def program():
config = Config()
config.get("plainstr1")
config.require("plainstr2")
config.get_secret("plainstr3")
config.require_secret("plainstr4")
config.get_bool("plainbool1")
config.require_bool("plainbool2")
config.get_secret_bool("plainbool3")
config.require_secret_bool("plainbool4")
config.get_int("plainint1")
config.require_int("plainint2")
config.get_secret_int("plainint3")
config.require_secret_int("plainint4")
config.get_float("plainfloat1")
config.require_float("plainfloat2")
config.get_secret_float("plainfloat3")
config.require_secret_float("plainfloat4")
config.get_object("plainobj1")
config.require_object("plainobj2")
config.get_secret_object("plainobj3")
config.require_secret_object("plainobj4")
config.get("str1")
config.require("str2")
config.get_secret("str3")
config.require_secret("str4")
config.get_bool("bool1")
config.require_bool("bool2")
config.get_secret_bool("bool3")
config.require_secret_bool("bool4")
config.get_int("int1")
config.require_int("int2")
config.get_secret_int("int3")
config.require_secret_int("int4")
config.get_float("float1")
config.require_float("float2")
config.get_secret_float("float3")
config.require_secret_float("float4")
config.get_object("obj1")
config.require_object("obj2")
config.get_secret_object("obj3")
config.require_secret_object("obj4")
def __init__(
self,
username: str = None,
password: str = None,
account_name: str = None,
role: str = None,
database: str = None,
schema: str = None
):
config = Config()
self.username = username if username else config.require('snowflakeUsername')
self.password = password if password else config.require('snowflakePassword')
self.account_name = account_name if account_name else config.get('snowflakeAccountName')
self.role = role if role else config.get('snowflakeRole')
self.database = database if database else config.get('snowflakeDatabase')
self.schema = schema if schema else config.get('snowflakeSchema')
# Copyright 2016-2020, Pulumi Corporation. All rights reserved.
import provisioners
import pulumi
import base64
from pulumi import Config, Output, export
from pulumi_azure_nextgen.compute import latest as compute
from pulumi_azure_nextgen.network import latest as network
from pulumi_azure_nextgen.resources import latest as resources
# Get the config ready to go.
config = Config()
key_name = config.get('keyName')
public_key = config.get('publicKey')
admin_username = config.get('admin_username')
admin_password = config.get('admin_password')
location = config.get('location')
# The privateKey associated with the selected key must be provided (either directly or base64 encoded),
# along with an optional passphrase if needed.
def decode_key(key):
if key.startswith('-----BEGIN RSA PRIVATE KEY-----'):
return key
return key.encode('ascii')
private_key = config.require_secret('privateKey').apply(decode_key)
private_key_passphrase = config.get_secret('privateKeyPassphrase')
# Create a resource group to hold project resources.
# Copyright 2016-2020, Pulumi Corporation. All rights reserved.
import base64
from pulumi import Config, Output, export
from pulumi_azure_nextgen.compute import latest as compute
from pulumi_azure_nextgen.network import latest as network
from pulumi_azure_nextgen.resources import latest as resources
config = Config()
location = config.get("location") or "westus"
username = config.require("username")
password = config.require("password")
resource_group = resources.ResourceGroup("server",
resource_group_name="server",
location=location)
net = network.VirtualNetwork("server-network",
resource_group_name=resource_group.name,
location=location,
virtual_network_name="server-network",
address_space=network.AddressSpaceArgs(
address_prefixes=["10.0.0.0/16"], ),
subnets=[
network.SubnetArgs(
name="default",
address_prefix="10.0.1.0/24",
)
])
public_ip = network.PublicIPAddress("server-ip",
# The KVM host is created via a component resource.
# Any KVM host can be used as long as the connection URI is returned to the main so that
# the libvirt provider can be instantiated.
#
# In this case, the KVM host component creates a VM in Azure and uses an ssh connection URI.
#
import pulumi as pulumi
from pulumi import Config, Output, ResourceOptions, export
import pulumi_libvirt as libvirt
import libvirt_host
# Get some stack-related config data
stackname = pulumi.get_stack()
config = Config()
basename = config.get("basename") or "libvirt-ex"
basename = f"{basename}-{stackname}"
### Create a KVM host
libvirt_server = libvirt_host.Server(basename)
### Use the KVM host
# Create a provider using the connection URI returned by the KVM host component
libvirt_provider = libvirt.Provider(f"{basename}-libvirt",
uri=libvirt_server.libvirt_remote_uri)
# Create a storage pool for the KVM VM that is going to be launched.
vm_pool = libvirt.Pool(f"{basename}-vm_pool",
args=libvirt.PoolArgs(type="dir",
path=libvirt_server.vm_pool_dir),
opts=ResourceOptions(provider=libvirt_provider))
def pulumi_program():
config = Config()
export("exp_static", "foo")
export("exp_cfg", config.get("bar"))
export("exp_secret", config.get_secret("buzz"))
"""Exception raised for errors in Pulumi Config.
