public void TestDeserializerBothValuesNull() { var identityJsonProperty = DeserializerHelper("UserAssignedBothValuesNull.json"); var back = UserAssignedIdentity.DeserializeUserAssignedIdentity(identityJsonProperty); Assert.IsNull(back); }
public void TestDeserializerDefaultJson() { JsonElement invalid = default(JsonElement); Assert.Throws <ArgumentException>(delegate { UserAssignedIdentity.DeserializeUserAssignedIdentity(invalid); }); }
public void TestEqualsFalse() { UserAssignedIdentity identity1 = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); UserAssignedIdentity identity2 = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db42"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); Assert.IsFalse(UserAssignedIdentity.Equals(identity1, identity2)); }
public void TestDeserializerOneEmptyString() { var identityJsonProperty = DeserializerHelper("UserAssignedOneEmptyString.json"); Assert.Throws <FormatException>(delegate { UserAssignedIdentity.DeserializeUserAssignedIdentity(identityJsonProperty); }); }
public void TestDeserializerPrincipalIdValueNull() { var identityJsonProperty = DeserializerHelper("UserAssignedOneOtherValueNull.json"); Assert.Throws <InvalidOperationException>(delegate { UserAssignedIdentity.DeserializeUserAssignedIdentity(identityJsonProperty); }); }
public void TestSerializerValidUserNullSystem() { UserAssignedIdentity userAssignedIdentity = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); var dict1 = new Dictionary <ResourceIdentifier, UserAssignedIdentity>(); dict1["/subscriptions/6b085460-5f21-477e-ba44-1035046e9101/resourceGroups/nbhatia_test/providers/Microsoft.Web/sites/autoreport"] = userAssignedIdentity; Identity identity = new Identity(dict1, false); string user = "******"clientId\":\"72f988bf-86f1-41af-91ab-2d7cd011db47\",\"principalId\":\"de29bab1-49e1-4705-819b-4dfddceaaa98\"}"; string expected = "{\"identity\":{" + "\"kind\":\"UserAssigned\"," + "\"userAssignedIdentities\":" + "{" + "\"/subscriptions/6b085460-5f21-477e-ba44-1035046e9101/resourceGroups/nbhatia_test/providers/Microsoft.Web/sites/autoreport\":" + user + "}}}"; string actual = ""; using (Stream stream = new MemoryStream()) { using (StreamReader streamReader = new StreamReader(stream)) { var writer = new Utf8JsonWriter(stream); Identity.Serialize(writer, identity); stream.Seek(0, SeekOrigin.Begin); actual = streamReader.ReadToEnd(); } } Assert.AreEqual(expected, actual); }
public void TestSerializerArray() { UserAssignedIdentity userAssignedIdentity1 = new UserAssignedIdentity(new Guid("3beb288c-c3f9-4300-896f-02fbf175b6be"), new Guid("d0416856-d6cf-466d-8d64-ddc8d7782096")); UserAssignedIdentity userAssignedIdentity2 = new UserAssignedIdentity(new Guid("fbb39377-ff46-4a82-8c47-42d573180482"), new Guid("6d63ce43-c3ac-4b03-933d-4bc31eae50b2")); string actual = ""; UserAssignedIdentity[] identities = { userAssignedIdentity1, userAssignedIdentity2 }; using (Stream stream = new MemoryStream()) { using (StreamReader streamReader = new StreamReader(stream)) { foreach (var identity in identities) { var writer = new Utf8JsonWriter(stream); UserAssignedIdentity.Serialize(writer, identity); stream.Seek(0, SeekOrigin.Begin); actual = streamReader.ReadToEnd(); } } } string expected = "{\"clientId\":\"3beb288c-c3f9-4300-896f-02fbf175b6be\"," + "\"principalId\":\"d0416856-d6cf-466d-8d64-ddc8d7782096\"}" + "{\"clientId\":\"fbb39377-ff46-4a82-8c47-42d573180482\"," + "\"principalId\":\"6d63ce43-c3ac-4b03-933d-4bc31eae50b2\"}"; Assert.AreEqual(expected, actual); }
public void EqualsMethodFalse(string clientId1, string principalId1, string clientId2, string principalId2) { UserAssignedIdentity identity1 = new UserAssignedIdentity(new Guid(clientId1), new Guid(principalId1)); UserAssignedIdentity identity2 = new UserAssignedIdentity(new Guid(clientId2), new Guid(principalId2)); Assert.IsFalse(identity1.Equals(identity2)); }
