How to use the @pulumi/azure.network function in @pulumi/azure
To help you get started, we’ve selected a few @pulumi/azure examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
pulumi / kubernetes-guides / azure / 02-managed-infra / index.ts View on Github 
import * as azure from "@pulumi/azure";
import * as pulumi from "@pulumi/pulumi";
import { config } from "./config";
const name = pulumi.getProject();
// Create a Virtual Network for the cluster
const vnet = new azure.network.VirtualNetwork(name, {
resourceGroupName: config.resourceGroupName,
addressSpaces: ["10.2.0.0/16"],
});
// Create a Subnet for the cluster
const subnet = new azure.network.Subnet(name, {
resourceGroupName: config.resourceGroupName,
virtualNetworkName: vnet.name,
addressPrefix: "10.2.1.0/24",
});
// Log and Monitoring workspace
const loganalytics = new azure.operationalinsights.AnalyticsWorkspace(name, {
resourceGroupName: config.resourceGroupName,
sku: "PerGB2018",
retentionInDays: 30,kubernetesVersion: "1.15.5",
roleBasedAccessControl: {enabled: true},
networkProfile: {
networkPlugin: "azure",
dnsServiceIp: "10.2.2.254",
serviceCidr: "10.2.2.0/24",
dockerBridgeCidr: "172.17.0.1/16",
},
}, {parent: this});
// Expose a K8s provider instance using our custom cluster instance.
this.provider = new k8s.Provider("aks", {
kubeconfig: this.cluster.kubeConfigRaw,
}, {parent: this});
this.staticAppIP = new azure.network.PublicIp("staticAppIP", {
resourceGroupName: this.cluster.nodeResourceGroup,
allocationMethod: "Static",
}, {parent: this}).ipAddress;
this.registerOutputs();
}
}// Copyright 2016-2019, Pulumi Corporation. All rights reserved.
import * as azure from "@pulumi/azure";
import * as pulumi from "@pulumi/pulumi";
// Get the desired username and password for our VM.
const config = new pulumi.Config();
const username = config.require("username");
const password = config.requireSecret("password");
// All resources will share a resource group.
const resourceGroupName = new azure.core.ResourceGroup("server-rg").name;
// Create a network and subnet for all VMs.
const network = new azure.network.VirtualNetwork("server-network", {
resourceGroupName,
addressSpaces: ["10.0.0.0/16"],
subnets: [{
name: "default",
addressPrefix: "10.0.1.0/24",
}],
});
// Now allocate a public IP and assign it to our NIC.
const publicIp = new azure.network.PublicIp("server-ip", {
resourceGroupName,
allocationMethod: "Dynamic",
});
const networkInterface = new azure.network.NetworkInterface("server-nic", {
resourceGroupName,constructor(name: string, args: WebServerArgs) {
super("ws-ts-azure-comp:webserver:WebServer", name);
// Allocate a public IP and assign it to our NIC.
this.publicIp = new azure.network.PublicIp(`${name}-ip`, {
resourceGroupName: args.resourceGroupName,
allocationMethod: "Dynamic",
}, { parent: this });
this.networkInterface = new azure.network.NetworkInterface(`${name}-nic`, {
resourceGroupName: args.resourceGroupName,
ipConfigurations: [{
name: "webserveripcfg",
subnetId: args.subnetId,
privateIpAddressAllocation: "Dynamic",
publicIpAddressId: this.publicIp.id,
}],
}, { parent: this });
// Now create the VM, using the resource group and NIC allocated above.
this.vm = new azure.compute.VirtualMachine(`${name}-vm`, {
resourceGroupName: args.resourceGroupName,
networkInterfaceIds: [this.networkInterface.id],
vmSize: args.vmSize || "Standard_A0",
deleteDataDisksOnTermination: true,
deleteOsDiskOnTermination: true,import * as azure from "@pulumi/azure";
import { PolicyPack, validateTypedResource } from "@pulumi/policy";
const policies = new PolicyPack("azure", {
policies: [
{
name: "discouraged-public-ip-address",
description: "Associating public IP addresses is discouraged.",
enforcementLevel: "advisory",
validateResource: validateTypedResource(azure.network.NetworkInterface, (ni, args, reportViolation) => {
const publicIpAssociations = ni.ipConfigurations.find(cfg => cfg.publicIpAddressId !== undefined);
if (publicIpAssociations !== undefined) {
reportViolation("Associating public IP addresses is discouraged.");
}
}),
},
{
name: "prohibited-public-internet",
description: "Inbound rules with public internet access are prohibited.",
enforcementLevel: "mandatory",
validateResource: validateTypedResource(azure.network.NetworkSecurityRule, (securityRule, args, reportViolation) => {
if (securityRule.sourceAddressPrefix === "*") {
reportViolation("Inbound rules with public internet access are prohibited.");
}
}),
},const adminUser = config.get("adminUser") || "azureuser";
const adminPassword = config.getSecret("adminPassword") || new random.RandomPassword("pwd", {
length: 20,
special: true,
}).result;
