@reyemtech/nimbus 0.1.0 → 1.1.0

package/dist/cjs/aws/state.js

@@ -0,0 +1,209 @@
+"use strict";
+/**
+ * AWS S3 state backend implementation with BCDR features.
+ *
+ * Creates an S3 bucket for Pulumi state storage with versioning,
+ * encryption, locking (DynamoDB), and optional cross-region replication.
+ *
+ * @module aws/state
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAwsStateBackend = createAwsStateBackend;
+const aws = __importStar(require("@pulumi/aws"));
+const pulumi = __importStar(require("@pulumi/pulumi"));
+const types_1 = require("../types");
+/**
+ * Create an AWS S3 state backend with BCDR features.
+ *
+ * @example
+ * ```typescript
+ * const state = createAwsStateBackend("prod", {
+ *   cloud: "aws",
+ *   versioning: true,
+ *   encryption: true,
+ *   locking: { enabled: true },
+ *   replication: { enabled: true, destinationRegion: "us-west-2" },
+ * });
+ * ```
+ */
+function createAwsStateBackend(name, config, options) {
+    const cloud = Array.isArray(config.cloud) ? (config.cloud[0] ?? "aws") : config.cloud;
+    const target = (0, types_1.resolveCloudTarget)(cloud);
+    const tags = config.tags ?? {};
+    const encryption = config.encryption ?? true;
+    const lockingEnabled = config.locking?.enabled ?? true;
+    const replication = config.replication ?? { enabled: false };
+    const forceDestroy = options?.forceDestroy ?? false;
+    // S3 replication requires versioning on source bucket — force it on
+    const versioning = replication.enabled ? true : (config.versioning ?? true);
+    // S3 bucket for state storage
+    const bucket = new aws.s3.BucketV2(`${name}-state`, {
+        bucketPrefix: `${name}-state-`,
+        forceDestroy,
+        tags: { ...tags, Name: `${name}-state` },
+    });
+    // Block all public access — state must never be public
+    new aws.s3.BucketPublicAccessBlock(`${name}-state-public-access`, {
+        bucket: bucket.id,
+        blockPublicAcls: true,
+        blockPublicPolicy: true,
+        ignorePublicAcls: true,
+        restrictPublicBuckets: true,
+    });
+    // Versioning
+    if (versioning) {
+        new aws.s3.BucketVersioningV2(`${name}-state-versioning`, {
+            bucket: bucket.id,
+            versioningConfiguration: { status: "Enabled" },
+        });
+    }
+    // Server-side encryption
+    if (encryption) {
+        const sseRule = options?.kmsKeyArn
+            ? {
+                applyServerSideEncryptionByDefault: {
+                    sseAlgorithm: "aws:kms",
+                    kmsMasterKeyId: options.kmsKeyArn,
+                },
+                bucketKeyEnabled: true,
+            }
+            : {
+                applyServerSideEncryptionByDefault: {
+                    sseAlgorithm: "AES256",
+                },
+            };
+        new aws.s3.BucketServerSideEncryptionConfigurationV2(`${name}-state-sse`, {
+            bucket: bucket.id,
+            rules: [sseRule],
+        });
+    }
+    // DynamoDB table for state locking
+    let lockTableName;
+    if (lockingEnabled) {
+        const tableName = config.locking?.dynamoDbTableName ?? `${name}-state-lock`;
+        const lockTable = new aws.dynamodb.Table(`${name}-state-lock`, {
+            name: tableName,
+            billingMode: "PAY_PER_REQUEST",
+            hashKey: "LockID",
+            attributes: [{ name: "LockID", type: "S" }],
+            tags: { ...tags, Name: `${name}-state-lock` },
+        });
+        lockTableName = lockTable.name;
+    }
+    // Cross-region replication
+    if (replication.enabled && replication.destinationRegion) {
+        const destProvider = new aws.Provider(`${name}-state-repl-provider`, {
+            region: replication.destinationRegion,
+        });
+        const replicaBucket = new aws.s3.BucketV2(`${name}-state-replica`, {
+            bucketPrefix: `${name}-state-replica-`,
+            forceDestroy,
+            tags: { ...tags, Name: `${name}-state-replica` },
+        }, { provider: destProvider });
+        new aws.s3.BucketVersioningV2(`${name}-state-replica-versioning`, {
+            bucket: replicaBucket.id,
+            versioningConfiguration: { status: "Enabled" },
+        }, { provider: destProvider });
+        // IAM role for replication
+        const replRole = new aws.iam.Role(`${name}-state-repl-role`, {
+            namePrefix: `${name}-s3-repl`,
+            assumeRolePolicy: JSON.stringify({
+                Version: "2012-10-17",
+                Statement: [
+                    {
+                        Action: "sts:AssumeRole",
+                        Effect: "Allow",
+                        Principal: { Service: "s3.amazonaws.com" },
+                    },
+                ],
+            }),
+            tags,
+        });
+        new aws.iam.RolePolicy(`${name}-state-repl-policy`, {
+            role: replRole.id,
+            policy: pulumi.all([bucket.arn, replicaBucket.arn]).apply(([srcArn, destArn]) => JSON.stringify({
+                Version: "2012-10-17",
+                Statement: [
+                    {
+                        Effect: "Allow",
+                        Action: ["s3:GetReplicationConfiguration", "s3:ListBucket"],
+                        Resource: srcArn,
+                    },
+                    {
+                        Effect: "Allow",
+                        Action: [
+                            "s3:GetObjectVersionForReplication",
+                            "s3:GetObjectVersionAcl",
+                            "s3:GetObjectVersionTagging",
+                        ],
+                        Resource: `${srcArn}/*`,
+                    },
+                    {
+                        Effect: "Allow",
+                        Action: ["s3:ReplicateObject", "s3:ReplicateDelete", "s3:ReplicateTags"],
+                        Resource: `${destArn}/*`,
+                    },
+                ],
+            })),
+        });
+        new aws.s3.BucketReplicationConfig(`${name}-state-replication`, {
+            role: replRole.arn,
+            bucket: bucket.id,
+            rules: [
+                {
+                    id: "replicate-all",
+                    status: "Enabled",
+                    destination: {
+                        bucket: replicaBucket.arn,
+                    },
+                },
+            ],
+        });
+    }
+    return {
+        name,
+        cloud: target,
+        backendType: "s3",
+        backendUrl: bucket.bucket.apply((b) => `s3://${b}`),
+        bucketName: bucket.bucket,
+        lockTableName,
+        versioning,
+        encryption,
+        replicationEnabled: replication.enabled,
+        nativeResource: bucket,
+    };
+}
+//# sourceMappingURL=state.js.map