Attributes:
keys -- Config keys with the error
message -- explanation of the error
"""
def __init__(self, keys: [str], message: str):
self.keys = keys
self.message = message
# retrieve the stack configuration data
config = Config()
# retrieve optional separator choice and suffix
separator = config.get('separator') or '-'
separator = separator[0]
if separator == ' ':
separator = ''
suffix = config.get('suffix') or ''
# retrieve project and stack (org not yet available)
project = get_project()
stack = get_stack()
# set default tags to be applied to all taggable resources
default_tags = {
'manager': 'pulumi',
'project': project,
'stack': stack,
}
import pulumi
from pulumi import Config, ResourceOptions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
config = Config()
namespace = config.get("namespace") or "default"
provider = Provider("kubernetes", namespace=namespace)
app_labels = {"app": "nginx"}
deployment = Deployment(
"nginx",
spec={
"selector": {"match_labels": app_labels},
"replicas": 1,
"template": {
"metadata": {"labels": app_labels},
"spec": {"containers": [{"name": "nginx", "image": "nginx"}]},
},
},
opts=ResourceOptions(provider=provider),
)
pulumi.export("name", deployment.metadata["name"])
self.message = message
# retrieve the stack configuration data
config = Config()
# set default tags to be applied to all taggable resources
stack = get_stack()
default_tags = {
'environment': stack
}
# Azure Bastion hosts in hub and spokes (until functional across peerings)
azure_bastion = config.get_bool('azure_bastion')
# Azure Firewall to route all Internet-bound traffic to designated next hop
forced_tunnel = config.get('forced_tunnel')
if forced_tunnel:
ft_ip = ip_address(forced_tunnel) # check IP address is valid
# another stack may be peered in the same project, even across organizations
org = config.get('org')
peer = config.get('peer')
project = config.get('project')
if org and not project:
project = get_project()
if not org:
org = ""
if not project:
project = ""
if not peer:
reference = None
from hub import HubProps, Hub
from spoke import SpokeProps, Spoke
import vdc
# retrieve the configuration data
config = Config()
# set default tags to be applied to all taggable resources
stack = get_stack()
default_tags = {'environment': stack}
# set vdc default
vdc.tags = default_tags
# all resources will be created in configuration location
resource_group_name = vdc.resource_group(stack)
# another stack in the same project and organization may be peered
peer = config.get('peer')
if peer:
org = config.require('org')
project = get_project()
ref = f'{org}/{project}/{peer}'
else:
ref = None
# single hub virtual network with gateway, firewall, DMZ and shared services
hub = Hub(
'hub', # stem of child resource names (<4 chars)
HubProps(
resource_group_name=resource_group_name,
tags=default_tags,
stack=stack,
dmz_ar=config.require('firewall_dmz_subnet'),
"""Configures the example. If password and public key for connecting
to the cluster are not set with `pulumi config`, we generate a random
password and key pair.
