public WebsiteStack()
{
var resourceGroup = new ResourceGroup("www-prod-rg", new ResourceGroupArgs
{
Tags = { { "Environment", "production" } }
});
var storageAccount = new Storage.Account("wwwprodsa", new Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountTier = "Standard",
AccountReplicationType = "LRS",
StaticWebsite = new Storage.Inputs.AccountStaticWebsiteArgs
{
IndexDocument = "index.html"
}
});
var files = Directory.GetFiles("wwwroot");
foreach (var file in files)
{
var blob = new Storage.Blob(file, new Storage.BlobArgs
{
ContentType = "application/html",
Source = new FileAsset(file),
StorageAccountName = storageAccount.Name,
StorageContainerName = "$web",
Type = "Block"
});
}
this.Endpoint = storageAccount.PrimaryWebEndpoint;
}
public MyStack()
{
var resourceGroup = new Azure.Core.ResourceGroup("my-group");
var storageAccount = new Azure.Storage.Account("mystorage", new Azure.Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountReplicationType = "LRS",
AccountTier = "Standard"
});
}
public MyStack()
{
var resourceGroup = new Azure.Core.ResourceGroup("my-group");
var storageAccount = new Azure.Storage.Account("storage", new Azure.Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountReplicationType = "LRS",
AccountTier = "Standard"
});
var plan = new Azure.AppService.Plan("asp", new Azure.AppService.PlanArgs
{
ResourceGroupName = resourceGroup.Name,
Kind = "FunctionApp",
Sku = new Azure.AppService.Inputs.PlanSkuArgs
{
Tier = "Dynamic",
Size = "Y1"
}
});
var container = new Azure.Storage.Container("zips", new Azure.Storage.ContainerArgs
{
StorageAccountName = storageAccount.Name,
ContainerAccessType = "private",
});
var blob = new Azure.Storage.Blob("zip", new Azure.Storage.BlobArgs
{
StorageAccountName = storageAccount.Name,
StorageContainerName = container.Name,
Type = "Block",
Source = new FileArchive("./functions"),
});
var codeBlobUrl = Azure.Storage.SharedAccessSignature.SignedBlobReadUrl(blob, storageAccount);
var app = new Azure.AppService.FunctionApp("fa", new Azure.AppService.FunctionAppArgs
{
ResourceGroupName = resourceGroup.Name,
AppServicePlanId = plan.Id,
StorageConnectionString = storageAccount.PrimaryConnectionString,
Version = "~2",
AppSettings =
{
{ "FUNCTIONS_WORKER_RUNTIME", "node" },
{ "WEBSITE_NODE_DEFAULT_VERSION", "10.14.1" },
{ "WEBSITE_RUN_FROM_PACKAGE", codeBlobUrl }
}
});
this.Endpoint = Output.Format($"https://{app.DefaultHostname}/api/hello");
}
public MyStack()
{
var resourceGroup = new Azure.Core.ResourceGroup(Settings.ResourceGroupName);
var storageAccount = new Azure.Storage.Account(Settings.StorageAccountName, new Azure.Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountReplicationType = "LRS",
AccountTier = "Standard"
});
var container = new Azure.Storage.Container(Settings.ContainerName, new Azure.Storage.ContainerArgs
{
StorageAccountName = storageAccount.Name
});
this.AccountName = storageAccount.Name;
}
public MyStack()
{
var resourceGroup = new Azure.Core.ResourceGroup("my-group");
var storageAccount = new Azure.Storage.Account("mystorage", new Azure.Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountReplicationType = "LRS",
AccountTier = "Standard"
});
var container = new Azure.Storage.Container("mycontainer", new Azure.Storage.ContainerArgs
{
Name = "files",
StorageAccountName = storageAccount.Name
});
this.AccountName = storageAccount.Name;
}
public static IDictionary <string, Output <string> > Run()
{
var resourceGroup = new ResourceGroup("rg", new ResourceGroupArgs {
Location = "West Europe"
});
// "Account" without a namespace would be too vague, while "ResourceGroup" without namespace sounds good.