public void TestDeserializerValidMultipleIdentities() { var json = GetFileText("UserAssignedValidMultipleIdentities.json"); JsonDocument document = JsonDocument.Parse(json); UserAssignedIdentity[] identities = new UserAssignedIdentity[2]; var properties = document.RootElement.EnumerateObject().First().Value; int count = 0; foreach (var property in properties.EnumerateObject()) { if (property.NameEquals("userAssignedIdentities")) { foreach (var keyValuePair in property.Value.EnumerateObject()) { identities[count] = UserAssignedIdentity.DeserializeUserAssignedIdentity(keyValuePair.Value); count++; } } } Assert.IsTrue("3beb288c-c3f9-4300-896f-02fbf175b6be".Equals(identities[0].ClientId.ToString())); Assert.IsTrue("d0416856-d6cf-466d-8d64-ddc8d7782096".Equals(identities[0].PrincipalId.ToString())); Assert.IsTrue("fbb39377-ff46-4a82-8c47-42d573180482".Equals(identities[1].ClientId.ToString())); Assert.IsTrue("6d63ce43-c3ac-4b03-933d-4bc31eae50b2".Equals(identities[1].PrincipalId.ToString())); }
public void TestSerializerNullIdentity() { UserAssignedIdentity userAssignedIdentity = null; Assert.Throws <NullReferenceException>(delegate { JsonAsserts.AssertSerializes(userAssignedIdentity); }); }
public void TestEqualsBothIdentitiesNull() { UserAssignedIdentity identity1 = null; UserAssignedIdentity identity2 = null; Assert.IsTrue(UserAssignedIdentity.Equals(identity1, identity2)); }
public void EqualsMethodOneIdentityNull() { UserAssignedIdentity identity1 = new UserAssignedIdentity(Guid.Empty, Guid.Empty); UserAssignedIdentity identity2 = null; Assert.IsFalse(identity1.Equals(identity2)); }
public void CompareToMethodOneIdentityNull() { UserAssignedIdentity identity1 = new UserAssignedIdentity(Guid.Empty, Guid.Empty); UserAssignedIdentity identity2 = null; Assert.AreEqual(1, identity1.CompareTo(identity2)); }
public void CheckUserFalseConstructor(string resourceID, bool invalidParameter) { var dict1 = new Dictionary <ResourceIdentifier, UserAssignedIdentity>(); if (invalidParameter) { if (resourceID is null) { Assert.Throws <ArgumentNullException>(() => { dict1[resourceID] = new UserAssignedIdentity(Guid.Empty, Guid.Empty); }); } else { Assert.Throws <ArgumentOutOfRangeException>(() => { dict1[resourceID] = new UserAssignedIdentity(Guid.Empty, Guid.Empty); }); } } else { dict1[resourceID] = new UserAssignedIdentity(Guid.Empty, Guid.Empty); var system = new SystemAssignedIdentity(Guid.Empty, Guid.Empty); Identity identity = new Identity(system, dict1); Assert.IsNotNull(identity); Assert.IsNotNull(identity.UserAssignedIdentities); Assert.IsTrue(identity.UserAssignedIdentities.Count == 1); Assert.IsNotNull(identity.SystemAssignedIdentity); Assert.IsTrue(identity.SystemAssignedIdentity.TenantId.Equals(Guid.Empty)); Assert.IsTrue(identity.SystemAssignedIdentity.PrincipalId.Equals(Guid.Empty)); } }
public void TestDeserializerClientIdInvalid() { var identityJsonProperty = DeserializerHelper("UserAssignedInvalid.json"); Assert.Throws <InvalidOperationException>(delegate { UserAssignedIdentity.DeserializeUserAssignedIdentity(identityJsonProperty); }); }
public void TestSerializerValidIdentity() { UserAssignedIdentity userAssignedIdentity = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); string expected = "{\"clientId\":\"72f988bf-86f1-41af-91ab-2d7cd011db47\",\"principalId\":\"de29bab1-49e1-4705-819b-4dfddceaaa98\"}"; JsonAsserts.AssertSerialization(expected, userAssignedIdentity); }
public void TestSerializerNullWriter() { UserAssignedIdentity userAssignedIdentity = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); var serializable = userAssignedIdentity as IUtf8JsonSerializable; Assert.Throws <ArgumentNullException>(delegate { serializable.Write(null); }); }