package/dist/cjs/aws/state.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"state.js","sourceRoot":"","sources":["../../../src/aws/state.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6BH,sDAiLC;AA5MD,iDAAmC;AACnC,uDAAyC;AAEzC,oCAA8C;AAU9C;;;;;;;;;;;;;GAaG;AACH,SAAgB,qBAAqB,CACnC,IAAY,EACZ,MAA2B,EAC3B,OAAiC;IAEjC,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IACtF,MAAM,MAAM,GAAG,IAAA,0BAAkB,EAAC,KAAK,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;IAC/B,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC;IAC7C,MAAM,cAAc,GAAG,MAAM,CAAC,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC;IACvD,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC7D,MAAM,YAAY,GAAG,OAAO,EAAE,YAAY,IAAI,KAAK,CAAC;IAEpD,oEAAoE;IACpE,MAAM,UAAU,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC;IAE5E,8BAA8B;IAC9B,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,QAAQ,CAAC,GAAG,IAAI,QAAQ,EAAE;QAClD,YAAY,EAAE,GAAG,IAAI,SAAS;QAC9B,YAAY;QACZ,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,QAAQ,EAAE;KACzC,CAAC,CAAC;IAEH,uDAAuD;IACvD,IAAI,GAAG,CAAC,EAAE,CAAC,uBAAuB,CAAC,GAAG,IAAI,sBAAsB,EAAE;QAChE,MAAM,EAAE,MAAM,CAAC,EAAE;QACjB,eAAe,EAAE,IAAI;QACrB,iBAAiB,EAAE,IAAI;QACvB,gBAAgB,EAAE,IAAI;QACtB,qBAAqB,EAAE,IAAI;KAC5B,CAAC,CAAC;IAEH,aAAa;IACb,IAAI,UAAU,EAAE,CAAC;QACf,IAAI,GAAG,CAAC,EAAE,CAAC,kBAAkB,CAAC,GAAG,IAAI,mBAAmB,EAAE;YACxD,MAAM,EAAE,MAAM,CAAC,EAAE;YACjB,uBAAuB,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,yBAAyB;IACzB,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,OAAO,GACX,OAAO,EAAE,SAAS;YAChB,CAAC,CAAC;gBACE,kCAAkC,EAAE;oBAClC,YAAY,EAAE,SAAS;oBACvB,cAAc,EAAE,OAAO,CAAC,SAAS;iBAClC;gBACD,gBAAgB,EAAE,IAAI;aACvB;YACH,CAAC,CAAC;gBACE,kCAAkC,EAAE;oBAClC,YAAY,EAAE,QAAQ;iBACvB;aACF,CAAC;QAER,IAAI,GAAG,CAAC,EAAE,CAAC,yCAAyC,CAAC,GAAG,IAAI,YAAY,EAAE;YACxE,MAAM,EAAE,MAAM,CAAC,EAAE;YACjB,KAAK,EAAE,CAAC,OAAO,CAAC;SACjB,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,IAAI,aAAgD,CAAC;IAErD,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,EAAE,iBAAiB,IAAI,GAAG,IAAI,aAAa,CAAC;QAC5E,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,IAAI,aAAa,EAAE;YAC7D,IAAI,EAAE,SAAS;YACf,WAAW,EAAE,iBAAiB;YAC9B,OAAO,EAAE,QAAQ;YACjB,UAAU,EAAE,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;YAC3C,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,aAAa,EAAE;SAC9C,CAAC,CAAC;QACH,aAAa,GAAG,SAAS,CAAC,IAAI,CAAC;IACjC,CAAC;IAED,2BAA2B;IAC3B,IAAI,WAAW,CAAC,OAAO,IAAI,WAAW,CAAC,iBAAiB,EAAE,CAAC;QACzD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,IAAI,sBAAsB,EAAE;YACnE,MAAM,EAAE,WAAW,CAAC,iBAA+B;SACpD,CAAC,CAAC;QAEH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,QAAQ,CACvC,GAAG,IAAI,gBAAgB,EACvB;YACE,YAAY,EAAE,GAAG,IAAI,iBAAiB;YACtC,YAAY;YACZ,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,gBAAgB,EAAE;SACjD,EACD,EAAE,QAAQ,EAAE,YAAY,EAAE,CAC3B,CAAC;QAEF,IAAI,GAAG,CAAC,EAAE,CAAC,kBAAkB,CAC3B,GAAG,IAAI,2BAA2B,EAClC;YACE,MAAM,EAAE,aAAa,CAAC,EAAE;YACxB,uBAAuB,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE;SAC/C,EACD,EAAE,QAAQ,EAAE,YAAY,EAAE,CAC3B,CAAC;QAEF,2BAA2B;QAC3B,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,IAAI,kBAAkB,EAAE;YAC3D,UAAU,EAAE,GAAG,IAAI,UAAU;YAC7B,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC;gBAC/B,OAAO,EAAE,YAAY;gBACrB,SAAS,EAAE;oBACT;wBACE,MAAM,EAAE,gBAAgB;wBACxB,MAAM,EAAE,OAAO;wBACf,SAAS,EAAE,EAAE,OAAO,EAAE,kBAAkB,EAAE;qBAC3C;iBACF;aACF,CAAC;YACF,IAAI;SACL,CAAC,CAAC;QAEH,IAAI,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,IAAI,oBAAoB,EAAE;YAClD,IAAI,EAAE,QAAQ,CAAC,EAAE;YACjB,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,GAAG,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,EAAE,CAC9E,IAAI,CAAC,SAAS,CAAC;gBACb,OAAO,EAAE,YAAY;gBACrB,SAAS,EAAE;oBACT;wBACE,MAAM,EAAE,OAAO;wBACf,MAAM,EAAE,CAAC,gCAAgC,EAAE,eAAe,CAAC;wBAC3D,QAAQ,EAAE,MAAM;qBACjB;oBACD;wBACE,MAAM,EAAE,OAAO;wBACf,MAAM,EAAE;4BACN,mCAAmC;4BACnC,wBAAwB;4BACxB,4BAA4B;yBAC7B;wBACD,QAAQ,EAAE,GAAG,MAAM,IAAI;qBACxB;oBACD;wBACE,MAAM,EAAE,OAAO;wBACf,MAAM,EAAE,CAAC,oBAAoB,EAAE,oBAAoB,EAAE,kBAAkB,CAAC;wBACxE,QAAQ,EAAE,GAAG,OAAO,IAAI;qBACzB;iBACF;aACF,CAAC,CACH;SACF,CAAC,CAAC;QAEH,IAAI,GAAG,CAAC,EAAE,CAAC,uBAAuB,CAAC,GAAG,IAAI,oBAAoB,EAAE;YAC9D,IAAI,EAAE,QAAQ,CAAC,GAAG;YAClB,MAAM,EAAE,MAAM,CAAC,EAAE;YACjB,KAAK,EAAE;gBACL;oBACE,EAAE,EAAE,eAAe;oBACnB,MAAM,EAAE,SAAS;oBACjB,WAAW,EAAE;wBACX,MAAM,EAAE,aAAa,CAAC,GAAG;qBAC1B;iBACF;aACF;SACF,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM;QACb,WAAW,EAAE,IAAI;QACjB,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnD,UAAU,EAAE,MAAM,CAAC,MAAM;QACzB,aAAa;QACb,UAAU;QACV,UAAU;QACV,kBAAkB,EAAE,WAAW,CAAC,OAAO;QACvC,cAAc,EAAE,MAAM;KACvB,CAAC;AACJ,CAAC"}

package/dist/cjs/azure/cluster.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"cluster.d.ts","sourceRoot":"","sources":["../../../src/azure/cluster.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,KAAK,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAG3C,yDAAyD;AACzD,MAAM,WAAW,WAAW;IAC1B,+CAA+C;IAC/C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjD,+DAA+D;IAC/D,QAAQ,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC;IAC5B,iDAAiD;IACjD,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC;IAChC,+CAA+C;IAC/C,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,8DAA8D;IAC9D,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,gBAAgB,CAC9B,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,cAAc,EACtB,OAAO,EAAE,QAAQ,EACjB,OAAO,EAAE,WAAW,GACnB,QAAQ,CAqFV"}
+{"version":3,"file":"cluster.d.ts","sourceRoot":"","sources":["../../../src/azure/cluster.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,KAAK,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAkB3C,yDAAyD;AACzD,MAAM,WAAW,WAAW;IAC1B,+CAA+C;IAC/C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjD,+DAA+D;IAC/D,QAAQ,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC;IAC5B,iDAAiD;IACjD,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC;IAChC,+CAA+C;IAC/C,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,8DAA8D;IAC9D,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,gBAAgB,CAC9B,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,cAAc,EACtB,OAAO,EAAE,QAAQ,EACjB,OAAO,EAAE,WAAW,GACnB,QAAQ,CAqFV"}

package/dist/cjs/azure/cluster.js

@@ -45,6 +45,16 @@ exports.createAksCluster = createAksCluster;
 const azure = __importStar(require("@pulumi/azure-native"));
 const k8s = __importStar(require("@pulumi/kubernetes"));
 const types_1 = require("../types");
+/** Maximum length for AKS node pool names. */
+const AKS_POOL_NAME_MAX_LENGTH = 12;
+/** Default OS disk size in GB for AKS nodes. */
+const AKS_DEFAULT_OS_DISK_SIZE_GB = 128;
+/** Spot instance max price: -1 means "up to the on-demand price". */
+const SPOT_MAX_PRICE_ON_DEMAND = -1;
+/** Default AKS service CIDR for Kubernetes service IPs. */
+const AKS_SERVICE_CIDR = "10.240.0.0/16";
+/** Default DNS service IP within the AKS service CIDR. */
+const AKS_DNS_SERVICE_IP = "10.240.0.10";
 /**
  * Create an AKS cluster with system + user node pools.
  *
@@ -72,7 +82,7 @@ function createAksCluster(name, config, network, options) {
     const enableVirtualNodes = options.virtualNodes ?? config.virtualNodes ?? false;
     // Build agent pool profiles from node pool config
     const agentPoolProfiles = config.nodePools.map((np) => ({
-        name: np.name.substring(0, 12), // AKS pool names max 12 chars
+        name: np.name.substring(0, AKS_POOL_NAME_MAX_LENGTH),
         vmSize: np.instanceType,
         count: np.desiredNodes ?? np.minNodes,
         minCount: np.minNodes,
@@ -80,11 +90,11 @@ function createAksCluster(name, config, network, options) {
         enableAutoScaling: true,
         mode: (np.mode ?? "User"),
         osType: "Linux",
-        osDiskSizeGB: 128,
+        osDiskSizeGB: AKS_DEFAULT_OS_DISK_SIZE_GB,
         vnetSubnetId: network.privateSubnetIds.apply((ids) => ids[0] ?? ""),
         scaleSetPriority: np.spot ? "Spot" : "Regular",
         scaleSetEvictionPolicy: np.spot ? "Delete" : undefined,
-        spotMaxPrice: np.spot ? -1 : undefined,
+        spotMaxPrice: np.spot ? SPOT_MAX_PRICE_ON_DEMAND : undefined,
         nodeTaints: np.taints?.map((t) => `${t.key}=${t.value}:${t.effect}`) ?? [],
         nodeLabels: np.labels ?? {},
         type: "VirtualMachineScaleSets",
@@ -108,8 +118,8 @@ function createAksCluster(name, config, network, options) {
         identity: { type: "SystemAssigned" },
         networkProfile: {
             networkPlugin: options.azureCni !== false ? "azure" : "kubenet",
-            serviceCidr: "10.240.0.0/16",
-            dnsServiceIP: "10.240.0.10",
+            serviceCidr: AKS_SERVICE_CIDR,
+            dnsServiceIP: AKS_DNS_SERVICE_IP,
         },
         addonProfiles,
         tags: { ...tags, Name: name },

package/dist/cjs/azure/cluster.js.map

@@ -1 +1 @@
-{"version":3,"file":"cluster.js","sourceRoot":"","sources":["../../../src/azure/cluster.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyCH,4CA0FC;AAjID,4DAA8C;AAC9C,wDAA0C;AAI1C,oCAA8C;AAgB9C;;;;;;;;;;;;;;;;;GAiBG;AACH,SAAgB,gBAAgB,CAC9B,IAAY,EACZ,MAAsB,EACtB,OAAiB,EACjB,OAAoB;IAEpB,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IACxF,MAAM,MAAM,GAAG,IAAA,0BAAkB,EAAC,KAAK,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACzC,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC;IAC5C,MAAM,kBAAkB,GAAG,OAAO,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,IAAI,KAAK,CAAC;IAEhF,kDAAkD;IAClD,MAAM,iBAAiB,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACtD,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,8BAA8B;QAC9D,MAAM,EAAE,EAAE,CAAC,YAAY;QACvB,KAAK,EAAE,EAAE,CAAC,YAAY,IAAI,EAAE,CAAC,QAAQ;QACrC,QAAQ,EAAE,EAAE,CAAC,QAAQ;QACrB,QAAQ,EAAE,EAAE,CAAC,QAAQ;QACrB,iBAAiB,EAAE,IAAI;QACvB,IAAI,EAAE,CAAC,EAAE,CAAC,IAAI,IAAI,MAAM,CAAsB;QAC9C,MAAM,EAAE,OAAgB;QACxB,YAAY,EAAE,GAAG;QACjB,YAAY,EAAE,OAAO,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACnE,gBAAgB,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAE,MAAgB,CAAC,CAAC,CAAE,SAAmB;QACpE,sBAAsB,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAE,QAAkB,CAAC,CAAC,CAAC,SAAS;QACjE,YAAY,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;QACtC,UAAU,EAAE,EAAE,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE;QAC1E,UAAU,EAAE,EAAE,CAAC,MAAM,IAAI,EAAE;QAC3B,IAAI,EAAE,yBAAkC;KACzC,CAAC,CAAC,CAAC;IAEJ,sBAAsB;IACtB,MAAM,aAAa,GAA0E,EAAE,CAAC;IAEhG,IAAI,kBAAkB,EAAE,CAAC;QACvB,aAAa,CAAC,mBAAmB,CAAC,GAAG;YACnC,OAAO,EAAE,IAAI;YACb,MAAM,EAAE;gBACN,UAAU,EAAE,YAAY;aACzB;SACF,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,gBAAgB,CAAC,cAAc,CAAC,GAAG,IAAI,MAAM,EAAE;QACvE,YAAY,EAAE,IAAI;QAClB,iBAAiB,EAAE,MAAM;QACzB,SAAS;QACT,iBAAiB,EAAE,MAAM,CAAC,OAAO;QACjC,iBAAiB;QACjB,QAAQ,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE;QACpC,cAAc,EAAE;YACd,aAAa,EAAE,OAAO,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;YAC/D,WAAW,EAAE,eAAe;YAC5B,YAAY,EAAE,aAAa;SAC5B;QACD,aAAa;QACb,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;KAC9B,CAAC,CAAC;IAEH,gDAAgD;IAChD,MAAM,KAAK,GAAG,KAAK,CAAC,gBAAgB,CAAC,uCAAuC,CAAC;QAC3E,iBAAiB,EAAE,MAAM;QACzB,YAAY,EAAE,OAAO,CAAC,IAAI;KAC3B,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,EAAE;QACrD,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC;YACf,OAAO,EAAE,CAAC;QACZ,CAAC;QACD,OAAO,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,IAAI,MAAM,EAAE;QAC/C,UAAU;KACX,CAAC,CAAC;IAEH,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM;QACb,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,WAAW,IAAI,IAAI,EAAE,EAAE,CAAC;QAC/D,UAAU;QACV,OAAO,EAAE,OAAO,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxD,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,cAAc,EAAE,OAAO;QACvB,QAAQ;KACT,CAAC;AACJ,CAAC"}
+{"version":3,"file":"cluster.js","sourceRoot":"","sources":["../../../src/azure/cluster.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwDH,4CA0FC;AAhJD,4DAA8C;AAC9C,wDAA0C;AAI1C,oCAA8C;AAE9C,8CAA8C;AAC9C,MAAM,wBAAwB,GAAG,EAAE,CAAC;AAEpC,gDAAgD;AAChD,MAAM,2BAA2B,GAAG,GAAG,CAAC;AAExC,qEAAqE;AACrE,MAAM,wBAAwB,GAAG,CAAC,CAAC,CAAC;AAEpC,2DAA2D;AAC3D,MAAM,gBAAgB,GAAG,eAAe,CAAC;AAEzC,0DAA0D;AAC1D,MAAM,kBAAkB,GAAG,aAAa,CAAC;AAgBzC;;;;;;;;;;;;;;;;;GAiBG;AACH,SAAgB,gBAAgB,CAC9B,IAAY,EACZ,MAAsB,EACtB,OAAiB,EACjB,OAAoB;IAEpB,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IACxF,MAAM,MAAM,GAAG,IAAA,0BAAkB,EAAC,KAAK,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IACzC,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC;IAC5C,MAAM,kBAAkB,GAAG,OAAO,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,IAAI,KAAK,CAAC;IAEhF,kDAAkD;IAClD,MAAM,iBAAiB,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACtD,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,wBAAwB,CAAC;QACpD,MAAM,EAAE,EAAE,CAAC,YAAY;QACvB,KAAK,EAAE,EAAE,CAAC,YAAY,IAAI,EAAE,CAAC,QAAQ;QACrC,QAAQ,EAAE,EAAE,CAAC,QAAQ;QACrB,QAAQ,EAAE,EAAE,CAAC,QAAQ;QACrB,iBAAiB,EAAE,IAAI;QACvB,IAAI,EAAE,CAAC,EAAE,CAAC,IAAI,IAAI,MAAM,CAAsB;QAC9C,MAAM,EAAE,OAAgB;QACxB,YAAY,EAAE,2BAA2B;QACzC,YAAY,EAAE,OAAO,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACnE,gBAAgB,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAE,MAAgB,CAAC,CAAC,CAAE,SAAmB;QACpE,sBAAsB,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAE,QAAkB,CAAC,CAAC,CAAC,SAAS;QACjE,YAAY,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,SAAS;QAC5D,UAAU,EAAE,EAAE,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE;QAC1E,UAAU,EAAE,EAAE,CAAC,MAAM,IAAI,EAAE;QAC3B,IAAI,EAAE,yBAAkC;KACzC,CAAC,CAAC,CAAC;IAEJ,sBAAsB;IACtB,MAAM,aAAa,GAA0E,EAAE,CAAC;IAEhG,IAAI,kBAAkB,EAAE,CAAC;QACvB,aAAa,CAAC,mBAAmB,CAAC,GAAG;YACnC,OAAO,EAAE,IAAI;YACb,MAAM,EAAE;gBACN,UAAU,EAAE,YAAY;aACzB;SACF,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,gBAAgB,CAAC,cAAc,CAAC,GAAG,IAAI,MAAM,EAAE;QACvE,YAAY,EAAE,IAAI;QAClB,iBAAiB,EAAE,MAAM;QACzB,SAAS;QACT,iBAAiB,EAAE,MAAM,CAAC,OAAO;QACjC,iBAAiB;QACjB,QAAQ,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE;QACpC,cAAc,EAAE;YACd,aAAa,EAAE,OAAO,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;YAC/D,WAAW,EAAE,gBAAgB;YAC7B,YAAY,EAAE,kBAAkB;SACjC;QACD,aAAa;QACb,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;KAC9B,CAAC,CAAC;IAEH,gDAAgD;IAChD,MAAM,KAAK,GAAG,KAAK,CAAC,gBAAgB,CAAC,uCAAuC,CAAC;QAC3E,iBAAiB,EAAE,MAAM;QACzB,YAAY,EAAE,OAAO,CAAC,IAAI;KAC3B,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,EAAE;QACrD,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC;YACf,OAAO,EAAE,CAAC;QACZ,CAAC;QACD,OAAO,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,IAAI,MAAM,EAAE;QAC/C,UAAU;KACX,CAAC,CAAC;IAEH,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM;QACb,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,WAAW,IAAI,IAAI,EAAE,EAAE,CAAC;QAC/D,UAAU;QACV,OAAO,EAAE,OAAO,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxD,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,cAAc,EAAE,OAAO;QACvB,QAAQ;KACT,CAAC;AACJ,CAAC"}

