public MyStack() { var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs { }); var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup", new Aws.LB.TargetGroupArgs { }); var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs { CertificateArn = "arn:aws:iam::187416307283:server-certificate/test_cert_rab3wuqwgja25ct3n4jdj2tzu4", DefaultActions = { new Aws.LB.Inputs.ListenerDefaultActionArgs { TargetGroupArn = frontEndTargetGroup.Arn, Type = "forward", }, }, LoadBalancerArn = frontEndLoadBalancer.Arn, Port = 443, Protocol = "HTTPS", SslPolicy = "ELBSecurityPolicy-2016-08", }); }
public MyStack() { var lambda_example = new Aws.LB.TargetGroup("lambda-example", new Aws.LB.TargetGroupArgs { TargetType = "lambda", }); }
public MyStack() { var main = new Aws.Ec2.Vpc("main", new Aws.Ec2.VpcArgs { CidrBlock = "10.0.0.0/16", }); var test = new Aws.LB.TargetGroup("test", new Aws.LB.TargetGroupArgs { Port = 80, Protocol = "HTTP", VpcId = main.Id, }); }
public MyStack() { var main = new Aws.Ec2.Vpc("main", new Aws.Ec2.VpcArgs { CidrBlock = "10.0.0.0/16", }); var ip_example = new Aws.LB.TargetGroup("ip-example", new Aws.LB.TargetGroupArgs { Port = 80, Protocol = "HTTP", TargetType = "ip", VpcId = main.Id, }); }
public MyStack() { var testTargetGroup = new Aws.LB.TargetGroup("testTargetGroup", new Aws.LB.TargetGroupArgs { }); var testInstance = new Aws.Ec2.Instance("testInstance", new Aws.Ec2.InstanceArgs { }); var testTargetGroupAttachment = new Aws.LB.TargetGroupAttachment("testTargetGroupAttachment", new Aws.LB.TargetGroupAttachmentArgs { Port = 80, TargetGroupArn = testTargetGroup.Arn, TargetId = testInstance.Id, }); }
public MyStack() { var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs { }); var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup", new Aws.LB.TargetGroupArgs { }); var pool = new Aws.Cognito.UserPool("pool", new Aws.Cognito.UserPoolArgs { }); var client = new Aws.Cognito.UserPoolClient("client", new Aws.Cognito.UserPoolClientArgs { }); var domain = new Aws.Cognito.UserPoolDomain("domain", new Aws.Cognito.UserPoolDomainArgs { }); var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs { DefaultActions = { new Aws.LB.Inputs.ListenerDefaultActionArgs { AuthenticateCognito = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateCognitoArgs { UserPoolArn = pool.Arn, UserPoolClientId = client.Id, UserPoolDomain = domain.Domain, }, Type = "authenticate-cognito", }, new Aws.LB.Inputs.ListenerDefaultActionArgs { TargetGroupArn = frontEndTargetGroup.Arn, Type = "forward", }, }, LoadBalancerArn = frontEndLoadBalancer.Arn, Port = 80, Protocol = "HTTP", }); }
public MyStack() { var frontEndLoadBalancer = new Aws.LB.LoadBalancer("frontEndLoadBalancer", new Aws.LB.LoadBalancerArgs { }); var frontEndTargetGroup = new Aws.LB.TargetGroup("frontEndTargetGroup", new Aws.LB.TargetGroupArgs { }); var frontEndListener = new Aws.LB.Listener("frontEndListener", new Aws.LB.ListenerArgs { DefaultActions = { new Aws.LB.Inputs.ListenerDefaultActionArgs { AuthenticateOidc = new Aws.LB.Inputs.ListenerDefaultActionAuthenticateOidcArgs { AuthorizationEndpoint = "https://example.com/authorization_endpoint", ClientId = "client_id", ClientSecret = "client_secret", Issuer = "https://example.com", TokenEndpoint = "https://example.com/token_endpoint", UserInfoEndpoint = "https://example.com/user_info_endpoint", }, Type = "authenticate-oidc", }, new Aws.LB.Inputs.ListenerDefaultActionArgs { TargetGroupArn = frontEndTargetGroup.Arn, Type = "forward", }, }, LoadBalancerArn = frontEndLoadBalancer.Arn, Port = 80, Protocol = "HTTP", }); }