"""
from pulumi import Config
from pulumi_random import RandomPassword
from pulumi_tls import PrivateKey
config = Config()
k8s_version = config.get('k8sVersion') or '1.18.14'
password = config.get('password') or RandomPassword('pw',
length=20, special=True)
generated_key_pair = PrivateKey('ssh-key',
algorithm='RSA', rsa_bits=4096)
admin_username = config.get('adminUserName') or 'testuser'
ssh_public_key = config.get('sshPublicKey') or \
generated_key_pair.public_key_openssh
"""An Azure RM Python Pulumi program"""
import pulumi
from pulumi_azure_nextgen.storage import latest as storage
from pulumi_azure_nextgen.resources import latest as resources
from pulumi_azure_nextgen.network import latest as network
from pulumi import export, ResourceOptions, Config, StackReference, get_stack, get_project
config = Config()
my_location = config.get("location")
my_resource_group_name = config.get("resource_group_name")
my_network_name = config.get("network_name")
my_cidr_block = config.get("virtual_network_cidr")
my_subnet_1_cidr = config.get("subnet_1_cidr")
my_subnet_2_cidr = config.get("subnet_2_cidr")
projectName = get_project()
stackName = get_stack()
mytags = {
"stack": stackName,
"project": projectName,
"created_by": "johnsmith",
"launched_via": "pulumi",
"team": "engineering",
"cli": "yes"
}
# Create an Azure Resource Group
# https://www.pulumi.com/docs/reference/pkg/azure-nextgen/resources/resourcegroup/
resource_group = resources.ResourceGroup(
f"{my_network_name}-resource-group",
"""An Azure RM Python Pulumi program"""
import pulumi
import pulumi_azure_nextgen.network.latest as network
from pulumi import Config, StackReference
# read local config settings - network
config = Config()
# reading in StackReference Path from local config
mystackpath = config.require("stackreference")
# setting the StackReference
mynetworkstackreference = StackReference(mystackpath)
# get azure subscription id
my_subid = config.get("subid")
# getting the resource group that where the current virtualnetwork ( the one that doesn't have databricks) is.
my_resource_group = mynetworkstackreference.get_output("resource_group_name")
# getting the virutal network that where the current virtualnetwork ( the one that doesn't have databricks) is.
my_virtual_network_name = mynetworkstackreference.get_output("virtual_network_name")
# Databricks resource group
my_remote_resource_group = "myWorkspace"
# Databricks virtual network
my_remote_virtual_network = "workers-vnet"
# vnet peering name FROM the virtualnetwork TO the databricks virtualnetwork
my_virtual_network_peering_name = "shaht-vnet-peering-back-to-databricks"
# vnet peering resource
v_net_peering = network.VirtualNetworkPeering("virtualNetworkPeering",
"""A Google Cloud Python Pulumi program that stands up PostgresSQL"""
import pulumi
import pulumi_gcp as gcp # gcp https://www.pulumi.com/docs/reference/pkg/gcp/
from pulumi_gcp import sql, compute
import pulumi_postgresql as postgres # PostgresSQL Provider https://www.pulumi.com/docs/reference/pkg/postgresql/ https://github.com/pulumi/pulumi-postgresql
import pulumi_random as random # Used for password generation https://www.pulumi.com/docs/reference/pkg/random/
import pg8000.native # Used for creating table https://github.com/tlocke/pg8000name = "shaht"
from pulumi import Config # To read from pulumi config: Setting and Getting Configuration Values https://www.pulumi.com/docs/intro/concepts/config/#setting-and-getting-configuration-values
config = Config() # To get Data from local config
myip = config.get("myip") # your ip with /32
myregion = gcp.config.region # gcp region
name = "demo"
# The following config values are set via: https://www.pulumi.com/docs/reference/cli/pulumi_config_set/
# The following 4 inputs will be updated ONLY after the initial postgres sql database instance, database, and users have been created.
# We need the instance information to pass back in since we are using python package
# to create the tables. See the readme
# Start
postgres_sql_instance_public_ip_address = config.get(
"postgres_sql_instance_public_ip_address")
postgres_sql_user_username = config.get("postgres_sql_user_username")
postgres_sql_database_name = config.get("postgres_sql_database_name")
postgres_sql_user_password = config.get("postgres_sql_user_password")
# End
# creates a random password https://www.pulumi.com/docs/reference/pkg/random/randompassword/
mypassword = random.RandomPassword("randompassword",
length=12,
from pulumi import Config
import boto3
conf = Config('aws')
client = boto3.client('ec2', region_name=conf.get('region'))
def get_subnets_ids():
return [
subnet['SubnetId']
for subnet
in client.describe_subnets()['Subnets']
]
def get_default_security_groups_ids():
return [
secgrp['GroupId']
for secgrp
in client.describe_security_groups()['SecurityGroups']
if secgrp['GroupName'] == 'default'
]
config = Config()
# set default tags to be applied to all taggable resources
stack = get_stack()
default_tags = {
'environment': stack
}
# Azure Bastion hosts in hub and spokes (until functional across peerings)
azure_bastion = config.get_bool('azure_bastion')
# Azure Firewall to route all Internet-bound traffic to designated next hop
forced_tunnel = config.get_bool('forced_tunnel')
# another stack in the same project and organization may be peered
peer = config.get('peer')
if peer:
org = config.require('org')
project = get_project()
reference = f'{org}/{project}/{peer}'
else:
reference = None
# validate firewall_address_space and hub_address_space
firewall_address_space = config.require('firewall_address_space')
fwz_nw = ip_network(firewall_address_space)
if not fwz_nw.is_private:
raise ConfigError(['firewall_address_space'], 'must be private')
if fwz_nw.prefixlen > 24:
raise ConfigError(['firewall_address_space'], 'must be /24 or larger')
hub_address_space = config.require('hub_address_space')
from pulumi import Config, export, get_project, get_stack, Output, ResourceOptions
from pulumi_gcp.config import project, zone
from pulumi_gcp.container import Cluster, get_engine_versions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service
from pulumi_random import RandomString
# Read in some configurable settings for our cluster:
config = Config(None)