// We could suggest always using the namespace, but this makes new-ing of Args even longer and uglier?
var storageAccount = new Storage.Account("sa", new Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountReplicationType = "LRS",
AccessTier = "Standard",
});
// How do we want to treat exports?
return(new Dictionary <string, Output <string> >
{
{ "accessKey", storageAccount.PrimaryAccessKey }
});
}
public MyStack()
{
var resourceGroup = new Azure.Core.ResourceGroup("my-group");
var storageAccount = new Azure.Storage.Account("storage", new Azure.Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountReplicationType = "LRS",
AccountTier = "Standard"
});
var plan = new Azure.AppService.Plan("asp", new Azure.AppService.PlanArgs
{
ResourceGroupName = resourceGroup.Name,
Kind = "FunctionApp",
Sku = new Azure.AppService.Inputs.PlanSkuArgs
{
Tier = "Dynamic",
Size = "Y1"
}
});
}
public MyStack()
{
var resourceGroup = new Azure.Core.ResourceGroup("my-group");
var storageAccount = new Azure.Storage.Account("storage", new Azure.Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountReplicationType = "LRS",
AccountTier = "Standard"
});
var plan = new Azure.AppService.Plan("asp", new Azure.AppService.PlanArgs
{
ResourceGroupName = resourceGroup.Name,
Kind = "FunctionApp",
Sku = new Azure.AppService.Inputs.PlanSkuArgs
{
Tier = "Dynamic",
Size = "Y1"
}
});
var app = new Azure.AppService.FunctionApp("fa", new Azure.AppService.FunctionAppArgs
{
ResourceGroupName = resourceGroup.Name,
AppServicePlanId = plan.Id,
StorageConnectionString = storageAccount.PrimaryConnectionString,
Version = "~2",
AppSettings =
{
{ "FUNCTIONS_WORKER_RUNTIME", "node" },
{ "WEBSITE_NODE_DEFAULT_VERSION", "10.14.1" },
{ "WEBSITE_RUN_FROM_PACKAGE", "https://mikhailworkshop.blob.core.windows.net/zips/app.zip" }
}
});
this.Endpoint = Output.Format($"https://{app.DefaultHostname}/api/hello");
}
public MyStack()
{
var config = new Config();
var storageAccountNameParam = config.Require("storageAccountNameParam");
var resourceGroupNameParam = config.Require("resourceGroupNameParam");
var resourceGroupVar = Output.Create(Azure.Core.GetResourceGroup.InvokeAsync(new Azure.Core.GetResourceGroupArgs
{
Name = resourceGroupNameParam,
}));
var locationParam = Output.Create(config.Get("locationParam")) ?? resourceGroupVar.Apply(resourceGroupVar => resourceGroupVar.Location);
var storageAccountTierParam = config.Get("storageAccountTierParam") ?? "Standard";
var storageAccountTypeReplicationParam = config.Get("storageAccountTypeReplicationParam") ?? "LRS";
var storageAccountResource = new Azure.Storage.Account("storageAccountResource", new Azure.Storage.AccountArgs
{
Name = storageAccountNameParam,
AccountKind = "StorageV2",
Location = locationParam,
ResourceGroupName = resourceGroupNameParam,
AccountTier = storageAccountTierParam,
AccountReplicationType = storageAccountTypeReplicationParam,
});
this.StorageAccountNameOut = storageAccountResource.Name;
}
public BotStack()
{
var config = new Pulumi.Config();
var botName = config.Require("botName");
var resourceGroup = new ResourceGroup("botservice-rg");
var storageAccount = new Storage.Account("sa", new Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountReplicationType = "LRS",
AccountTier = "Standard"
});
var appServicePlan = new Plan("asp", new PlanArgs
{
ResourceGroupName = resourceGroup.Name,
Kind = "App",
