public MyStack()
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs
{
});
var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup", new Aws.LB.TargetGroupArgs
{
});
var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs
{
CertificateArn = "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4",
DefaultActions =
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
TargetGroupArn = frontEndTargetGroup.Arn,
Type = "forward",
},
},
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 443,
Protocol = "HTTPS",
SslPolicy = "ELBSecurityPolicy-2016-08",
});
}
public MyStack()
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs
{
});
var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs
{
DefaultActions =
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
Redirect = new Aws.LB.Inputs.ListenerDefaultActionRedirectArgs
{
Port = "443",
Protocol = "HTTPS",
StatusCode = "HTTP_301",
},
Type = "redirect",
},
},
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 80,
Protocol = "HTTP",
});
}
public MyStack()
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs
{
});
var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs
{
DefaultActions =
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
FixedResponse = new Aws.LB.Inputs.ListenerDefaultActionFixedResponseArgs
{
ContentType = "text/plain",
MessageBody = "Fixed response content",
StatusCode = "200",
},
Type = "fixed-response",
},
},
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 80,
Protocol = "HTTP",
});
}
public MyStack()
{
var exampleCertificate = new Aws.Acm.Certificate("exampleCertificate", new Aws.Acm.CertificateArgs
{
});
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs
{
});
var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs
{
});
var exampleListenerCertificate = new Aws.LB.ListenerCertificate("exampleListenerCertificate", new Aws.LB.ListenerCertificateArgs
{
CertificateArn = exampleCertificate.Arn,
ListenerArn = frontEndListener.Arn,
});
}
public MyStack()
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs
{
});
var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup", new Aws.LB.TargetGroupArgs
{
});
var pool = new Aws.Cognito.UserPool("pool", new Aws.Cognito.UserPoolArgs
{
});
var client = new Aws.Cognito.UserPoolClient("client", new Aws.Cognito.UserPoolClientArgs
{
});
var domain = new Aws.Cognito.UserPoolDomain("domain", new Aws.Cognito.UserPoolDomainArgs
{
});
var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs
{
DefaultActions =
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs
{
UserPoolArn = pool.Arn,
UserPoolClientId = client.Id,
UserPoolDomain = domain.Domain,
},
Type = "authenticate-cognito",
},
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
TargetGroupArn = frontEndTargetGroup.Arn,
Type = "forward",
},
},
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 80,
Protocol = "HTTP",
});
}
public MyStack()
{
var certCertificate = new Aws.Acm.Certificate("certCertificate", new Aws.Acm.CertificateArgs
{
DomainName = "example.com",
ValidationMethod = "DNS",
});
var zone = Output.Create(Aws.Route53.GetZone.InvokeAsync(new Aws.Route53.GetZoneArgs
{
Name = "example.com.",
PrivateZone = false,
}));
var certValidation = new Aws.Route53.Record("certValidation", new Aws.Route53.RecordArgs
{
Name = certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[0].ResourceRecordName),
Records =
{
certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[0].ResourceRecordValue),
},
Ttl = 60,
Type = certCertificate.DomainValidationOptions.Apply(domainValidationOptions => domainValidationOptions[0].ResourceRecordType),
ZoneId = zone.Apply(zone => zone.ZoneId),
});
var certCertificateValidation = new Aws.Acm.CertificateValidation("certCertificateValidation", new Aws.Acm.CertificateValidationArgs
