Created
October 29, 2019 18:56
-
-
Save MathieuBuisson/0aeb53488077beb4da484cc79caad079 to your computer and use it in GitHub Desktop.
Pulumi stack with strange outputs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Outputs: | |
consulRule : { | |
rule: { | |
access : "Deny" | |
destinationAddressPrefix : "Internet" | |
destinationPortRanges : [ | |
[0]: "1234" | |
] | |
direction : "Outbound" | |
id : "/subscriptions/53e77d8e-c18b-4040-846b-282ed557ee9a/resourceGroups/nsg-rgded2106c/providers/Microsoft.Network/networkSecurityGroups/frontend-subnet-nsg/securityRules/Deny_Outbound_Port1234" | |
name : "Deny_Outbound_Port1234" | |
networkSecurityGroupName : "frontend-subnet-nsg" | |
priority : 110 | |
protocol : "Tcp" | |
resourceGroupName : "nsg-rgded2106c" | |
sourceAddressPrefix : "*" | |
sourcePortRanges : [ | |
[0]: "0-65535" | |
] | |
urn : "urn:pulumi:ci::azure-network-security-group::azure-network-security-group:NetworkSecurityGroup$azure-network-security-group:NetworkSecurityRule$azure:network/networkSecurityRule:NetworkSecurityRule::Deny_Outbound_Port1234" | |
} | |
urn : "urn:pulumi:ci::azure-network-security-group::azure-network-security-group:NetworkSecurityGroup$azure-network-security-group:NetworkSecurityRule::Deny_Outbound_Port1234" | |
} | |
port1234Rule: { | |
rule: { | |
access : "Deny" | |
destinationAddressPrefix : "Internet" | |
destinationPortRanges : [ | |
[0]: "1234" | |
] | |
direction : "Outbound" | |
id : "/subscriptions/53e77d8e-c18b-4040-846b-282ed557ee9a/resourceGroups/nsg-rgded2106c/providers/Microsoft.Network/networkSecurityGroups/frontend-subnet-nsg/securityRules/Deny_Outbound_Port1234" | |
name : "Deny_Outbound_Port1234" | |
networkSecurityGroupName : "frontend-subnet-nsg" | |
priority : 110 | |
protocol : "Tcp" | |
resourceGroupName : "nsg-rgded2106c" | |
sourceAddressPrefix : "*" | |
sourcePortRanges : [ | |
[0]: "0-65535" | |
] | |
urn : "urn:pulumi:ci::azure-network-security-group::azure-network-security-group:NetworkSecurityGroup$azure-network-security-group:NetworkSecurityRule$azure:network/networkSecurityRule:NetworkSecurityRule::Deny_Outbound_Port1234" | |
} | |
urn : "urn:pulumi:ci::azure-network-security-group::azure-network-security-group:NetworkSecurityGroup$azure-network-security-group:NetworkSecurityRule::Deny_Outbound_Port1234" | |
} | |
sshRule : { | |
rule: { | |
access : "Deny" | |
destinationAddressPrefix : "Internet" | |
destinationPortRanges : [ | |
[0]: "1234" | |
] | |
direction : "Outbound" | |
id : "/subscriptions/53e77d8e-c18b-4040-846b-282ed557ee9a/resourceGroups/nsg-rgded2106c/providers/Microsoft.Network/networkSecurityGroups/frontend-subnet-nsg/securityRules/Deny_Outbound_Port1234" | |
name : "Deny_Outbound_Port1234" | |
networkSecurityGroupName : "frontend-subnet-nsg" | |
priority : 110 | |
protocol : "Tcp" | |
resourceGroupName : "nsg-rgded2106c" | |
sourceAddressPrefix : "*" | |
sourcePortRanges : [ | |
[0]: "0-65535" | |
] | |
urn : "urn:pulumi:ci::azure-network-security-group::azure-network-security-group:NetworkSecurityGroup$azure-network-security-group:NetworkSecurityRule$azure:network/networkSecurityRule:NetworkSecurityRule::Deny_Outbound_Port1234" | |
} | |
urn : "urn:pulumi:ci::azure-network-security-group::azure-network-security-group:NetworkSecurityGroup$azure-network-security-group:NetworkSecurityRule::Deny_Outbound_Port1234" | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import * as pulumi from '@pulumi/pulumi' | |
import * as azure from '@pulumi/azure' | |
import { NetworkSecurityGroup, NetworkSecurityGroupArgs } from '../../../src/networkSecurityGroup' | |
import { NetworkSecurityRule, NetworkSecurityRuleArgs } from '../../../src/networkSecurityRule' | |
import { WellKnownServices, RuleService } from '../../../src/ruleService' | |
import { runTests } from '../utils' | |
const rg = new azure.core.ResourceGroup('nsg-rg', { | |
location: 'northeurope' | |
}) | |
const nsgRulesArgs: NetworkSecurityRuleArgs[] = [ | |
{ | |
access: 'Deny', | |
destinationAddressPrefix: 'Internet', | |
direction: 'Outbound', | |
name: 'Deny_Outbound_Port1234', | |
priority: 110, | |
ruleService: new RuleService('Tcp', ['*'], ['1234']), | |
sourceAddressPrefix: '*' | |
}, | |
{ | |
access: 'Allow', | |
destinationAddressPrefix: '*', | |
direction: 'Inbound', | |
name: 'Allow_Inbound_Vnet_Consul', | |
priority: 120, | |
ruleService: WellKnownServices.Consul, | |
sourceAddressPrefix: 'VirtualNetwork' | |
}, | |
{ | |
access: 'Allow', | |
destinationAddressPrefix: '*', | |
direction: 'Inbound', | |
name: 'Allow_Inbound_SSH', | |
priority: 130, | |
ruleService: WellKnownServices.Ssh, | |
sourceAddressPrefix: 'Internet' | |
} | |
] | |
const nsgArgs: NetworkSecurityGroupArgs = { | |
name: 'frontend-subnet-nsg', | |
location: 'northeurope', | |
resourceGroupName: rg.name, | |
tags: { | |
environment: 'dev', | |
managedBy: 'DevOps Team' | |
}, | |
rulesArgs: nsgRulesArgs | |
} | |
const nsg = new NetworkSecurityGroup('nsg', nsgArgs) | |
// promise returns a resource output's value | |
export function promise<T>(output: pulumi.Output<T>): Promise<T | undefined> { | |
return (output as any).promise() as Promise<T> | |
} | |
const getRuleByName = (name: string): NetworkSecurityRule | undefined => { | |
return nsg.rules.find(async r => { | |
return (await promise(r.rule.name)) === name | |
}) | |
} | |
export const nsgResource = nsg.group | |
export const port1234Rule = getRuleByName('Deny_Outbound_Port1234') | |
export const consulRule = getRuleByName('Allow_Inbound_Vnet_Consul') | |
export const sshRule = getRuleByName('Allow_Inbound_SSH') | |
// Invoke the tests suite (during previews and updates). | |
if (!pulumi.runtime.isDryRun()) { | |
runTests() | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment