diff --git a/examples/go.mod b/examples/go.mod index 8fc9450ebd..04b62a1619 100644 --- a/examples/go.mod +++ b/examples/go.mod @@ -5,7 +5,7 @@ go 1.21 replace github.com/hashicorp/vault => github.com/hashicorp/vault v1.2.0 require ( - github.com/pulumi/pulumi/pkg/v3 v3.101.1 + github.com/pulumi/pulumi/pkg/v3 v3.103.1 github.com/stretchr/testify v1.8.4 ) @@ -143,7 +143,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect github.com/pulumi/esc v0.6.2 // indirect - github.com/pulumi/pulumi/sdk/v3 v3.101.1 // indirect + github.com/pulumi/pulumi/sdk/v3 v3.103.1 // indirect github.com/rivo/uniseg v0.4.4 // indirect github.com/rogpeppe/go-internal v1.11.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect diff --git a/examples/go.sum b/examples/go.sum index d0440ec20c..cc57739221 100644 --- a/examples/go.sum +++ b/examples/go.sum @@ -1459,10 +1459,10 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.6.2 h1:+z+l8cuwIauLSwXQS0uoI3rqB+YG4SzsZYtHfNoXBvw= github.com/pulumi/esc v0.6.2/go.mod h1:jNnYNjzsOgVTjCp0LL24NsCk8ZJxq4IoLQdCT0X7l8k= -github.com/pulumi/pulumi/pkg/v3 v3.101.1 h1:6+fm+wIE4A7sF93nl9t8MwoaBXjjHgFwk/8LCAJXI/s= -github.com/pulumi/pulumi/pkg/v3 v3.101.1/go.mod h1:zh7NVOEB/ncG51l1+EwlR0pQVLB7RSkzMamFMGcadH0= -github.com/pulumi/pulumi/sdk/v3 v3.101.1 h1:jBUGbLZjfeQkpheacnqXbuw/zSJEq11Gmond2EENkwQ= -github.com/pulumi/pulumi/sdk/v3 v3.101.1/go.mod h1:SB8P0BEGBRaONBxwoTjUFhGPLU5P3+MHF6/tGitlHOM= +github.com/pulumi/pulumi/pkg/v3 v3.103.1 h1:sxacPM2TyDSCufZkescZGnMR22t+REu9nhv68u9rLQ8= +github.com/pulumi/pulumi/pkg/v3 v3.103.1/go.mod h1:AotODpuSfN4XommpmMifBExNmucrnH84cbEhVOeqEQM= +github.com/pulumi/pulumi/sdk/v3 v3.103.1 h1:6o0zt5srgIjDsOI5JWNSwMqoB8vGiI3xow0RDZ3JX2c= +github.com/pulumi/pulumi/sdk/v3 v3.103.1/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= github.com/rakyll/embedmd v0.0.0-20171029212350-c8060a0752a2/go.mod h1:7jOTMgqac46PZcF54q6l2hkLEG8op93fZu61KmxWDV4= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= diff --git a/provider/cmd/pulumi-resource-azure/schema.json b/provider/cmd/pulumi-resource-azure/schema.json index 9f3b21bf3b..0f0834dce8 100644 --- a/provider/cmd/pulumi-resource-azure/schema.json +++ b/provider/cmd/pulumi-resource-azure/schema.json @@ -13982,7 +13982,8 @@ "description": "Should WebSockets be enabled?\n" }, "windowsFxVersion": { - "type": "string" + "type": "string", + "description": "The Windows Docker container image (`DOCKER|\u003cuser/image:tag\u003e`)\n\nAdditional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository.\n" } }, "type": "object", @@ -37665,7 +37666,8 @@ "description": "Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`.\n\n\u003e **NOTE:** If the `patch_assessment_mode` is set to `AutomaticByPlatform` then the `provision_vm_agent` field must be set to `true`.\n" }, "patchMode": { - "type": "string" + "type": "string", + "description": "Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes).\n\n\u003e **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository.\n" }, "provisionVmAgent": { "type": "boolean", @@ -37765,7 +37767,8 @@ "description": "Are automatic updates enabled for this Virtual Machine? Defaults to `true`.\n" }, "hotpatchingEnabled": { - "type": "boolean" + "type": "boolean", + "description": "Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch).\n\n\u003e **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository.\n" }, "patchAssessmentMode": { "type": "string", @@ -80750,7 +80753,8 @@ "description": "Resource ID of the primary volume.\n" }, "replicationFrequency": { - "type": "string" + "type": "string", + "description": "Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive.\n\nA full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository\n\n\u003e **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported.\n" } }, "type": "object", @@ -80763,7 +80767,8 @@ "azure:netapp/VolumeDataProtectionSnapshotPolicy:VolumeDataProtectionSnapshotPolicy": { "properties": { "snapshotPolicyId": { - "type": "string" + "type": "string", + "description": "Resource ID of the snapshot policy to apply to the volume.\n\nA full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository\n\n\u003e **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown.\n" } }, "type": "object", @@ -83234,7 +83239,8 @@ "description": "The private IP address associated with the Firewall.\n" }, "publicIpAddressId": { - "type": "string" + "type": "string", + "description": "The ID of the Public IP Address associated with the firewall.\n\n\u003e **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified.\n\n\u003e **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy\n\n\u003e **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU.\n" }, "subnetId": { "type": "string", @@ -113364,7 +113370,7 @@ } }, "azure:appservice/environmentV3:EnvironmentV3": { - "description": "\n\n\n## Import\n\nA 3rd Generation (v3) App Service Environment can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:appservice/environmentV3:EnvironmentV3 myAppServiceEnv /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Web/hostingEnvironments/myAppServiceEnv\n```\n\n ", + "description": "Manages a 3rd Generation (v3) App Service Environment.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\nThis example provisions an App Service Environment V3. Additional examples of how to use the `azure.appservice.EnvironmentV3` resource can be found in the `./examples/app-service-environment-v3` directory within the GitHub Repository.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleVirtualNetwork = new azure.network.VirtualNetwork(\"exampleVirtualNetwork\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n addressSpaces: [\"10.0.0.0/16\"],\n});\nconst exampleSubnet = new azure.network.Subnet(\"exampleSubnet\", {\n resourceGroupName: exampleResourceGroup.name,\n virtualNetworkName: exampleVirtualNetwork.name,\n addressPrefixes: [\"10.0.2.0/24\"],\n delegations: [{\n name: \"Microsoft.Web.hostingEnvironments\",\n serviceDelegation: {\n name: \"Microsoft.Web/hostingEnvironments\",\n actions: [\"Microsoft.Network/virtualNetworks/subnets/action\"],\n },\n }],\n});\nconst exampleEnvironmentV3 = new azure.appservice.EnvironmentV3(\"exampleEnvironmentV3\", {\n resourceGroupName: exampleResourceGroup.name,\n subnetId: exampleSubnet.id,\n internalLoadBalancingMode: \"Web, Publishing\",\n clusterSettings: [\n {\n name: \"DisableTls1.0\",\n value: \"1\",\n },\n {\n name: \"InternalEncryption\",\n value: \"true\",\n },\n {\n name: \"FrontEndSSLCipherSuiteOrder\",\n value: \"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\",\n },\n ],\n tags: {\n env: \"production\",\n terraformed: \"true\",\n },\n});\nconst exampleServicePlan = new azure.appservice.ServicePlan(\"exampleServicePlan\", {\n resourceGroupName: exampleResourceGroup.name,\n location: exampleResourceGroup.location,\n osType: \"Linux\",\n skuName: \"I1v2\",\n appServiceEnvironmentId: exampleEnvironmentV3.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_virtual_network = azure.network.VirtualNetwork(\"exampleVirtualNetwork\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n address_spaces=[\"10.0.0.0/16\"])\nexample_subnet = azure.network.Subnet(\"exampleSubnet\",\n resource_group_name=example_resource_group.name,\n virtual_network_name=example_virtual_network.name,\n address_prefixes=[\"10.0.2.0/24\"],\n delegations=[azure.network.SubnetDelegationArgs(\n name=\"Microsoft.Web.hostingEnvironments\",\n service_delegation=azure.network.SubnetDelegationServiceDelegationArgs(\n name=\"Microsoft.Web/hostingEnvironments\",\n actions=[\"Microsoft.Network/virtualNetworks/subnets/action\"],\n ),\n )])\nexample_environment_v3 = azure.appservice.EnvironmentV3(\"exampleEnvironmentV3\",\n resource_group_name=example_resource_group.name,\n subnet_id=example_subnet.id,\n internal_load_balancing_mode=\"Web, Publishing\",\n cluster_settings=[\n azure.appservice.EnvironmentV3ClusterSettingArgs(\n name=\"DisableTls1.0\",\n value=\"1\",\n ),\n azure.appservice.EnvironmentV3ClusterSettingArgs(\n name=\"InternalEncryption\",\n value=\"true\",\n ),\n azure.appservice.EnvironmentV3ClusterSettingArgs(\n name=\"FrontEndSSLCipherSuiteOrder\",\n value=\"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\",\n ),\n ],\n tags={\n \"env\": \"production\",\n \"terraformed\": \"true\",\n })\nexample_service_plan = azure.appservice.ServicePlan(\"exampleServicePlan\",\n resource_group_name=example_resource_group.name,\n location=example_resource_group.location,\n os_type=\"Linux\",\n sku_name=\"I1v2\",\n app_service_environment_id=example_environment_v3.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleVirtualNetwork = new Azure.Network.VirtualNetwork(\"exampleVirtualNetwork\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n AddressSpaces = new[]\n {\n \"10.0.0.0/16\",\n },\n });\n\n var exampleSubnet = new Azure.Network.Subnet(\"exampleSubnet\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n VirtualNetworkName = exampleVirtualNetwork.Name,\n AddressPrefixes = new[]\n {\n \"10.0.2.0/24\",\n },\n Delegations = new[]\n {\n new Azure.Network.Inputs.SubnetDelegationArgs\n {\n Name = \"Microsoft.Web.hostingEnvironments\",\n ServiceDelegation = new Azure.Network.Inputs.SubnetDelegationServiceDelegationArgs\n {\n Name = \"Microsoft.Web/hostingEnvironments\",\n Actions = new[]\n {\n \"Microsoft.Network/virtualNetworks/subnets/action\",\n },\n },\n },\n },\n });\n\n var exampleEnvironmentV3 = new Azure.AppService.EnvironmentV3(\"exampleEnvironmentV3\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n SubnetId = exampleSubnet.Id,\n InternalLoadBalancingMode = \"Web, Publishing\",\n ClusterSettings = new[]\n {\n new Azure.AppService.Inputs.EnvironmentV3ClusterSettingArgs\n {\n Name = \"DisableTls1.0\",\n Value = \"1\",\n },\n new Azure.AppService.Inputs.EnvironmentV3ClusterSettingArgs\n {\n Name = \"InternalEncryption\",\n Value = \"true\",\n },\n new Azure.AppService.Inputs.EnvironmentV3ClusterSettingArgs\n {\n Name = \"FrontEndSSLCipherSuiteOrder\",\n Value = \"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\",\n },\n },\n Tags = \n {\n { \"env\", \"production\" },\n { \"terraformed\", \"true\" },\n },\n });\n\n var exampleServicePlan = new Azure.AppService.ServicePlan(\"exampleServicePlan\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Location = exampleResourceGroup.Location,\n OsType = \"Linux\",\n SkuName = \"I1v2\",\n AppServiceEnvironmentId = exampleEnvironmentV3.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/appservice\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, \"exampleVirtualNetwork\", \u0026network.VirtualNetworkArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tAddressSpaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSubnet, err := network.NewSubnet(ctx, \"exampleSubnet\", \u0026network.SubnetArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tVirtualNetworkName: exampleVirtualNetwork.Name,\n\t\t\tAddressPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.2.0/24\"),\n\t\t\t},\n\t\t\tDelegations: network.SubnetDelegationArray{\n\t\t\t\t\u0026network.SubnetDelegationArgs{\n\t\t\t\t\tName: pulumi.String(\"Microsoft.Web.hostingEnvironments\"),\n\t\t\t\t\tServiceDelegation: \u0026network.SubnetDelegationServiceDelegationArgs{\n\t\t\t\t\t\tName: pulumi.String(\"Microsoft.Web/hostingEnvironments\"),\n\t\t\t\t\t\tActions: pulumi.StringArray{\n\t\t\t\t\t\t\tpulumi.String(\"Microsoft.Network/virtualNetworks/subnets/action\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleEnvironmentV3, err := appservice.NewEnvironmentV3(ctx, \"exampleEnvironmentV3\", \u0026appservice.EnvironmentV3Args{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tSubnetId: exampleSubnet.ID(),\n\t\t\tInternalLoadBalancingMode: pulumi.String(\"Web, Publishing\"),\n\t\t\tClusterSettings: appservice.EnvironmentV3ClusterSettingArray{\n\t\t\t\t\u0026appservice.EnvironmentV3ClusterSettingArgs{\n\t\t\t\t\tName: pulumi.String(\"DisableTls1.0\"),\n\t\t\t\t\tValue: pulumi.String(\"1\"),\n\t\t\t\t},\n\t\t\t\t\u0026appservice.EnvironmentV3ClusterSettingArgs{\n\t\t\t\t\tName: pulumi.String(\"InternalEncryption\"),\n\t\t\t\t\tValue: pulumi.String(\"true\"),\n\t\t\t\t},\n\t\t\t\t\u0026appservice.EnvironmentV3ClusterSettingArgs{\n\t\t\t\t\tName: pulumi.String(\"FrontEndSSLCipherSuiteOrder\"),\n\t\t\t\t\tValue: pulumi.String(\"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"production\"),\n\t\t\t\t\"terraformed\": pulumi.String(\"true\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = appservice.NewServicePlan(ctx, \"exampleServicePlan\", \u0026appservice.ServicePlanArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tOsType: pulumi.String(\"Linux\"),\n\t\t\tSkuName: pulumi.String(\"I1v2\"),\n\t\t\tAppServiceEnvironmentId: exampleEnvironmentV3.