public MyStack() { var vpc = Output.Create(Pulumi.Aws.Ec2.GetVpc.InvokeAsync(new Pulumi.Aws.Ec2.GetVpcArgs { Default = true })); var vpcId = vpc.Apply(vpc => vpc.Id); var subnet = vpcId.Apply(id => Pulumi.Aws.Ec2.GetSubnetIds.InvokeAsync(new Pulumi.Aws.Ec2.GetSubnetIdsArgs { VpcId = id })); var subnetIds = subnet.Apply(s => s.Ids); var ami = Output.Create(Pulumi.Aws.GetAmi.InvokeAsync(new Pulumi.Aws.GetAmiArgs { MostRecent = true, Owners = { "137112412989" }, Filters = { new Pulumi.Aws.Inputs.GetAmiFiltersArgs { Name = "name", Values = { "amzn-ami-hvm-*" } } } })); var group = new Pulumi.Aws.Ec2.SecurityGroup("web-secgrp", new Pulumi.Aws.Ec2.SecurityGroupArgs { Description = "Enable HTTP access", Egress = { new Pulumi.Aws.Ec2.Inputs.SecurityGroupEgressArgs { Protocol = "-1", FromPort = 0, ToPort = 0, CidrBlocks ={ "0.0.0.0/0" } }, }, Ingress = { new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs { Protocol = "tcp", FromPort = 80, ToPort = 80, CidrBlocks ={ "0.0.0.0/0" } }, new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs { Protocol = "icmp", FromPort = 8, ToPort = 80, CidrBlocks ={ "0.0.0.0/0" } } } }); var loadbalancer = new Pulumi.Aws.LB.LoadBalancer("external-loadbalancer", new Pulumi.Aws.LB.LoadBalancerArgs { Internal = false, SecurityGroups = { group.Id }, Subnets = subnetIds, LoadBalancerType = "application", }); this.Url = loadbalancer.DnsName; var targetGroup = new Pulumi.Aws.LB.TargetGroup("target-group", new Pulumi.Aws.LB.TargetGroupArgs { Port = 80, Protocol = "HTTP", TargetType = "ip", VpcId = vpcId, }); var listener = new Pulumi.Aws.LB.Listener("listener", new Pulumi.Aws.LB.ListenerArgs { LoadBalancerArn = loadbalancer.Arn, Port = 80, DefaultActions = { new Pulumi.Aws.LB.Inputs.ListenerDefaultActionsArgs { Type = "forward", TargetGroupArn = targetGroup.Arn, } } }); var userData = @" #!/bin/bash echo ""Hello, World!"" > index.html nohup python -m SimpleHTTPServer 80 & "; var azs = Pulumi.Aws.GetAvailabilityZones.InvokeAsync(new Pulumi.Aws.GetAvailabilityZonesArgs()).Result; foreach (var az in azs.Names) { var server = new Pulumi.Aws.Ec2.Instance($"web-server-{az}", new Pulumi.Aws.Ec2.InstanceArgs { InstanceType = "t2.micro", VpcSecurityGroupIds = { group.Id }, UserData = userData, Ami = ami.Apply(a => a.Id), AvailabilityZone = az, }); var attachment = new Pulumi.Aws.LB.TargetGroupAttachment($"web-server-{az}", new Pulumi.Aws.LB.TargetGroupAttachmentArgs { Port = 80, TargetGroupArn = targetGroup.Arn, TargetId = server.PrivateIp, }); } }
public MyStack() { var cluster = new Pulumi.Aws.Ecs.Cluster("app-cluster"); // Read back the default VPC and public subnets, which we will use. var vpc = Output.Create(Pulumi.Aws.Ec2.GetVpc.InvokeAsync(new Pulumi.Aws.Ec2.GetVpcArgs { Default = true })); var vpcId = vpc.Apply(vpc => vpc.Id); var subnet = vpcId.Apply(id => Pulumi.Aws.Ec2.GetSubnetIds.InvokeAsync(new Pulumi.Aws.Ec2.GetSubnetIdsArgs { VpcId = id })); var subnetIds = subnet.Apply(s => s.Ids); // Create a SecurityGroup that permits HTTP ingress and unrestricted egress. var webSg = new Pulumi.Aws.Ec2.SecurityGroup("web-sg", new Pulumi.Aws.Ec2.SecurityGroupArgs { VpcId = vpcId, Egress = { new Pulumi.Aws.Ec2.Inputs.SecurityGroupEgressArgs { Protocol = "-1", FromPort = 0, ToPort = 0, CidrBlocks ={ "0.0.0.0/0" } } }, Ingress = { new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs { Protocol = "tcp", FromPort = 80, ToPort = 80, CidrBlocks ={ "0.0.0.0/0" } } } }); // Create a load balancer to listen for HTTP traffic on port 80. var webLb = new Pulumi.Aws.LB.LoadBalancer("web-lb", new Pulumi.Aws.LB.LoadBalancerArgs { Subnets = subnetIds, SecurityGroups = { webSg.Id } }); var webTg = new Pulumi.Aws.LB.TargetGroup("web-tg", new Pulumi.Aws.LB.TargetGroupArgs { Port = 80, Protocol = "HTTP", TargetType = "ip", VpcId = vpcId }); var webListener = new Pulumi.Aws.LB.Listener("web-listener", new Pulumi.Aws.LB.ListenerArgs { LoadBalancerArn = webLb.Arn, Port = 80, DefaultActions = { new Pulumi.Aws.LB.Inputs.ListenerDefaultActionArgs { Type = "forward", TargetGroupArn = webTg.Arn, } } }); }
