public MyStack()
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs
{
});
var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup", new Aws.LB.TargetGroupArgs
{
});
var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs
{
CertificateArn = "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
DefaultActions =
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
TargetGroupArn = frontEndTargetGroup.Arn,
Type = "forward",
},
},
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 443,
Protocol = "HTTPS",
SslPolicy = "ELBSecurityPolicy-2016-08",
});
}
public MyStack()
{
var lambda_example = new Aws.LB.TargetGroup("lambda-example", new Aws.LB.TargetGroupArgs
{
TargetType = "lambda",
});
}
public MyStack()
{
var main = new Aws.Ec2.Vpc("main", new Aws.Ec2.VpcArgs
{
CidrBlock = "10.0.0.0/16",
});
var test = new Aws.LB.TargetGroup("test", new Aws.LB.TargetGroupArgs
{
Port = 80,
Protocol = "HTTP",
VpcId = main.Id,
});
}
public MyStack()
{
var main = new Aws.Ec2.Vpc("main", new Aws.Ec2.VpcArgs
{
CidrBlock = "10.0.0.0/16",
});
var ip_example = new Aws.LB.TargetGroup("ip-example", new Aws.LB.TargetGroupArgs
{
Port = 80,
Protocol = "HTTP",
TargetType = "ip",
VpcId = main.Id,
});
}
public MyStack()
{
var testTargetGroup = new Aws.LB.TargetGroup("testTargetGroup", new Aws.LB.TargetGroupArgs
{
});
var testInstance = new Aws.Ec2.Instance("testInstance", new Aws.Ec2.InstanceArgs
{
});
var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment("testTargetGroupAttachment", new Aws.LB.TargetGroupAttachmentArgs
{
Port = 80,
TargetGroupArn = testTargetGroup.Arn,
TargetId = testInstance.Id,
});
}
public MyStack()
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs
{
});
var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup", new Aws.LB.TargetGroupArgs
{
});
var pool = new Aws.Cognito.UserPool("pool", new Aws.Cognito.UserPoolArgs
{
});
var client = new Aws.Cognito.UserPoolClient("client", new Aws.Cognito.UserPoolClientArgs
{
});
var domain = new Aws.Cognito.UserPoolDomain("domain", new Aws.Cognito.UserPoolDomainArgs
{
});
var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs
{
DefaultActions =
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs
{
UserPoolArn = pool.Arn,
UserPoolClientId = client.Id,
UserPoolDomain = domain.Domain,
},
Type = "authenticate-cognito",
},
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
TargetGroupArn = frontEndTargetGroup.Arn,
Type = "forward",
},
},
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 80,
Protocol = "HTTP",
});
}
public MyStack()
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs
{
});
var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup", new Aws.LB.TargetGroupArgs
{
});
var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs
{
DefaultActions =
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs
{
AuthorizationEndpoint = "https://example.com/authorization_endpoint",
ClientId = "client_id",
ClientSecret = "client_secret",
Issuer = "https://example.com",
TokenEndpoint = "https://example.com/token_endpoint",
UserInfoEndpoint = "https://example.com/user_info_endpoint",
},
Type = "authenticate-oidc",
},
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
TargetGroupArn = frontEndTargetGroup.Arn,
Type = "forward",
},
},
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 80,
Protocol = "HTTP",
});
}
public MyStack()
{
var vpc = Output.Create(Pulumi.Aws.Ec2.GetVpc.InvokeAsync(new Pulumi.Aws.Ec2.GetVpcArgs {
Default = true
}));
var vpcId = vpc.Apply(vpc => vpc.Id);
var subnet = vpcId.Apply(id => Pulumi.Aws.Ec2.GetSubnetIds.InvokeAsync(new Pulumi.Aws.Ec2.GetSubnetIdsArgs {
VpcId = id
}));
var subnetIds = subnet.Apply(s => s.Ids);
var ami = Output.Create(Pulumi.Aws.GetAmi.InvokeAsync(new Pulumi.Aws.GetAmiArgs
{
MostRecent = true,