Sku = new PlanSkuArgs
{
Tier = "Basic",
Size = "B1"
}
});
var container = new Storage.Container("zips", new Storage.ContainerArgs
{
StorageAccountName = storageAccount.Name,
ContainerAccessType = "private",
});
var blob = new Storage.Blob("zip", new Storage.BlobArgs
{
StorageAccountName = storageAccount.Name,
StorageContainerName = container.Name,
Type = "Block",
Source = new FileArchive("bot/publish")
});
var codeBlobUrl = Storage.SharedAccessSignature.SignedBlobReadUrl(blob, storageAccount);
var appInsights = new Insights("ai", new InsightsArgs
{
ApplicationType = "web",
ResourceGroupName = resourceGroup.Name
});
var appInsightApiKey = new ApiKey("ai", new ApiKeyArgs
{
ApplicationInsightsId = appInsights.Id,
ReadPermissions = "api",
});
var luis = new Cognitive.Account("cs", new Cognitive.AccountArgs
{
Kind = "CognitiveServices", // includes LUIS
ResourceGroupName = resourceGroup.Name,
SkuName = "S0"
});
var msa = new Application("msapp", new ApplicationArgs
{
Oauth2AllowImplicitFlow = false,
AvailableToOtherTenants = true,
PublicClient = true
});
var pwd = new RandomPassword("password", new RandomPasswordArgs
{
Length = 16,
MinNumeric = 1,
MinSpecial = 1,
MinUpper = 1,
MinLower = 1
});
var msaSecret = new ApplicationPassword("msasecret", new ApplicationPasswordArgs
{
ApplicationObjectId = msa.ObjectId,
EndDateRelative = "8640h",
Value = pwd.Result
});
var app = new AppService("app", new AppServiceArgs
{
ResourceGroupName = resourceGroup.Name,
AppServicePlanId = appServicePlan.Id,
AppSettings =
{
{ "WEBSITE_RUN_FROM_PACKAGE", codeBlobUrl },
{ "MicrosoftAppId", msa.ApplicationId },
{ "MicrosoftAppPassword", msaSecret.Value },
{ "LuisApiKey", luis.PrimaryAccessKey },
},
HttpsOnly = true
});
var bot = new WebApp(botName, new WebAppArgs
{
DisplayName = botName,
MicrosoftAppId = msa.ApplicationId,
ResourceGroupName = resourceGroup.Name,
Sku = "F0",
Location = "global",
Endpoint = Output.Format($"https://{app.DefaultSiteHostname}/api/messages"),
DeveloperAppInsightsApiKey = appInsightApiKey.Key,
DeveloperAppInsightsApplicationId = appInsights.AppId,
DeveloperAppInsightsKey = appInsights.InstrumentationKey
});
this.BotEndpoint = bot.Endpoint;
this.MicrosoftAppId = msa.ApplicationId;
this.MicrosoftAppPassword = msaSecret.Value;
}
public MyStack()
{
// Create an Azure Resource Group
var resourceGroup = new ResourceGroup("pulumiTestRG");
//create service bus
var serviceBus = new Pulumi.Azure.ServiceBus.Namespace("webappServiceBus", new Pulumi.Azure.ServiceBus.NamespaceArgs
{
Location = resourceGroup.Location,
ResourceGroupName = resourceGroup.Name,
Sku = "Standard",
});
//create ServiceBus Queue
var exampleQueue = new Pulumi.Azure.ServiceBus.Queue("exampleQueue", new Pulumi.Azure.ServiceBus.QueueArgs
{
ResourceGroupName = resourceGroup.Name,
NamespaceName = serviceBus.Name,
});
//create sql
var primary = new Pulumi.Azure.Sql.SqlServer("primary", new Pulumi.Azure.Sql.SqlServerArgs
{
ResourceGroupName = resourceGroup.Name,
Location = resourceGroup.Location,
Version = "12.0",
AdministratorLogin = "******",
AdministratorLoginPassword = Password.Generate(32, 12),
});
var secondary = new Pulumi.Azure.Sql.SqlServer("secondary", new Pulumi.Azure.Sql.SqlServerArgs
{
ResourceGroupName = resourceGroup.Name,
Location = "northeurope",
Version = "12.0",
AdministratorLogin = "******",
AdministratorLoginPassword = Password.Generate(32, 12),