public void CompareTo(int answer, string clientId1, string principalId1, string clientId2, string principalId2) { UserAssignedIdentity identity1 = new UserAssignedIdentity(new Guid(clientId1), new Guid(principalId1)); UserAssignedIdentity identity2 = new UserAssignedIdentity(new Guid(clientId2), new Guid(principalId2)); Assert.AreEqual(answer, identity1.CompareTo(identity2)); Assert.AreEqual(answer * -1, identity2.CompareTo(identity1)); }
public void TestDeserializerValidExtraField() { var identityJsonProperty = DeserializerHelper("UserAssignedExtraField.json"); UserAssignedIdentity back = UserAssignedIdentity.DeserializeUserAssignedIdentity(identityJsonProperty); Assert.IsTrue("3beb288c-c3f9-4300-896f-02fbf175b6be".Equals(back.ClientId.ToString())); Assert.IsTrue("d0416856-d6cf-466d-8d64-ddc8d7782096".Equals(back.PrincipalId.ToString())); }
public void TestSerializerNullWriter() { UserAssignedIdentity userAssignedIdentity = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); using (Stream stream = new MemoryStream()) { Assert.Throws <ArgumentNullException>(delegate { UserAssignedIdentity.Serialize(null, userAssignedIdentity); }); } }
public void TestSerializerNullIdentity() { UserAssignedIdentity userAssignedIdentity = null; using (Stream stream = new MemoryStream()) { var writer = new Utf8JsonWriter(stream); Assert.Throws <ArgumentNullException>(delegate { UserAssignedIdentity.Serialize(writer, userAssignedIdentity); }); } }
public void TestSerializerValidUserNullSystem() { UserAssignedIdentity userAssignedIdentity = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); var dict1 = new Dictionary<string, UserAssignedIdentity>(); dict1["/subscriptions/db1ab6f0-4769-4aa7-930e-01e2ef9c123c/resourceGroups/tester/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testidentity"] = userAssignedIdentity; ManagedServiceIdentity identity = new ManagedServiceIdentity(null, null, ManagedServiceIdentityType.UserAssigned, dict1); string user = "******"; string expected = "{\"type\":\"UserAssigned\"," + "\"userAssignedIdentities\":" + "{" + "\"/subscriptions/db1ab6f0-4769-4aa7-930e-01e2ef9c123c/resourceGroups/tester/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testidentity\":" + user + "}}"; JsonAsserts.AssertConverterSerialization(expected, identity); }
public void TestSerializerValidUserNullSystem() { UserAssignedIdentity userAssignedIdentity = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); var dict1 = new Dictionary <ResourceIdentifier, UserAssignedIdentity>(); dict1[new ResourceIdentifier("/subscriptions/6b085460-5f21-477e-ba44-1035046e9101/resourceGroups/nbhatia_test/providers/Microsoft.Web/sites/autoreport")] = userAssignedIdentity; ResourceIdentity identity = new ResourceIdentity(dict1, false); string user = "******"; string expected = "{\"identity\":{" + "\"type\":\"UserAssigned\"," + "\"userAssignedIdentities\":" + "{" + "\"/subscriptions/6b085460-5f21-477e-ba44-1035046e9101/resourceGroups/nbhatia_test/providers/Microsoft.Web/sites/autoreport\":" + user + "}}}"; JsonAsserts.AssertSerialization(expected, identity); }
public void TestDeserializerInvalidMultipleIdentities() { var json = File.ReadAllText("./TestAssets/UserAssignedIdentity/UserAssignedInvalidMultipleIdentities.json"); JsonDocument document = JsonDocument.Parse(json); var properties = document.RootElement.EnumerateObject().First().Value; foreach (var property in properties.EnumerateObject()) { if (property.NameEquals("userAssignedIdentities")) { foreach (var keyValuePair in property.Value.EnumerateObject()) { Assert.Throws <InvalidOperationException>(delegate { UserAssignedIdentity.Deserialize(keyValuePair.Value); }); } } } }
