>`;
+        this.apiManagementManager.createPolicy(`${this.id}-apim-api-policy`, this, {
+            serviceName: this.api.name,
+            apiId: this.api.id,
+            resourceGroupName: this.api.resourceGroupName,
+            value: policyXmlContent.apply(xml => xml.replace(/\n[ \t]*\n/g, '\n')),
+        });
+    }
+    dashboardVariables() {
+        const variables = super.dashboardVariables();
+        return {
+            ...variables,
+            apimName: this.api.name,
+        };
+    }
+}

package/dist/src/lib/azure/construct/rest-api-function/types.d.ts ADDED Viewed

@@ -0,0 +1,29 @@
+import { Api, ApiOperation, Backend, NamedValue } from '@pulumi/azure-native/apimanagement/index.js';
+import { ApiManagementApiProps, ApiManagementBackendProps, ApiManagementProps, ApplicationInsightsProps, AzureApi, AzureFunctionAppProps, AzureRestApiProps } from '../../index.js';
+export interface ApiManagementRestApiProps extends ApiManagementProps {
+    useExistingApiManagement: boolean;
+}
+export interface ApiManagementCors {
+    enableCors: boolean;
+    allowCredentials: boolean;
+    allowedMethods: string[];
+    allowedHeaders: string[];
+    allowedOrigins?: string[];
+    originSubdomain?: string;
+}
+export interface AzureRestApiFunctionProps extends AzureRestApiProps, AzureFunctionAppProps {
+    apiManagementBackend: ApiManagementBackendProps;
+    apiManagementApi: ApiManagementApiProps;
+    apiManagementApplicationInsights?: ApplicationInsightsProps;
+    apiManagement: ApiManagementRestApiProps;
+    apiManagementCors?: ApiManagementCors;
+}
+export interface AzureApiFunction extends AzureApi {
+    corsPolicyXmlContent?: string;
+    apiOperations: {
+        [operation: string]: ApiOperation;
+    };
+    managementApi: Api;
+    backend: Backend;
+    namedValue: NamedValue;
+}

package/dist/src/lib/azure/construct/rest-api-function/types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/src/lib/azure/construct/rest-api-with-cache/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './main.js';
2	+ export * from './types.js';

package/dist/src/lib/azure/construct/rest-api-with-cache/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './main.js';
2	+ export * from './types.js';

package/dist/src/lib/azure/construct/rest-api-with-cache/main.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { AzureRestApi } from '../rest-api/main.js';
+import { AzureApiWithCache, AzureRestApiWithCacheProps } from './types.js';
+export declare class AzureRestApiWithCache extends AzureRestApi {
+    props: AzureRestApiWithCacheProps;
+    api: AzureApiWithCache;
+    constructor(id: string, props: AzureRestApiWithCacheProps);
+    initResources(): void;
+    protected createRedisCache(): void;
+    protected createRedisCacheSecret(): void;
+    protected createRedisCacheNamespace(): void;
+    protected createRedisCacheApiManagement(): void;
+}

package/dist/src/lib/azure/construct/rest-api-with-cache/main.js ADDED Viewed

@@ -0,0 +1,56 @@
+import { AzureRestApi } from '../rest-api/main.js';
+export class AzureRestApiWithCache extends AzureRestApi {
+    props;
+    constructor(id, props) {
+        super(id, props);
+        this.props = props;
+        this.id = id;
+    }
+    initResources() {
+        super.initResources();
+        this.createRedisCache();
+        this.createRedisCacheSecret();
+        this.createRedisCacheNamespace();
+        this.createRedisCacheApiManagement();
+    }
+    createRedisCache() {
+        this.api.redis = this.redisManager.createManagedRedis(this.id, this, {
+            ...this.props.apiManagementManagedRedis,
+            name: this.props.stackName,
+            location: this.resourceGroup.location,
+            resourceGroupName: this.resourceGroup.name,
+        }, { ignoreChanges: ['location'] });
+    }
+    createRedisCacheSecret() {
+        this.api.redisNamedValueSecret = this.keyVaultManager.createKeyVaultSecret(`${this.id}-key-vault-redis-namespace-secret`, this, {
+            vaultName: this.api.authKeyVault.name,
+            secretName: `${this.api.redis.name}key`,
+            resourceGroupName: this.resourceGroup.name,
+            properties: {
+                value: `${this.api.redis.name}:10000,password=${this.api.redis.accessKeys.primaryKey},ssl=True,abortConnect=False`,
+            },
+        }, { dependsOn: [this.api.redis, this.api.namedValueRoleAssignment] });
+    }
+    createRedisCacheNamespace() {
+        this.api.redisNamedValue = this.apiManagementManager.createNamedValue(`${this.id}-redis-nv`, this, {
+            displayName: `${this.api.redis.name}key`,
+            resourceGroupName: this.resourceGroup.name,
+            serviceName: this.api.apim.name,
+            namedValueId: `${this.api.redis.name}key`,
+            secret: true,
+            keyVault: {
+                secretIdentifier: this.api.redisNamedValueSecret.id,
+            },
+        });
+    }
+    createRedisCacheApiManagement() {
+        this.apiManagementManager.createCache(`${this.id}-am-redis-cache`, this, {
+            serviceName: this.api.apim.name,
+            connectionString: `{{${this.api.redisNamedValue.name}}}`,
+            cacheId: this.api.redis.id,
+            resourceGroupName: this.resourceGroup.name,
+            useFromLocation: this.api.redis.location,
+            description: `Redis cache for ${this.api.apim.name}`,
+        });
+    }
+}

package/dist/src/lib/azure/construct/rest-api-with-cache/types.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { NamedValue } from '@pulumi/azure-native/apimanagement/index.js';
+import { Secret } from '@pulumi/azure-native/keyvault/index.js';
+import { Redis } from '@pulumi/azure-native/redis/index.js';
+import { RedisProps } from '../../index.js';
+import { AzureApi, AzureRestApiProps } from '../index.js';
+export interface AzureRestApiWithCacheProps extends AzureRestApiProps {
+    apiManagementManagedRedis: RedisProps;
+}
+export interface AzureApiWithCache extends AzureApi {
+    redis: Redis;
+    redisNamedValueSecret: Secret;
+    redisNamedValue: NamedValue;
+}

package/dist/src/lib/azure/construct/rest-api-with-cache/types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/src/lib/azure/construct/site-with-webapp/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './main.js';
2	+ export * from './types.js';

package/dist/src/lib/azure/construct/site-with-webapp/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './main.js';
2	+ export * from './types.js';

package/dist/src/lib/azure/construct/site-with-webapp/main.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import { GetComponentResult } from '@pulumi/azure-native/applicationinsights/index.js';
+import { Output, ResourceOptions } from '@pulumi/pulumi';
+import { CommonAzureConstruct } from '../../common/index.js';
+import { Site, SiteWithWebAppProps } from './types.js';
+export declare class SiteWithWebApp extends CommonAzureConstruct {
+    props: SiteWithWebAppProps;
+    applicationInsights: Output<GetComponentResult>;
+    site: Site;
+    constructor(id: string, props: SiteWithWebAppProps);
+    initResources(): void;
+    protected resolveApplicationInsights(): void;
+    protected createSiteAppServicePlan(): void;
+    protected createSiteStorageAccount(): void;
+    protected createSiteStorageContainer(): void;
+    protected createCodePackage(): void;
+    protected createWebAppSiteConfig(): void;
+    protected createWebApp(resourceOptions?: ResourceOptions): void;
+    protected createDiagnosticLog(): void;
+}