});
var sqlLogs = new Pulumi.Azure.Storage.Account("sqllogs", new Pulumi.Azure.Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
Location = resourceGroup.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var db1 = new Pulumi.Azure.Sql.Database("exampleDatabase", new Pulumi.Azure.Sql.DatabaseArgs
{
ResourceGroupName = primary.ResourceGroupName,
Location = primary.Location,
ServerName = primary.Name,
ExtendedAuditingPolicy = new Pulumi.Azure.Sql.Inputs.DatabaseExtendedAuditingPolicyArgs
{
StorageEndpoint = sqlLogs.PrimaryBlobEndpoint,
StorageAccountAccessKey = sqlLogs.PrimaryAccessKey,
StorageAccountAccessKeyIsSecondary = true,
RetentionInDays = 6,
},
RequestedServiceObjectiveName = "S0",
Tags =
{
{ "environment", "production" },
},
});
//create sql failover
var exampleFailoverGroup = new Pulumi.Azure.Sql.FailoverGroup("failover", new Pulumi.Azure.Sql.FailoverGroupArgs
{
ResourceGroupName = primary.ResourceGroupName,
ServerName = primary.Name,
Databases =
{
db1.Id,
},
PartnerServers =
{
new Pulumi.Azure.Sql.Inputs.FailoverGroupPartnerServerArgs
{
Id = secondary.Id,
},
},
ReadWriteEndpointFailoverPolicy = new Pulumi.Azure.Sql.Inputs.FailoverGroupReadWriteEndpointFailoverPolicyArgs
{
Mode = "Automatic",
GraceMinutes = 60,
},
});
// Create an Azure Storage Account
// var storageAccount = new Account("pulumistoragetest", new AccountArgs
// {
// ResourceGroupName = resourceGroup.Name,
// AccountReplicationType = "LRS",
// AccountTier = "Standard"
// });
var appServicePlan = new Plan("asp", new PlanArgs
{
ResourceGroupName = resourceGroup.Name,
Kind = "App",
Sku = new PlanSkuArgs
{
Tier = "Basic",
Size = "B1",
},
});
var appInsights = new Insights("appInsights", new InsightsArgs
{
ApplicationType = "web",
ResourceGroupName = resourceGroup.Name
});
var webapp = new AppService("webapp", new AppServiceArgs
{
ResourceGroupName = resourceGroup.Name,
AppServicePlanId = appServicePlan.Id,
AppSettings =
{
// {"WEBSITE_RUN_FROM_PACKAGE", codeBlobUrl},
{ "APPINSIGHTS_INSTRUMENTATIONKEY", appInsights.InstrumentationKey },
// {"APPLICATIONINSIGHTS_CONNECTION_STRING", appInsights.InstrumentationKey.Apply(key => $"InstrumentationKey={key}")},
{ "ApplicationInsightsAgent_EXTENSION_VERSION", "~2" },
},
HttpsOnly = true,
Identity = new AppServiceIdentityArgs
{
Type = "SystemAssigned"
},
});
//get CurentUser
var current = Output.Create(Pulumi.Azure.Core.GetClientConfig.InvokeAsync());
//create aad group
var appADGroup = new AzureAD.Group("mynewGroup", new AzureAD.GroupArgs
{
Owners = { current.Apply(current => current.ObjectId) },
Members = { webapp.Identity.Apply(x => x.PrincipalId) },
});
//add aad admin to server
var primarySQLAADAdmin = new Pulumi.Azure.Sql.ActiveDirectoryAdministrator("exampleActiveDirectoryAdministrator",
new Pulumi.Azure.Sql.ActiveDirectoryAdministratorArgs
{
ServerName = primary.Name,
Login = "******",
ResourceGroupName = primary.ResourceGroupName,
TenantId = current.Apply(current => current.TenantId),
ObjectId = appADGroup.ObjectId,
});
var secondarySQLAADAdmin = new Pulumi.Azure.Sql.ActiveDirectoryAdministrator("secondarysqlAdmin",
new Pulumi.Azure.Sql.ActiveDirectoryAdministratorArgs
{
ServerName = secondary.Name,
Login = "******",
ResourceGroupName = secondary.ResourceGroupName,
TenantId = current.Apply(current => current.TenantId),
ObjectId = appADGroup.ObjectId,
});