public MyStack() { var cluster = new Pulumi.Aws.Ecs.Cluster("app-cluster"); // Read back the default VPC and public subnets, which we will use. var vpc = Output.Create(Pulumi.Aws.Ec2.GetVpc.InvokeAsync(new Pulumi.Aws.Ec2.GetVpcArgs { Default = true })); var vpcId = vpc.Apply(vpc => vpc.Id); var subnet = vpcId.Apply(id => Pulumi.Aws.Ec2.GetSubnetIds.InvokeAsync(new Pulumi.Aws.Ec2.GetSubnetIdsArgs { VpcId = id })); var subnetIds = subnet.Apply(s => s.Ids); // Create a SecurityGroup that permits HTTP ingress and unrestricted egress. var webSg = new Pulumi.Aws.Ec2.SecurityGroup("web-sg", new Pulumi.Aws.Ec2.SecurityGroupArgs { VpcId = vpcId, Egress = { new Pulumi.Aws.Ec2.Inputs.SecurityGroupEgressArgs { Protocol = "-1", FromPort = 0, ToPort = 0, CidrBlocks ={ "0.0.0.0/0" } } }, Ingress = { new Pulumi.Aws.Ec2.Inputs.SecurityGroupIngressArgs { Protocol = "tcp", FromPort = 80, ToPort = 80, CidrBlocks ={ "0.0.0.0/0" } } } }); // Create a load balancer to listen for HTTP traffic on port 80. var webLb = new Pulumi.Aws.LB.LoadBalancer("web-lb", new Pulumi.Aws.LB.LoadBalancerArgs { Subnets = subnetIds, SecurityGroups = { webSg.Id } }); var webTg = new Pulumi.Aws.LB.TargetGroup("web-tg", new Pulumi.Aws.LB.TargetGroupArgs { Port = 80, Protocol = "HTTP", TargetType = "ip", VpcId = vpcId }); var webListener = new Pulumi.Aws.LB.Listener("web-listener", new Pulumi.Aws.LB.ListenerArgs { LoadBalancerArn = webLb.Arn, Port = 80, DefaultActions = { new Pulumi.Aws.LB.Inputs.ListenerDefaultActionsArgs { Type = "forward", TargetGroupArn = webTg.Arn, } } }); // Create an IAM role that can be used by our service's task. var taskExecRole = new Pulumi.Aws.Iam.Role("task-exec-role", new Pulumi.Aws.Iam.RoleArgs { AssumeRolePolicy = @"{ ""Version"": ""2008-10-17"", ""Statement"": [{ ""Sid"": """", ""Effect"": ""Allow"", ""Principal"": { ""Service"": ""ecs-tasks.amazonaws.com"" }, ""Action"": ""sts:AssumeRole"" }] }" }); var taskExecAttach = new Pulumi.Aws.Iam.RolePolicyAttachment("task-exec-policy", new Pulumi.Aws.Iam.RolePolicyAttachmentArgs { Role = taskExecRole.Name, PolicyArn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" }); // Spin up a load balanced service running our container image. var appTask = new Pulumi.Aws.Ecs.TaskDefinition("app-task", new Pulumi.Aws.Ecs.TaskDefinitionArgs { Family = "fargate-task-definition", Cpu = "256", Memory = "512", NetworkMode = "awsvpc", RequiresCompatibilities = { "FARGATE" }, ExecutionRoleArn = taskExecRole.Arn, ContainerDefinitions = @"[{ ""name"": ""my-app"", ""image"": ""nginx"", ""portMappings"": [{ ""containerPort"": 80, ""hostPort"": 80, ""protocol"": ""tcp"" }] }]", }); var appSvc = new Pulumi.Aws.Ecs.Service("app-svc", new Pulumi.Aws.Ecs.ServiceArgs { Cluster = cluster.Arn, DesiredCount = 1, LaunchType = "FARGATE", TaskDefinition = appTask.Arn, NetworkConfiguration = new Pulumi.Aws.Ecs.Inputs.ServiceNetworkConfigurationArgs { AssignPublicIp = true, Subnets = subnetIds, SecurityGroups = { webSg.Id } }, LoadBalancers = { new Pulumi.Aws.Ecs.Inputs.ServiceLoadBalancersArgs { TargetGroupArn = webTg.Arn, ContainerName = "my-app", ContainerPort = 80 } } }, new CustomResourceOptions { DependsOn = { webListener } }); // Export the resulting web address. this.Url = Output.Format($"http://{webLb.DnsName}"); }