public void TestSerializerValidIdentity() { UserAssignedIdentity userAssignedIdentity = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); string actual = ""; using (Stream stream = new MemoryStream()) { using (StreamReader streamReader = new StreamReader(stream)) { var writer = new Utf8JsonWriter(stream); UserAssignedIdentity.Serialize(writer, userAssignedIdentity); stream.Seek(0, SeekOrigin.Begin); actual = streamReader.ReadToEnd(); } } string expected = "{\"clientId\":\"72f988bf-86f1-41af-91ab-2d7cd011db47\",\"principalId\":\"de29bab1-49e1-4705-819b-4dfddceaaa98\"}"; Assert.AreEqual(expected, actual); }
public void TestSerializerValidSystemAndUserV3() { UserAssignedIdentity userAssignedIdentity = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); var dict1 = new Dictionary <ResourceIdentifier, UserAssignedIdentity>(); dict1[new ResourceIdentifier("/subscriptions/db1ab6f0-4769-4aa7-930e-01e2ef9c123c/resourceGroups/tester/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testidentity")] = userAssignedIdentity; ManagedServiceIdentity identity = new ManagedServiceIdentity(new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98"), new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), ManagedServiceIdentityType.SystemAssignedUserAssigned, dict1); string user = "******"; string expected = "{" + "\"type\":\"SystemAssigned,UserAssigned\"," + "\"userAssignedIdentities\":" + "{" + "\"/subscriptions/db1ab6f0-4769-4aa7-930e-01e2ef9c123c/resourceGroups/tester/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testidentity\":" + user + "}}"; var serializeOptions = new JsonSerializerOptions { Converters = { new ManagedServiceIdentityTypeV3Converter() } }; JsonAsserts.AssertConverterSerialization(expected, identity, serializeOptions); }
public void TestSerializerValidSystemAndUser() { SystemAssignedIdentity systemAssignedIdentity = new SystemAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); UserAssignedIdentity userAssignedIdentity = new UserAssignedIdentity(new Guid("72f988bf-86f1-41af-91ab-2d7cd011db47"), new Guid("de29bab1-49e1-4705-819b-4dfddceaaa98")); var dict1 = new Dictionary <ResourceIdentifier, UserAssignedIdentity>(); dict1["/subscriptions/6b085460-5f21-477e-ba44-1035046e9101/resourceGroups/nbhatia_test/providers/Microsoft.Web/sites/autoreport"] = userAssignedIdentity; ResourceIdentity identity = new ResourceIdentity(systemAssignedIdentity, dict1); string system = "\"principalId\":\"de29bab1-49e1-4705-819b-4dfddceaaa98\",\"tenantId\":\"72f988bf-86f1-41af-91ab-2d7cd011db47\""; string user = "******"clientId\":\"72f988bf-86f1-41af-91ab-2d7cd011db47\",\"principalId\":\"de29bab1-49e1-4705-819b-4dfddceaaa98\"}"; string expected = "{\"identity\":{" + system + "," + "\"type\":\"SystemAssigned, UserAssigned\"," + "\"userAssignedIdentities\":" + "{" + "\"/subscriptions/6b085460-5f21-477e-ba44-1035046e9101/resourceGroups/nbhatia_test/providers/Microsoft.Web/sites/autoreport\":" + user + "}}}"; JsonAsserts.AssertSerialization(expected, identity); }
public void TestSerializerArray() { UserAssignedIdentity userAssignedIdentity1 = new UserAssignedIdentity(new Guid("3beb288c-c3f9-4300-896f-02fbf175b6be"), new Guid("d0416856-d6cf-466d-8d64-ddc8d7782096")); UserAssignedIdentity userAssignedIdentity2 = new UserAssignedIdentity(new Guid("fbb39377-ff46-4a82-8c47-42d573180482"), new Guid("6d63ce43-c3ac-4b03-933d-4bc31eae50b2")); UserAssignedIdentity[] identities = { userAssignedIdentity1, userAssignedIdentity2 }; using var memoryStream = new MemoryStream(); foreach (var identity in identities) { var serializable = identity as IUtf8JsonSerializable; using (var writer = new Utf8JsonWriter(memoryStream)) { serializable.Write(writer); } } string expected = "{}{}"; var actual = Encoding.UTF8.GetString(memoryStream.ToArray()); Assert.AreEqual(expected, actual); }
public AzureHDInsightUserAssignedIdentity(UserAssignedIdentity userAssignedIdentity) { PrincipalId = userAssignedIdentity?.PrincipalId; ClientId = userAssignedIdentity?.ClientId; TenantId = userAssignedIdentity?.TenantId; }