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.network.VirtualNetwork;\nimport com.pulumi.azure.network.VirtualNetworkArgs;\nimport com.pulumi.azure.network.Subnet;\nimport com.pulumi.azure.network.SubnetArgs;\nimport com.pulumi.azure.network.inputs.SubnetDelegationArgs;\nimport com.pulumi.azure.network.inputs.SubnetDelegationServiceDelegationArgs;\nimport com.pulumi.azure.appservice.EnvironmentV3;\nimport com.pulumi.azure.appservice.EnvironmentV3Args;\nimport com.pulumi.azure.appservice.inputs.EnvironmentV3ClusterSettingArgs;\nimport com.pulumi.azure.appservice.ServicePlan;\nimport com.pulumi.azure.appservice.ServicePlanArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleVirtualNetwork = new VirtualNetwork(\"exampleVirtualNetwork\", VirtualNetworkArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .addressSpaces(\"10.0.0.0/16\")\n .build());\n\n var exampleSubnet = new Subnet(\"exampleSubnet\", SubnetArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .virtualNetworkName(exampleVirtualNetwork.name())\n .addressPrefixes(\"10.0.2.0/24\")\n .delegations(SubnetDelegationArgs.builder()\n .name(\"Microsoft.Web.hostingEnvironments\")\n .serviceDelegation(SubnetDelegationServiceDelegationArgs.builder()\n .name(\"Microsoft.Web/hostingEnvironments\")\n .actions(\"Microsoft.Network/virtualNetworks/subnets/action\")\n .build())\n .build())\n .build());\n\n var exampleEnvironmentV3 = new EnvironmentV3(\"exampleEnvironmentV3\", EnvironmentV3Args.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .subnetId(exampleSubnet.id())\n .internalLoadBalancingMode(\"Web, Publishing\")\n .clusterSettings( \n EnvironmentV3ClusterSettingArgs.builder()\n .name(\"DisableTls1.0\")\n .value(\"1\")\n .build(),\n EnvironmentV3ClusterSettingArgs.builder()\n .name(\"InternalEncryption\")\n .value(\"true\")\n .build(),\n EnvironmentV3ClusterSettingArgs.builder()\n .name(\"FrontEndSSLCipherSuiteOrder\")\n .value(\"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\")\n .build())\n .tags(Map.ofEntries(\n Map.entry(\"env\", \"production\"),\n Map.entry(\"terraformed\", \"true\")\n ))\n .build());\n\n var exampleServicePlan = new ServicePlan(\"exampleServicePlan\", ServicePlanArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .location(exampleResourceGroup.location())\n .osType(\"Linux\")\n .skuName(\"I1v2\")\n .appServiceEnvironmentId(exampleEnvironmentV3.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleVirtualNetwork:\n type: azure:network:VirtualNetwork\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n addressSpaces:\n - 10.0.0.0/16\n exampleSubnet:\n type: azure:network:Subnet\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n virtualNetworkName: ${exampleVirtualNetwork.name}\n addressPrefixes:\n - 10.0.2.0/24\n delegations:\n - name: Microsoft.Web.hostingEnvironments\n serviceDelegation:\n name: Microsoft.Web/hostingEnvironments\n actions:\n - Microsoft.Network/virtualNetworks/subnets/action\n exampleEnvironmentV3:\n type: azure:appservice:EnvironmentV3\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n subnetId: ${exampleSubnet.id}\n internalLoadBalancingMode: Web, Publishing\n clusterSettings:\n - name: DisableTls1.0\n value: '1'\n - name: InternalEncryption\n value: 'true'\n - name: FrontEndSSLCipherSuiteOrder\n value: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256\n tags:\n env: production\n terraformed: 'true'\n exampleServicePlan:\n type: azure:appservice:ServicePlan\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n location: ${exampleResourceGroup.location}\n osType: Linux\n skuName: I1v2\n appServiceEnvironmentId: ${exampleEnvironmentV3.id}\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nA 3rd Generation (v3) App Service Environment can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:appservice/environmentV3:EnvironmentV3 myAppServiceEnv /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Web/hostingEnvironments/myAppServiceEnv\n```\n\n ", "properties": { "allowNewPrivateEndpointConnections": { "type": "boolean", @@ -121253,7 +121259,7 @@ } }, "azure:arckubernetes/cluster:Cluster": { - "description": "\n\n\n## Import\n\nArc Kubernetes Cluster can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:arckubernetes/cluster:Cluster example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1/providers/Microsoft.Kubernetes/connectedClusters/cluster1\n```\n\n ", + "description": "Manages an Arc Kubernetes Cluster.\n\n\u003e **Note:** Installing and configuring the Azure Arc Agent on your Kubernetes Cluster to establish connectivity is outside the scope of this document. For more details refer to [Deploy agents to your cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/conceptual-agent-overview#deploy-agents-to-your-cluster) and [Connect an existing Kubernetes Cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/quickstart-connect-cluster?tabs=azure-cli#connect-an-existing-kubernetes-cluster). If you encounter issues connecting your Kubernetes Cluster to Azure Arc, we'd recommend opening a ticket with Microsoft Support.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\nimport * as fs from \"fs\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleCluster = new azure.arckubernetes.Cluster(\"exampleCluster\", {\n resourceGroupName: exampleResourceGroup.name,\n location: \"West Europe\",\n agentPublicKeyCertificate: Buffer.from(fs.readFileSync(\"testdata/public.cer\", 'binary')).toString('base64'),\n identity: {\n type: \"SystemAssigned\",\n },\n tags: {\n ENV: \"Test\",\n },\n});\n```\n```python\nimport pulumi\nimport base64\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_cluster = azure.arckubernetes.Cluster(\"exampleCluster\",\n resource_group_name=example_resource_group.name,\n location=\"West Europe\",\n agent_public_key_certificate=(lambda path: base64.b64encode(open(path).read().encode()).decode())(\"testdata/public.cer\"),\n identity=azure.arckubernetes.ClusterIdentityArgs(\n type=\"SystemAssigned\",\n ),\n tags={\n \"ENV\": \"Test\",\n })\n```\n```csharp\nusing System;\nusing System.Collections.Generic;\nusing System.IO;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\n\t\nstring ReadFileBase64(string path) \n{\n return Convert.ToBase64String(Encoding.UTF8.GetBytes(File.ReadAllText(path)));\n}\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleCluster = new Azure.ArcKubernetes.Cluster(\"exampleCluster\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Location = \"West Europe\",\n AgentPublicKeyCertificate = ReadFileBase64(\"testdata/public.cer\"),\n Identity = new Azure.ArcKubernetes.Inputs.ClusterIdentityArgs\n {\n Type = \"SystemAssigned\",\n },\n Tags = \n {\n { \"ENV\", \"Test\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"encoding/base64\"\n\t\"os\"\n\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/arckubernetes\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc filebase64OrPanic(path string) string {\n\tif fileData, err := os.ReadFile(path); err == nil {\n\t\treturn base64.StdEncoding.EncodeToString(fileData[:])\n\t} else {\n\t\tpanic(err.Error())\n\t}\n}\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = arckubernetes.NewCluster(ctx, \"exampleCluster\", \u0026arckubernetes.ClusterArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t\tAgentPublicKeyCertificate: filebase64OrPanic(\"testdata/public.cer\"),\n\t\t\tIdentity: \u0026arckubernetes.ClusterIdentityArgs{\n\t\t\t\tType: pulumi.String(\"SystemAssigned\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"ENV\": pulumi.String(\"Test\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.arckubernetes.Cluster;\nimport com.pulumi.azure.arckubernetes.ClusterArgs;\nimport com.pulumi.azure.arckubernetes.inputs.ClusterIdentityArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleCluster = new Cluster(\"exampleCluster\", ClusterArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .location(\"West Europe\")\n .agentPublicKeyCertificate(Base64.getEncoder().encodeToString(Files.readAllBytes(Paths.get(\"testdata/public.cer\"))))\n .identity(ClusterIdentityArgs.builder()\n .type(\"SystemAssigned\")\n .build())\n .tags(Map.of(\"ENV\", \"Test\"))\n .build());\n\n }\n}\n```\n\n\u003e **Note:** An extensive example on connecting the `azure.arckubernetes.Cluster` to an external kubernetes cluster can be found in the `./examples/arckubernetes` directory within the GitHub Repository.\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nArc Kubernetes Cluster can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:arckubernetes/cluster:Cluster example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1/providers/Microsoft.Kubernetes/connectedClusters/cluster1\n```\n\n ", "properties": { "agentPublicKeyCertificate": { "type": "string", @@ -131195,7 +131201,7 @@ } }, "azure:cdn/endpoint:Endpoint": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleProfile = new azure.cdn.Profile(\"exampleProfile\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n sku: \"Standard_Verizon\",\n});\nconst exampleEndpoint = new azure.cdn.Endpoint(\"exampleEndpoint\", {\n profileName: exampleProfile.name,\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n origins: [{\n name: \"example\",\n hostName: \"www.contoso.com\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_profile = azure.cdn.Profile(\"exampleProfile\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n sku=\"Standard_Verizon\")\nexample_endpoint = azure.cdn.Endpoint(\"exampleEndpoint\",\n profile_name=example_profile.name,\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n origins=[azure.cdn.EndpointOriginArgs(\n name=\"example\",\n host_name=\"www.contoso.com\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleProfile = new Azure.Cdn.Profile(\"exampleProfile\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n Sku = \"Standard_Verizon\",\n });\n\n var exampleEndpoint = new Azure.Cdn.Endpoint(\"exampleEndpoint\", new()\n {\n ProfileName = exampleProfile.Name,\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n Origins = new[]\n {\n new Azure.Cdn.Inputs.EndpointOriginArgs\n {\n Name = \"example\",\n HostName = \"www.contoso.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleProfile, err := cdn.NewProfile(ctx, \"exampleProfile\", \u0026cdn.ProfileArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tSku: pulumi.String(\"Standard_Verizon\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cdn.NewEndpoint(ctx, \"exampleEndpoint\", \u0026cdn.EndpointArgs{\n\t\t\tProfileName: exampleProfile.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tOrigins: cdn.EndpointOriginArray{\n\t\t\t\t\u0026cdn.EndpointOriginArgs{\n\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t\tHostName: pulumi.String(\"www.contoso.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.cdn.Profile;\nimport com.pulumi.azure.cdn.ProfileArgs;\nimport com.pulumi.azure.cdn.Endpoint;\nimport com.pulumi.azure.cdn.EndpointArgs;\nimport com.pulumi.azure.cdn.inputs.EndpointOriginArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleProfile = new Profile(\"exampleProfile\", ProfileArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .sku(\"Standard_Verizon\")\n .build());\n\n var exampleEndpoint = new Endpoint(\"exampleEndpoint\", EndpointArgs.builder() \n .profileName(exampleProfile.name())\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .origins(EndpointOriginArgs.builder()\n .name(\"example\")\n .hostName(\"www.contoso.