public BasicStack()
{
var resourceGroup = new ResourceGroup("testrg");
var functionApp = new ArchiveFunctionApp("app", new ArchiveFunctionAppArgs
{
ResourceGroupName = resourceGroup.Name
});
}
public CompleteStack()
{
const string prefix = "teamtimezones";
var config = new Config();
var location = config.Get("location") ?? "westus";
var resourceGroup = new ResourceGroup($"{prefix}-{Deployment.Instance.StackName}", new ResourceGroupArgs()
{
Name = $"{prefix}-{Deployment.Instance.StackName}",
Location = location
});
//Static Website
var staticWebsiteOutput = new StaticWebsite($"{prefix}{Deployment.Instance.StackName}web", new StaticWebsiteArgs()
{
StorageAccountName = resourceGroup.Name
});
StaticWebsiteConnection = staticWebsiteOutput.StaticWebsiteConnection;
//Cosmos DB
var cosmosDatabaseOutput = CosmosDatabase.Run(
resourceGroup.Name, prefix, resourceGroup.Location);
//Azure Function
var archiveFunction = new ArchiveFunctionApp($"{prefix}-{Deployment.Instance.StackName}",
new ArchiveFunctionAppArgs
{
ResourceGroupName = resourceGroup.Name,
Prefix = prefix,
FunctionAppLocation = location,
FunctionAppFileLocation = "../TeamTimeZones/bin/Debug/netcoreapp3.1/publish/",
AppSettings = new InputMap <string>
{
{ "db-account-endpoint", cosmosDatabaseOutput["db-account-endpoint"].Apply(x => x.ToString()) },
{ "db-account-key", cosmosDatabaseOutput["db-account-key"].Apply(x => x.ToString()) }
}
});
FunctionAppEndPoint = archiveFunction.DefaultHostname;
}
public static IDictionary <string, object> Run()
{
// Read a list of target locations from the config file:
// Expecting a comma-separated list, e.g., "westus,eastus,westeurope"
var locations = new Config().Require("locations").Split(",");
var resourceGroup = new ResourceGroup("cosmosfunctions-rg", new ResourceGroupArgs {
Location = locations[0]
});
var app = new CosmosApp("functions", new CosmosAppArgs
{
ResourceGroup = resourceGroup,
Locations = locations,
DatabaseName = "pricedb",
ContainerName = "prices",
Factory = global => region =>
{
var connectionString = global.CosmosAccount.ConnectionStrings.Apply(cs => cs[0]);
var func = new ArchiveFunctionApp($"afa-{region.Location}", new ArchiveFunctionAppArgs
{
ResourceGroupName = resourceGroup.Name,
Location = region.Location,
Archive = new FileArchive("./app/bin/Debug/netcoreapp2.2/publish"),
AppSettings =
{
{ "CosmosDBConnection", connectionString },
},
},
global.Options);
return(new AzureEndpoint(func.AppId));
},
});
return(new Dictionary <string, object>
{
{ "functionsEndpoint", Output.Format($"{app.Endpoint}/cosmos") }
});
}
static async Task <Dictionary <string, object?> > CreateResources()
{
var clientConfig = await GetClientConfig.InvokeAsync();
var tenantId = clientConfig.TenantId;
var resourceGroup = new ResourceGroup($"{ NamePrefix }-group");
var kv = new KeyVault($"{ NamePrefix }-vault", new KeyVaultArgs {
ResourceGroupName = resourceGroup.Name,
SkuName = "standard",
TenantId = tenantId,
AccessPolicies =
{
new KeyVaultAccessPolicyArgs {
TenantId = tenantId,
// TODO: CHANGE ME!
// The current principal has to be granted permissions to Key Vault so that it can actually add and then remove
// secrets to/from the Key Vault. Otherwise, 'pulumi up' and 'pulumi destroy' operations will fail.- //
// NOTE: This object ID value is NOT what you see in the Azure AD's App Registration screen.
// Run `az ad sp show` from the Azure CLI to list the correct Object ID to use here.
ObjectId = "your-SP-object-ID",
SecretPermissions = new InputList <string>{
"delete", "get", "list", "set"
},
}
}
});
var twilioSecret = new Secret($"{ NamePrefix }-twil", new SecretArgs
{
KeyVaultId = kv.Id,
Value = TwilioAccountToken,
});
var appInsights = new Insights($"{ NamePrefix }-ai", new InsightsArgs
{
ApplicationType = "web",
ResourceGroupName = resourceGroup.Name,
});
var durableFunctionApp = new ArchiveFunctionApp($"{ NamePrefix }-funcs", new ArchiveFunctionAppArgs
{
ResourceGroupName = resourceGroup.Name,
Archive = new FileArchive($"./bin/Debug/netcoreapp3.1/GarageDoorMonitor/publish"),
AppSettings = new InputMap <string>
{
{ "runtime", "dotnet" },
{ "FUNCTIONS_EXTENSION_VERSION", "~3" },
{ "TwilioAccountToken", Output.Format($"@Microsoft.KeyVault(SecretUri ={ twilioSecret.Id })") },
{ "APPINSIGHTS_INSTRUMENTATIONKEY", Output.Format($"{ appInsights.InstrumentationKey }") },
{ "TimerDelayMinutes", GetIntConfigOrDefault("timerDelayMinutes", 2) },
},
HttpsOnly = true,
Identity = new FunctionAppIdentityArgs {
Type = "SystemAssigned"
},
});
// Now that the app is created, update the access policies of the keyvault and
// grant the principalId of the function app access to the vault.
var principalId = durableFunctionApp.FunctionApp.Identity.Apply(id => id.PrincipalId ?? "0c4825d9-3901-40a8-ab89-ad4e3aeeadd9");
// Grant App Service access to KV secrets
var appAccessPolicy = new AccessPolicy($"{ NamePrefix }-app-policy", new AccessPolicyArgs
{
KeyVaultId = kv.Id,
TenantId = tenantId,
ObjectId = principalId,
SecretPermissions = new InputList <string> {
"get"
},
});
return(new Dictionary <string, object?>
{
{ "webhookUrl", durableFunctionApp.Endpoint },
});
}