public MyStack() { var config = new Config(); var environment = Deployment.Instance.StackName; // Create an Azure Resource Group var resourceGroup = new ResourceGroup("rg", new ResourceGroupArgs { Name = NamingConvention.GetResourceGroupName(environment) }); var vnet = new VirtualNetwork("vnet", new VirtualNetworkArgs { Name = NamingConvention.GetVNetName(environment), ResourceGroupName = resourceGroup.Name, AddressSpaces = { config.Require("vnet.addressSpaces") } }); // Create a Subnet for the cluster var apimSubnet = new Subnet("apim-net", new SubnetArgs { Name = "apim-net", ResourceGroupName = resourceGroup.Name, VirtualNetworkName = vnet.Name, AddressPrefixes = { config.Require("vnet.subnets.apim.addressPrefixes") }, }); // Create a Subnet for the afw var firewallSubnet = new Subnet("afw-net", new SubnetArgs { Name = "AzureFirewallSubnet", ResourceGroupName = resourceGroup.Name, VirtualNetworkName = vnet.Name, AddressPrefixes = { config.Require("vnet.subnets.afw.addressPrefixes") }, }); var agwSubnet = new Subnet("agw-net", new SubnetArgs { Name = "agw-net", ResourceGroupName = resourceGroup.Name, VirtualNetworkName = vnet.Name, AddressPrefixes = { config.Require("vnet.subnets.agw.addressPrefixes") }, }); var privateEndpointSubnet = new Subnet("functions-net", new SubnetArgs { Name = "functions-net", ResourceGroupName = resourceGroup.Name, VirtualNetworkName = vnet.Name, AddressPrefixes = { config.Require("vnet.subnets.functions.addressPrefixes") }, }); var eventHubNamespace = new EventHubNamespace("ehn", new EventHubNamespaceArgs { Name = "iac-apim-logging-ns", Location = resourceGroup.Location, ResourceGroupName = resourceGroup.Name, Sku = "Standard", Capacity = 1 }); var eventHub = new EventHub("eh", new EventHubArgs { Name = "apim-logging", NamespaceName = eventHubNamespace.Name, ResourceGroupName = resourceGroup.Name, PartitionCount = 2, MessageRetention = 1, }); var apimExternal = new Service("apim-external", new ServiceArgs { Name = "iac-dev-ext-apim", ResourceGroupName = resourceGroup.Name, Location = resourceGroup.Location, PublisherName = "IaC", PublisherEmail = "*****@*****.**", SkuName = "Developer_1", Identity = new ServiceIdentityArgs { Type = "SystemAssigned" }, VirtualNetworkType = "External", VirtualNetworkConfiguration = new ServiceVirtualNetworkConfigurationArgs { SubnetId = apimSubnet.Id }, HostnameConfiguration = new ServiceHostnameConfigurationArgs { Proxies = new [] { new ServiceHostnameConfigurationProxyArgs { HostName = "iac-dev-ext-apim.azure-api.net", DefaultSslBinding = false, NegotiateClientCertificate = false }, new ServiceHostnameConfigurationProxyArgs { HostName = "api.iac-labs.com", KeyVaultId = config.Require("certificate.keyvaultid"), DefaultSslBinding = true, NegotiateClientCertificate = false }, new ServiceHostnameConfigurationProxyArgs { HostName = "api29cc67d2.iac-labs.com", KeyVaultId = config.Require("certificate.keyvaultid"), DefaultSslBinding = true, NegotiateClientCertificate = false } } } }); var apimInternal = new Service("apim-int", new ServiceArgs { Name = NamingConvention.GetApimName(environment), ResourceGroupName = resourceGroup.Name, Location = resourceGroup.Location, PublisherName = "IaC", PublisherEmail = "*****@*****.