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleProfile:\n type: azure:cdn:Profile\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n sku: Standard_Verizon\n exampleEndpoint:\n type: azure:cdn:Endpoint\n properties:\n profileName: ${exampleProfile.name}\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n origins:\n - name: example\n hostName: www.contoso.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nCDN Endpoints can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:cdn/endpoint:Endpoint example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Cdn/profiles/myprofile1/endpoints/myendpoint1\n```\n\n ", + "description": "A CDN Endpoint is the entity within a CDN Profile containing configuration information regarding caching behaviours and origins. The CDN Endpoint is exposed using the URL format `\u003cendpointname\u003e.azureedge.net`.\n\n!\u003e **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleProfile = new azure.cdn.Profile(\"exampleProfile\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n sku: \"Standard_Verizon\",\n});\nconst exampleEndpoint = new azure.cdn.Endpoint(\"exampleEndpoint\", {\n profileName: exampleProfile.name,\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n origins: [{\n name: \"example\",\n hostName: \"www.contoso.com\",\n }],\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_profile = azure.cdn.Profile(\"exampleProfile\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n sku=\"Standard_Verizon\")\nexample_endpoint = azure.cdn.Endpoint(\"exampleEndpoint\",\n profile_name=example_profile.name,\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n origins=[azure.cdn.EndpointOriginArgs(\n name=\"example\",\n host_name=\"www.contoso.com\",\n )])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleProfile = new Azure.Cdn.Profile(\"exampleProfile\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n Sku = \"Standard_Verizon\",\n });\n\n var exampleEndpoint = new Azure.Cdn.Endpoint(\"exampleEndpoint\", new()\n {\n ProfileName = exampleProfile.Name,\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n Origins = new[]\n {\n new Azure.Cdn.Inputs.EndpointOriginArgs\n {\n Name = \"example\",\n HostName = \"www.contoso.com\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleProfile, err := cdn.NewProfile(ctx, \"exampleProfile\", \u0026cdn.ProfileArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tSku: pulumi.String(\"Standard_Verizon\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cdn.NewEndpoint(ctx, \"exampleEndpoint\", \u0026cdn.EndpointArgs{\n\t\t\tProfileName: exampleProfile.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tOrigins: cdn.EndpointOriginArray{\n\t\t\t\t\u0026cdn.EndpointOriginArgs{\n\t\t\t\t\tName: pulumi.String(\"example\"),\n\t\t\t\t\tHostName: pulumi.String(\"www.contoso.com\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.cdn.Profile;\nimport com.pulumi.azure.cdn.ProfileArgs;\nimport com.pulumi.azure.cdn.Endpoint;\nimport com.pulumi.azure.cdn.EndpointArgs;\nimport com.pulumi.azure.cdn.inputs.EndpointOriginArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleProfile = new Profile(\"exampleProfile\", ProfileArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .sku(\"Standard_Verizon\")\n .build());\n\n var exampleEndpoint = new Endpoint(\"exampleEndpoint\", EndpointArgs.builder() \n .profileName(exampleProfile.name())\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .origins(EndpointOriginArgs.builder()\n .name(\"example\")\n .hostName(\"www.contoso.com\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleProfile:\n type: azure:cdn:Profile\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n sku: Standard_Verizon\n exampleEndpoint:\n type: azure:cdn:Endpoint\n properties:\n profileName: ${exampleProfile.name}\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n origins:\n - name: example\n hostName: www.contoso.com\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nCDN Endpoints can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:cdn/endpoint:Endpoint example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Cdn/profiles/myprofile1/endpoints/myendpoint1\n```\n\n ", "properties": { "contentTypesToCompresses": { "type": "array", @@ -132066,7 +132072,7 @@ } }, "azure:cdn/frontdoorOrigin:FrontdoorOrigin": { - "description": "\n\n\n## Import\n\nFront Door Origins can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:cdn/frontdoorOrigin:FrontdoorOrigin example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1/providers/Microsoft.Cdn/profiles/profile1/originGroups/originGroup1/origins/origin1\n```\n\n ", + "description": "Manages a Front Door (standard/premium) Origin.\n\n!\u003e**IMPORTANT:** If you are attempting to implement an Origin that uses its own Private Link Service with a Load Balancer the Profile resource in your configuration file **must** have a `depends_on` meta-argument which references the `azure.privatedns.LinkService`, see `Example Usage With Private Link Service` below.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleFrontdoorProfile = new azure.cdn.FrontdoorProfile(\"exampleFrontdoorProfile\", {\n resourceGroupName: exampleResourceGroup.name,\n skuName: \"Premium_AzureFrontDoor\",\n});\nconst exampleFrontdoorOriginGroup = new azure.cdn.FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\", {\n cdnFrontdoorProfileId: exampleFrontdoorProfile.id,\n loadBalancing: {},\n});\nconst exampleFrontdoorOrigin = new azure.cdn.FrontdoorOrigin(\"exampleFrontdoorOrigin\", {\n cdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.id,\n enabled: true,\n certificateNameCheckEnabled: false,\n hostName: \"contoso.com\",\n httpPort: 80,\n httpsPort: 443,\n originHostHeader: \"www.contoso.com\",\n priority: 1,\n weight: 1,\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_frontdoor_profile = azure.cdn.FrontdoorProfile(\"exampleFrontdoorProfile\",\n resource_group_name=example_resource_group.name,\n sku_name=\"Premium_AzureFrontDoor\")\nexample_frontdoor_origin_group = azure.cdn.FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\",\n cdn_frontdoor_profile_id=example_frontdoor_profile.id,\n load_balancing=azure.cdn.FrontdoorOriginGroupLoadBalancingArgs())\nexample_frontdoor_origin = azure.cdn.FrontdoorOrigin(\"exampleFrontdoorOrigin\",\n cdn_frontdoor_origin_group_id=example_frontdoor_origin_group.id,\n enabled=True,\n certificate_name_check_enabled=False,\n host_name=\"contoso.com\",\n http_port=80,\n https_port=443,\n origin_host_header=\"www.contoso.com\",\n priority=1,\n weight=1)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleFrontdoorProfile = new Azure.Cdn.FrontdoorProfile(\"exampleFrontdoorProfile\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n SkuName = \"Premium_AzureFrontDoor\",\n });\n\n var exampleFrontdoorOriginGroup = new Azure.Cdn.FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\", new()\n {\n CdnFrontdoorProfileId = exampleFrontdoorProfile.Id,\n LoadBalancing = null,\n });\n\n var exampleFrontdoorOrigin = new Azure.Cdn.FrontdoorOrigin(\"exampleFrontdoorOrigin\", new()\n {\n CdnFrontdoorOriginGroupId = exampleFrontdoorOriginGroup.Id,\n Enabled = true,\n CertificateNameCheckEnabled = false,\n HostName = \"contoso.com\",\n HttpPort = 80,\n HttpsPort = 443,\n OriginHostHeader = \"www.contoso.com\",\n Priority = 1,\n Weight = 1,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFrontdoorProfile, err := cdn.NewFrontdoorProfile(ctx, \"exampleFrontdoorProfile\", \u0026cdn.FrontdoorProfileArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tSkuName: pulumi.String(\"Premium_AzureFrontDoor\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFrontdoorOriginGroup, err := cdn.NewFrontdoorOriginGroup(ctx, \"exampleFrontdoorOriginGroup\", \u0026cdn.FrontdoorOriginGroupArgs{\n\t\t\tCdnFrontdoorProfileId: exampleFrontdoorProfile.ID(),\n\t\t\tLoadBalancing: nil,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cdn.NewFrontdoorOrigin(ctx, \"exampleFrontdoorOrigin\", \u0026cdn.FrontdoorOriginArgs{\n\t\t\tCdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.ID(),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tCertificateNameCheckEnabled: pulumi.Bool(false),\n\t\t\tHostName: pulumi.String(\"contoso.com\"),\n\t\t\tHttpPort: pulumi.Int(80),\n\t\t\tHttpsPort: pulumi.Int(443),\n\t\t\tOriginHostHeader: pulumi.String(\"www.contoso.com\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tWeight: pulumi.Int(1),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.cdn.FrontdoorProfile;\nimport com.pulumi.azure.cdn.FrontdoorProfileArgs;\nimport com.pulumi.azure.cdn.FrontdoorOriginGroup;\nimport com.pulumi.azure.cdn.FrontdoorOriginGroupArgs;\nimport com.pulumi.azure.cdn.inputs.FrontdoorOriginGroupLoadBalancingArgs;\nimport com.pulumi.azure.cdn.FrontdoorOrigin;\nimport com.pulumi.azure.cdn.FrontdoorOriginArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleFrontdoorProfile = new FrontdoorProfile(\"exampleFrontdoorProfile\", FrontdoorProfileArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .skuName(\"Premium_AzureFrontDoor\")\n .build());\n\n var exampleFrontdoorOriginGroup = new FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\", FrontdoorOriginGroupArgs.builder() \n .cdnFrontdoorProfileId(exampleFrontdoorProfile.id())\n .loadBalancing()\n .build());\n\n var exampleFrontdoorOrigin = new FrontdoorOrigin(\"exampleFrontdoorOrigin\", FrontdoorOriginArgs.builder() \n .cdnFrontdoorOriginGroupId(exampleFrontdoorOriginGroup.id())\n .enabled(true)\n .certificateNameCheckEnabled(false)\n .hostName(\"contoso.com\")\n .httpPort(80)\n .httpsPort(443)\n .originHostHeader(\"www.contoso.com\")\n .priority(1)\n .weight(1)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleFrontdoorProfile:\n type: azure:cdn:FrontdoorProfile\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n skuName: Premium_AzureFrontDoor\n exampleFrontdoorOriginGroup:\n type: azure:cdn:FrontdoorOriginGroup\n properties:\n cdnFrontdoorProfileId: ${exampleFrontdoorProfile.id}\n loadBalancing: {}\n exampleFrontdoorOrigin:\n type: azure:cdn:FrontdoorOrigin\n properties:\n cdnFrontdoorOriginGroupId: ${exampleFrontdoorOriginGroup.id}\n enabled: true\n certificateNameCheckEnabled: false\n hostName: contoso.com\n httpPort: 80\n httpsPort: 443\n originHostHeader: www.contoso.com\n priority: 1\n weight: 1\n```\n\n{{% /example %}}\n{{% example %}}\n### With Private Link\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleAccount = new azure.storage.Account(\"exampleAccount\", {\n resourceGroupName: exampleResourceGroup.name,\n location: exampleResourceGroup.location,\n accountTier: \"Premium\",\n accountReplicationType: \"LRS\",\n allowNestedItemsToBePublic: false,\n networkRules: {\n defaultAction: \"Deny\",\n },\n tags: {\n environment: \"Example\",\n },\n});\nconst exampleFrontdoorProfile = new azure.cdn.FrontdoorProfile(\"exampleFrontdoorProfile\", {\n resourceGroupName: exampleResourceGroup.name,\n skuName: \"Premium_AzureFrontDoor\",\n});\nconst exampleFrontdoorOriginGroup = new azure.cdn.FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\", {\n cdnFrontdoorProfileId: exampleFrontdoorProfile.id,\n loadBalancing: {},\n});\nconst exampleFrontdoorOrigin = new azure.cdn.FrontdoorOrigin(\"exampleFrontdoorOrigin\", {\n cdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.id,\n enabled: true,\n certificateNameCheckEnabled: true,\n hostName: exampleAccount.primaryBlobHost,\n originHostHeader: exampleAccount.primaryBlobHost,\n priority: 1,\n weight: 500,\n privateLink: {\n requestMessage: \"Request access for Private Link Origin CDN Frontdoor\",\n targetType: \"blob\",\n location: exampleAccount.location,\n privateLinkTargetId: exampleAccount.