package/dist/cjs/azure/dns.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"dns.d.ts","sourceRoot":"","sources":["../../../src/azure/dns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAE,IAAI,EAAE,UAAU,EAAc,MAAM,QAAQ,CAAC;AAG3D,kCAAkC;AAClC,MAAM,WAAW,gBAAgB;IAC/B,+CAA+C;IAC/C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;CAClD;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,gBAAgB,GAAG,IAAI,CAgChG"}
+{"version":3,"file":"dns.d.ts","sourceRoot":"","sources":["../../../src/azure/dns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAE,IAAI,EAAE,UAAU,EAAc,MAAM,QAAQ,CAAC;AAM3D,kCAAkC;AAClC,MAAM,WAAW,gBAAgB;IAC/B,+CAA+C;IAC/C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;CAClD;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,gBAAgB,GAAG,IAAI,CAgChG"}

package/dist/cjs/azure/dns.js

@@ -41,6 +41,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.createAzureDns = createAzureDns;
 const azure = __importStar(require("@pulumi/azure-native"));
 const types_1 = require("../types");
+/** Default DNS record TTL in seconds. */
+const DEFAULT_DNS_TTL_SECONDS = 300;
 /**
  * Create an Azure DNS Zone with optional initial records.
  *
@@ -87,7 +89,7 @@ function createAzureDns(name, config, options) {
 function createRecord(name, rgName, zoneName, record) {
     const recordName = record.name === "@" ? "@" : record.name;
     const resourceName = `${name}-${record.name || "root"}-${record.type.toLowerCase()}`;
-    const ttl = record.ttl ?? 300;
+    const ttl = record.ttl ?? DEFAULT_DNS_TTL_SECONDS;
     switch (record.type) {
         case "A":
             new azure.dns.RecordSet(resourceName, {

package/dist/cjs/azure/dns.js.map

@@ -1 +1 @@
-{"version":3,"file":"dns.js","sourceRoot":"","sources":["../../../src/azure/dns.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2BH,wCAgCC;AAzDD,4DAA8C;AAG9C,oCAA8C;AAQ9C;;;;;;;;;;;;;GAaG;AACH,SAAgB,cAAc,CAAC,IAAY,EAAE,MAAkB,EAAE,OAAyB;IACxF,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IACxF,MAAM,MAAM,GAAG,IAAA,0BAAkB,EAAC,KAAK,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAEzC,MAAM,IAAI,GAAG,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,IAAI,OAAO,EAAE;QAC9C,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,iBAAiB,EAAE,MAAM;QACzB,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM;QACnC,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,OAAO,EAAE;KACxC,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACjC,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM;QACb,MAAM,EAAE,IAAI,CAAC,EAAE;QACf,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,WAAW,EAAE,IAAI,CAAC,WAAmD;QACrE,cAAc,EAAE,IAAI;QACpB,SAAS,CAAC,MAAkB;YAC1B,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACtD,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CACnB,IAAY,EACZ,MAA4B,EAC5B,QAAgB,EAChB,MAAkB;IAElB,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;IAC3D,MAAM,YAAY,GAAG,GAAG,IAAI,IAAI,MAAM,CAAC,IAAI,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;IACrF,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC;IAE9B,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;QACpB,KAAK,GAAG;YACN,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,GAAG;gBACf,GAAG;gBACH,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;aACzD,CAAC,CAAC;YACH,MAAM;QACR,KAAK,MAAM;YACT,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,MAAM;gBAClB,GAAG;gBACH,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;aAC5D,CAAC,CAAC;YACH,MAAM;QACR,KAAK,OAAO;YACV,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,OAAO;gBACnB,GAAG;gBACH,WAAW,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE;aAC/C,CAAC,CAAC;YACH,MAAM;QACR,KAAK,KAAK;YACR,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,KAAK;gBACjB,GAAG;gBACH,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;aACvD,CAAC,CAAC;YACH,MAAM;QACR,KAAK,IAAI;YACP,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,IAAI;gBAChB,GAAG;gBACH,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;oBACjC,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;oBAC3B,OAAO;wBACL,UAAU,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;wBAC1C,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;qBACxB,CAAC;gBACJ,CAAC,CAAC;aACH,CAAC,CAAC;YACH,MAAM;QACR,KAAK,IAAI;YACP,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,IAAI;gBAChB,GAAG;gBACH,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;aACtD,CAAC,CAAC;YACH,MAAM;QACR;YACE,4DAA4D;YAC5D,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,MAAM,CAAC,IAAI;gBACvB,GAAG;aACJ,CAAC,CAAC;IACP,CAAC;AACH,CAAC"}
+{"version":3,"file":"dns.js","sourceRoot":"","sources":["../../../src/azure/dns.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8BH,wCAgCC;AA5DD,4DAA8C;AAG9C,oCAA8C;AAE9C,yCAAyC;AACzC,MAAM,uBAAuB,GAAG,GAAG,CAAC;AAQpC;;;;;;;;;;;;;GAaG;AACH,SAAgB,cAAc,CAAC,IAAY,EAAE,MAAkB,EAAE,OAAyB;IACxF,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IACxF,MAAM,MAAM,GAAG,IAAA,0BAAkB,EAAC,KAAK,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAEzC,MAAM,IAAI,GAAG,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,IAAI,OAAO,EAAE;QAC9C,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,iBAAiB,EAAE,MAAM;QACzB,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM;QACnC,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,OAAO,EAAE;KACxC,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACjC,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM;QACb,MAAM,EAAE,IAAI,CAAC,EAAE;QACf,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,WAAW,EAAE,IAAI,CAAC,WAAmD;QACrE,cAAc,EAAE,IAAI;QACpB,SAAS,CAAC,MAAkB;YAC1B,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACtD,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CACnB,IAAY,EACZ,MAA4B,EAC5B,QAAgB,EAChB,MAAkB;IAElB,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;IAC3D,MAAM,YAAY,GAAG,GAAG,IAAI,IAAI,MAAM,CAAC,IAAI,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;IACrF,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,uBAAuB,CAAC;IAElD,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;QACpB,KAAK,GAAG;YACN,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,GAAG;gBACf,GAAG;gBACH,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;aACzD,CAAC,CAAC;YACH,MAAM;QACR,KAAK,MAAM;YACT,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,MAAM;gBAClB,GAAG;gBACH,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;aAC5D,CAAC,CAAC;YACH,MAAM;QACR,KAAK,OAAO;YACV,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,OAAO;gBACnB,GAAG;gBACH,WAAW,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE;aAC/C,CAAC,CAAC;YACH,MAAM;QACR,KAAK,KAAK;YACR,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,KAAK;gBACjB,GAAG;gBACH,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;aACvD,CAAC,CAAC;YACH,MAAM;QACR,KAAK,IAAI;YACP,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,IAAI;gBAChB,GAAG;gBACH,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;oBACjC,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;oBAC3B,OAAO;wBACL,UAAU,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;wBAC1C,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;qBACxB,CAAC;gBACJ,CAAC,CAAC;aACH,CAAC,CAAC;YACH,MAAM;QACR,KAAK,IAAI;YACP,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,IAAI;gBAChB,GAAG;gBACH,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;aACtD,CAAC,CAAC;YACH,MAAM;QACR;YACE,4DAA4D;YAC5D,IAAI,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE;gBACpC,qBAAqB,EAAE,UAAU;gBACjC,iBAAiB,EAAE,MAAM;gBACzB,QAAQ;gBACR,UAAU,EAAE,MAAM,CAAC,IAAI;gBACvB,GAAG;aACJ,CAAC,CAAC;IACP,CAAC;AACH,CAAC"}

