def program():
config = Config()
config.get("plainstr1")
config.require("plainstr2")
config.get_secret("plainstr3")
config.require_secret("plainstr4")
config.get_bool("plainbool1")
config.require_bool("plainbool2")
config.get_secret_bool("plainbool3")
config.require_secret_bool("plainbool4")
config.get_int("plainint1")
config.require_int("plainint2")
config.get_secret_int("plainint3")
config.require_secret_int("plainint4")
config.get_float("plainfloat1")
config.require_float("plainfloat2")
config.get_secret_float("plainfloat3")
config.require_secret_float("plainfloat4")
config.get_object("plainobj1")
config.require_object("plainobj2")
config.get_secret_object("plainobj3")
config.require_secret_object("plainobj4")
config.get("str1")
config.require("str2")
config.get_secret("str3")
config.require_secret("str4")
config.get_bool("bool1")
config.require_bool("bool2")
config.get_secret_bool("bool3")
config.require_secret_bool("bool4")
config.get_int("int1")
config.require_int("int2")
config.get_secret_int("int3")
config.require_secret_int("int4")
config.get_float("float1")
config.require_float("float2")
config.get_secret_float("float3")
config.require_secret_float("float4")
config.get_object("obj1")
config.require_object("obj2")
config.get_secret_object("obj3")
config.require_secret_object("obj4")
import pulumi
from pulumi import Config, ResourceOptions
from pulumi_azure import core, network
from webserver import WebServerArgs, WebServer
config = Config()
username = config.require_secret("username")
password = config.require_secret("password")
resource_group = core.ResourceGroup("server", location="West US")
net = network.VirtualNetwork(
"server-network",
resource_group_name=resource_group.name,
location=resource_group.location,
address_spaces=["10.0.0.0/16"],
subnets=[
network.VirtualNetworkSubnetArgs(name="default",
address_prefix="10.0.1.0/24")
],
opts=ResourceOptions(parent=resource_group),
)
subnet = network.Subnet(
"server-subnet",
resource_group_name=resource_group.name,
virtual_network_name=net.name,
address_prefixes=["10.0.2.0/24"],
opts=ResourceOptions(parent=net),
)
from pulumi import Config, ResourceOptions
from pulumi_tls import PrivateKey
from pulumi_azure_native import resources, containerservice
import pulumi_azuread as azuread
import pulumi_kubernetes as k8s
from pulumi_kubernetes.helm.v3 import Chart, ChartOpts
config = Config()
k8s_version = config.get('k8sVersion') or '1.18.14'
admin_username = config.get('adminUserName') or 'testuser'
node_count = config.get_int('nodeCount') or 2
node_size = config.get('nodeSize') or 'Standard_D2_v2'
## Exercise 1
## Suggestion: Take a look at the stack config file (e.g. Pulumi.dev.yaml) to confirm you stored the password as a secret.
password = config.require_secret("password")
pulumi.export('password', password)
## Exercise 1
generated_key_pair = PrivateKey('ssh-key', algorithm='RSA', rsa_bits=4096)
ssh_public_key = generated_key_pair.public_key_openssh
resource_group = resources.ResourceGroup('rg')
ad_app = azuread.Application('app', display_name='app')
ad_sp = azuread.ServicePrincipal('service-principal',
application_id=ad_app.application_id)
ad_sp_password = azuread.ServicePrincipalPassword(
'sp-password',
service_principal_id=ad_sp.id,
value=password,
key_name = config.get('keyName')
public_key = config.get('publicKey')
admin_username = config.get('admin_username')
admin_password = config.get('admin_password')
location = config.get('location')
# The privateKey associated with the selected key must be provided (either directly or base64 encoded),
# along with an optional passphrase if needed.
def decode_key(key):
if key.startswith('-----BEGIN RSA PRIVATE KEY-----'):
return key
return key.encode('ascii')
private_key = config.require_secret('privateKey').apply(decode_key)
private_key_passphrase = config.get_secret('privateKeyPassphrase')
# Create a resource group to hold project resources.
resource_group = resources.ResourceGroup("server-rg",
resource_group_name="minecraft",
location=location)
# Create a virtual network resource.
net = network.VirtualNetwork("server-network",
resource_group_name=resource_group.name,
location=location,
virtual_network_name="server-network",
address_space=network.AddressSpaceArgs(
address_prefixes=["10.0.0.0/16"], ),
subnets=[
import pulumi
from pulumi import Config, ResourceOptions, Output
from pulumi_azure import core, storage, compute, network, sql
config = Config("sso-lab")
# retrieve password from config
pwd = config.require_secret("pwd")
sqlpwd = config.require_secret("sqlpwd")
print("Secrets retrieved...")
# set some vars
server_user = "******"
sql_user = "******"
# Create an Azure Resource Group
rg = core.ResourceGroup("rg-ssolab")
# create vnet
vnet = network.VirtualNetwork("vnet-sso",
address_spaces=["10.2.0.0/16"],
resource_group_name=rg.name,
dns_servers=["10.2.0.4"])
subnet = network.Subnet("servers",
virtual_network_name=vnet.name,
address_prefix="10.2.0.0/24",
resource_group_name=rg.name)
bastionSubnet = network.Subnet("bastion",
name="AzureBastionSubnet",
cloud_sql_instance = pulumi_gcp.sql.DatabaseInstance(
"my-cloud-sql-instance",
database_version="POSTGRES_12",
deletion_protection=False,
settings=pulumi_gcp.sql.DatabaseInstanceSettingsArgs(tier="db-f1-micro"),
)
database = pulumi_gcp.sql.Database(
"database", instance=cloud_sql_instance.name, name=config.require("db-name")
)
users = pulumi_gcp.sql.User(
"users",
name=config.require("db-name"),
instance=cloud_sql_instance.name,
password=config.require_secret("db-password"),
)
sql_instance_url = Output.concat(
"postgres://",
config.require("db-name"),
":",
config.require_secret("db-password"),
"@/",
config.require("db-name"),
"?host=/cloudsql/",
cloud_sql_instance.connection_name,
)
cloud_run = pulumi_gcp.cloudrun.Service(
"default-service",
