public Infrastructure()
{
var currentConfig = Output.Create(GetClientConfig.InvokeAsync());
var currentUserObjectId = currentConfig.Apply(c => c.ObjectId);
var tenantId = currentConfig.Apply(c => c.TenantId);
var resourceGroup = new ResourceGroupResource();
var keyVault = new KeyVaultResource(resourceGroup, tenantId);
var appServicePlan = new AppServicePlanResource(resourceGroup);
appServicePlan.Build();
var appService = new AppServiceResource(resourceGroup);
// key vault needs to be build before any resource that accesses its secrets
keyVault.Build();
appService.AddConfiguration(keyVault, new[] { "KeyVaultName" });
var staticWebsite = new StorageAccountResource(resourceGroup, "sw");
staticWebsite.Build();
staticWebsite.BuildStaticWebsite();
var storageAccount = new StorageAccountResource(resourceGroup);
storageAccount.Build();
var applicationInsights = new ApplicationInsightsResource(resourceGroup);
applicationInsights.Build();
appService.AddConfiguration(applicationInsights, new[] { "APPINSIGHTS_INSTRUMENTATIONKEY" });
var sqlDatabase = new SqlServerResource(resourceGroup, tenantId, currentUserObjectId);
sqlDatabase.Build();
keyVault.AddSecrets(sqlDatabase);
appService.AddConfiguration(sqlDatabase, new[] { "DatabaseConnectionString" });
appService.Build(appServicePlan);
keyVault.AddAccessPolicy("appservice", appService.PrincipalId);
var activeDirectory = new ActiveDirectoryResource(currentUserObjectId);
var serviceGroup = activeDirectory.CreateGroup("servicegroup", appService.PrincipalId);
ServicesGroupSid = GetDatabaseSid(serviceGroup.ObjectId);
}
public void Build(AppServicePlanResource appServicePlanResource, StorageAccountResource storageAccountResource)
{
_ = appServicePlanResource.Id ?? throw new InvalidOperationException("App service plan was not build.");
_ = storageAccountResource.ConnectionString ?? throw new InvalidOperationException("Storage account was not build.");
_appSettings.Add(new NameValuePairArgs {
Name = "FUNCTIONS_EXTENSION_VERSION", Value = "~3"
});
_appSettings.Add(new NameValuePairArgs {
Name = "FUNCTIONS_WORKER_RUNTIME", Value = "dotnet"
});
_appSettings.Add(new NameValuePairArgs {
Name = "AzureWebJobsStorage", Value = storageAccountResource.ConnectionString
});
_appSettings.Add(new NameValuePairArgs {
Name = "WEBSITES_ENABLE_APP_SERVICE_STORAGE", Value = "false"
});
_functionApp = new WebApp(Name, new WebAppArgs
{
Name = Name,
ResourceGroupName = ResourceGroupName,
ServerFarmId = appServicePlanResource.Id,
Kind = "functionapp",
HttpsOnly = true,
Identity = new ManagedServiceIdentityArgs
{
Type = ManagedServiceIdentityType.SystemAssigned,
},
SiteConfig = new SiteConfigArgs
{
LinuxFxVersion = "DOTNETCORE|5.0",
AlwaysOn = true,
Http20Enabled = true,
WebSocketsEnabled = true,
AppSettings = _appSettings,
},
});
}
public void Build(AppServicePlanResource appServicePlanResource)
{
_ = appServicePlanResource.Id ?? throw new InvalidOperationException("App service plan was not build");
_appService = new WebApp(Name, new WebAppArgs
{
Name = Name,
ResourceGroupName = ResourceGroupName,
ServerFarmId = appServicePlanResource.Id,
HttpsOnly = true,
Identity = new ManagedServiceIdentityArgs
{
Type = ManagedServiceIdentityType.SystemAssigned,
},
SiteConfig = new SiteConfigArgs
{
LinuxFxVersion = "DOTNETCORE|5.0",
AlwaysOn = true,
Http20Enabled = true,
WebSocketsEnabled = true,
AppSettings = _appSettings,
},
});
}