# nodeCount is the number of cluster nodes to provision. Defaults to 3 if unspecified.
NODE_COUNT = config.get('node_count') or 3
# nodeMachineType is the machine type to use for cluster nodes. Defaults to n1-standard-1 if unspecified.
# See https://cloud.google.com/compute/docs/machine-types for more details on available machine types.
NODE_MACHINE_TYPE = config.get('node_machine_type') or 'n1-standard-1'
# username is the admin username for the cluster.
USERNAME = config.get('username') or 'admin'
# password is the password for the admin user in the cluster.
PASSWORD = config.get_secret('password') or RandomString(
"password", length=20, special=True).result
engine_version = Output.from_input(get_engine_versions()).latest_master_version
# Now, actually create the GKE cluster.
k8s_cluster = Cluster(
'gke-cluster',
initial_node_count=NODE_COUNT,
node_version=engine_version,
min_master_version=engine_version,
master_auth={
from pulumi import Config, export, ResourceOptions
from pulumi_azure import core, network, lb, compute
import pulumi_random as random
config = Config()
admin_user = config.get("adminUser") or "azureuser"
admin_password = config.get_secret("adminPassword") or random.RandomPassword(
"pwd", length=20, special="true").result
domain = config.get("domain") or random.RandomString(
"domain", length=10, number="false", special="false", upper="false").result
application_port = config.get_float("applicationPort") or 80
resource_group = core.ResourceGroup("vmss-rg")
public_ip = network.PublicIp("public-ip",
resource_group_name=resource_group.name,
allocation_method="Static",
domain_name_label=domain)
load_balancer = lb.LoadBalancer("lb",
resource_group_name=resource_group.name,
frontend_ip_configurations=[{
"name":
"PublicIPAddress",
"publicIpAddressId":
public_ip.id,
}])
bpepool = lb.BackendAddressPool("bpepool",
resource_group_name=resource_group.name,
loadbalancer_id=load_balancer.id)
# Doc: https://www.pulumi.com/docs/intro/concepts/resources/#protect
# Doc: https://www.pulumi.com/docs/reference/cli/pulumi_state_unprotect/
import base64
import pulumi
from pulumi import Config, ResourceOptions
from pulumi_tls import PrivateKey
from pulumi_azure_native import resources, containerservice
import pulumi_azuread as azuread
import pulumi_kubernetes as k8s
from pulumi_kubernetes.helm.v3 import Chart, ChartOpts
import pulumi_random as random
# Config values or defaults
config = Config()
k8s_version = config.get('k8sVersion') or '1.18.14'
admin_username = config.get('adminUserName') or 'testuser'
node_count = config.get_int('nodeCount') or 2
node_size = config.get('nodeSize') or 'Standard_D2_v2'
password = config.get_secret("password")
if not password:
rando_password = random.RandomPassword(
'password',
length=16,
special=True,
override_special='@_#',
)
password = rando_password.result
# Resource Group
resource_group = resources.ResourceGroup('rg')
def build_secrets(config: pulumi.Config):
secrets_template = """export CTR_FQDN="{fqdn}"
export CTR_EMAIL="{email}"
export CTR_PASSWORD="******"
export CTR_FIRSTNAME="{admin_first_name}"
export CTR_LASTNAME="{admin_last_name}"
export CTR_SMTP_HOST={smtp_host}
export CTR_SMTP_PORT={smtp_port}
export CTR_SMTP_TLS={smtp_tls}
export CTR_SMTP_AUTH={smtp_auth}
export CTR_SMTP_FROM={smtp_from}
"""
if config.get('db_type') == 'sass':
secrets_template += """export PG_INSTALL_TYPE=sass
export CTR_DB_HOST="{db_hostname}"
export CTR_DB_USER="******"
export CTR_DB_PASS="******"
"""
elif config.get('db_type') == 'local':
secrets_template += 'export PG_INSTALL_TYPE=local\n'
if config.get_bool('smtp_auth'):
if config.get('smtp_user'):
secrets_template += 'export CTR_SMTP_USER={0}\n'.format(config.get('smtp_user'))
if config.get('smtp_pass'):
secrets_template += 'export CTR_SMTP_PASS={0}\n'.format(config.get('smtp_pass'))
hostname = build_vm_domain(config)
db_admin_username = config.get('db_admin_username') or 'controller'
installation_id = config.get('installation_id')
values = {
'fqdn': hostname,
'email': config.get('admin_email'),
'admin_pass': config.get('admin_password'),
'admin_first_name': config.get('admin_first_name'),
'admin_last_name': config.get('admin_last_name'),
'db_hostname': 'config-db-{0}.postgres.database.azure.com'.format(installation_id),
'db_user': '******'.format(db_admin_username, installation_id),
'db_pass': config.get('db_admin_password'),
'smtp_host': config.get('smtp_host'),
'smtp_port': config.get('smtp_port'),
'smtp_tls': 'true' if config.get_bool('smtp_tls') else 'false',
'smtp_from': config.get('smtp_from'),
'smtp_auth': 'true' if config.get_bool('smtp_auth') else 'false'
}
return secrets_template.format_map(values)
import pulumi_digitalocean as do
from pulumi import Config, export, Output, ResourceOptions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service
config = Config()
node_count = config.get_float("nodeCount") or 3
app_replica_count = config.get_float("appReplicaCount") or 5
domain_name = config.get("domainName")
cluster = do.KubernetesCluster("do-cluster",
region="sfo2",
version="latest",
node_pool={
"name": "default",
"size": "s-2vcpu-2gb",
"node_count": node_count
})
k8s_provider = Provider("do-k8s",
kubeconfig=cluster.kube_configs[0]["rawConfig"])
app_labels = {"app": "app-nginx"}
app = Deployment("do-app-dep",
spec={
'selector': {
'matchLabels': app_labels
},
'replicas': 1,
'template': {
my_network_stackreference = StackReference(mystackpath)
my_secondvirtualnetwork_output = my_network_stackreference.get_output(
"virtual_network_name")
my_remote_resourcegroup_output = my_network_stackreference.get_output(
"resource_group_name")
#my_secondvirtualnetwork = my_secondvirtualnetwork_output.apply(lambda my_secondvirtualnetwork_output: f"{my_secondvirtualnetwork_output}")
#my_remote_resourcegroup = my_remote_resourcegroup_output.apply(lambda my_remote_resourcegroup_output: f"{my_remote_resourcegroup_output}")
# The values for my_secondvirtualnetwork & my_remote_resourcegroup are from the virtualnetwork that has
# already been created using another pulumi stack. This has to exist before this code can run.
my_secondvirtualnetwork = "shaht-vnet-peering-to-databricks" # 2nd virtual network. Needed for vpn peering block FROM databricks.
my_remote_resourcegroup = "shaht-rg-peering-to-databricks"
# local variables from config file
# my subscription id
mysubid = config.get("mysubid")
# azure location
my_location = config.get("location")
# resource group name
my_resource_group_name = config.get("resource_group_name")
# name
my_name = config.get("name")
# workspace name
my_Workspacename = config.get("workspacename")
# Databricks vpn peering name.
my_peering_name = "databricks_peering"
# Creating Tags
# stackname for tags
stackName = get_stack()
from pulumi import Config, export, get_project, get_stack, Output, ResourceOptions
from pulumi_gcp.config import project, zone
from pulumi_gcp.container import Cluster, get_engine_versions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service
from pulumi_random import RandomPassword
# Read in some configurable settings for our cluster:
config = Config(None)
# nodeCount is the number of cluster nodes to provision. Defaults to 3 if unspecified.
NODE_COUNT = config.get('node_count') or 3
# nodeMachineType is the machine type to use for cluster nodes. Defaults to n1-standard-1 if unspecified.
# See https://cloud.google.com/compute/docs/machine-types for more details on available machine types.
NODE_MACHINE_TYPE = config.get('node_machine_type') or 'n1-standard-1'
# username is the admin username for the cluster.
USERNAME = config.get('username') or 'admin'
# password is the password for the admin user in the cluster.
PASSWORD = config.get_secret('password') or RandomPassword(
"password", length=20, special=True).result
# master version of GKE engine
MASTER_VERSION = config.get('master_version')
# Now, actually create the GKE cluster.
k8s_cluster = Cluster(
'gke-cluster',
initial_node_count=NODE_COUNT,
node_version=MASTER_VERSION,
min_master_version=MASTER_VERSION,
master_auth={
parts = domain.split('.')
if len(parts) < 2:
raise Exception(f'No TLD found on ${domain}')
if len(parts) == 2:
return '', domain
subdomain = parts[0]
parts.pop(0)
return subdomain, '.'.join(parts) + '.'
# Read the configuration for this stack.
stack_config = Config()
target_domain = stack_config.require('targetDomain')
path_to_website_contents = stack_config.require('pathToWebsiteContents')
certificate_arn = stack_config.get('certificateArn')
# Create an S3 bucket configured as a website bucket.
content_bucket = pulumi_aws.s3.Bucket('contentBucket',
bucket=target_domain,
acl='public-read',
website={
'index_document': 'index.html',
'error_document': '404.html'
})
def crawl_directory(content_dir, f):
"""
Crawl `content_dir` (including subdirectories) and apply the function `f` to each file.
"""
from pulumi import Config, export, get_project, get_stack, Output, ResourceOptions
from pulumi_gcp.config import project, zone, region
from pulumi_gcp.container import Cluster, get_engine_versions
from pulumi_kubernetes import Provider
from pulumi_kubernetes.apps.v1 import Deployment
from pulumi_kubernetes.core.v1 import Service
from pulumi_random import RandomPassword
# Read in some configurable settings for our cluster:
config = Config(None)
NODE_COUNT = config.get("node_count")
NODE_MACHINE_TYPE = config.get("node_machine_type")
IMAGE_TYPE = config.get("image_type")
DISK_TYPE = config.get("disk_type")
DISK_SIZE_GB = config.get("disk_size_gb")
# master version of GKE engine
MASTER_VERSION = config.get("master_version")
CLUSTER_NAME = config.get("pulumi-gke")
print(f"Master version: {MASTER_VERSION}")
print(f"Project: {project} | Region: {region} | Zone: {zone}")
# Now, actually create the GKE cluster.
# Pulumi docs: https://www.pulumi.com/docs/reference/pkg/python/pulumi_gcp/container/#pulumi_gcp.container.Cluster
# Terraform docs: https://www.terraform.io/docs/providers/google/r/container_cluster.html
k8s_cluster = Cluster(
"gke-cluster",
name=CLUSTER_NAME,
# Zone is read automagically from the stack config file
import pulumi_okta as okta
import pulumi
from pulumi import Config, export
# User email
sourceemail = "*****@*****.**"
# Getting config values from pulumi config
config = Config()
# Retrieving AWS account ID that is passed in
accountid = config.get("awsaccountid")
# Retrieving iam saml provider
iam_saml_provider = config.get("iamsamlprovider")
# Retrieving role
role = config.get("myrole")
# Creating identityProviderArn for app_setting_json
myidentityProviderArn = f"arn:aws:iam::{accountid}:saml-provider/{iam_saml_provider}"
# Creating roleValuePattern for app_setting_json
myroleValuePattern = f"arn:aws:iam::{accountid}:saml-provider/OKTA,arn:aws:iam::{accountid}:role/{role}"
# Creating groupFilter for app_setting_json
mygroupFilter = f"aws_(?{accountid}//d+)_(?{role}[a-zA-Z0-9+=,.@//-_]+)"
# Combing it all to create the app_setting_json
app_setting_json_total = '{' + f'''
"appFilter":"okta",
"awsEnvironmentType":"aws.amazon",
"joinAllRoles": false,
"sessionDuration": 14400,
"loginURL": "https://console.aws.amazon.com/ec2/home",
"identityProviderArn":"{myidentityProviderArn}",
"roleValuePattern":"{myroleValuePattern}",
