How to use @pulumi/azure - 10 common examples

import * as azure from "@pulumi/azure";
import * as pulumi from "@pulumi/pulumi";

const config = new pulumi.Config();
// Read a list of target locations from the config file:
// Expecting a comma-separated list, e.g., "westus,eastus,westeurope"
const locations = config.require("locations").split(",");
// The first location is considered primary
const primaryLocation = locations[0];

const resourceGroup = new azure.core.ResourceGroup("UrlShorterner", {
    location: primaryLocation,
});

// Cosmos DB with a single write region (primary location) and multiple read replicas
const account = new azure.cosmosdb.Account("UrlStore", {
    resourceGroupName: resourceGroup.name,
    location: primaryLocation,
    geoLocations: locations.map((location, failoverPriority) => ({ location, failoverPriority })),
    offerType: "Standard",
    consistencyPolicy: {
        consistencyLevel: "Session",
        maxIntervalInSeconds: 300,
        maxStalenessPrefix: 100000,
    },
});

// Define a database under the Cosmos DB Account
const database = new azure.cosmosdb.SqlDatabase("Database", {
    resourceGroupName: resourceGroup.name,
    accountName: account.name,
});

tenantId: tenantId,
    objectId: principalId,
    secretPermissions: ["get"],
});

// Make the App Service the admin of the SQL Server (double check if you want a more fine-grained security model in your real app)
const sqlAdmin = new azure.sql.ActiveDirectoryAdministrator("adadmin", {
    resourceGroupName: resourceGroup.name,
    tenantId: tenantId,
    objectId: principalId,
    login: "adadmin",
    serverName: sqlServer.name,
});

// Grant access from App Service to the container in the storage
const blobPermission = new azure.role.Assignment("readblob", {
    principalId,
    scope: pulumi.interpolate`${storageAccount.id}/blobServices/default/containers/${storageContainer.name}`,
    roleDefinitionName: "Storage Blob Data Reader",
});

// Add SQL firewall exceptions
const firewallRules = app.outboundIpAddresses.apply(
    ips => ips.split(",").map(
        ip => new azure.sql.FirewallRule(`FR${ip}`, {
            resourceGroupName: resourceGroup.name,
            startIpAddress: ip,
            endIpAddress: ip,
            serverName: sqlServer.name,
        }),
    ));

value: passwordClient,
    endDate: "2099-01-01T00:00:00Z",
});

// Define a resource group (shared for all stacks)
const resourceGroup = new azure.core.ResourceGroup("k8s-az");

// Grant the resource group the "Network Contributor" role so that it
// can link the static IP to a Service LoadBalancer.
const rgNetworkRole = new azure.role.Assignment(`${name}-spRole`, {
    principalId: principalClient.id,
    scope: resourceGroup.id,
    roleDefinitionName: "Network Contributor",
});

const clientConfig = azure.core.getClientConfig();
const currentPrincipal = clientConfig.objectId;

const admins = new azuread.Group("admins", {
    name: "pulumi:admins",
    members: [
        currentPrincipal,
    ],
});

/* Create a new user in AD.
const dev = new azuread.User("k8s-dev", {
    userPrincipalName: "k8sdev@example.com",
    displayName: "Kubernetes Dev",
    password: "Qjker21!G",
});
*/

// Copyright 2016-2019, Pulumi Corporation.  All rights reserved.

import * as azure from "@pulumi/azure";
import * as pulumi from "@pulumi/pulumi";

// Parse and export configuration variables for this stack.
const config = new pulumi.Config();
export const password = config.require("password");
export const location = config.get("location") || azure.Locations.EastUS;
export const nodeCount = config.getNumber("nodeCount") || 2;
export const nodeSize = config.get("nodeSize") || "Standard_D2_v2";
export const sshPublicKey = config.require("sshPublicKey");
export const resourceGroup = new azure.core.ResourceGroup("aks", { location });

// Copyright 2016-2018, Pulumi Corporation.  All rights reserved.

import * as azure from "@pulumi/azure";
import * as pulumi from "@pulumi/pulumi";
import { StorageStaticWebsite } from "./staticWebsite";

// Create an Azure Resource Group
const resourceGroup = new azure.core.ResourceGroup("website-rg", {
    location: azure.Locations.WestUS,
});

// Create a Storage Account for our static website
const storageAccount = new azure.storage.Account("websitesa", {
    resourceGroupName: resourceGroup.name,
    accountReplicationType: "LRS",
    accountTier: "Standard",
    accountKind: "StorageV2",
});

