How to use the @pulumi/random.RandomPassword function in @pulumi/random
To help you get started, we’ve selected a few @pulumi/random examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
pulumi / examples / kubernetes-ts-multicloud / gke.ts View on Github 
constructor(name: string,
opts: pulumi.ComponentResourceOptions = {}) {
super("examples:kubernetes-ts-multicloud:GkeCluster", name, {}, opts);
// Find the latest engine version.
const engineVersion = gcp.container.getEngineVersions({}, { async: true }).then(v => v.latestMasterVersion);
// Generate a strong password for the Kubernetes cluster.
const password = new random.RandomPassword("password", {
length: 20,
special: true,
}, {parent: this}).result;
// Create the GKE cluster.
const k8sCluster = new gcp.container.Cluster("cluster", {
initialNodeCount: 2,
nodeVersion: engineVersion,
minMasterVersion: engineVersion,
masterAuth: {username: "example-user", password: password},
nodeConfig: {
machineType: "n1-standard-1",
oauthScopes: [
"https://www.googleapis.com/auth/compute",
"https://www.googleapis.com/auth/devstorage.read_only",
"https://www.googleapis.com/auth/logging.write",import * as k8s from "@pulumi/kubernetes";
import * as random from "@pulumi/random";
import { config } from "./config";
// Create a k8s Provider.
const provider = new k8s.Provider("provider", {
kubeconfig: config.kubeconfig,
namespace: config.appsNamespaceName,
});
// Create the DB secret for MariaDB, the backing storage for WordPress.
const mariadbSecret = new k8s.core.v1.Secret("mariadb", {
stringData: {
"mariadb-root-password": new random.RandomPassword("mariadb-root-pw", {
length: 12}).result,
"mariadb-password": new random.RandomPassword("mariadb-pw", {
length: 12}).result
}
}, { provider: provider });
// Create the DB Secret for the WordPress admin.
const wordpressSecret = new k8s.core.v1.Secret("wordpress", {
stringData: {
"wordpress-password": new random.RandomPassword("wordpress-pw", {
length: 12}).result,
}
}, { provider: provider });
// Create a ConfigMap of the MariaDB settings.
const mariadbCM = new k8s.core.v1.ConfigMap("mariadb", {
data: {
"my.cnf": `// Copyright 2016-2019, Pulumi Corporation. All rights reserved.
import * as azure from "@pulumi/azure";
import * as pulumi from "@pulumi/pulumi";
import * as random from "@pulumi/random";
const config = new pulumi.Config();
const adminUser = config.get("adminUser") || "azureuser";
const adminPassword = config.getSecret("adminPassword") || new random.RandomPassword("pwd", {
length: 20,
special: true,
}).result;
const domain = config.get("domain") || new random.RandomString("domain", {
length: 10,
number: false,
special: false,
upper: false,
}).result;
const applicationPort = config.getNumber("applicationPort") || 80;
const resourceGroup = new azure.core.ResourceGroup("vmss-rg");
const publicIp = new azure.network.PublicIp("public-ip", {
resourceGroupName: resourceGroup.name,
allocationMethod: "Static",constructor(name: string,
opts: pulumi.ComponentResourceOptions = {}) {
super("examples:kubernetes-ts-multicloud:AksCluster", name, {}, opts);
// Generate a strong password for the Service Principal.
const password = new random.RandomPassword("password", {
length: 20,
special: true,
}, {parent: this}).result;
// Create an SSH public key that will be used by the Kubernetes cluster.
// Note: We create one here to simplify the demo, but a production deployment would probably pass
// an existing key in as a variable.
const sshPublicKey = new tls.PrivateKey("sshKey", {
algorithm: "RSA",
rsaBits: 4096,
}, {parent: this}).publicKeyOpenssh;
// Create the AD service principal for the K8s cluster.
const adApp = new azuread.Application("aks", undefined, {parent: this});
const adSp = new azuread.ServicePrincipal("aksSp", {
applicationId: adApp.applicationId,constructor(name: string,
args: AksClusterArgs,
opts: pulumi.ComponentResourceOptions = {}) {
super("examples:keda:AksCluster", name, args, opts);
const password = new random.RandomPassword("password", {
length: 20,
special: true,
}).result;
const sshPublicKey = new tls.PrivateKey("keda", {
algorithm: "RSA",
rsaBits: 4096,
}).publicKeyOpenssh;
// Create the AD service principal for the K8s cluster.
const adApp = new azuread.Application("aks", undefined, { parent: this });
const adSp = new azuread.ServicePrincipal("aksSp", { applicationId: adApp.applicationId }, { parent: this });
const adSpPassword = new azuread.ServicePrincipalPassword("aksSpPassword", {
servicePrincipalId: adSp.id,
value: password,
endDate: "2099-01-01T00:00:00Z",
}, { parent: this });// limitations under the License.