//ref https://www.pulumi.com/docs/reference/pkg/azure/keyvault/keyvault/
var webappAKV = new KeyVault("webappAKV", new Pulumi.Azure.KeyVault.KeyVaultArgs
{
Location = resourceGroup.Location,
ResourceGroupName = resourceGroup.Name,
EnabledForDiskEncryption = true,
TenantId = current.Apply(current => current.TenantId),
SoftDeleteEnabled = true,
SoftDeleteRetentionDays = 7,
PurgeProtectionEnabled = false,
SkuName = "standard",
AccessPolicies =
{
new KeyVaultAccessPolicyArgs
{
TenantId = current.Apply(current => current.TenantId),
ObjectId = current.Apply(current => current.ObjectId),
KeyPermissions =
{
"get",
},
SecretPermissions =
{
"set", "get", "list", "delete"
},
CertificatePermissions =
{
"get",
},
},
new KeyVaultAccessPolicyArgs
{
TenantId = current.Apply(current => current.TenantId),
ObjectId = appADGroup.ObjectId,
KeyPermissions =
{
"create",
},
SecretPermissions =
{
"set", "get", "list"
},
CertificatePermissions =
{
"get",
},
},
},
Tags =
{
{ "environment", "Testing" },
},
});
var secret = new Secret("paymentApiKey", new SecretArgs
{
KeyVaultId = webappAKV.Id,
Value = serviceBus.DefaultPrimaryConnectionString,
});
// Export the connection string for the storage account
this.Outbound = webapp.OutboundIpAddresses;
this.akvurl = webappAKV.VaultUri;
this.secretURL = secret.Id;
}
public KpiAzureFunctionStack()
{
var config = new Config();
var resourceGroupName = config.Require("resourceGroupName");
var appServicePlan = new Pulumi.AzureNative.Web.AppServicePlan("kpi-linux-asp",
new Pulumi.AzureNative.Web.AppServicePlanArgs
{
Kind = "functionapp",
ResourceGroupName = resourceGroupName,
Sku = new SkuDescriptionArgs
{
Name = "Y1",
Tier = "Dynamic"
},
Tags =
{
{ "environment", "dev" },
{ "product", "kpi-system" }
}
});
// var storageAccount = new Pulumi.AzureNative.Storage.StorageAccount("kpistrg", new Pulumi.AzureNative.Storage.StorageAccountArgs
// {
// Kind = Pulumi.AzureNative.Storage.Kind.StorageV2,
// ResourceGroupName = resourceGroupName,
// Sku = new Pulumi.AzureNative.Storage.Inputs.SkuArgs
// {
// Name = "Standard_LRS",
// },
// Tags =
// {
// { "environment", "dev" },
// { "product", "kpi-system" },
// },
// });
var storageAccount = new Pulumi.Azure.Storage.Account("kpistrg", new Pulumi.Azure.Storage.AccountArgs
{
ResourceGroupName = resourceGroupName,
AccountReplicationType = "LRS",
AccountTier = "Standard",
AccountKind = "StorageV2"
});
var container = new BlobContainer("zips-container", new BlobContainerArgs
{
AccountName = storageAccount.Name,
PublicAccess = PublicAccess.None,
ResourceGroupName = resourceGroupName
});
var blob = new Blob("myfunctions", new BlobArgs
{
AccountName = storageAccount.Name,
ContainerName = container.Name,
ResourceGroupName = resourceGroupName,
Source = new FileArchive(FunctionAppPublishFolder),
Type = BlobType.Block
});
var codeBlobUrl = SignedBlobReadUrl(blob, container, storageAccount.Name, resourceGroupName);
// Application insights
var appInsights = new Component("appInsights", new ComponentArgs
{
ApplicationType = ApplicationType.Web,
Kind = "web",
ResourceGroupName = resourceGroupName
});
var userAssignedIdentity = new Pulumi.AzureNative.ManagedIdentity.UserAssignedIdentity("kpi-identity",
new Pulumi.AzureNative.ManagedIdentity.UserAssignedIdentityArgs
{
ResourceGroupName = resourceGroupName
});
var vault = CreateVault(resourceGroupName, config, userAssignedIdentity);
/*
* Create relevant Vault Secrets.