package/dist/cjs/azure/index.d.ts

@@ -7,4 +7,5 @@ export { createAzureNetwork, type IAzureNetworkOptions } from "./network";
 export { createAksCluster, type IAksOptions } from "./cluster";
 export { createAzureDns, type IAzureDnsOptions } from "./dns";
 export { createAzureSecrets, type IAzureSecretsOptions } from "./secrets";
+export { createAzureStateBackend, type IAzureStateBackendOptions } from "./state";
 //# sourceMappingURL=index.d.ts.map

package/dist/cjs/azure/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/azure/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,kBAAkB,EAAE,KAAK,oBAAoB,EAAE,MAAM,WAAW,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,KAAK,WAAW,EAAE,MAAM,WAAW,CAAC;AAC/D,OAAO,EAAE,cAAc,EAAE,KAAK,gBAAgB,EAAE,MAAM,OAAO,CAAC;AAC9D,OAAO,EAAE,kBAAkB,EAAE,KAAK,oBAAoB,EAAE,MAAM,WAAW,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/azure/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,kBAAkB,EAAE,KAAK,oBAAoB,EAAE,MAAM,WAAW,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,KAAK,WAAW,EAAE,MAAM,WAAW,CAAC;AAC/D,OAAO,EAAE,cAAc,EAAE,KAAK,gBAAgB,EAAE,MAAM,OAAO,CAAC;AAC9D,OAAO,EAAE,kBAAkB,EAAE,KAAK,oBAAoB,EAAE,MAAM,WAAW,CAAC;AAC1E,OAAO,EAAE,uBAAuB,EAAE,KAAK,yBAAyB,EAAE,MAAM,SAAS,CAAC"}

package/dist/cjs/azure/index.js

@@ -5,7 +5,7 @@
  * @module azure
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.createAzureSecrets = exports.createAzureDns = exports.createAksCluster = exports.createAzureNetwork = void 0;
+exports.createAzureStateBackend = exports.createAzureSecrets = exports.createAzureDns = exports.createAksCluster = exports.createAzureNetwork = void 0;
 var network_1 = require("./network");
 Object.defineProperty(exports, "createAzureNetwork", { enumerable: true, get: function () { return network_1.createAzureNetwork; } });
 var cluster_1 = require("./cluster");
@@ -14,4 +14,6 @@ var dns_1 = require("./dns");
 Object.defineProperty(exports, "createAzureDns", { enumerable: true, get: function () { return dns_1.createAzureDns; } });
 var secrets_1 = require("./secrets");
 Object.defineProperty(exports, "createAzureSecrets", { enumerable: true, get: function () { return secrets_1.createAzureSecrets; } });
+var state_1 = require("./state");
+Object.defineProperty(exports, "createAzureStateBackend", { enumerable: true, get: function () { return state_1.createAzureStateBackend; } });
 //# sourceMappingURL=index.js.map

package/dist/cjs/azure/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/azure/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH,qCAA0E;AAAjE,6GAAA,kBAAkB,OAAA;AAC3B,qCAA+D;AAAtD,2GAAA,gBAAgB,OAAA;AACzB,6BAA8D;AAArD,qGAAA,cAAc,OAAA;AACvB,qCAA0E;AAAjE,6GAAA,kBAAkB,OAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/azure/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH,qCAA0E;AAAjE,6GAAA,kBAAkB,OAAA;AAC3B,qCAA+D;AAAtD,2GAAA,gBAAgB,OAAA;AACzB,6BAA8D;AAArD,qGAAA,cAAc,OAAA;AACvB,qCAA0E;AAAjE,6GAAA,kBAAkB,OAAA;AAC3B,iCAAkF;AAAzE,gHAAA,uBAAuB,OAAA"}

package/dist/cjs/azure/network.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"network.d.ts","sourceRoot":"","sources":["../../../src/azure/network.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAe,MAAM,YAAY,CAAC;AAGxE,6DAA6D;AAC7D,MAAM,WAAW,oBAAoB;IACnC,+CAA+C;IAC/C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjD,+DAA+D;IAC/D,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,cAAc,EACtB,OAAO,EAAE,oBAAoB,GAC5B,QAAQ,CAoIV"}
+{"version":3,"file":"network.d.ts","sourceRoot":"","sources":["../../../src/azure/network.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAe,MAAM,YAAY,CAAC;AAYxE,6DAA6D;AAC7D,MAAM,WAAW,oBAAoB;IACnC,+CAA+C;IAC/C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjD,+DAA+D;IAC/D,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,cAAc,EACtB,OAAO,EAAE,oBAAoB,GAC5B,QAAQ,CAoIV"}