const domain = config.get("domain") || new random.RandomString("domain", {
length: 10,
number: false,
special: false,
upper: false,
}).result;
const applicationPort = config.getNumber("applicationPort") || 80;
const resourceGroup = new azure.core.ResourceGroup("vmss-rg");
const publicIp = new azure.network.PublicIp("public-ip", {
resourceGroupName: resourceGroup.name,
allocationMethod: "Static",
domainNameLabel: domain,
});
const loadBalancer = new azure.lb.LoadBalancer("lb", {
resourceGroupName: resourceGroup.name,
frontendIpConfigurations: [{
name: "PublicIPAddress",
publicIpAddressId: publicIp.id,
}],
});
const bpepool = new azure.lb.BackendAddressPool("bpepool", {
resourceGroupName: resourceGroup.name,
loadbalancerId: loadBalancer.id,{
name: "discouraged-public-ip-address",
description: "Associating public IP addresses is discouraged.",
enforcementLevel: "advisory",
validateResource: validateTypedResource(azure.network.NetworkInterface, (ni, args, reportViolation) => {
const publicIpAssociations = ni.ipConfigurations.find(cfg => cfg.publicIpAddressId !== undefined);
if (publicIpAssociations !== undefined) {
reportViolation("Associating public IP addresses is discouraged.");
}
}),
},
{
name: "prohibited-public-internet",
description: "Inbound rules with public internet access are prohibited.",
enforcementLevel: "mandatory",
validateResource: validateTypedResource(azure.network.NetworkSecurityRule, (securityRule, args, reportViolation) => {
if (securityRule.sourceAddressPrefix === "*") {
reportViolation("Inbound rules with public internet access are prohibited.");
}
}),
},
{
name: "prohibited-iot",
description: "Use of IOT services is prohibited.",
enforcementLevel: "mandatory",
validateResource: (args, reportViolation) => {
if (args.type.startsWith("azure:iot")) {
reportViolation("Use of IOT services is prohibited.");
}
},
},
],resourceGroupName: resourceGroup.name,
backendAddressPoolId: bpepool.id,
backendPort: applicationPort,
frontendIpConfigurationName: "PublicIPAddress",
frontendPort: applicationPort,
loadbalancerId: loadBalancer.id,
probeId: sshProbe.id,
protocol: "Tcp",
});
const vnet = new azure.network.VirtualNetwork("vnet", {
resourceGroupName: resourceGroup.name,
addressSpaces: ["10.0.0.0/16"],
});
const subnet = new azure.network.Subnet("subnet", {
enforcePrivateLinkEndpointNetworkPolicies: false,
resourceGroupName: resourceGroup.name,
addressPrefix: "10.0.2.0/24",
virtualNetworkName: vnet.name,
});
const scaleSet = new azure.compute.ScaleSet("vmscaleset", {
resourceGroupName: resourceGroup.name,
networkProfiles: [{
ipConfigurations: [{
loadBalancerBackendAddressPoolIds: [bpepool.id],
name: "IPConfiguration",
primary: true,
subnetId: subnet.id,
}],
name: "networkprofile",backendAddressPoolId: bpepool.id,
backendPort: 80,
frontendIpConfigurationName: "PublicIPAddress",
frontendPort: 80,
loadbalancerId: loadBalancer.id,
probeId: probe.id,
protocol: "Tcp",
}, opts);
const vnet = new azure.network.VirtualNetwork(`vnet-${location}`, {
resourceGroupName: resourceGroup.name,
location,
addressSpaces: ["10.0.0.0/16"],
}, opts);
const subnet = new azure.network.Subnet(`subnet-${location}`, {
resourceGroupName: resourceGroup.name,
addressPrefix: "10.0.2.0/24",
virtualNetworkName: vnet.name,
}, opts);
const customData = pulumi.all([cosmosAccount.endpoint, cosmosAccount.primaryMasterKey, database.name, container.name])
.apply(([endpoint, key, databaseName, collectionName]) => {
const s = file.replace("${ENDPOINT}", endpoint)
.replace("${MASTER_KEY}", key)
.replace("${DATABASE}", databaseName)
.replace("${COLLECTION}", collectionName)
.replace("${LOCATION}", location);
return s;
});
const scaleSet = new azure.compute.ScaleSet(`vmss-${location}`, {return ready.apply(d =>
azure.network.getPublicIP({
name: d.name,
resourceGroupName: d.resourceGroupName,
}, { async: true }).then(ip => ip.ipAddress));
}@pulumi/azure
A Pulumi package for creating and managing Microsoft Azure cloud resources, based on the Terraform azurerm provider. We recommend using the [Azure Native provider](https://github.com/pulumi/pulumi-azure-native) to provision Azure infrastructure. Azure Nat
Package Health Score
87 / 100Popular @pulumi/azure functions
- @pulumi/azure.ad
- @pulumi/azure.apimanagement
- @pulumi/azure.appinsights
- @pulumi/azure.appservice
- @pulumi/azure.cdn
- @pulumi/azure.compute
- @pulumi/azure.config
- @pulumi/azure.containerservice
- @pulumi/azure.core
- @pulumi/azure.cosmosdb
- @pulumi/azure.eventhub
- @pulumi/azure.keyvault
- @pulumi/azure.lb
- @pulumi/azure.Locations
- @pulumi/azure.monitoring
- @pulumi/azure.network
- @pulumi/azure.role
- @pulumi/azure.sql
- @pulumi/azure.storage
- @pulumi/azure.trafficmanager