Owners = { "137112412989" },
Filters = { new Pulumi.Aws.Inputs.GetAmiFiltersArgs
{
Name = "name", Values = { "amzn-ami-hvm-*" }
} }
}));
var group = new Pulumi.Aws.Ec2.SecurityGroup("web-secgrp", new Pulumi.Aws.Ec2.SecurityGroupArgs
{
Description = "Enable HTTP access",
Egress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupEgressArgs
{
Protocol = "-1",
FromPort = 0,
ToPort = 0,
CidrBlocks ={ "0.0.0.0/0" }
},
},
Ingress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs
{
Protocol = "tcp",
FromPort = 80,
ToPort = 80,
CidrBlocks ={ "0.0.0.0/0" }
},
new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs
{
Protocol = "icmp",
FromPort = 8,
ToPort = 80,
CidrBlocks ={ "0.0.0.0/0" }
}
}
});
var loadbalancer = new Pulumi.Aws.LB.LoadBalancer("external-loadbalancer", new Pulumi.Aws.LB.LoadBalancerArgs
{
Internal = false,
SecurityGroups =
{
group.Id
},
Subnets = subnetIds,
LoadBalancerType = "application",
});
this.Url = loadbalancer.DnsName;
var targetGroup = new Pulumi.Aws.LB.TargetGroup("target-group", new Pulumi.Aws.LB.TargetGroupArgs
{
Port = 80,
Protocol = "HTTP",
TargetType = "ip",
VpcId = vpcId,
});
var listener = new Pulumi.Aws.LB.Listener("listener", new Pulumi.Aws.LB.ListenerArgs
{
LoadBalancerArn = loadbalancer.Arn,
Port = 80,
DefaultActions =
{
new Pulumi.Aws.LB.Inputs.ListenerDefaultActionsArgs
{
Type = "forward",
TargetGroupArn = targetGroup.Arn,
}
}
});
var userData = @"
#!/bin/bash
echo ""Hello, World!"" > index.html
nohup python -m SimpleHTTPServer 80 &
";
var azs = Pulumi.Aws.GetAvailabilityZones.InvokeAsync(new Pulumi.Aws.GetAvailabilityZonesArgs()).Result;
foreach (var az in azs.Names)
{
var server = new Pulumi.Aws.Ec2.Instance($"web-server-{az}", new Pulumi.Aws.Ec2.InstanceArgs
{
InstanceType = "t2.micro",
VpcSecurityGroupIds = { group.Id },
UserData = userData,
Ami = ami.Apply(a => a.Id),
AvailabilityZone = az,
});
var attachment = new Pulumi.Aws.LB.TargetGroupAttachment($"web-server-{az}", new Pulumi.Aws.LB.TargetGroupAttachmentArgs
{
Port = 80,
TargetGroupArn = targetGroup.Arn,
TargetId = server.PrivateIp,
});
}
}
public MyStack()
{
var cluster = new Pulumi.Aws.Ecs.Cluster("app-cluster");
// Read back the default VPC and public subnets, which we will use.
var vpc = Output.Create(Pulumi.Aws.Ec2.GetVpc.InvokeAsync(new Pulumi.Aws.Ec2.GetVpcArgs {
Default = true
}));
var vpcId = vpc.Apply(vpc => vpc.Id);
var subnet = vpcId.Apply(id => Pulumi.Aws.Ec2.GetSubnetIds.InvokeAsync(new Pulumi.Aws.Ec2.GetSubnetIdsArgs {
VpcId = id
}));
var subnetIds = subnet.Apply(s => s.Ids);
// Create a SecurityGroup that permits HTTP ingress and unrestricted egress.
var webSg = new Pulumi.Aws.Ec2.SecurityGroup("web-sg", new Pulumi.Aws.Ec2.SecurityGroupArgs
{
VpcId = vpcId,
Egress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupEgressArgs
{
Protocol = "-1",
FromPort = 0,
ToPort = 0,
CidrBlocks ={ "0.0.0.0/0" }
}
},
Ingress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs
{
Protocol = "tcp",
FromPort = 80,
ToPort = 80,
CidrBlocks ={ "0.0.0.0/0" }
}
}
});
// Create a load balancer to listen for HTTP traffic on port 80.
var webLb = new Pulumi.Aws.LB.LoadBalancer("web-lb", new Pulumi.Aws.LB.LoadBalancerArgs
{
Subnets = subnetIds,
SecurityGroups = { webSg.Id }
});
var webTg = new Pulumi.Aws.LB.TargetGroup("web-tg", new Pulumi.Aws.LB.TargetGroupArgs
{
Port = 80,
Protocol = "HTTP",
TargetType = "ip",
VpcId = vpcId
});
var webListener = new Pulumi.Aws.LB.Listener("web-listener", new Pulumi.Aws.LB.ListenerArgs
{
LoadBalancerArn = webLb.Arn,
Port = 80,
DefaultActions =
{
new Pulumi.Aws.LB.Inputs.ListenerDefaultActionArgs
{
Type = "forward",
TargetGroupArn = webTg.Arn,
}
}
});
}
public MyStack()
{
var cluster = new Pulumi.Aws.Ecs.Cluster("app-cluster");
// Read back the default VPC and public subnets, which we will use.