*
* N.B.: we use these to make the secrets unreadable for users who have read-access
* to the Azure Function itself, but not the vault.
*/
var influxDbTokenSecret = CreateSecret("InfluxDbToken", config.RequireSecret("InfluxDb.Token"), vault,
resourceGroupName);
var mailChimpTokenSecret = CreateSecret("MailchimpApiKey", config.RequireSecret("Mailchimp.ApiKey"), vault,
resourceGroupName);
var googleAnalyticsKeySecret = CreateSecret("GoogleAnalyticsKey", config.RequireSecret("GoogleAnalytics.Key"),
vault, resourceGroupName);
var kpiCollector = new Pulumi.AzureNative.Web.WebApp("kpi-collector", new Pulumi.AzureNative.Web.WebAppArgs
{
Kind = "functionapp,linux",
ResourceGroupName = resourceGroupName,
ServerFarmId = appServicePlan.Id,
SiteConfig = new SiteConfigArgs
{
AppSettings =
GenerateGoogleAnalyticsArgs(config, "GoogleAnalytics.Sites")
.Concat(
new[]
{
new NameValuePairArgs
{
Name = "AzureWebJobsStorage",
Value = storageAccount.PrimaryBlobConnectionString
},
new NameValuePairArgs
{
Name = "FUNCTIONS_WORKER_RUNTIME",
Value = "dotnet"
},
new NameValuePairArgs
{
Name = "WEBSITE_RUN_FROM_PACKAGE",
Value = codeBlobUrl
},
new NameValuePairArgs()
{
Name = "FUNCTIONS_EXTENSION_VERSION",
Value = "~3" // use Azure functions v3
},
/* App Insights - for some reason Azure Functions
* built via Portal use both configuration values
* */
new NameValuePairArgs
{
Name = "APPLICATIONINSIGHTS_CONNECTION_STRING",
Value = Output.Format($"InstrumentationKey={appInsights.InstrumentationKey}")
},
new NameValuePairArgs
{
Name = "APPINSIGHTS_INSTRUMENTATIONKEY",
Value = appInsights.InstrumentationKey
},
/* Add InfluxDb parameters
*
* All of these configuration parameters are consumed via
* Microsoft.Extensions.Configuration environment variables
* consumption - hence why we use the double underscore - to separate
* configuration areas.