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_account = azure.storage.Account(\"exampleAccount\",\n resource_group_name=example_resource_group.name,\n location=example_resource_group.location,\n account_tier=\"Premium\",\n account_replication_type=\"LRS\",\n allow_nested_items_to_be_public=False,\n network_rules=azure.storage.AccountNetworkRulesArgs(\n default_action=\"Deny\",\n ),\n tags={\n \"environment\": \"Example\",\n })\nexample_frontdoor_profile = azure.cdn.FrontdoorProfile(\"exampleFrontdoorProfile\",\n resource_group_name=example_resource_group.name,\n sku_name=\"Premium_AzureFrontDoor\")\nexample_frontdoor_origin_group = azure.cdn.FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\",\n cdn_frontdoor_profile_id=example_frontdoor_profile.id,\n load_balancing=azure.cdn.FrontdoorOriginGroupLoadBalancingArgs())\nexample_frontdoor_origin = azure.cdn.FrontdoorOrigin(\"exampleFrontdoorOrigin\",\n cdn_frontdoor_origin_group_id=example_frontdoor_origin_group.id,\n enabled=True,\n certificate_name_check_enabled=True,\n host_name=example_account.primary_blob_host,\n origin_host_header=example_account.primary_blob_host,\n priority=1,\n weight=500,\n private_link=azure.cdn.FrontdoorOriginPrivateLinkArgs(\n request_message=\"Request access for Private Link Origin CDN Frontdoor\",\n target_type=\"blob\",\n location=example_account.location,\n private_link_target_id=example_account.id,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleAccount = new Azure.Storage.Account(\"exampleAccount\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Location = exampleResourceGroup.Location,\n AccountTier = \"Premium\",\n AccountReplicationType = \"LRS\",\n AllowNestedItemsToBePublic = false,\n NetworkRules = new Azure.Storage.Inputs.AccountNetworkRulesArgs\n {\n DefaultAction = \"Deny\",\n },\n Tags = \n {\n { \"environment\", \"Example\" },\n },\n });\n\n var exampleFrontdoorProfile = new Azure.Cdn.FrontdoorProfile(\"exampleFrontdoorProfile\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n SkuName = \"Premium_AzureFrontDoor\",\n });\n\n var exampleFrontdoorOriginGroup = new Azure.Cdn.FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\", new()\n {\n CdnFrontdoorProfileId = exampleFrontdoorProfile.Id,\n LoadBalancing = null,\n });\n\n var exampleFrontdoorOrigin = new Azure.Cdn.FrontdoorOrigin(\"exampleFrontdoorOrigin\", new()\n {\n CdnFrontdoorOriginGroupId = exampleFrontdoorOriginGroup.Id,\n Enabled = true,\n CertificateNameCheckEnabled = true,\n HostName = exampleAccount.PrimaryBlobHost,\n OriginHostHeader = exampleAccount.PrimaryBlobHost,\n Priority = 1,\n Weight = 500,\n PrivateLink = new Azure.Cdn.Inputs.FrontdoorOriginPrivateLinkArgs\n {\n RequestMessage = \"Request access for Private Link Origin CDN Frontdoor\",\n TargetType = \"blob\",\n Location = exampleAccount.Location,\n PrivateLinkTargetId = exampleAccount.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccount, err := storage.NewAccount(ctx, \"exampleAccount\", \u0026storage.AccountArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tAccountTier: pulumi.String(\"Premium\"),\n\t\t\tAccountReplicationType: pulumi.String(\"LRS\"),\n\t\t\tAllowNestedItemsToBePublic: pulumi.Bool(false),\n\t\t\tNetworkRules: \u0026storage.AccountNetworkRulesTypeArgs{\n\t\t\t\tDefaultAction: pulumi.String(\"Deny\"),\n\t\t\t},\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"environment\": pulumi.String(\"Example\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFrontdoorProfile, err := cdn.NewFrontdoorProfile(ctx, \"exampleFrontdoorProfile\", \u0026cdn.FrontdoorProfileArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tSkuName: pulumi.String(\"Premium_AzureFrontDoor\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFrontdoorOriginGroup, err := cdn.NewFrontdoorOriginGroup(ctx, \"exampleFrontdoorOriginGroup\", \u0026cdn.FrontdoorOriginGroupArgs{\n\t\t\tCdnFrontdoorProfileId: exampleFrontdoorProfile.ID(),\n\t\t\tLoadBalancing: nil,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cdn.NewFrontdoorOrigin(ctx, \"exampleFrontdoorOrigin\", \u0026cdn.FrontdoorOriginArgs{\n\t\t\tCdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.ID(),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tCertificateNameCheckEnabled: pulumi.Bool(true),\n\t\t\tHostName: exampleAccount.PrimaryBlobHost,\n\t\t\tOriginHostHeader: exampleAccount.PrimaryBlobHost,\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tWeight: pulumi.Int(500),\n\t\t\tPrivateLink: \u0026cdn.FrontdoorOriginPrivateLinkArgs{\n\t\t\t\tRequestMessage: pulumi.String(\"Request access for Private Link Origin CDN Frontdoor\"),\n\t\t\t\tTargetType: pulumi.String(\"blob\"),\n\t\t\t\tLocation: exampleAccount.Location,\n\t\t\t\tPrivateLinkTargetId: exampleAccount.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.storage.Account;\nimport com.pulumi.azure.storage.AccountArgs;\nimport com.pulumi.azure.storage.inputs.AccountNetworkRulesArgs;\nimport com.pulumi.azure.cdn.FrontdoorProfile;\nimport com.pulumi.azure.cdn.FrontdoorProfileArgs;\nimport com.pulumi.azure.cdn.FrontdoorOriginGroup;\nimport com.pulumi.azure.cdn.FrontdoorOriginGroupArgs;\nimport com.pulumi.azure.cdn.inputs.FrontdoorOriginGroupLoadBalancingArgs;\nimport com.pulumi.azure.cdn.FrontdoorOrigin;\nimport com.pulumi.azure.cdn.FrontdoorOriginArgs;\nimport com.pulumi.azure.cdn.inputs.FrontdoorOriginPrivateLinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleAccount = new Account(\"exampleAccount\", AccountArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .location(exampleResourceGroup.location())\n .accountTier(\"Premium\")\n .accountReplicationType(\"LRS\")\n .allowNestedItemsToBePublic(false)\n .networkRules(AccountNetworkRulesArgs.builder()\n .defaultAction(\"Deny\")\n .build())\n .tags(Map.of(\"environment\", \"Example\"))\n .build());\n\n var exampleFrontdoorProfile = new FrontdoorProfile(\"exampleFrontdoorProfile\", FrontdoorProfileArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .skuName(\"Premium_AzureFrontDoor\")\n .build());\n\n var exampleFrontdoorOriginGroup = new FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\", FrontdoorOriginGroupArgs.builder() \n .cdnFrontdoorProfileId(exampleFrontdoorProfile.id())\n .loadBalancing()\n .build());\n\n var exampleFrontdoorOrigin = new FrontdoorOrigin(\"exampleFrontdoorOrigin\", FrontdoorOriginArgs.builder() \n .cdnFrontdoorOriginGroupId(exampleFrontdoorOriginGroup.id())\n .enabled(true)\n .certificateNameCheckEnabled(true)\n .hostName(exampleAccount.primaryBlobHost())\n .originHostHeader(exampleAccount.primaryBlobHost())\n .priority(1)\n .weight(500)\n .privateLink(FrontdoorOriginPrivateLinkArgs.builder()\n .requestMessage(\"Request access for Private Link Origin CDN Frontdoor\")\n .targetType(\"blob\")\n .location(exampleAccount.location())\n .privateLinkTargetId(exampleAccount.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleAccount:\n type: azure:storage:Account\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n location: ${exampleResourceGroup.location}\n accountTier: Premium\n accountReplicationType: LRS\n allowNestedItemsToBePublic: false\n networkRules:\n defaultAction: Deny\n tags:\n environment: Example\n exampleFrontdoorProfile:\n type: azure:cdn:FrontdoorProfile\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n skuName: Premium_AzureFrontDoor\n exampleFrontdoorOriginGroup:\n type: azure:cdn:FrontdoorOriginGroup\n properties:\n cdnFrontdoorProfileId: ${exampleFrontdoorProfile.id}\n loadBalancing: {}\n exampleFrontdoorOrigin:\n type: azure:cdn:FrontdoorOrigin\n properties:\n cdnFrontdoorOriginGroupId: ${exampleFrontdoorOriginGroup.id}\n enabled: true\n certificateNameCheckEnabled: true\n hostName: ${exampleAccount.primaryBlobHost}\n originHostHeader: ${exampleAccount.primaryBlobHost}\n priority: 1\n weight: 500\n privateLink:\n requestMessage: Request access for Private Link Origin CDN Frontdoor\n targetType: blob\n location: ${exampleAccount.location}\n privateLinkTargetId: ${exampleAccount.id}\n```\n\n{{% /example %}}\n{{% example %}}\n### With Private Link Service\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleVirtualNetwork = new azure.network.VirtualNetwork(\"exampleVirtualNetwork\", {\n resourceGroupName: exampleResourceGroup.name,\n location: exampleResourceGroup.location,\n addressSpaces: [\"10.5.0.0/16\"],\n});\nconst exampleSubnet = new azure.network.Subnet(\"exampleSubnet\", {\n resourceGroupName: exampleResourceGroup.name,\n virtualNetworkName: exampleVirtualNetwork.name,\n addressPrefixes: [\"10.5.1.0/24\"],\n privateLinkServiceNetworkPoliciesEnabled: false,\n});\nconst examplePublicIp = new azure.network.PublicIp(\"examplePublicIp\", {\n sku: \"Standard\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n allocationMethod: \"Static\",\n});\nconst exampleLoadBalancer = new azure.lb.LoadBalancer(\"exampleLoadBalancer\", {\n sku: \"Standard\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n frontendIpConfigurations: [{\n name: examplePublicIp.name,\n publicIpAddressId: examplePublicIp.id,\n }],\n});\nconst exampleLinkService = new azure.privatedns.LinkService(\"exampleLinkService\", {\n resourceGroupName: exampleResourceGroup.name,\n location: exampleResourceGroup.location,\n visibilitySubscriptionIds: [current.then(current =\u003e current.subscriptionId)],\n loadBalancerFrontendIpConfigurationIds: [exampleLoadBalancer.frontendIpConfigurations.apply(frontendIpConfigurations =\u003e frontendIpConfigurations?.[0]?.id)],\n natIpConfigurations: [{\n name: \"primary\",\n privateIpAddress: \"10.5.1.17\",\n privateIpAddressVersion: \"IPv4\",\n subnetId: exampleSubnet.id,\n primary: true,\n }],\n});\nconst exampleFrontdoorProfile = new azure.cdn.FrontdoorProfile(\"exampleFrontdoorProfile\", {\n resourceGroupName: exampleResourceGroup.name,\n skuName: \"Premium_AzureFrontDoor\",\n}, {\n dependsOn: [exampleLinkService],\n});\nconst exampleFrontdoorOriginGroup = new azure.cdn.FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\", {\n cdnFrontdoorProfileId: exampleFrontdoorProfile.id,\n loadBalancing: {\n additionalLatencyInMilliseconds: 0,\n sampleSize: 16,\n successfulSamplesRequired: 3,\n },\n});\nconst exampleFrontdoorOrigin = new azure.cdn.FrontdoorOrigin(\"exampleFrontdoorOrigin\", {\n cdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.id,\n enabled: true,\n hostName: \"example.com\",\n originHostHeader: \"example.com\",\n priority: 1,\n weight: 1000,\n certificateNameCheckEnabled: false,\n privateLink: {\n requestMessage: \"Request access for Private Link Origin CDN Frontdoor\",\n location: exampleResourceGroup.location,\n privateLinkTargetId: exampleLinkService.id,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_virtual_network = azure.network.VirtualNetwork(\"exampleVirtualNetwork\",\n resource_group_name=example_resource_group.name,\n location=example_resource_group.location,\n address_spaces=[\"10.5.0.0/16\"])\nexample_subnet = azure.network.Subnet(\"exampleSubnet\",\n resource_group_name=example_resource_group.name,\n virtual_network_name=example_virtual_network.name,\n address_prefixes=[\"10.5.1.0/24\"],\n private_link_service_network_policies_enabled=False)\nexample_public_ip = azure.network.PublicIp(\"examplePublicIp\",\n sku=\"Standard\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n allocation_method=\"Static\")\nexample_load_balancer = azure.lb.LoadBalancer(\"exampleLoadBalancer\",\n sku=\"Standard\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n frontend_ip_configurations=[azure.lb.LoadBalancerFrontendIpConfigurationArgs(\n name=example_public_ip.name,\n public_ip_address_id=example_public_ip.id,\n )])\nexample_link_service = azure.privatedns.LinkService(\"exampleLinkService\",\n resource_group_name=example_resource_group.name,\n location=example_resource_group.location,\n visibility_subscription_ids=[current.subscription_id],\n load_balancer_frontend_ip_configuration_ids=[example_load_balancer.frontend_ip_configurations[0].id],\n nat_ip_configurations=[azure.privatedns.LinkServiceNatIpConfigurationArgs(\n name=\"primary\",\n private_ip_address=\"10.5.1.17\",\n private_ip_address_version=\"IPv4\",\n subnet_id=example_subnet.id,\n primary=True,\n )])\nexample_frontdoor_profile = azure.cdn.FrontdoorProfile(\"exampleFrontdoorProfile\",\n resource_group_name=example_resource_group.name,\n sku_name=\"Premium_AzureFrontDoor\",\n opts=pulumi.ResourceOptions(depends_on=[example_link_service]))\nexample_frontdoor_origin_group = azure.cdn.FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\",\n cdn_frontdoor_profile_id=example_frontdoor_profile.id,\n load_balancing=azure.cdn.FrontdoorOriginGroupLoadBalancingArgs(\n additional_latency_in_milliseconds=0,\n sample_size=16,\n successful_samples_required=3,\n ))\nexample_frontdoor_origin = azure.cdn.FrontdoorOrigin(\"exampleFrontdoorOrigin\",\n cdn_frontdoor_origin_group_id=example_frontdoor_origin_group.id,\n enabled=True,\n host_name=\"example.com\",\n origin_host_header=\"example.com\",\n priority=1,\n weight=1000,\n certificate_name_check_enabled=False,\n private_link=azure.cdn.FrontdoorOriginPrivateLinkArgs(\n request_message=\"Request access for Private Link Origin CDN Frontdoor\",\n location=example_resource_group.location,\n private_link_target_id=example_link_service.id,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleVirtualNetwork = new Azure.Network.VirtualNetwork(\"exampleVirtualNetwork\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Location = exampleResourceGroup.Location,\n AddressSpaces = new[]\n {\n \"10.5.0.0/16\",\n },\n });\n\n var exampleSubnet = new Azure.Network.Subnet(\"exampleSubnet\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n VirtualNetworkName = exampleVirtualNetwork.Name,\n AddressPrefixes = new[]\n {\n \"10.5.1.0/24\",\n },\n PrivateLinkServiceNetworkPoliciesEnabled = false,\n });\n\n var examplePublicIp = new Azure.Network.PublicIp(\"examplePublicIp\", new()\n {\n Sku = \"Standard\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n AllocationMethod = \"Static\",\n });\n\n var exampleLoadBalancer = new Azure.Lb.LoadBalancer(\"exampleLoadBalancer\", new()\n {\n Sku = \"Standard\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n FrontendIpConfigurations = new[]\n {\n new Azure.Lb.Inputs.LoadBalancerFrontendIpConfigurationArgs\n {\n Name = examplePublicIp.Name,\n PublicIpAddressId = examplePublicIp.Id,\n },\n },\n });\n\n var exampleLinkService = new Azure.PrivateDns.LinkService(\"exampleLinkService\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Location = exampleResourceGroup.Location,\n VisibilitySubscriptionIds = new[]\n {\n current.Apply(getClientConfigResult =\u003e getClientConfigResult.SubscriptionId),\n },\n LoadBalancerFrontendIpConfigurationIds = new[]\n {\n exampleLoadBalancer.FrontendIpConfigurations.Apply(frontendIpConfigurations =\u003e frontendIpConfigurations[0]?.Id),\n },\n NatIpConfigurations = new[]\n {\n new Azure.PrivateDns.Inputs.LinkServiceNatIpConfigurationArgs\n {\n Name = \"primary\",\n PrivateIpAddress = \"10.5.1.17\",\n PrivateIpAddressVersion = \"IPv4\",\n SubnetId = exampleSubnet.Id,\n Primary = true,\n },\n },\n });\n\n var exampleFrontdoorProfile = new Azure.Cdn.FrontdoorProfile(\"exampleFrontdoorProfile\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n SkuName = \"Premium_AzureFrontDoor\",\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n exampleLinkService,\n },\n });\n\n var exampleFrontdoorOriginGroup = new Azure.Cdn.FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\", new()\n {\n CdnFrontdoorProfileId = exampleFrontdoorProfile.Id,\n LoadBalancing = new Azure.Cdn.Inputs.FrontdoorOriginGroupLoadBalancingArgs\n {\n AdditionalLatencyInMilliseconds = 0,\n SampleSize = 16,\n SuccessfulSamplesRequired = 3,\n },\n });\n\n var exampleFrontdoorOrigin = new Azure.Cdn.FrontdoorOrigin(\"exampleFrontdoorOrigin\", new()\n {\n CdnFrontdoorOriginGroupId = exampleFrontdoorOriginGroup.Id,\n Enabled = true,\n HostName = \"example.com\",\n OriginHostHeader = \"example.com\",\n Priority = 1,\n Weight = 1000,\n CertificateNameCheckEnabled = false,\n PrivateLink = new Azure.Cdn.Inputs.FrontdoorOriginPrivateLinkArgs\n {\n RequestMessage = \"Request access for Private Link Origin CDN Frontdoor\",\n Location = exampleResourceGroup.Location,\n PrivateLinkTargetId = exampleLinkService.Id,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/lb\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatedns\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, \"exampleVirtualNetwork\", \u0026network.VirtualNetworkArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tAddressSpaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.5.0.0/16\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSubnet, err := network.NewSubnet(ctx, \"exampleSubnet\", \u0026network.SubnetArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tVirtualNetworkName: exampleVirtualNetwork.Name,\n\t\t\tAddressPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.5.1.0/24\"),\n\t\t\t},\n\t\t\tPrivateLinkServiceNetworkPoliciesEnabled: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePublicIp, err := network.NewPublicIp(ctx, \"examplePublicIp\", \u0026network.PublicIpArgs{\n\t\t\tSku: pulumi.String(\"Standard\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tAllocationMethod: pulumi.String(\"Static\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLoadBalancer, err := lb.NewLoadBalancer(ctx, \"exampleLoadBalancer\", \u0026lb.LoadBalancerArgs{\n\t\t\tSku: pulumi.String(\"Standard\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tFrontendIpConfigurations: lb.LoadBalancerFrontendIpConfigurationArray{\n\t\t\t\t\u0026lb.LoadBalancerFrontendIpConfigurationArgs{\n\t\t\t\t\tName: examplePublicIp.Name,\n\t\t\t\t\tPublicIpAddressId: examplePublicIp.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLinkService, err := privatedns.NewLinkService(ctx, \"exampleLinkService\", \u0026privatedns.LinkServiceArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tVisibilitySubscriptionIds: pulumi.StringArray{\n\t\t\t\t*pulumi.String(current.SubscriptionId),\n\t\t\t},\n\t\t\tLoadBalancerFrontendIpConfigurationIds: pulumi.StringArray{\n\t\t\t\texampleLoadBalancer.FrontendIpConfigurations.ApplyT(func(frontendIpConfigurations []lb.LoadBalancerFrontendIpConfiguration) (*string, error) {\n\t\t\t\t\treturn \u0026frontendIpConfigurations[0].Id, nil\n\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t},\n\t\t\tNatIpConfigurations: privatedns.LinkServiceNatIpConfigurationArray{\n\t\t\t\t\u0026privatedns.LinkServiceNatIpConfigurationArgs{\n\t\t\t\t\tName: pulumi.String(\"primary\"),\n\t\t\t\t\tPrivateIpAddress: pulumi.String(\"10.5.1.17\"),\n\t\t\t\t\tPrivateIpAddressVersion: pulumi.String(\"IPv4\"),\n\t\t\t\t\tSubnetId: exampleSubnet.ID(),\n\t\t\t\t\tPrimary: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFrontdoorProfile, err := cdn.NewFrontdoorProfile(ctx, \"exampleFrontdoorProfile\", \u0026cdn.FrontdoorProfileArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tSkuName: pulumi.String(\"Premium_AzureFrontDoor\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleLinkService,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFrontdoorOriginGroup, err := cdn.NewFrontdoorOriginGroup(ctx, \"exampleFrontdoorOriginGroup\", \u0026cdn.FrontdoorOriginGroupArgs{\n\t\t\tCdnFrontdoorProfileId: exampleFrontdoorProfile.ID(),\n\t\t\tLoadBalancing: \u0026cdn.FrontdoorOriginGroupLoadBalancingArgs{\n\t\t\t\tAdditionalLatencyInMilliseconds: pulumi.Int(0),\n\t\t\t\tSampleSize: pulumi.Int(16),\n\t\t\t\tSuccessfulSamplesRequired: pulumi.Int(3),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cdn.NewFrontdoorOrigin(ctx, \"exampleFrontdoorOrigin\", \u0026cdn.FrontdoorOriginArgs{\n\t\t\tCdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.ID(),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tHostName: pulumi.String(\"example.com\"),\n\t\t\tOriginHostHeader: pulumi.String(\"example.com\"),\n\t\t\tPriority: pulumi.Int(1),\n\t\t\tWeight: pulumi.Int(1000),\n\t\t\tCertificateNameCheckEnabled: pulumi.Bool(false),\n\t\t\tPrivateLink: \u0026cdn.FrontdoorOriginPrivateLinkArgs{\n\t\t\t\tRequestMessage: pulumi.String(\"Request access for Private Link Origin CDN Frontdoor\"),\n\t\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\t\tPrivateLinkTargetId: exampleLinkService.ID(),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.network.VirtualNetwork;\nimport com.pulumi.azure.network.VirtualNetworkArgs;\nimport com.pulumi.azure.network.Subnet;\nimport com.pulumi.azure.network.SubnetArgs;\nimport com.pulumi.azure.network.PublicIp;\nimport com.pulumi.azure.network.PublicIpArgs;\nimport com.pulumi.azure.lb.LoadBalancer;\nimport com.pulumi.azure.lb.LoadBalancerArgs;\nimport com.pulumi.azure.lb.inputs.LoadBalancerFrontendIpConfigurationArgs;\nimport com.pulumi.azure.privatedns.LinkService;\nimport com.pulumi.azure.privatedns.LinkServiceArgs;\nimport com.pulumi.azure.privatedns.inputs.LinkServiceNatIpConfigurationArgs;\nimport com.pulumi.azure.cdn.FrontdoorProfile;\nimport com.pulumi.azure.cdn.FrontdoorProfileArgs;\nimport com.pulumi.azure.cdn.FrontdoorOriginGroup;\nimport com.pulumi.azure.cdn.FrontdoorOriginGroupArgs;\nimport com.pulumi.azure.cdn.inputs.FrontdoorOriginGroupLoadBalancingArgs;\nimport com.pulumi.azure.cdn.FrontdoorOrigin;\nimport com.pulumi.azure.cdn.FrontdoorOriginArgs;\nimport com.pulumi.azure.cdn.inputs.FrontdoorOriginPrivateLinkArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleVirtualNetwork = new VirtualNetwork(\"exampleVirtualNetwork\", VirtualNetworkArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .location(exampleResourceGroup.location())\n .addressSpaces(\"10.5.0.0/16\")\n .build());\n\n var exampleSubnet = new Subnet(\"exampleSubnet\", SubnetArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .virtualNetworkName(exampleVirtualNetwork.name())\n .addressPrefixes(\"10.5.1.0/24\")\n .privateLinkServiceNetworkPoliciesEnabled(false)\n .build());\n\n var examplePublicIp = new PublicIp(\"examplePublicIp\", PublicIpArgs.builder() \n .sku(\"Standard\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .allocationMethod(\"Static\")\n .build());\n\n var exampleLoadBalancer = new LoadBalancer(\"exampleLoadBalancer\", LoadBalancerArgs.builder() \n .sku(\"Standard\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .frontendIpConfigurations(LoadBalancerFrontendIpConfigurationArgs.builder()\n .name(examplePublicIp.name())\n .publicIpAddressId(examplePublicIp.id())\n .build())\n .build());\n\n var exampleLinkService = new LinkService(\"exampleLinkService\", LinkServiceArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .location(exampleResourceGroup.location())\n .visibilitySubscriptionIds(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.subscriptionId()))\n .loadBalancerFrontendIpConfigurationIds(exampleLoadBalancer.frontendIpConfigurations().applyValue(frontendIpConfigurations -\u003e frontendIpConfigurations[0].id()))\n .natIpConfigurations(LinkServiceNatIpConfigurationArgs.builder()\n .name(\"primary\")\n .privateIpAddress(\"10.5.1.17\")\n .privateIpAddressVersion(\"IPv4\")\n .subnetId(exampleSubnet.id())\n .primary(true)\n .build())\n .build());\n\n var exampleFrontdoorProfile = new FrontdoorProfile(\"exampleFrontdoorProfile\", FrontdoorProfileArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .skuName(\"Premium_AzureFrontDoor\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleLinkService)\n .build());\n\n var exampleFrontdoorOriginGroup = new FrontdoorOriginGroup(\"exampleFrontdoorOriginGroup\", FrontdoorOriginGroupArgs.builder() \n .cdnFrontdoorProfileId(exampleFrontdoorProfile.id())\n .loadBalancing(FrontdoorOriginGroupLoadBalancingArgs.builder()\n .additionalLatencyInMilliseconds(0)\n .sampleSize(16)\n .successfulSamplesRequired(3)\n .build())\n .build());\n\n var exampleFrontdoorOrigin = new FrontdoorOrigin(\"exampleFrontdoorOrigin\", FrontdoorOriginArgs.builder() \n .cdnFrontdoorOriginGroupId(exampleFrontdoorOriginGroup.id())\n .enabled(true)\n .hostName(\"example.com\")\n .originHostHeader(\"example.com\")\n .priority(1)\n .weight(1000)\n .certificateNameCheckEnabled(false)\n .privateLink(FrontdoorOriginPrivateLinkArgs.builder()\n .requestMessage(\"Request access for Private Link Origin CDN Frontdoor\")\n .location(exampleResourceGroup.location())\n .privateLinkTargetId(exampleLinkService.id())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleFrontdoorProfile:\n type: azure:cdn:FrontdoorProfile\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n skuName: Premium_AzureFrontDoor\n options:\n dependson:\n - ${exampleLinkService}\n exampleFrontdoorOrigin:\n type: azure:cdn:FrontdoorOrigin\n properties:\n cdnFrontdoorOriginGroupId: ${exampleFrontdoorOriginGroup.id}\n enabled: true\n hostName: example.com\n originHostHeader: example.com\n priority: 1\n weight: 1000\n certificateNameCheckEnabled: false\n privateLink:\n requestMessage: Request access for Private Link Origin CDN Frontdoor\n location: ${exampleResourceGroup.location}\n privateLinkTargetId: ${exampleLinkService.id}\n exampleFrontdoorOriginGroup:\n type: azure:cdn:FrontdoorOriginGroup\n properties:\n cdnFrontdoorProfileId: ${exampleFrontdoorProfile.id}\n loadBalancing:\n additionalLatencyInMilliseconds: 0\n sampleSize: 16\n successfulSamplesRequired: 3\n exampleVirtualNetwork:\n type: azure:network:VirtualNetwork\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n location: ${exampleResourceGroup.location}\n addressSpaces:\n - 10.5.0.0/16\n exampleSubnet:\n type: azure:network:Subnet\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n virtualNetworkName: ${exampleVirtualNetwork.name}\n addressPrefixes:\n - 10.5.1.0/24\n privateLinkServiceNetworkPoliciesEnabled: false\n examplePublicIp:\n type: azure:network:PublicIp\n properties:\n sku: Standard\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n allocationMethod: Static\n exampleLoadBalancer:\n type: azure:lb:LoadBalancer\n properties:\n sku: Standard\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n frontendIpConfigurations:\n - name: ${examplePublicIp.name}\n publicIpAddressId: ${examplePublicIp.id}\n exampleLinkService:\n type: azure:privatedns:LinkService\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n location: ${exampleResourceGroup.location}\n visibilitySubscriptionIds:\n - ${current.subscriptionId}\n loadBalancerFrontendIpConfigurationIds:\n - ${exampleLoadBalancer.frontendIpConfigurations[0].id}\n natIpConfigurations:\n - name: primary\n privateIpAddress: 10.5.1.17\n privateIpAddressVersion: IPv4\n subnetId: ${exampleSubnet.id}\n primary: true\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n## Example HCL Configurations\n\n* Private Link Origin with Storage Account Blob\n* Private Link Origin with Storage Account Static Web Site\n* Private Link Origin with Linux Web Application\n* Private Link Origin with Internal Load Balancer\n\n\n## Import\n\nFront Door Origins can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:cdn/frontdoorOrigin:FrontdoorOrigin example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1/providers/Microsoft.Cdn/profiles/profile1/originGroups/originGroup1/origins/origin1\n```\n\n ", "properties": { "cdnFrontdoorOriginGroupId": { "type": "string", @@ -133045,7 +133051,7 @@ } }, "azure:cdn/profile:Profile": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleProfile = new azure.cdn.Profile(\"exampleProfile\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n sku: \"Standard_Verizon\",\n tags: {\n environment: \"Production\",\n cost_center: \"MSFT\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_profile = azure.cdn.Profile(\"exampleProfile\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n sku=\"Standard_Verizon\",\n tags={\n \"environment\": \"Production\",\n \"cost_center\": \"MSFT\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleProfile = new Azure.Cdn.Profile(\"exampleProfile\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n Sku = \"Standard_Verizon\",\n Tags = \n {\n { \"environment\", \"Production\" },\n { \"cost_center\", \"MSFT\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cdn.NewProfile(ctx, \"exampleProfile\", \u0026cdn.ProfileArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tSku: pulumi.String(\"Standard_Verizon\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"environment\": pulumi.String(\"Production\"),\n\t\t\t\t\"cost_center\": pulumi.String(\"MSFT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.cdn.Profile;\nimport com.pulumi.azure.cdn.ProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleProfile = new Profile(\"exampleProfile\", ProfileArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .sku(\"Standard_Verizon\")\n .tags(Map.ofEntries(\n Map.entry(\"environment\", \"Production\"),\n Map.entry(\"cost_center\", \"MSFT\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleProfile:\n type: azure:cdn:Profile\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n sku: Standard_Verizon\n tags:\n environment: Production\n cost_center: MSFT\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nCDN Profiles can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:cdn/profile:Profile example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Cdn/profiles/myprofile1\n```\n\n ", + "description": "Manages a CDN Profile to create a collection of CDN Endpoints.\n\n!\u003e **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleProfile = new azure.cdn.Profile(\"exampleProfile\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n sku: \"Standard_Verizon\",\n tags: {\n environment: \"Production\",\n cost_center: \"MSFT\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_profile = azure.cdn.Profile(\"exampleProfile\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n sku=\"Standard_Verizon\",\n tags={\n \"environment\": \"Production\",\n \"cost_center\": \"MSFT\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleProfile = new Azure.Cdn.Profile(\"exampleProfile\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n Sku = \"Standard_Verizon\",\n Tags = \n {\n { \"environment\", \"Production\" },\n { \"cost_center\", \"MSFT\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cdn.NewProfile(ctx, \"exampleProfile\", \u0026cdn.ProfileArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tSku: pulumi.String(\"Standard_Verizon\"),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"environment\": pulumi.String(\"Production\"),\n\t\t\t\t\"cost_center\": pulumi.String(\"MSFT\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.cdn.Profile;\nimport com.pulumi.azure.cdn.ProfileArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleProfile = new Profile(\"exampleProfile\", ProfileArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .sku(\"Standard_Verizon\")\n .tags(Map.ofEntries(\n Map.entry(\"environment\", \"Production\"),\n Map.entry(\"cost_center\", \"MSFT\")\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleProfile:\n type: azure:cdn:Profile\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n sku: Standard_Verizon\n tags:\n environment: Production\n cost_center: MSFT\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nCDN Profiles can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:cdn/profile:Profile example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Cdn/profiles/myprofile1\n```\n\n ", "properties": { "location": { "type": "string", @@ -135975,7 +135981,7 @@ } }, "azure:compute/image:Image": { - "description": "\n\n\n## Import\n\nImages can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:compute/image:Image example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Compute/images/image1\n```\n\n ", + "description": "Manages a custom virtual machine image that can be used to create virtual machines.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n\u003e **Note:** For a more complete example, see the `examples/image` directory within the GitHub Repository.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleVirtualMachine = azure.compute.getVirtualMachine({\n name: \"examplevm\",\n resourceGroupName: \"example-resources\",\n});\nconst exampleImage = new azure.compute.Image(\"exampleImage\", {\n location: exampleVirtualMachine.then(exampleVirtualMachine =\u003e exampleVirtualMachine.location),\n resourceGroupName: exampleVirtualMachine.then(exampleVirtualMachine =\u003e exampleVirtualMachine.name),\n sourceVirtualMachineId: exampleVirtualMachine.then(exampleVirtualMachine =\u003e exampleVirtualMachine.id),\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_virtual_machine = azure.compute.get_virtual_machine(name=\"examplevm\",\n resource_group_name=\"example-resources\")\nexample_image = azure.compute.Image(\"exampleImage\",\n location=example_virtual_machine.location,\n resource_group_name=example_virtual_machine.name,\n source_virtual_machine_id=example_virtual_machine.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleVirtualMachine = Azure.Compute.GetVirtualMachine.Invoke(new()\n {\n Name = \"examplevm\",\n ResourceGroupName = \"example-resources\",\n });\n\n var exampleImage = new Azure.Compute.Image(\"exampleImage\", new()\n {\n Location = exampleVirtualMachine.Apply(getVirtualMachineResult =\u003e getVirtualMachineResult.Location),\n ResourceGroupName = exampleVirtualMachine.Apply(getVirtualMachineResult =\u003e getVirtualMachineResult.Name),\n SourceVirtualMachineId = exampleVirtualMachine.Apply(getVirtualMachineResult =\u003e getVirtualMachineResult.Id),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleVirtualMachine, err := compute.LookupVirtualMachine(ctx, \u0026compute.LookupVirtualMachineArgs{\n\t\t\tName: \"examplevm\",\n\t\t\tResourceGroupName: \"example-resources\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewImage(ctx, \"exampleImage\", \u0026compute.ImageArgs{\n\t\t\tLocation: *pulumi.String(exampleVirtualMachine.Location),\n\t\t\tResourceGroupName: *pulumi.String(exampleVirtualMachine.Name),\n\t\t\tSourceVirtualMachineId: *pulumi.String(exampleVirtualMachine.Id),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.compute.ComputeFunctions;\nimport com.pulumi.azure.compute.inputs.GetVirtualMachineArgs;\nimport com.pulumi.azure.compute.Image;\nimport com.pulumi.azure.compute.ImageArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleVirtualMachine = ComputeFunctions.getVirtualMachine(GetVirtualMachineArgs.builder()\n .name(\"examplevm\")\n .resourceGroupName(\"example-resources\")\n .build());\n\n var exampleImage = new Image(\"exampleImage\", ImageArgs.builder() \n .location(exampleVirtualMachine.applyValue(getVirtualMachineResult -\u003e getVirtualMachineResult.location()))\n .resourceGroupName(exampleVirtualMachine.applyValue(getVirtualMachineResult -\u003e getVirtualMachineResult.name()))\n .sourceVirtualMachineId(exampleVirtualMachine.applyValue(getVirtualMachineResult -\u003e getVirtualMachineResult.id()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleImage:\n type: azure:compute:Image\n properties:\n location: ${exampleVirtualMachine.location}\n resourceGroupName: ${exampleVirtualMachine.name}\n sourceVirtualMachineId: ${exampleVirtualMachine.id}\nvariables:\n exampleVirtualMachine:\n fn::invoke:\n Function: azure:compute:getVirtualMachine\n Arguments:\n name: examplevm\n resourceGroupName: example-resources\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nImages can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:compute/image:Image example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Compute/images/image1\n```\n\n ", "properties": { "dataDisks": { "type": "array", @@ -141477,7 +141483,8 @@ "description": "One or more `gallery_application` blocks as defined below.\n" }, "hotpatchingEnabled": { - "type": "boolean" + "type": "boolean", + "description": "Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch).\n\n\u003e **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository.\n" }, "identity": { "$ref": "#/types/azure:compute/WindowsVirtualMachineIdentity:WindowsVirtualMachineIdentity", @@ -141746,7 +141753,8 @@ "description": "One or more `gallery_application` blocks as defined below.\n" }, "hotpatchingEnabled": { - "type": "boolean" + "type": "boolean", + "description": "Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch).\n\n\u003e **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository.\n" }, "identity": { "$ref": "#/types/azure:compute/WindowsVirtualMachineIdentity:WindowsVirtualMachineIdentity", @@ -141997,7 +142005,8 @@ "description": "One or more `gallery_application` blocks as defined below.\n" }, "hotpatchingEnabled": { - "type": "boolean" + "type": "boolean", + "description": "Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch).\n\n\u003e **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository.\n" }, "identity": { "$ref": "#/types/azure:compute/WindowsVirtualMachineIdentity:WindowsVirtualMachineIdentity", @@ -158073,7 +158082,7 @@ } }, "azure:databricks/workspaceCustomerManagedKey:WorkspaceCustomerManagedKey": { - "description": "\n\n\n## Import\n\nDatabricks Workspace Customer Managed Key can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:databricks/workspaceCustomerManagedKey:WorkspaceCustomerManagedKey workspace1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Databricks/workspaces/workspace1\n```\n\n ", + "description": "Manages a Customer Managed Key for a Databricks Workspace root DBFS\n\n!\u003e**IMPORTANT:** This resource has been deprecated and will be removed from the 4.0 Azure provider. Please use the `azure.databricks.WorkspaceRootDbfsCustomerManagedKey` resource instead.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleWorkspace = new azure.databricks.Workspace(\"exampleWorkspace\", {\n resourceGroupName: exampleResourceGroup.name,\n location: exampleResourceGroup.location,\n sku: \"premium\",\n customerManagedKeyEnabled: true,\n tags: {\n Environment: \"Production\",\n },\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"exampleKeyVault\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"premium\",\n purgeProtectionEnabled: true,\n softDeleteRetentionDays: 7,\n});\nconst terraform = new azure.keyvault.AccessPolicy(\"terraform\", {\n keyVaultId: exampleKeyVault.id,\n tenantId: exampleKeyVault.tenantId,\n objectId: current.then(current =\u003e current.objectId),\n keyPermissions: [\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n \"GetRotationPolicy\",\n ],\n});\nconst exampleKey = new azure.keyvault.Key(\"exampleKey\", {\n keyVaultId: exampleKeyVault.id,\n keyType: \"RSA\",\n keySize: 2048,\n keyOpts: [\n \"decrypt\",\n \"encrypt\",\n \"sign\",\n \"unwrapKey\",\n \"verify\",\n \"wrapKey\",\n ],\n}, {\n dependsOn: [terraform],\n});\nconst databricks = new azure.keyvault.AccessPolicy(\"databricks\", {\n keyVaultId: exampleKeyVault.id,\n tenantId: exampleWorkspace.storageAccountIdentities.apply(storageAccountIdentities =\u003e storageAccountIdentities[0].tenantId),\n objectId: exampleWorkspace.storageAccountIdentities.apply(storageAccountIdentities =\u003e storageAccountIdentities[0].principalId),\n keyPermissions: [\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n ],\n}, {\n dependsOn: [exampleWorkspace],\n});\nconst exampleWorkspaceRootDbfsCustomerManagedKey = new azure.databricks.WorkspaceRootDbfsCustomerManagedKey(\"exampleWorkspaceRootDbfsCustomerManagedKey\", {\n workspaceId: exampleWorkspace.id,\n keyVaultKeyId: exampleKey.id,\n}, {\n dependsOn: [databricks],\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_workspace = azure.databricks.Workspace(\"exampleWorkspace\",\n resource_group_name=example_resource_group.name,\n location=example_resource_group.location,\n sku=\"premium\",\n customer_managed_key_enabled=True,\n tags={\n \"Environment\": \"Production\",\n })\nexample_key_vault = azure.keyvault.KeyVault(\"exampleKeyVault\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n tenant_id=current.tenant_id,\n sku_name=\"premium\",\n purge_protection_enabled=True,\n soft_delete_retention_days=7)\nterraform = azure.keyvault.AccessPolicy(\"terraform\",\n key_vault_id=example_key_vault.id,\n tenant_id=example_key_vault.tenant_id,\n object_id=current.object_id,\n key_permissions=[\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n \"GetRotationPolicy\",\n ])\nexample_key = azure.keyvault.Key(\"exampleKey\",\n key_vault_id=example_key_vault.id,\n key_type=\"RSA\",\n key_size=2048,\n key_opts=[\n \"decrypt\",\n \"encrypt\",\n \"sign\",\n \"unwrapKey\",\n \"verify\",\n \"wrapKey\",\n ],\n opts=pulumi.ResourceOptions(depends_on=[terraform]))\ndatabricks = azure.keyvault.AccessPolicy(\"databricks\",\n key_vault_id=example_key_vault.id,\n tenant_id=example_workspace.storage_account_identities[0].tenant_id,\n object_id=example_workspace.storage_account_identities[0].principal_id,\n key_permissions=[\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n ],\n opts=pulumi.ResourceOptions(depends_on=[example_workspace]))\nexample_workspace_root_dbfs_customer_managed_key = azure.databricks.WorkspaceRootDbfsCustomerManagedKey(\"exampleWorkspaceRootDbfsCustomerManagedKey\",\n workspace_id=example_workspace.id,\n key_vault_key_id=example_key.id,\n opts=pulumi.ResourceOptions(depends_on=[databricks]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleWorkspace = new Azure.DataBricks.Workspace(\"exampleWorkspace\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Location = exampleResourceGroup.Location,\n Sku = \"premium\",\n CustomerManagedKeyEnabled = true,\n Tags = \n {\n { \"Environment\", \"Production\" },\n },\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"exampleKeyVault\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"premium\",\n PurgeProtectionEnabled = true,\n SoftDeleteRetentionDays = 7,\n });\n\n var terraform = new Azure.KeyVault.AccessPolicy(\"terraform\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n TenantId = exampleKeyVault.TenantId,\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n KeyPermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n \"GetRotationPolicy\",\n },\n });\n\n var exampleKey = new Azure.KeyVault.Key(\"exampleKey\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n KeyType = \"RSA\",\n KeySize = 2048,\n KeyOpts = new[]\n {\n \"decrypt\",\n \"encrypt\",\n \"sign\",\n \"unwrapKey\",\n \"verify\",\n \"wrapKey\",\n },\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n terraform,\n },\n });\n\n var databricks = new Azure.KeyVault.AccessPolicy(\"databricks\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n TenantId = exampleWorkspace.StorageAccountIdentities.Apply(storageAccountIdentities =\u003e storageAccountIdentities[0].TenantId),\n ObjectId = exampleWorkspace.StorageAccountIdentities.Apply(storageAccountIdentities =\u003e storageAccountIdentities[0].PrincipalId),\n KeyPermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n },\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n exampleWorkspace,\n },\n });\n\n var exampleWorkspaceRootDbfsCustomerManagedKey = new Azure.DataBricks.WorkspaceRootDbfsCustomerManagedKey(\"exampleWorkspaceRootDbfsCustomerManagedKey\", new()\n {\n WorkspaceId = exampleWorkspace.Id,\n KeyVaultKeyId = exampleKey.Id,\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n databricks,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/databricks\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := databricks.NewWorkspace(ctx, \"exampleWorkspace\", \u0026databricks.WorkspaceArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tSku: pulumi.String(\"premium\"),\n\t\t\tCustomerManagedKeyEnabled: pulumi.Bool(true),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"exampleKeyVault\", \u0026keyvault.KeyVaultArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tTenantId: *pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"premium\"),\n\t\t\tPurgeProtectionEnabled: pulumi.Bool(true),\n\t\t\tSoftDeleteRetentionDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tterraform, err := keyvault.NewAccessPolicy(ctx, \"terraform\", \u0026keyvault.AccessPolicyArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tTenantId: exampleKeyVault.TenantId,\n\t\t\tObjectId: *pulumi.String(current.ObjectId),\n\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t\tpulumi.String(\"GetRotationPolicy\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := keyvault.NewKey(ctx, \"exampleKey\", \u0026keyvault.KeyArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tKeyType: pulumi.String(\"RSA\"),\n\t\t\tKeySize: pulumi.Int(2048),\n\t\t\tKeyOpts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"decrypt\"),\n\t\t\t\tpulumi.String(\"encrypt\"),\n\t\t\t\tpulumi.String(\"sign\"),\n\t\t\t\tpulumi.String(\"unwrapKey\"),\n\t\t\t\tpulumi.String(\"verify\"),\n\t\t\t\tpulumi.String(\"wrapKey\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tterraform,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdatabricks, err := keyvault.NewAccessPolicy(ctx, \"databricks\", \u0026keyvault.AccessPolicyArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tTenantId: exampleWorkspace.StorageAccountIdentities.ApplyT(func(storageAccountIdentities []databricks.WorkspaceStorageAccountIdentity) (*string, error) {\n\t\t\t\treturn \u0026storageAccountIdentities[0].TenantId, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\tObjectId: exampleWorkspace.StorageAccountIdentities.ApplyT(func(storageAccountIdentities []databricks.WorkspaceStorageAccountIdentity) (*string, error) {\n\t\t\t\treturn \u0026storageAccountIdentities[0].PrincipalId, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleWorkspace,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = databricks.NewWorkspaceRootDbfsCustomerManagedKey(ctx, \"exampleWorkspaceRootDbfsCustomerManagedKey\", \u0026databricks.WorkspaceRootDbfsCustomerManagedKeyArgs{\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t\tKeyVaultKeyId: exampleKey.ID(),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tdatabricks,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.databricks.Workspace;\nimport com.pulumi.azure.databricks.WorkspaceArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.AccessPolicy;\nimport com.pulumi.azure.keyvault.AccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Key;\nimport com.pulumi.azure.keyvault.KeyArgs;\nimport com.pulumi.azure.databricks.WorkspaceRootDbfsCustomerManagedKey;\nimport com.pulumi.azure.databricks.WorkspaceRootDbfsCustomerManagedKeyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .location(exampleResourceGroup.location())\n .sku(\"premium\")\n .customerManagedKeyEnabled(true)\n .tags(Map.of(\"Environment\", \"Production\"))\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"premium\")\n .purgeProtectionEnabled(true)\n .softDeleteRetentionDays(7)\n .build());\n\n var terraform = new AccessPolicy(\"terraform\", AccessPolicyArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .tenantId(exampleKeyVault.tenantId())\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .keyPermissions( \n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n \"GetRotationPolicy\")\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .keyType(\"RSA\")\n .keySize(2048)\n .keyOpts( \n \"decrypt\",\n \"encrypt\",\n \"sign\",\n \"unwrapKey\",\n \"verify\",\n \"wrapKey\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(terraform)\n .build());\n\n var databricks = new AccessPolicy(\"databricks\", AccessPolicyArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .tenantId(exampleWorkspace.storageAccountIdentities().applyValue(storageAccountIdentities -\u003e storageAccountIdentities[0].tenantId()))\n .objectId(exampleWorkspace.storageAccountIdentities().applyValue(storageAccountIdentities -\u003e storageAccountIdentities[0].principalId()))\n .keyPermissions( \n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleWorkspace)\n .build());\n\n var exampleWorkspaceRootDbfsCustomerManagedKey = new WorkspaceRootDbfsCustomerManagedKey(\"exampleWorkspaceRootDbfsCustomerManagedKey\", WorkspaceRootDbfsCustomerManagedKeyArgs.builder() \n .workspaceId(exampleWorkspace.id())\n .keyVaultKeyId(exampleKey.id())\n .build(), CustomResourceOptions.builder()\n .dependsOn(databricks)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleWorkspace:\n type: azure:databricks:Workspace\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n location: ${exampleResourceGroup.location}\n sku: premium\n customerManagedKeyEnabled: true\n tags:\n Environment: Production\n exampleWorkspaceRootDbfsCustomerManagedKey:\n type: azure:databricks:WorkspaceRootDbfsCustomerManagedKey\n properties:\n workspaceId: ${exampleWorkspace.id}\n keyVaultKeyId: ${exampleKey.id}\n options:\n dependson:\n - ${databricks}\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n tenantId: ${current.tenantId}\n skuName: premium\n purgeProtectionEnabled: true\n softDeleteRetentionDays: 7\n exampleKey:\n type: azure:keyvault:Key\n properties:\n keyVaultId: ${exampleKeyVault.id}\n keyType: RSA\n keySize: 2048\n keyOpts:\n - decrypt\n - encrypt\n - sign\n - unwrapKey\n - verify\n - wrapKey\n options:\n dependson:\n - ${terraform}\n terraform:\n type: azure:keyvault:AccessPolicy\n properties:\n keyVaultId: ${exampleKeyVault.id}\n tenantId: ${exampleKeyVault.tenantId}\n objectId: ${current.objectId}\n