var vpc = Output.Create(Pulumi.Aws.Ec2.GetVpc.InvokeAsync(new Pulumi.Aws.Ec2.GetVpcArgs {
Default = true
}));
var vpcId = vpc.Apply(vpc => vpc.Id);
var subnet = vpcId.Apply(id => Pulumi.Aws.Ec2.GetSubnetIds.InvokeAsync(new Pulumi.Aws.Ec2.GetSubnetIdsArgs {
VpcId = id
}));
var subnetIds = subnet.Apply(s => s.Ids);
// Create a SecurityGroup that permits HTTP ingress and unrestricted egress.
var webSg = new Pulumi.Aws.Ec2.SecurityGroup("web-sg", new Pulumi.Aws.Ec2.SecurityGroupArgs
{
VpcId = vpcId,
Egress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupEgressArgs
{
Protocol = "-1",
FromPort = 0,
ToPort = 0,
CidrBlocks ={ "0.0.0.0/0" }
}
},
Ingress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs
{
Protocol = "tcp",
FromPort = 80,
ToPort = 80,
CidrBlocks ={ "0.0.0.0/0" }
}
}
});
// Create a load balancer to listen for HTTP traffic on port 80.
var webLb = new Pulumi.Aws.LB.LoadBalancer("web-lb", new Pulumi.Aws.LB.LoadBalancerArgs
{
Subnets = subnetIds,
SecurityGroups = { webSg.Id }
});
var webTg = new Pulumi.Aws.LB.TargetGroup("web-tg", new Pulumi.Aws.LB.TargetGroupArgs
{
Port = 80,
Protocol = "HTTP",
TargetType = "ip",
VpcId = vpcId
});
var webListener = new Pulumi.Aws.LB.Listener("web-listener", new Pulumi.Aws.LB.ListenerArgs
{
LoadBalancerArn = webLb.Arn,
Port = 80,
DefaultActions =
{
new Pulumi.Aws.LB.Inputs.ListenerDefaultActionsArgs
{
Type = "forward",
TargetGroupArn = webTg.Arn,
}
}
});
// Create an IAM role that can be used by our service's task.
var taskExecRole = new Pulumi.Aws.Iam.Role("task-exec-role", new Pulumi.Aws.Iam.RoleArgs
{
AssumeRolePolicy = @"{
""Version"": ""2008-10-17"",
""Statement"": [{
""Sid"": """",
""Effect"": ""Allow"",
""Principal"": {
""Service"": ""ecs-tasks.amazonaws.com""
},
""Action"": ""sts:AssumeRole""
}]
}"
});
var taskExecAttach = new Pulumi.Aws.Iam.RolePolicyAttachment("task-exec-policy", new Pulumi.Aws.Iam.RolePolicyAttachmentArgs
{
Role = taskExecRole.Name,
PolicyArn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
});
// Spin up a load balanced service running our container image.
var appTask = new Pulumi.Aws.Ecs.TaskDefinition("app-task", new Pulumi.Aws.Ecs.TaskDefinitionArgs
{
Family = "fargate-task-definition",
Cpu = "256",
Memory = "512",
NetworkMode = "awsvpc",
RequiresCompatibilities = { "FARGATE" },
ExecutionRoleArn = taskExecRole.Arn,
ContainerDefinitions = @"[{
""name"": ""my-app"",
""image"": ""nginx"",
""portMappings"": [{
""containerPort"": 80,
""hostPort"": 80,
""protocol"": ""tcp""
}]
}]",
});
var appSvc = new Pulumi.Aws.Ecs.Service("app-svc", new Pulumi.Aws.Ecs.ServiceArgs
{
Cluster = cluster.Arn,
DesiredCount = 1,
LaunchType = "FARGATE",
TaskDefinition = appTask.Arn,
NetworkConfiguration = new Pulumi.Aws.Ecs.Inputs.ServiceNetworkConfigurationArgs
{
AssignPublicIp = true,
Subnets = subnetIds,
SecurityGroups = { webSg.Id }
},
LoadBalancers =
{
new Pulumi.Aws.Ecs.Inputs.ServiceLoadBalancersArgs
{
TargetGroupArn = webTg.Arn,
ContainerName = "my-app",
ContainerPort = 80
}
}
}, new CustomResourceOptions {
DependsOn = { webListener }
});
// Export the resulting web address.
this.Url = Output.Format($"http://{webLb.DnsName}");
}