**", SkuName = "Developer_1", Identity = new ServiceIdentityArgs { Type = "SystemAssigned" }, VirtualNetworkType = "Internal", VirtualNetworkConfiguration = new ServiceVirtualNetworkConfigurationArgs { SubnetId = apimSubnet.Id }, HostnameConfiguration = new ServiceHostnameConfigurationArgs { Proxies = new [] { new ServiceHostnameConfigurationProxyArgs { HostName = "iac-dev-apim.azure-api.net", DefaultSslBinding = false, NegotiateClientCertificate = false }, new ServiceHostnameConfigurationProxyArgs { HostName = "api.iac-labs.com", KeyVaultId = config.Require("certificate.keyvaultid"), DefaultSslBinding = true, NegotiateClientCertificate = false }, new ServiceHostnameConfigurationProxyArgs { HostName = "api29cc67d2.iac-labs.com", KeyVaultId = config.Require("certificate.keyvaultid"), DefaultSslBinding = true, NegotiateClientCertificate = false }, new ServiceHostnameConfigurationProxyArgs { HostName = "api-internal.iac-labs.com", KeyVaultId = config.Require("certificate.keyvaultid"), DefaultSslBinding = true, NegotiateClientCertificate = false } } } }); var apim1 = Output.Create(GetService.InvokeAsync(new GetServiceArgs { Name = "iac-dev-apim1", ResourceGroupName = "iac-dev-rg", })); if (config.RequireBoolean("firstTimeAPIM")) { var apimInternal1 = new Service("apim-int1", new ServiceArgs { Name = "iac-dev-apim1", ResourceGroupName = resourceGroup.Name, Location = resourceGroup.Location, PublisherName = "IaC", PublisherEmail = "*****@*****.**", SkuName = "Developer_1", Identity = new ServiceIdentityArgs { Type = "SystemAssigned" }, VirtualNetworkType = "Internal", VirtualNetworkConfiguration = new ServiceVirtualNetworkConfigurationArgs { SubnetId = apimSubnet.Id } }); } else { var apimInternal1 = new Service("apim-int1", new ServiceArgs { Name = "iac-dev-apim1", ResourceGroupName = resourceGroup.Name, Location = resourceGroup.Location, PublisherName = "IaC", PublisherEmail = "*****@*****.**", SkuName = "Developer_1", Identity = new ServiceIdentityArgs { Type = "SystemAssigned" }, VirtualNetworkType = "Internal", VirtualNetworkConfiguration = new ServiceVirtualNetworkConfigurationArgs { SubnetId = apimSubnet.Id }, HostnameConfiguration = new ServiceHostnameConfigurationArgs { Proxies = new [] { new ServiceHostnameConfigurationProxyArgs { HostName = "iac-dev-apim1.azure-api.net", DefaultSslBinding = false, NegotiateClientCertificate = false }, new ServiceHostnameConfigurationProxyArgs { HostName = "api.iac-labs.com", KeyVaultId = config.Require("certificate.keyvaultid"), DefaultSslBinding = true, NegotiateClientCertificate = false }, } } }); } var ehLogger = new Logger("ehLogger", new LoggerArgs { Name = "ehLogger", ResourceGroupName = resourceGroup.Name, ApiManagementName = apimInternal.Name, Eventhub = new LoggerEventhubArgs { Name = eventHub.Name, ConnectionString = eventHubNamespace.DefaultPrimaryConnectionString } }); var agwName = NamingConvention.GetAGWName("api", environment); var agwPublicIp = new PublicIp("agw-api-pip", new PublicIpArgs { Name = NamingConvention.GetPublicIpName("agw-api", environment), ResourceGroupName = resourceGroup.Name, Sku = "Standard", AllocationMethod = "Static", DomainNameLabel = agwName }); var agwMI = new UserAssignedIdentity("agw-mi", new UserAssignedIdentityArgs { Name = NamingConvention.GetManagedIdentityName("agw", environment), ResourceGroupName = resourceGroup.Name }); var apiAgw = new ApplicationGateway("agw-api", new ApplicationGatewayArgs { Name = agwName, ResourceGroupName = resourceGroup.Name, Identity = new ApplicationGatewayIdentityArgs { Type = "UserAssigned", IdentityIds = agwMI.Id }, Sku = new ApplicationGatewaySkuArgs { Name = "WAF_v2", Tier = "WAF_v2", Capacity = 1 }, SslCertificates = new [] { new ApplicationGatewaySslCertificateArgs { Name = "gateway-listener", KeyVaultSecretId = config.Require("certificate.keyvaultid") } }, FrontendPorts = new [] { new ApplicationGatewayFrontendPortArgs { Name = "port443", Port = 443 }, new ApplicationGatewayFrontendPortArgs { Name = "port80", Port = 80 } }, GatewayIpConfigurations = new [] { new ApplicationGatewayGatewayIpConfigurationArgs { Name = "appGatewayIpConfig", SubnetId = agwSubnet.Id } }, FrontendIpConfigurations = new [] { new ApplicationGatewayFrontendIpConfigurationArgs { Name = "frontendIP", PublicIpAddressId = agwPublicIp.Id } }, HttpListeners = new [] { new ApplicationGatewayHttpListenerArgs { Name = "default", FrontendIpConfigurationName = "frontendIP", FrontendPortName = "port443", Protocol = "Https", HostName = "api.iac-labs.com", RequireSni = true, SslCertificateName = "gateway-listener" } }, BackendAddressPools = new[] { new ApplicationGatewayBackendAddressPoolArgs { Name = "apim", IpAddresses = apimInternal.PrivateIpAddresses //config.RequireSecret("apim.backend.ip") } }, Probes = new[] { new ApplicationGatewayProbeArgs { Name = "apim-probe-default", Protocol = "Https", Path = "/status-0123456789abcdef", Host = "api.iac-labs.com", Interval = 30, Timeout = 120, UnhealthyThreshold = 8, PickHostNameFromBackendHttpSettings = false, MinimumServers = 0 } }, BackendHttpSettings = new [] { new ApplicationGatewayBackendHttpSettingArgs { Name = "apim-settings-default", Port = 443, Protocol = "Https", CookieBasedAffinity = "Disabled", PickHostNameFromBackendAddress = false, RequestTimeout = 30, ProbeName = "apim-probe-default" } }, RequestRoutingRules = new[] { new ApplicationGatewayRequestRoutingRuleArgs { Name = "default", RuleType = "Basic", HttpListenerName = "default", BackendAddressPoolName = "apim", BackendHttpSettingsName = "apim-settings-default" } } }); // var la = new AnalyticsWorkspace("la", new AnalyticsWorkspaceArgs // { // Name = NamingConvention.GetLogAnalyticsName(environment), // ResourceGroupName = resourceGroup.Name, // Location = resourceGroup.Location, // Sku = "PerGB2018" // }); // var firewallName = NamingConvention.GetFirewallName(environment); // // var afwPublicIp = new PublicIp("afw-pip", new PublicIpArgs // { // Location = resourceGroup.Location, // ResourceGroupName = resourceGroup.Name, // AllocationMethod = "Static", // Sku = "Standard", // DomainNameLabel = firewallName // }); // // var afw = new Firewall("afw", new FirewallArgs // { // Name = firewallName, // Location = resourceGroup.Location, // ResourceGroupName = resourceGroup.Name, // IpConfigurations = // { // new FirewallIpConfigurationArgs // { // Name = "configuration", // SubnetId = firewallSubnet.Id, // PublicIpAddressId = afwPublicIp.Id, // }, // }, // }); // // var afwNatRuleCollection = new FirewallNatRuleCollection("apim-dnat", new FirewallNatRuleCollectionArgs // { // Name = "apim-dnat", // AzureFirewallName = afw.Name, // ResourceGroupName = resourceGroup.Name, // Priority = 100, // Action = "Dnat", // Rules = // { // new FirewallNatRuleCollectionRuleArgs // { // Name = "apim", // SourceAddresses = "*", // DestinationPorts = // { // "443", // }, // DestinationAddresses = // { // afwPublicIp.IpAddress, // }, // TranslatedPort = "443", // TranslatedAddress = apimInternal.PrivateIpAddresses.First(), // Protocols = // { // "UDP", // "TCP", // } // } // } // }); // var afwDiagnosticSetting = new DiagnosticSetting("afw-diagnostics", new DiagnosticSettingArgs // { // Name = "diagnostics", // TargetResourceId = afw.Id, // LogAnalyticsWorkspaceId = la.Id, // Logs = // { // new DiagnosticSettingLogArgs // { // Category = "AzureFirewallApplicationRule", // Enabled = true, // RetentionPolicy = new DiagnosticSettingLogRetentionPolicyArgs // { // Enabled = false // } // }, // new DiagnosticSettingLogArgs // { // Category = "AzureFirewallNetworkRule", // Enabled = true, // RetentionPolicy = new DiagnosticSettingLogRetentionPolicyArgs // { // Enabled = false // } // }, // new DiagnosticSettingLogArgs // { // Category = "AzureFirewallDnsProxy", // Enabled = true, // RetentionPolicy = new DiagnosticSettingLogRetentionPolicyArgs // { // Enabled = false, // } // } // }, // Metrics = // { // new DiagnosticSettingMetricArgs // { // Category = "AllMetrics", // Enabled = true, // RetentionPolicy = new DiagnosticSettingMetricRetentionPolicyArgs // { // Enabled = false, // } // } // } // }); }