// There's currently no way to enable the Static Web Site feature of a storage account via ARM
// Therefore, we created a custom resource which wraps corresponding Azure CLI commands
const staticWebsite = new StorageStaticWebsite("website-static", {
    accountName: storageAccount.name,
});

// Copyright 2016-2019, Pulumi Corporation.  All rights reserved.

import * as azure from "@pulumi/azure";
import * as pulumi from "@pulumi/pulumi";

// Get the desired username and password for our VM.
const config = new pulumi.Config();
const username = config.require("username");
const password = config.requireSecret("password");

// All resources will share a resource group.
const resourceGroupName = new azure.core.ResourceGroup("server-rg").name;

// Create a network and subnet for all VMs.
const network = new azure.network.VirtualNetwork("server-network", {
    resourceGroupName,
    addressSpaces: ["10.0.0.0/16"],
    subnets: [{
        name: "default",
        addressPrefix: "10.0.1.0/24",
    }],
});

// Now allocate a public IP and assign it to our NIC.
const publicIp = new azure.network.PublicIp("server-ip", {
    resourceGroupName,
    allocationMethod: "Dynamic",
});

// Copyright 2016-2019, Pulumi Corporation.  All rights reserved.

import * as azure from "@pulumi/azure";
import * as pulumi from "@pulumi/pulumi";

// use first 10 characters of the stackname as prefix for resource names
const prefix = pulumi.getStack().substring(0, 9);

const resourceGroup = new azure.core.ResourceGroup(`${prefix}-rg`, {
        location: azure.Locations.WestUS2,
    });

const resourceGroupArgs = {
    resourceGroupName: resourceGroup.name,
    location: resourceGroup.location,
};

// Storage Account name must be lowercase and cannot have any dash characters
const storageAccountName = `${prefix.toLowerCase().replace(/-/g, "")}sa`;
const storageAccount = new azure.storage.Account(storageAccountName, {
    ...resourceGroupArgs,

    accountKind: "StorageV2",
    accountTier: "Standard",
    accountReplicationType: "LRS",

//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

import * as azure from "@pulumi/azure";
import * as docker from "@pulumi/docker";
import * as k8s from "@pulumi/kubernetes";
import * as kx from "@pulumi/kubernetesx";
import * as pulumi from "@pulumi/pulumi";
import { config } from "./config";

// Create an Azure Resource Group
const resourceGroup = new azure.core.ResourceGroup("samples");

// Create a registry in ACR.
const registry = new azure.containerservice.Registry("myregistry", {
    resourceGroupName: resourceGroup.name,
    sku: "Basic",
    adminEnabled: true,
});

// Build a Docker image from a local Dockerfile context in the
// './node-app' directory, and push it to the registry.
const customImage = "node-app";
const appImage = new docker.Image(customImage, {
    imageName: pulumi.interpolate`${registry.loginServer}/${customImage}:v1.0.0`,
    build: {
        context: `./${customImage}`,
    },

// Copyright 2016-2019, Pulumi Corporation.  All rights reserved.

import * as azure from "@pulumi/azure";
import * as pulumi from "@pulumi/pulumi";
import * as random from "@pulumi/random";

// Create a resource group
const resourceGroup = new azure.core.ResourceGroup("resourceGroup");

// Create a storage account for Blobs
const storageAccount = new azure.storage.Account("storage", {
    resourceGroupName: resourceGroup.name,
    accountReplicationType: "LRS",
    accountTier: "Standard",
});

// The container to put our files into
const storageContainer = new azure.storage.Container("files", {
    storageAccountName: storageAccount.name,
    containerAccessType: "private",
});

// Azure SQL Server that we want to access from the application
const administratorLoginPassword = new random.RandomPassword("password", { length: 16, special: true }).result;

// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

import * as azure from "@pulumi/azure";
import * as config from "./config";

let resourceGroup = new azure.core.ResourceGroup(config.name, { location: config.location });

// Create the AD service principal for the K8s cluster.
let adApp = new azure.ad.Application(`${config.name}-app`);
let adSp = new azure.ad.ServicePrincipal(`${config.name}-sp`, {
    applicationId: adApp.applicationId,
});
let adSpPassword = new azure.ad.ServicePrincipalPassword(`${config.name}-password`, {
    servicePrincipalId: adSp.id,
    value: config.password,
    endDate: "2099-01-01T00:00:00Z",
});

//
// Export required properties for downstream stacks.
//