{
CertificateArn = certCertificate.Arn,
ValidationRecordFqdns =
{
certValidation.Fqdn,
},
});
var frontEnd = new Aws.LB.Listener("frontEnd", new Aws.LB.ListenerArgs
{
CertificateArn = certCertificateValidation.CertificateArn,
});
}
public MyStack()
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs
{
});
var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup", new Aws.LB.TargetGroupArgs
{
});
var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs
{
DefaultActions =
{
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs
{
AuthorizationEndpoint = "https://example.com/authorization_endpoint",
ClientId = "client_id",
ClientSecret = "client_secret",
Issuer = "https://example.com",
TokenEndpoint = "https://example.com/token_endpoint",
UserInfoEndpoint = "https://example.com/user_info_endpoint",
},
Type = "authenticate-oidc",
},
new Aws.LB.Inputs.ListenerDefaultActionArgs
{
TargetGroupArn = frontEndTargetGroup.Arn,
Type = "forward",
},
},
LoadBalancerArn = frontEndLoadBalancer.Arn,
Port = 80,
Protocol = "HTTP",
});
}
public MyStack()
{
var vpc = Output.Create(Pulumi.Aws.Ec2.GetVpc.InvokeAsync(new Pulumi.Aws.Ec2.GetVpcArgs {
Default = true
}));
var vpcId = vpc.Apply(vpc => vpc.Id);
var subnet = vpcId.Apply(id => Pulumi.Aws.Ec2.GetSubnetIds.InvokeAsync(new Pulumi.Aws.Ec2.GetSubnetIdsArgs {
VpcId = id
}));
var subnetIds = subnet.Apply(s => s.Ids);
var ami = Output.Create(Pulumi.Aws.GetAmi.InvokeAsync(new Pulumi.Aws.GetAmiArgs
{
MostRecent = true,
Owners = { "137112412989" },
Filters = { new Pulumi.Aws.Inputs.GetAmiFiltersArgs
{
Name = "name", Values = { "amzn-ami-hvm-*" }
} }
}));
var group = new Pulumi.Aws.Ec2.SecurityGroup("web-secgrp", new Pulumi.Aws.Ec2.SecurityGroupArgs
{
Description = "Enable HTTP access",
Egress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupEgressArgs
{
Protocol = "-1",
FromPort = 0,
ToPort = 0,
CidrBlocks ={ "0.0.0.0/0" }
},
},
Ingress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs
{
Protocol = "tcp",
FromPort = 80,
ToPort = 80,
CidrBlocks ={ "0.0.0.0/0" }
},
new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs
{
Protocol = "icmp",
FromPort = 8,
ToPort = 80,
CidrBlocks ={ "0.0.0.0/0" }
}
}
});
var loadbalancer = new Pulumi.Aws.LB.LoadBalancer("external-loadbalancer", new Pulumi.Aws.LB.LoadBalancerArgs
{
Internal = false,
SecurityGroups =
{
group.Id
},
Subnets = subnetIds,
LoadBalancerType = "application",
});
this.Url = loadbalancer.DnsName;
var targetGroup = new Pulumi.Aws.LB.TargetGroup("target-group", new Pulumi.Aws.LB.TargetGroupArgs
{
Port = 80,
Protocol = "HTTP",
TargetType = "ip",
VpcId = vpcId,
});
var listener = new Pulumi.Aws.LB.Listener("listener", new Pulumi.Aws.LB.ListenerArgs
{
LoadBalancerArn = loadbalancer.Arn,
Port = 80,
DefaultActions =
{
new Pulumi.Aws.LB.Inputs.ListenerDefaultActionsArgs
{
Type = "forward",
TargetGroupArn = targetGroup.Arn,
}
}
});
var userData = @"
#!/bin/bash
echo ""Hello, World!"" > index.html
nohup python -m SimpleHTTPServer 80 &
";
var azs = Pulumi.Aws.GetAvailabilityZones.InvokeAsync(new Pulumi.Aws.GetAvailabilityZonesArgs()).Result;
foreach (var az in azs.Names)
{
var server = new Pulumi.Aws.Ec2.Instance($"web-server-{az}", new Pulumi.Aws.Ec2.InstanceArgs
{
InstanceType = "t2.micro",
VpcSecurityGroupIds = { group.Id },
UserData = userData,
Ami = ami.Apply(a => a.Id),
AvailabilityZone = az,
});
var attachment = new Pulumi.Aws.LB.TargetGroupAttachment($"web-server-{az}", new Pulumi.Aws.LB.TargetGroupAttachmentArgs
{
Port = 80,
TargetGroupArn = targetGroup.Arn,
TargetId = server.PrivateIp,
});
}
}
public MyStack()
{
var cluster = new Pulumi.Aws.Ecs.Cluster("app-cluster");
// Read back the default VPC and public subnets, which we will use.
var vpc = Output.Create(Pulumi.Aws.Ec2.GetVpc.InvokeAsync(new Pulumi.Aws.Ec2.GetVpcArgs {
Default = true
}));
var vpcId = vpc.Apply(vpc => vpc.Id);
var subnet = vpcId.Apply(id => Pulumi.Aws.Ec2.GetSubnetIds.InvokeAsync(new Pulumi.Aws.Ec2.GetSubnetIdsArgs {
VpcId = id
}));
var subnetIds = subnet.Apply(s => s.Ids);
// Create a SecurityGroup that permits HTTP ingress and unrestricted egress.
var webSg = new Pulumi.Aws.Ec2.SecurityGroup("web-sg", new Pulumi.Aws.Ec2.SecurityGroupArgs
{
VpcId = vpcId,
Egress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupEgressArgs
{
Protocol = "-1",
FromPort = 0,
ToPort = 0,
CidrBlocks ={ "0.0.0.0/0" }
}
},
Ingress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs
{
Protocol = "tcp",
FromPort = 80,
ToPort = 80,
CidrBlocks ={ "0.0.0.0/0" }
}
}
});
// Create a load balancer to listen for HTTP traffic on port 80.
var webLb = new Pulumi.Aws.LB.LoadBalancer("web-lb", new Pulumi.Aws.LB.LoadBalancerArgs
{
Subnets = subnetIds,
SecurityGroups = { webSg.Id }
});
var webTg = new Pulumi.Aws.LB.TargetGroup("web-tg", new Pulumi.Aws.LB.TargetGroupArgs
{
Port = 80,
Protocol = "HTTP",
TargetType = "ip",
VpcId = vpcId
});
var webListener = new Pulumi.Aws.LB.Listener("web-listener", new Pulumi.Aws.LB.ListenerArgs
{
LoadBalancerArn = webLb.Arn,
Port = 80,
DefaultActions =
{
new Pulumi.Aws.LB.Inputs.ListenerDefaultActionArgs
{
Type = "forward",
TargetGroupArn = webTg.Arn,
}
}
});
}
public MyStack()
{
var cluster = new Pulumi.Aws.Ecs.Cluster("app-cluster");
// Read back the default VPC and public subnets, which we will use.
var vpc = Output.Create(Pulumi.Aws.Ec2.GetVpc.InvokeAsync(new Pulumi.Aws.Ec2.GetVpcArgs {
Default = true
}));
var vpcId = vpc.Apply(vpc => vpc.Id);
var subnet = vpcId.Apply(id => Pulumi.Aws.Ec2.GetSubnetIds.InvokeAsync(new Pulumi.Aws.Ec2.GetSubnetIdsArgs {
VpcId = id
}));
var subnetIds = subnet.Apply(s => s.Ids);
// Create a SecurityGroup that permits HTTP ingress and unrestricted egress.
var webSg = new Pulumi.Aws.Ec2.SecurityGroup("web-sg", new Pulumi.Aws.Ec2.SecurityGroupArgs
{
VpcId = vpcId,
Egress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupEgressArgs
{
Protocol = "-1",
FromPort = 0,
ToPort = 0,
CidrBlocks ={ "0.0.0.0/0" }
}
},
Ingress =
{
new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs
{
Protocol = "tcp",
FromPort = 80,
ToPort = 80,
CidrBlocks ={ "0.0.0.0/0" }
}
}
});
// Create a load balancer to listen for HTTP traffic on port 80.
var webLb = new Pulumi.Aws.LB.LoadBalancer("web-lb", new Pulumi.Aws.LB.LoadBalancerArgs
{
Subnets = subnetIds,
SecurityGroups = { webSg.Id }
});
var webTg = new Pulumi.Aws.LB.TargetGroup("web-tg", new Pulumi.Aws.LB.TargetGroupArgs
{
Port = 80,
Protocol = "HTTP",
TargetType = "ip",
VpcId = vpcId
});
var webListener = new Pulumi.Aws.LB.Listener("web-listener", new Pulumi.Aws.LB.ListenerArgs
{
LoadBalancerArn = webLb.Arn,
Port = 80,
DefaultActions =
{
new Pulumi.Aws.LB.Inputs.ListenerDefaultActionsArgs
{
Type = "forward",
TargetGroupArn = webTg.Arn,
}
}
});
// Create an IAM role that can be used by our service's task.