package/dist/cjs/azure/network.js

@@ -42,6 +42,12 @@ exports.createAzureNetwork = createAzureNetwork;
 const azure = __importStar(require("@pulumi/azure-native"));
 const pulumi = __importStar(require("@pulumi/pulumi"));
 const types_1 = require("../types");
+/** NSG rule priority: allow inbound VNet traffic. */
+const NSG_PRIORITY_ALLOW_VNET = 100;
+/** NSG rule priority: allow Azure Load Balancer health probes. */
+const NSG_PRIORITY_ALLOW_LOAD_BALANCER = 200;
+/** NSG rule priority: deny all remaining inbound traffic (lowest priority). */
+const NSG_PRIORITY_DENY_ALL = 4096;
 /**
  * Create an Azure VNet with subnets and optional NAT Gateway.
  *
@@ -96,7 +102,7 @@ function createAzureNetwork(name, config, options) {
         securityRules: [
             {
                 name: "AllowVNetInbound",
-                priority: 100,
+                priority: NSG_PRIORITY_ALLOW_VNET,
                 direction: "Inbound",
                 access: "Allow",
                 protocol: "*",
@@ -107,7 +113,7 @@ function createAzureNetwork(name, config, options) {
             },
             {
                 name: "AllowAzureLoadBalancerInbound",
-                priority: 200,
+                priority: NSG_PRIORITY_ALLOW_LOAD_BALANCER,
                 direction: "Inbound",
                 access: "Allow",
                 protocol: "*",
@@ -118,7 +124,7 @@ function createAzureNetwork(name, config, options) {
             },
             {
                 name: "DenyAllInbound",
-                priority: 4096,
+                priority: NSG_PRIORITY_DENY_ALL,
                 direction: "Inbound",
                 access: "Deny",
                 protocol: "*",

package/dist/cjs/azure/network.js.map

@@ -1 +1 @@
-{"version":3,"file":"network.js","sourceRoot":"","sources":["../../../src/azure/network.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2BH,gDAwIC;AAjKD,4DAA8C;AAC9C,uDAAyC;AAEzC,oCAA8C;AAU9C;;;;;;;;;;;GAWG;AACH,SAAgB,kBAAkB,CAChC,IAAY,EACZ,MAAsB,EACtB,OAA6B;IAE7B,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IACxF,MAAM,MAAM,GAAG,IAAA,0BAAkB,EAAC,KAAK,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,aAAa,CAAC;IAC1C,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAgB,MAAM,CAAC,WAAW,IAAI,SAAS,CAAC;IACjE,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAEzC,MAAM,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,IAAI,OAAO,EAAE;QAC5D,kBAAkB,EAAE,GAAG,IAAI,OAAO;QAClC,iBAAiB,EAAE,MAAM;QACzB,YAAY,EAAE,EAAE,eAAe,EAAE,CAAC,IAAI,CAAC,EAAE;QACzC,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,OAAO,EAAE;KACxC,CAAC,CAAC;IAEH,iBAAiB;IACjB,MAAM,aAAa,GAA2B,EAAE,CAAC;IACjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,aAAa,CAAC,IAAI,CAChB,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,EAAE;YAC9C,UAAU,EAAE,GAAG,IAAI,WAAW,CAAC,EAAE;YACjC,iBAAiB,EAAE,MAAM;YACzB,kBAAkB,EAAE,IAAI,CAAC,IAAI;YAC7B,aAAa,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO;SACxE,CAAC,CACH,CAAC;IACJ,CAAC;IAED,kBAAkB;IAClB,MAAM,cAAc,GAA2B,EAAE,CAAC;IAClD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,MAAM,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,YAAY,CAAC,EAAE,EAAE;YAC9D,UAAU,EAAE,GAAG,IAAI,YAAY,CAAC,EAAE;YAClC,iBAAiB,EAAE,MAAM;YACzB,kBAAkB,EAAE,IAAI,CAAC,IAAI;YAC7B,aAAa,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO;SACzE,CAAC,CAAC;QACH,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAED,0BAA0B;IAC1B,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,GAAG,IAAI,cAAc,EAAE;QACxE,wBAAwB,EAAE,GAAG,IAAI,cAAc;QAC/C,iBAAiB,EAAE,MAAM;QACzB,aAAa,EAAE;YACb;gBACE,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,GAAG;gBACb,SAAS,EAAE,SAAS;gBACpB,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,GAAG;gBACb,mBAAmB,EAAE,gBAAgB;gBACrC,eAAe,EAAE,GAAG;gBACpB,wBAAwB,EAAE,gBAAgB;gBAC1C,oBAAoB,EAAE,GAAG;aAC1B;YACD;gBACE,IAAI,EAAE,+BAA+B;gBACrC,QAAQ,EAAE,GAAG;gBACb,SAAS,EAAE,SAAS;gBACpB,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,GAAG;gBACb,mBAAmB,EAAE,mBAAmB;gBACxC,eAAe,EAAE,GAAG;gBACpB,wBAAwB,EAAE,GAAG;gBAC7B,oBAAoB,EAAE,GAAG;aAC1B;YACD;gBACE,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,IAAI;gBACd,SAAS,EAAE,SAAS;gBACpB,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,GAAG;gBACb,mBAAmB,EAAE,GAAG;gBACxB,eAAe,EAAE,GAAG;gBACpB,wBAAwB,EAAE,GAAG;gBAC7B,oBAAoB,EAAE,GAAG;aAC1B;SACF;QACD,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,cAAc,EAAE;KAC/C,CAAC,CAAC;IAEH,iDAAiD;IACjD,IAAI,YAA+C,CAAC;IAEpD,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,MAAM,MAAM,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,GAAG,IAAI,UAAU,EAAE;YAClE,mBAAmB,EAAE,GAAG,IAAI,UAAU;YACtC,iBAAiB,EAAE,MAAM;YACzB,GAAG,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;YACzB,wBAAwB,EAAE,QAAQ;YAClC,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,UAAU,EAAE;SAC3C,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,IAAI,MAAM,EAAE;YACxD,cAAc,EAAE,GAAG,IAAI,MAAM;YAC7B,iBAAiB,EAAE,MAAM;YACzB,GAAG,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;YACzB,iBAAiB,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;YACtC,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,MAAM,EAAE;SACvC,CAAC,CAAC;QAEH,YAAY,GAAG,KAAK,CAAC,EAAE,CAAC;QAExB,gEAAgE;QAChE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC/C,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,YAAY,CAAC,MAAM,EAAE;gBACnD,UAAU,EAAE,GAAG,IAAI,YAAY,CAAC,EAAE;gBAClC,iBAAiB,EAAE,MAAM;gBACzB,kBAAkB,EAAE,GAAG,IAAI,OAAO;gBAClC,aAAa,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO;gBACxE,UAAU,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE;gBAC5B,oBAAoB,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE;aACrC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnE,MAAM,gBAAgB,GAAG,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAErE,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM;QACb,KAAK,EAAE,IAAI,CAAC,EAAE;QACd,IAAI;QACJ,eAAe,EAAE,eAAuD;QACxE,gBAAgB,EAAE,gBAAwD;QAC1E,YAAY;QACZ,cAAc,EAAE,IAAI;KACrB,CAAC;AACJ,CAAC"}
+{"version":3,"file":"network.js","sourceRoot":"","sources":["../../../src/azure/network.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoCH,gDAwIC;AA1KD,4DAA8C;AAC9C,uDAAyC;AAEzC,oCAA8C;AAE9C,qDAAqD;AACrD,MAAM,uBAAuB,GAAG,GAAG,CAAC;AAEpC,kEAAkE;AAClE,MAAM,gCAAgC,GAAG,GAAG,CAAC;AAE7C,+EAA+E;AAC/E,MAAM,qBAAqB,GAAG,IAAI,CAAC;AAUnC;;;;;;;;;;;GAWG;AACH,SAAgB,kBAAkB,CAChC,IAAY,EACZ,MAAsB,EACtB,OAA6B;IAE7B,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IACxF,MAAM,MAAM,GAAG,IAAA,0BAAkB,EAAC,KAAK,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,aAAa,CAAC;IAC1C,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAgB,MAAM,CAAC,WAAW,IAAI,SAAS,CAAC;IACjE,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAEzC,MAAM,IAAI,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,IAAI,OAAO,EAAE;QAC5D,kBAAkB,EAAE,GAAG,IAAI,OAAO;QAClC,iBAAiB,EAAE,MAAM;QACzB,YAAY,EAAE,EAAE,eAAe,EAAE,CAAC,IAAI,CAAC,EAAE;QACzC,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,OAAO,EAAE;KACxC,CAAC,CAAC;IAEH,iBAAiB;IACjB,MAAM,aAAa,GAA2B,EAAE,CAAC;IACjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,aAAa,CAAC,IAAI,CAChB,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC,EAAE,EAAE;YAC9C,UAAU,EAAE,GAAG,IAAI,WAAW,CAAC,EAAE;YACjC,iBAAiB,EAAE,MAAM;YACzB,kBAAkB,EAAE,IAAI,CAAC,IAAI;YAC7B,aAAa,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO;SACxE,CAAC,CACH,CAAC;IACJ,CAAC;IAED,kBAAkB;IAClB,MAAM,cAAc,GAA2B,EAAE,CAAC;IAClD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,MAAM,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,YAAY,CAAC,EAAE,EAAE;YAC9D,UAAU,EAAE,GAAG,IAAI,YAAY,CAAC,EAAE;YAClC,iBAAiB,EAAE,MAAM;YACzB,kBAAkB,EAAE,IAAI,CAAC,IAAI;YAC7B,aAAa,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO;SACzE,CAAC,CAAC;QACH,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAED,0BAA0B;IAC1B,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,GAAG,IAAI,cAAc,EAAE;QACxE,wBAAwB,EAAE,GAAG,IAAI,cAAc;QAC/C,iBAAiB,EAAE,MAAM;QACzB,aAAa,EAAE;YACb;gBACE,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,uBAAuB;gBACjC,SAAS,EAAE,SAAS;gBACpB,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,GAAG;gBACb,mBAAmB,EAAE,gBAAgB;gBACrC,eAAe,EAAE,GAAG;gBACpB,wBAAwB,EAAE,gBAAgB;gBAC1C,oBAAoB,EAAE,GAAG;aAC1B;YACD;gBACE,IAAI,EAAE,+BAA+B;gBACrC,QAAQ,EAAE,gCAAgC;gBAC1C,SAAS,EAAE,SAAS;gBACpB,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,GAAG;gBACb,mBAAmB,EAAE,mBAAmB;gBACxC,eAAe,EAAE,GAAG;gBACpB,wBAAwB,EAAE,GAAG;gBAC7B,oBAAoB,EAAE,GAAG;aAC1B;YACD;gBACE,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,qBAAqB;gBAC/B,SAAS,EAAE,SAAS;gBACpB,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,GAAG;gBACb,mBAAmB,EAAE,GAAG;gBACxB,eAAe,EAAE,GAAG;gBACpB,wBAAwB,EAAE,GAAG;gBAC7B,oBAAoB,EAAE,GAAG;aAC1B;SACF;QACD,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,cAAc,EAAE;KAC/C,CAAC,CAAC;IAEH,iDAAiD;IACjD,IAAI,YAA+C,CAAC;IAEpD,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,MAAM,MAAM,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,GAAG,IAAI,UAAU,EAAE;YAClE,mBAAmB,EAAE,GAAG,IAAI,UAAU;YACtC,iBAAiB,EAAE,MAAM;YACzB,GAAG,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;YACzB,wBAAwB,EAAE,QAAQ;YAClC,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,UAAU,EAAE;SAC3C,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,IAAI,MAAM,EAAE;YACxD,cAAc,EAAE,GAAG,IAAI,MAAM;YAC7B,iBAAiB,EAAE,MAAM;YACzB,GAAG,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;YACzB,iBAAiB,EAAE,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;YACtC,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,MAAM,EAAE;SACvC,CAAC,CAAC;QAEH,YAAY,GAAG,KAAK,CAAC,EAAE,CAAC;QAExB,gEAAgE;QAChE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC/C,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,YAAY,CAAC,MAAM,EAAE;gBACnD,UAAU,EAAE,GAAG,IAAI,YAAY,CAAC,EAAE;gBAClC,iBAAiB,EAAE,MAAM;gBACzB,kBAAkB,EAAE,GAAG,IAAI,OAAO;gBAClC,aAAa,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO;gBACxE,UAAU,EAAE,EAAE,EAAE,EAAE,KAAK,CAAC,EAAE,EAAE;gBAC5B,oBAAoB,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE;aACrC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,eAAe,GAAG,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnE,MAAM,gBAAgB,GAAG,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAErE,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM;QACb,KAAK,EAAE,IAAI,CAAC,EAAE;QACd,IAAI;QACJ,eAAe,EAAE,eAAuD;QACxE,gBAAgB,EAAE,gBAAwD;QAC1E,YAAY;QACZ,cAAc,EAAE,IAAI;KACrB,CAAC;AACJ,CAAC"}