*/
new NameValuePairArgs()
{
Name = "InfluxDb__ConnectionString",
Value = config.Require("InfluxDb.ConnectionString")
},
new NameValuePairArgs()
{
Name = "InfluxDb__Org",
Value = config.Require("InfluxDb.Org")
},
new NameValuePairArgs()
{
Name = "InfluxDb__Bucket",
Value = config.Require("InfluxDb.Bucket")
},
new NameValuePairArgs()
{
Name = "InfluxDb__Token",
Value = Output.Format(
$"@Microsoft.KeyVault(VaultName={vault.Name};SecretName={influxDbTokenSecret.Name})")
},
/* Email marketing configuration values */
new NameValuePairArgs()
{
Name = "Mailchimp__ApiKey",
Value = Output.Format(
$"@Microsoft.KeyVault(VaultName={vault.Name};SecretName={mailChimpTokenSecret.Name})")
},
/* Web analytics configuration values */
new NameValuePairArgs()
{
Name = "GoogleAnalytics__ServiceAccount",
Value = config.Require("GoogleAnalytics.ServiceAccount")
},
new NameValuePairArgs()
{
Name = "GoogleAnalytics__Key",
Value = Output.Format(
$"@Microsoft.KeyVault(VaultName={vault.Name};SecretName={googleAnalyticsKeySecret.Name})")
}
}).ToArray()
},
Identity = new ManagedServiceIdentityArgs()
{
Type = Pulumi.AzureNative.Web.ManagedServiceIdentityType.SystemAssigned
},
Tags =
{
{ "environment", "dev" },
{ "product", "kpi-system" }
}
});
// need to create access policies using the azure function system identity
var appId = kpiCollector.Identity.Apply(s => s.PrincipalId);
var accessPolicy = new AccessPolicy("kpi-keyvault-access",
new AccessPolicyArgs()
{
ObjectId = appId,
SecretPermissions = "get",
KeyVaultId = vault.Id,
TenantId = config.Require("azureTenantId")
});
}
public MyStack()
{
var resourceGroup = new Azure.Core.ResourceGroup("testResourceGroup",
new Azure.Core.ResourceGroupArgs {
Location = "ukwest"
});
var serviceBusNamespace = new Azure.ServiceBus.Namespace("testServiceBusNamespace", new Azure.ServiceBus.NamespaceArgs
{
ResourceGroupName = resourceGroup.Name,
Sku = "Basic"
});
var messageQueue = new Azure.ServiceBus.Queue("testMessageQueue", new Azure.ServiceBus.QueueArgs
{
ResourceGroupName = resourceGroup.Name,
NamespaceName = serviceBusNamespace.Name,
MaxSizeInMegabytes = 1024,
EnablePartitioning = false,
DefaultMessageTtl = System.Xml.XmlConvert.ToString(TimeSpan.FromSeconds(30))
});
var appServicePlan = new Azure.AppService.Plan("testConsumptionPlan", new Azure.AppService.PlanArgs
{
ResourceGroupName = resourceGroup.Name,
Kind = "FunctionApp",
Sku = new Azure.AppService.Inputs.PlanSkuArgs
{
Tier = "Dynamic",
Size = "Y1"
}
});
var functionStorage = new Azure.Storage.Account("testFuncStorage", new Azure.Storage.AccountArgs
{
ResourceGroupName = resourceGroup.Name,
AccountReplicationType = "LRS",
AccountTier = "Standard"
});
var appInsights = new Azure.AppInsights.Insights("testAppInsights", new Azure.AppInsights.InsightsArgs
{
ResourceGroupName = resourceGroup.Name,
RetentionInDays = 30,
ApplicationType = "web",
Location = "uksouth"
});
var functionApp = new Azure.AppService.FunctionApp("testFunctionApp", new Azure.AppService.FunctionAppArgs
{
AppServicePlanId = appServicePlan.Id,
ResourceGroupName = resourceGroup.Name,
StorageConnectionString = functionStorage.PrimaryConnectionString,
Version = "~3",
AppSettings = { { "APPINSIGHTS_INSTRUMENTATIONKEY", appInsights.InstrumentationKey } },
ConnectionStrings = new Azure.AppService.Inputs.FunctionAppConnectionStringsArgs