import * as k8s from "@pulumi/kubernetes";
import * as random from "@pulumi/random";
import { config } from "./config";
// Create a k8s Provider.
const provider = new k8s.Provider("provider", {
kubeconfig: config.kubeconfig,
namespace: config.appsNamespaceName,
});
// Create the DB secret for MariaDB, the backing storage for WordPress.
const mariadbSecret = new k8s.core.v1.Secret("mariadb", {
stringData: {
"mariadb-root-password": new random.RandomPassword("mariadb-root-pw", {
length: 12}).result,
"mariadb-password": new random.RandomPassword("mariadb-pw", {
length: 12}).result
}
}, { provider: provider });
// Create the DB Secret for the WordPress admin.
const wordpressSecret = new k8s.core.v1.Secret("wordpress", {
stringData: {
"wordpress-password": new random.RandomPassword("wordpress-pw", {
length: 12}).result,
}
}, { provider: provider });
// Create a ConfigMap of the MariaDB settings.
const mariadbCM = new k8s.core.v1.ConfigMap("mariadb", {});
// Create the DB secret for MariaDB, the backing storage for WordPress.
const mariadbSecret = new k8s.core.v1.Secret("mariadb", {
stringData: {
"mariadb-root-password": new random.RandomPassword("mariadb-root-pw", {
length: 12}).result,
"mariadb-password": new random.RandomPassword("mariadb-pw", {
length: 12}).result
}
}, { provider: provider });
// Create the DB Secret for the WordPress admin.
const wordpressSecret = new k8s.core.v1.Secret("wordpress", {
stringData: {
"wordpress-password": new random.RandomPassword("wordpress-pw", {
length: 12}).result,
}
}, { provider: provider });
// Create a ConfigMap of the MariaDB settings.
const mariadbCM = new k8s.core.v1.ConfigMap("mariadb", {
data: {
"my.cnf": `
[mysqld]
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mariadb
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
tmpdir=/opt/bitnami/mariadb/tmp
max_allowed_packet=16Mimport * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";
import * as random from "@pulumi/random";
import { config } from "./config";
const name = pulumi.getProject();
export const adminsIamServiceAccountSecret = config.adminsIamServiceAccountSecret;
export const devsIamServiceAccountSecret = config.devsIamServiceAccountSecret;
// Generate a strong password for the cluster.
const password = new random.RandomPassword(`${name}-password`, {
length: 20,
}).result;
// Create the GKE cluster.
const cluster = new gcp.container.Cluster(`${name}`, {
// We can't create a cluster with no node pool defined, but we want to only use
// separately managed node pools. So we create the smallest possible default
// node pool and immediately delete it.
removeDefaultNodePool: true,
initialNodeCount: 1,
podSecurityPolicyConfig: { enabled: true },
network: config.networkName,
subnetwork: config.subnetworkName,
minMasterVersion: "1.14.7-gke.17",
masterAuth: { username: "example-user", password: password },
});import * as aws from "@pulumi/aws";
import * as k8s from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";
import * as random from "@pulumi/random";
import { config } from "./config";
const projectName = pulumi.getProject();
const privateSubnetIds = config.privateSubnetIds;
const securityGroupIds = config.securityGroupIds;
const clusterName = config.clusterName;
// Generate a strong password for the Postgres DB.
const password = new random.RandomPassword(`${projectName}-password`, {
length: 16,
overrideSpecial: "_%@",
special: true,
}).result;
// Create a Postgres DB instance of RDS.
const dbSubnets = new aws.rds.SubnetGroup(`${projectName}-subnets`, {
subnetIds: privateSubnetIds
});
const db = new aws.rds.Instance("postgresdb", {
engine: "postgres",
instanceClass: "db.t2.micro",
allocatedStorage: 20,
dbSubnetGroupName: dbSubnets.id,
vpcSecurityGroupIds: securityGroupIds,
name: "testdb",const config = new Config();
// nodeCount is the number of cluster nodes to provision. Defaults to 3 if unspecified.
export const nodeCount = config.getNumber("nodeCount") || 3;
// nodeMachineType is the machine type to use for cluster nodes. Defaults to n1-standard-1 if unspecified.
// See https://cloud.google.com/compute/docs/machine-types for more details on available machine types.
export const nodeMachineType = config.get("nodeMachineType") || "n1-standard-1";
// username is the admin username for the cluster.
export const username = config.get("username") || "admin";
// password is the password for the admin user in the cluster.
// If a password is not set, a strong random password will be generated.
export const password = config.get("password") || new random.RandomPassword(
"password", { length: 20, special: true }).result;
// GKE master version
// Default to the latest available version.
export const masterVersion = config.get("masterVersion") || gcp.container.getEngineVersions().latestMasterVersion;@pulumi/random
A Pulumi package to safely use randomness in Pulumi programs.