package/dist/cjs/azure/secrets.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../../../src/azure/secrets.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,EAAc,QAAQ,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAGvE,sCAAsC;AACtC,MAAM,WAAW,oBAAoB;IACnC,+CAA+C;IAC/C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjD,kEAAkE;IAClE,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACxC,qEAAqE;IACrE,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACzC,0CAA0C;IAC1C,QAAQ,CAAC,GAAG,CAAC,EAAE,UAAU,GAAG,SAAS,CAAC;CACvC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,cAAc,EACtB,OAAO,EAAE,oBAAoB,GAC5B,QAAQ,CAqGV"}
+{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../../../src/azure/secrets.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,EAAc,QAAQ,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AASvE,sCAAsC;AACtC,MAAM,WAAW,oBAAoB;IACnC,+CAA+C;IAC/C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjD,kEAAkE;IAClE,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACxC,qEAAqE;IACrE,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACzC,0CAA0C;IAC1C,QAAQ,CAAC,GAAG,CAAC,EAAE,UAAU,GAAG,SAAS,CAAC;CACvC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,cAAc,EACtB,OAAO,EAAE,oBAAoB,GAC5B,QAAQ,CAqGV"}

package/dist/cjs/azure/secrets.js

@@ -42,6 +42,10 @@ exports.createAzureSecrets = createAzureSecrets;
 const azure = __importStar(require("@pulumi/azure-native"));
 const pulumi = __importStar(require("@pulumi/pulumi"));
 const types_1 = require("../types");
+/** Maximum length for Azure Key Vault names (3-24 chars, alphanumeric + hyphens). */
+const KEY_VAULT_NAME_MAX_LENGTH = 24;
+/** Default soft-delete retention period in days for Key Vault. */
+const SOFT_DELETE_RETENTION_DAYS = 90;
 /**
  * Create an Azure Key Vault for secret management.
  *
@@ -65,7 +69,7 @@ function createAzureSecrets(name, config, options) {
     const tags = config.tags ?? {};
     const rgName = options.resourceGroupName;
     // Key Vault names must be 3-24 chars, alphanumeric + hyphens
-    const vaultName = name.replace(/[^a-zA-Z0-9-]/g, "-").substring(0, 24);
+    const vaultName = name.replace(/[^a-zA-Z0-9-]/g, "-").substring(0, KEY_VAULT_NAME_MAX_LENGTH);
     const accessPolicies = [];
     if (options.objectId) {
         accessPolicies.push({
@@ -88,7 +92,7 @@ function createAzureSecrets(name, config, options) {
                     : azure.keyvault.SkuName.Standard,
             },
             enableSoftDelete: true,
-            softDeleteRetentionInDays: 90,
+            softDeleteRetentionInDays: SOFT_DELETE_RETENTION_DAYS,
             enableRbacAuthorization: true,
             accessPolicies,
         },