var taskExecRole = new Pulumi.Aws.Iam.Role("task-exec-role", new Pulumi.Aws.Iam.RoleArgs
{
AssumeRolePolicy = @"{
""Version"": ""2008-10-17"",
""Statement"": [{
""Sid"": """",
""Effect"": ""Allow"",
""Principal"": {
""Service"": ""ecs-tasks.amazonaws.com""
},
""Action"": ""sts:AssumeRole""
}]
}"
});
var taskExecAttach = new Pulumi.Aws.Iam.RolePolicyAttachment("task-exec-policy", new Pulumi.Aws.Iam.RolePolicyAttachmentArgs
{
Role = taskExecRole.Name,
PolicyArn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
});
// Spin up a load balanced service running our container image.
var appTask = new Pulumi.Aws.Ecs.TaskDefinition("app-task", new Pulumi.Aws.Ecs.TaskDefinitionArgs
{
Family = "fargate-task-definition",
Cpu = "256",
Memory = "512",
NetworkMode = "awsvpc",
RequiresCompatibilities = { "FARGATE" },
ExecutionRoleArn = taskExecRole.Arn,
ContainerDefinitions = @"[{
""name"": ""my-app"",
""image"": ""nginx"",
""portMappings"": [{
""containerPort"": 80,
""hostPort"": 80,
""protocol"": ""tcp""
}]
}]",
});
var appSvc = new Pulumi.Aws.Ecs.Service("app-svc", new Pulumi.Aws.Ecs.ServiceArgs
{
Cluster = cluster.Arn,
DesiredCount = 1,
LaunchType = "FARGATE",
TaskDefinition = appTask.Arn,
NetworkConfiguration = new Pulumi.Aws.Ecs.Inputs.ServiceNetworkConfigurationArgs
{
AssignPublicIp = true,
Subnets = subnetIds,
SecurityGroups = { webSg.Id }
},
LoadBalancers =
{
new Pulumi.Aws.Ecs.Inputs.ServiceLoadBalancersArgs
{
TargetGroupArn = webTg.Arn,
ContainerName = "my-app",
ContainerPort = 80
}
}
}, new CustomResourceOptions {
DependsOn = { webListener }
});
// Export the resulting web address.
this.Url = Output.Format($"http://{webLb.DnsName}");
}
public MyStack()
{
var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs
{
});
var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs
{
});
var @static = new Aws.LB.ListenerRule("static", new Aws.LB.ListenerRuleArgs
{
Actions =
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
TargetGroupArn = aws_lb_target_group.Static.Arn,
Type = "forward",
},
},
Conditions =
{
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
PathPattern = new Aws.LB.Inputs.ListenerRuleConditionPathPatternArgs
{
Values =
{
"/static/*",
},
},
},
new Aws.LB.Inputs.ListenerRuleConditionArgs
{
HostHeader = new Aws.LB.Inputs.ListenerRuleConditionHostHeaderArgs
{
Values =
{
"example.com",
},
},
},
},
ListenerArn = frontEndListener.Arn,
Priority = 100,
});
var hostBasedRouting = new Aws.LB.ListenerRule("hostBasedRouting", new Aws.LB.ListenerRuleArgs
{
Actions =
{
new Aws.LB.Inputs.ListenerRuleActionArgs
{
Forward = new Aws.LB.Inputs.ListenerRuleActionForwardArgs
{
Stickiness = new Aws.LB.Inputs.ListenerRuleActionForwardStickinessArgs
{
Duration = 600,
Enabled = true,
},
TargetGroup =
{
{
{ "arn", aws_lb_target_group.Main.Arn },