{
Name = "ServiceBusConnection",
Value = serviceBusNamespace.DefaultPrimaryConnectionString,
Type = "ServiceBus"
}
});
}
public Step3Start()
{
const string prefix = Common.Prefix;
var config = new Config();
var location = config.Get("location") ?? "australiaeast";
#region Resource Group
var resourceGroup = new ResourceGroup($"{prefix}-{Deployment.Instance.StackName}", new ResourceGroupArgs()
{
Name = $"{prefix}-{Deployment.Instance.StackName}",
Location = location
});
var name = $"{prefix}{Deployment.Instance.StackName}web";
#endregion
#region Static Website
var staticWebsiteStorageAccount = new Pulumi.Azure.Storage.Account(
name,
new Pulumi.Azure.Storage.AccountArgs
{
Name = name,
ResourceGroupName = resourceGroup.Name,
EnableHttpsTrafficOnly = true,
AccountReplicationType = "LRS",
AccountTier = "Standard",
AccountKind = "StorageV2",
AccessTier = "Hot"
});
WebContainer =
staticWebsiteStorageAccount.PrimaryBlobConnectionString.Apply(async v => await EnableStaticSites(v));
StaticWebsiteConnection = staticWebsiteStorageAccount.PrimaryBlobConnectionString;
#endregion
#region Cosmos DB
var cosmosDatabaseOutput = CosmosDatabase.Run(
resourceGroup.Name, prefix, resourceGroup.Location);
#endregion
#region Azure Function
#region Storage Account
var storageAccount = new Account($"sa{prefix}{Deployment.Instance.StackName}",
new AccountArgs
{
Name = $"sa{prefix}{Deployment.Instance.StackName}",
ResourceGroupName = resourceGroup.Name,
Location = resourceGroup.Location,
AccountReplicationType = "LRS",
AccountTier = "Standard"
});
#endregion
#region App Service Plan
var appServicePlan = new Plan($"asp-{prefix}{Deployment.Instance.StackName}",
new PlanArgs
{
Name = $"asp-{prefix}{Deployment.Instance.StackName}",
ResourceGroupName = resourceGroup.Name,
Location = resourceGroup.Location,
Kind = "FunctionApp",
Sku = new PlanSkuArgs
{
Tier = "Dynamic",
Size = "Y1"
}
});
#endregion
#region Storage Container
var container = new Container($"func-code", new ContainerArgs
{
StorageAccountName = storageAccount.Name,
ContainerAccessType = "private",
});
#endregion
#region Function Zip Blob
var functionAppFileLocation = "../TeamTimeZones/bin/Debug/netcoreapp3.1/publish/";
var blob = new Blob($"func", new BlobArgs
{
StorageAccountName = storageAccount.Name,
StorageContainerName = container.Name,
Type = "block",
Source = new FileArchive(functionAppFileLocation),
});
#endregion
#region Function App
var codeBlobUrl = SharedAccessSignature.SignedBlobReadUrl(blob, storageAccount);
var app = new FunctionApp($"app-{prefix}",
new FunctionAppArgs
{
Name = $"app-{prefix}",
ResourceGroupName = resourceGroup.Name,
Location = resourceGroup.Location,
AppServicePlanId = appServicePlan.Id,
StorageConnectionString = storageAccount.PrimaryConnectionString,
Version = "~3",
AppSettings = new InputMap <string>
{
{ "runtime", "dotnet" },
{ "WEBSITE_RUN_FROM_PACKAGE", codeBlobUrl },
{ "db-account-endpoint", cosmosDatabaseOutput["db-account-endpoint"].Apply(x => x.ToString()) },
{ "db-account-key", cosmosDatabaseOutput["db-account-key"].Apply(x => x.ToString()) }
},
SiteConfig = new FunctionAppSiteConfigArgs
{
Cors = new FunctionAppSiteConfigCorsArgs
{
AllowedOrigins = "*"
}
}
});
this.FunctionAppEndPoint = app.DefaultHostname;
#endregion
#endregion
}
