forked from pulumi/examples
-
Notifications
You must be signed in to change notification settings - Fork 1
/
index.ts
124 lines (107 loc) · 4 KB
/
index.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
// Copyright 2016-2021, Pulumi Corporation. All rights reserved.
import * as network from "@pulumi/azure-native/network";
import * as resources from "@pulumi/azure-native/resources";
import * as web from "@pulumi/azure-native/web";
import * as pulumi from "@pulumi/pulumi";
const config = new pulumi.Config();
// setup a resource group
const resourceGroup = new resources.ResourceGroup("resourcegroup");
const serverfarm = new web.AppServicePlan("appServerFarm", {
kind: "app",
resourceGroupName: resourceGroup.name,
sku: {
capacity: 1,
family: "P1v2",
name: "P1v2",
size: "P1v2",
tier: "PremiumV2",
},
});
// Setup backend app
const backendApp = new web.WebApp("backendApp", {
kind: "app",
resourceGroupName: resourceGroup.name,
serverFarmId: serverfarm.id,
});
export const backendURL = backendApp.defaultHostName;
// Setup frontend app
const frontendApp = new web.WebApp("frontendApp", {
kind: "app",
resourceGroupName: resourceGroup.name,
serverFarmId: serverfarm.id,
});
export const frontEndURL = frontendApp.defaultHostName;
// Setup a vnet
const virtualNetworkCIDR = config.get("virtualNetworkCIDR") || "10.200.0.0/16";
const virtualNetwork = new network.VirtualNetwork("virtualNetwork", {
addressSpace: {
addressPrefixes: [virtualNetworkCIDR],
},
resourceGroupName: resourceGroup.name,
virtualNetworkName: "vnet",
}, {ignoreChanges: ["subnets"]}); // https://github.com/pulumi/pulumi-azure-nextgen/issues/103
// Setup private DNS zone
const privateDnsZone = new network.PrivateZone("privateDnsZone", {
location: "global",
privateZoneName: "privatelink.azurewebsites.net",
resourceGroupName: resourceGroup.name,
}, {
dependsOn: [virtualNetwork],
});
// Setup a private subnet for backend
const backendCIDR = config.get("backendCIDR") || "10.200.1.0/24";
const backendSubnet = new network.Subnet("subnetForBackend", {
addressPrefix: backendCIDR,
privateEndpointNetworkPolicies: network.VirtualNetworkPrivateEndpointNetworkPolicies.Disabled,
resourceGroupName: resourceGroup.name,
virtualNetworkName: virtualNetwork.name,
});
// Private endpoint in the private subnet for backend
const privateEndpoint = new network.PrivateEndpoint("privateEndpointForBackend", {
privateLinkServiceConnections: [{
groupIds: ["sites"],
name: "privateEndpointLink1",
privateLinkServiceId: backendApp.id,
}],
resourceGroupName: resourceGroup.name,
subnet: {
id: backendSubnet.id,
},
});
// Setup a private DNS Zone for private endpoint
const privateDNSZoneGroup = new network.PrivateDnsZoneGroup("privateDnsZoneGroup", {
privateDnsZoneConfigs: [{
name: "config1",
privateDnsZoneId: privateDnsZone.id,
}],
privateDnsZoneGroupName: privateEndpoint.name,
privateEndpointName: privateEndpoint.name,
resourceGroupName: resourceGroup.name,
});
export const privateEndpointURL = privateDNSZoneGroup.privateDnsZoneConfigs.apply(zoneConfigs => zoneConfigs![0].recordSets[0].fqdn);
const virtualNetworkLink = new network.VirtualNetworkLink("virtualNetworkLink", {
location: "global",
privateZoneName: privateDnsZone.name,
registrationEnabled: false,
resourceGroupName: resourceGroup.name,
virtualNetwork: {
id: virtualNetwork.id,
},
});
// Now setup frontend subnet
const frontendCIDR = config.get("frontendCIDR") || "10.200.2.0/24";
const frontendSubnet = new network.Subnet("frontendSubnet", {
addressPrefix: frontendCIDR,
delegations: [{
name: "delegation",
serviceName: "Microsoft.Web/serverfarms",
}],
privateEndpointNetworkPolicies: network.VirtualNetworkPrivateEndpointNetworkPolicies.Enabled,
resourceGroupName: resourceGroup.name,
virtualNetworkName: virtualNetwork.name,
});
const virtualNetworkConn = new web.WebAppSwiftVirtualNetworkConnection("virtualNetworkConnForFrontend", {
name: frontendApp.name,
resourceGroupName: resourceGroup.name,
subnetResourceId: frontendSubnet.id,
});