package/dist/cjs/azure/secrets.js.map

@@ -1 +1 @@
-{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../../src/azure/secrets.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoCH,gDAyGC;AA3ID,4DAA8C;AAC9C,uDAAyC;AAEzC,oCAA8C;AAc9C;;;;;;;;;;;;;;;;GAgBG;AACH,SAAgB,kBAAkB,CAChC,IAAY,EACZ,MAAsB,EACtB,OAA6B;IAE7B,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IACxF,MAAM,MAAM,GAAG,IAAA,0BAAkB,EAAC,KAAK,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAEzC,6DAA6D;IAC7D,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEvE,MAAM,cAAc,GAAuD,EAAE,CAAC;IAC9E,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,cAAc,CAAC,IAAI,CAAC;YAClB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,WAAW,EAAE;gBACX,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,CAAC;aAC1C;SACF,CAAC,CAAC;IACL,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,IAAI,KAAK,EAAE;QACnD,SAAS;QACT,iBAAiB,EAAE,MAAM;QACzB,UAAU,EAAE;YACV,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,GAAG,EAAE;gBACH,MAAM,EAAE,GAAG;gBACX,IAAI,EACF,OAAO,CAAC,GAAG,KAAK,SAAS;oBACvB,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO;oBAChC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ;aACtC;YACD,gBAAgB,EAAE,IAAI;YACtB,yBAAyB,EAAE,EAAE;YAC7B,uBAAuB,EAAE,IAAI;YAC7B,cAAc;SACf;QACD,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,KAAK,EAAE;KACtC,CAAC,CAAC;IAEH,iDAAiD;IACjD,MAAM,eAAe,GAAG,IAAI,GAAG,EAAiC,CAAC;IAEjE,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM;QACb,OAAO,EAAE,iBAAiB;QAC1B,cAAc,EAAE,KAAK;QAErB,SAAS,CAAC,IAAY,EAAE,IAA0C;YAChE,gFAAgF;YAChF,MAAM,WAAW,GAAG,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;YACnF,iDAAiD;YACjD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;YAEvD,MAAM,MAAM,GAAG,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,IAAI,IAAI,UAAU,EAAE,EAAE;gBAChE,UAAU;gBACV,SAAS,EAAE,KAAK,CAAC,IAAI;gBACrB,iBAAiB,EAAE,MAAM;gBACzB,UAAU,EAAE;oBACV,KAAK,EAAE,WAAW;oBAClB,WAAW,EAAE,kBAAkB;iBAChC;gBACD,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE;aACxB,CAAC,CAAC;YAEH,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACpC,CAAC;QAED,YAAY,CAAC,GAAe;YAC1B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC7C,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC;YAEpB,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,4CAA4C;gBAC5C,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;gBAC3D,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,eAAe,CAAC;oBAC5C,UAAU;oBACV,SAAS,EAAE,KAAK,CAAC,IAAI;oBACrB,iBAAiB,EAAE,MAAM;iBAC1B,CAAC,CAAC;gBAEH,IAAI,GAAG,EAAE,CAAC;oBACR,OAAO,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;wBACvC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,IAAI,IAAI,CAA2B,CAAC;wBACzE,OAAO,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;oBAC3B,CAAC,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;YAC/D,CAAC;YAED,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;oBACvC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,IAAI,IAAI,CAA2B,CAAC;oBACzE,OAAO,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAC3B,CAAC,CAAC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;QAC/D,CAAC;KACF,CAAC;AACJ,CAAC"}
+{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../../src/azure/secrets.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0CH,gDAyGC;AAjJD,4DAA8C;AAC9C,uDAAyC;AAEzC,oCAA8C;AAE9C,qFAAqF;AACrF,MAAM,yBAAyB,GAAG,EAAE,CAAC;AAErC,kEAAkE;AAClE,MAAM,0BAA0B,GAAG,EAAE,CAAC;AActC;;;;;;;;;;;;;;;;GAgBG;AACH,SAAgB,kBAAkB,CAChC,IAAY,EACZ,MAAsB,EACtB,OAA6B;IAE7B,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IACxF,MAAM,MAAM,GAAG,IAAA,0BAAkB,EAAC,KAAK,CAAC,CAAC;IAEzC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC;IAEzC,6DAA6D;IAC7D,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,yBAAyB,CAAC,CAAC;IAE9F,MAAM,cAAc,GAAuD,EAAE,CAAC;IAC9E,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,cAAc,CAAC,IAAI,CAAC;YAClB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,WAAW,EAAE;gBACX,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,CAAC;aAC1C;SACF,CAAC,CAAC;IACL,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,IAAI,KAAK,EAAE;QACnD,SAAS;QACT,iBAAiB,EAAE,MAAM;QACzB,UAAU,EAAE;YACV,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,GAAG,EAAE;gBACH,MAAM,EAAE,GAAG;gBACX,IAAI,EACF,OAAO,CAAC,GAAG,KAAK,SAAS;oBACvB,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO;oBAChC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ;aACtC;YACD,gBAAgB,EAAE,IAAI;YACtB,yBAAyB,EAAE,0BAA0B;YACrD,uBAAuB,EAAE,IAAI;YAC7B,cAAc;SACf;QACD,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,KAAK,EAAE;KACtC,CAAC,CAAC;IAEH,iDAAiD;IACjD,MAAM,eAAe,GAAG,IAAI,GAAG,EAAiC,CAAC;IAEjE,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM;QACb,OAAO,EAAE,iBAAiB;QAC1B,cAAc,EAAE,KAAK;QAErB,SAAS,CAAC,IAAY,EAAE,IAA0C;YAChE,gFAAgF;YAChF,MAAM,WAAW,GAAG,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;YACnF,iDAAiD;YACjD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;YAEvD,MAAM,MAAM,GAAG,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,IAAI,IAAI,UAAU,EAAE,EAAE;gBAChE,UAAU;gBACV,SAAS,EAAE,KAAK,CAAC,IAAI;gBACrB,iBAAiB,EAAE,MAAM;gBACzB,UAAU,EAAE;oBACV,KAAK,EAAE,WAAW;oBAClB,WAAW,EAAE,kBAAkB;iBAChC;gBACD,IAAI,EAAE,EAAE,GAAG,IAAI,EAAE,IAAI,EAAE;aACxB,CAAC,CAAC;YAEH,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACpC,CAAC;QAED,YAAY,CAAC,GAAe;YAC1B,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC7C,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC;YAEpB,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,4CAA4C;gBAC5C,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;gBAC3D,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,eAAe,CAAC;oBAC5C,UAAU;oBACV,SAAS,EAAE,KAAK,CAAC,IAAI;oBACrB,iBAAiB,EAAE,MAAM;iBAC1B,CAAC,CAAC;gBAEH,IAAI,GAAG,EAAE,CAAC;oBACR,OAAO,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;wBACvC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,IAAI,IAAI,CAA2B,CAAC;wBACzE,OAAO,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;oBAC3B,CAAC,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;YAC/D,CAAC;YAED,IAAI,GAAG,EAAE,CAAC;gBACR,OAAO,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;oBACvC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,IAAI,IAAI,CAA2B,CAAC;oBACzE,OAAO,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAC3B,CAAC,CAAC,CAAC;YACL,CAAC;YACD,OAAO,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;QAC/D,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/cjs/azure/state.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Azure Blob state backend implementation with BCDR features.
+ *
+ * Creates an Azure Storage Account + Blob Container for Pulumi state
+ * storage with versioning, encryption, and optional geo-replication.
+ *
+ * @module azure/state
+ */
+import type * as pulumi from "@pulumi/pulumi";
+import type { IStateBackend, IStateBackendConfig } from "../state";
+/** Azure-specific state backend options. */
+export interface IAzureStateBackendOptions {
+    /** Resource group name. Required for Azure. */
+    readonly resourceGroupName: pulumi.Input<string>;
+}
+/**
+ * Create an Azure Blob state backend with BCDR features.
+ *
+ * @example
+ * ```typescript
+ * const state = createAzureStateBackend("prod", {
+ *   cloud: "azure",
+ *   versioning: true,
+ *   encryption: true,
+ *   replication: { enabled: true },
+ * }, { resourceGroupName: "my-rg" });
+ * ```
+ */
+export declare function createAzureStateBackend(name: string, config: IStateBackendConfig, options: IAzureStateBackendOptions): IStateBackend;
+//# sourceMappingURL=state.d.ts.map

package/dist/cjs/azure/state.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"state.d.ts","sourceRoot":"","sources":["../../../src/azure/state.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAMnE,4CAA4C;AAC5C,MAAM,WAAW,yBAAyB;IACxC,+CAA+C;IAC/C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;CAClD;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,uBAAuB,CACrC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,mBAAmB,EAC3B,OAAO,EAAE,yBAAyB,GACjC,aAAa,CA2Df"}