keyPermissions:\n - Create\n - Delete\n - Get\n - Purge\n - Recover\n - Update\n - List\n - Decrypt\n - Sign\n - GetRotationPolicy\n databricks:\n type: azure:keyvault:AccessPolicy\n properties:\n keyVaultId: ${exampleKeyVault.id}\n tenantId: ${exampleWorkspace.storageAccountIdentities[0].tenantId}\n objectId: ${exampleWorkspace.storageAccountIdentities[0].principalId}\n keyPermissions:\n - Create\n - Delete\n - Get\n - Purge\n - Recover\n - Update\n - List\n - Decrypt\n - Sign\n options:\n dependson:\n - ${exampleWorkspace}\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n## Example HCL Configurations\n\n* Databricks Workspace with Root Databricks File System Customer Managed Keys\n* Databricks Workspace with Customer Managed Keys for Managed Services\n* Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys\n\n\n## Import\n\nDatabricks Workspace Customer Managed Key can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:databricks/workspaceCustomerManagedKey:WorkspaceCustomerManagedKey workspace1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Databricks/workspaces/workspace1\n```\n\n ", "properties": { "keyVaultKeyId": { "type": "string", @@ -158121,7 +158130,7 @@ } }, "azure:databricks/workspaceRootDbfsCustomerManagedKey:WorkspaceRootDbfsCustomerManagedKey": { - "description": "\n\n\n## Import\n\nDatabricks Workspace Root DBFS Customer Managed Key can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:databricks/workspaceRootDbfsCustomerManagedKey:WorkspaceRootDbfsCustomerManagedKey workspace1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Databricks/workspaces/workspace1\n```\n\n ", + "description": "Manages a Customer Managed Key for the Databricks Workspaces root Databricks File System(DBFS)\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst current = azure.core.getClientConfig({});\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleWorkspace = new azure.databricks.Workspace(\"exampleWorkspace\", {\n resourceGroupName: exampleResourceGroup.name,\n location: exampleResourceGroup.location,\n sku: \"premium\",\n customerManagedKeyEnabled: true,\n tags: {\n Environment: \"Production\",\n },\n});\nconst exampleKeyVault = new azure.keyvault.KeyVault(\"exampleKeyVault\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n tenantId: current.then(current =\u003e current.tenantId),\n skuName: \"premium\",\n purgeProtectionEnabled: true,\n softDeleteRetentionDays: 7,\n});\nconst terraform = new azure.keyvault.AccessPolicy(\"terraform\", {\n keyVaultId: exampleKeyVault.id,\n tenantId: exampleKeyVault.tenantId,\n objectId: current.then(current =\u003e current.objectId),\n keyPermissions: [\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n \"GetRotationPolicy\",\n ],\n});\nconst exampleKey = new azure.keyvault.Key(\"exampleKey\", {\n keyVaultId: exampleKeyVault.id,\n keyType: \"RSA\",\n keySize: 2048,\n keyOpts: [\n \"decrypt\",\n \"encrypt\",\n \"sign\",\n \"unwrapKey\",\n \"verify\",\n \"wrapKey\",\n ],\n}, {\n dependsOn: [terraform],\n});\nconst databricks = new azure.keyvault.AccessPolicy(\"databricks\", {\n keyVaultId: exampleKeyVault.id,\n tenantId: exampleWorkspace.storageAccountIdentities.apply(storageAccountIdentities =\u003e storageAccountIdentities[0].tenantId),\n objectId: exampleWorkspace.storageAccountIdentities.apply(storageAccountIdentities =\u003e storageAccountIdentities[0].principalId),\n keyPermissions: [\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n ],\n}, {\n dependsOn: [exampleWorkspace],\n});\nconst exampleWorkspaceRootDbfsCustomerManagedKey = new azure.databricks.WorkspaceRootDbfsCustomerManagedKey(\"exampleWorkspaceRootDbfsCustomerManagedKey\", {\n workspaceId: exampleWorkspace.id,\n keyVaultKeyId: exampleKey.id,\n}, {\n dependsOn: [databricks],\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\ncurrent = azure.core.get_client_config()\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_workspace = azure.databricks.Workspace(\"exampleWorkspace\",\n resource_group_name=example_resource_group.name,\n location=example_resource_group.location,\n sku=\"premium\",\n customer_managed_key_enabled=True,\n tags={\n \"Environment\": \"Production\",\n })\nexample_key_vault = azure.keyvault.KeyVault(\"exampleKeyVault\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n tenant_id=current.tenant_id,\n sku_name=\"premium\",\n purge_protection_enabled=True,\n soft_delete_retention_days=7)\nterraform = azure.keyvault.AccessPolicy(\"terraform\",\n key_vault_id=example_key_vault.id,\n tenant_id=example_key_vault.tenant_id,\n object_id=current.object_id,\n key_permissions=[\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n \"GetRotationPolicy\",\n ])\nexample_key = azure.keyvault.Key(\"exampleKey\",\n key_vault_id=example_key_vault.id,\n key_type=\"RSA\",\n key_size=2048,\n key_opts=[\n \"decrypt\",\n \"encrypt\",\n \"sign\",\n \"unwrapKey\",\n \"verify\",\n \"wrapKey\",\n ],\n opts=pulumi.ResourceOptions(depends_on=[terraform]))\ndatabricks = azure.keyvault.AccessPolicy(\"databricks\",\n key_vault_id=example_key_vault.id,\n tenant_id=example_workspace.storage_account_identities[0].tenant_id,\n object_id=example_workspace.storage_account_identities[0].principal_id,\n key_permissions=[\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n ],\n opts=pulumi.ResourceOptions(depends_on=[example_workspace]))\nexample_workspace_root_dbfs_customer_managed_key = azure.databricks.WorkspaceRootDbfsCustomerManagedKey(\"exampleWorkspaceRootDbfsCustomerManagedKey\",\n workspace_id=example_workspace.id,\n key_vault_key_id=example_key.id,\n opts=pulumi.ResourceOptions(depends_on=[databricks]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var current = Azure.Core.GetClientConfig.Invoke();\n\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleWorkspace = new Azure.DataBricks.Workspace(\"exampleWorkspace\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Location = exampleResourceGroup.Location,\n Sku = \"premium\",\n CustomerManagedKeyEnabled = true,\n Tags = \n {\n { \"Environment\", \"Production\" },\n },\n });\n\n var exampleKeyVault = new Azure.KeyVault.KeyVault(\"exampleKeyVault\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n TenantId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.TenantId),\n SkuName = \"premium\",\n PurgeProtectionEnabled = true,\n SoftDeleteRetentionDays = 7,\n });\n\n var terraform = new Azure.KeyVault.AccessPolicy(\"terraform\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n TenantId = exampleKeyVault.TenantId,\n ObjectId = current.Apply(getClientConfigResult =\u003e getClientConfigResult.ObjectId),\n KeyPermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n \"GetRotationPolicy\",\n },\n });\n\n var exampleKey = new Azure.KeyVault.Key(\"exampleKey\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n KeyType = \"RSA\",\n KeySize = 2048,\n KeyOpts = new[]\n {\n \"decrypt\",\n \"encrypt\",\n \"sign\",\n \"unwrapKey\",\n \"verify\",\n \"wrapKey\",\n },\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n terraform,\n },\n });\n\n var databricks = new Azure.KeyVault.AccessPolicy(\"databricks\", new()\n {\n KeyVaultId = exampleKeyVault.Id,\n TenantId = exampleWorkspace.StorageAccountIdentities.Apply(storageAccountIdentities =\u003e storageAccountIdentities[0].TenantId),\n ObjectId = exampleWorkspace.StorageAccountIdentities.Apply(storageAccountIdentities =\u003e storageAccountIdentities[0].PrincipalId),\n KeyPermissions = new[]\n {\n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n },\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n exampleWorkspace,\n },\n });\n\n var exampleWorkspaceRootDbfsCustomerManagedKey = new Azure.DataBricks.WorkspaceRootDbfsCustomerManagedKey(\"exampleWorkspaceRootDbfsCustomerManagedKey\", new()\n {\n WorkspaceId = exampleWorkspace.Id,\n KeyVaultKeyId = exampleKey.Id,\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n databricks,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/databricks\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tcurrent, err := core.GetClientConfig(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleWorkspace, err := databricks.NewWorkspace(ctx, \"exampleWorkspace\", \u0026databricks.WorkspaceArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tSku: pulumi.String(\"premium\"),\n\t\t\tCustomerManagedKeyEnabled: pulumi.Bool(true),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"Environment\": pulumi.String(\"Production\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKeyVault, err := keyvault.NewKeyVault(ctx, \"exampleKeyVault\", \u0026keyvault.KeyVaultArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tTenantId: *pulumi.String(current.TenantId),\n\t\t\tSkuName: pulumi.String(\"premium\"),\n\t\t\tPurgeProtectionEnabled: pulumi.Bool(true),\n\t\t\tSoftDeleteRetentionDays: pulumi.Int(7),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tterraform, err := keyvault.NewAccessPolicy(ctx, \"terraform\", \u0026keyvault.AccessPolicyArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tTenantId: exampleKeyVault.TenantId,\n\t\t\tObjectId: *pulumi.String(current.ObjectId),\n\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t\tpulumi.String(\"GetRotationPolicy\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleKey, err := keyvault.NewKey(ctx, \"exampleKey\", \u0026keyvault.KeyArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tKeyType: pulumi.String(\"RSA\"),\n\t\t\tKeySize: pulumi.Int(2048),\n\t\t\tKeyOpts: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"decrypt\"),\n\t\t\t\tpulumi.String(\"encrypt\"),\n\t\t\t\tpulumi.String(\"sign\"),\n\t\t\t\tpulumi.String(\"unwrapKey\"),\n\t\t\t\tpulumi.String(\"verify\"),\n\t\t\t\tpulumi.String(\"wrapKey\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tterraform,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdatabricks, err := keyvault.NewAccessPolicy(ctx, \"databricks\", \u0026keyvault.AccessPolicyArgs{\n\t\t\tKeyVaultId: exampleKeyVault.ID(),\n\t\t\tTenantId: exampleWorkspace.StorageAccountIdentities.ApplyT(func(storageAccountIdentities []databricks.WorkspaceStorageAccountIdentity) (*string, error) {\n\t\t\t\treturn \u0026storageAccountIdentities[0].TenantId, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\tObjectId: exampleWorkspace.StorageAccountIdentities.ApplyT(func(storageAccountIdentities []databricks.WorkspaceStorageAccountIdentity) (*string, error) {\n\t\t\t\treturn \u0026storageAccountIdentities[0].PrincipalId, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\tKeyPermissions: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"Create\"),\n\t\t\t\tpulumi.String(\"Delete\"),\n\t\t\t\tpulumi.String(\"Get\"),\n\t\t\t\tpulumi.String(\"Purge\"),\n\t\t\t\tpulumi.String(\"Recover\"),\n\t\t\t\tpulumi.String(\"Update\"),\n\t\t\t\tpulumi.String(\"List\"),\n\t\t\t\tpulumi.String(\"Decrypt\"),\n\t\t\t\tpulumi.String(\"Sign\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleWorkspace,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = databricks.NewWorkspaceRootDbfsCustomerManagedKey(ctx, \"exampleWorkspaceRootDbfsCustomerManagedKey\", \u0026databricks.WorkspaceRootDbfsCustomerManagedKeyArgs{\n\t\t\tWorkspaceId: exampleWorkspace.ID(),\n\t\t\tKeyVaultKeyId: exampleKey.ID(),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tdatabricks,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.databricks.Workspace;\nimport com.pulumi.azure.databricks.WorkspaceArgs;\nimport com.pulumi.azure.keyvault.KeyVault;\nimport com.pulumi.azure.keyvault.KeyVaultArgs;\nimport com.pulumi.azure.keyvault.AccessPolicy;\nimport com.pulumi.azure.keyvault.AccessPolicyArgs;\nimport com.pulumi.azure.keyvault.Key;\nimport com.pulumi.azure.keyvault.KeyArgs;\nimport com.pulumi.azure.databricks.WorkspaceRootDbfsCustomerManagedKey;\nimport com.pulumi.azure.databricks.WorkspaceRootDbfsCustomerManagedKeyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var current = CoreFunctions.getClientConfig();\n\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleWorkspace = new Workspace(\"exampleWorkspace\", WorkspaceArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .location(exampleResourceGroup.location())\n .sku(\"premium\")\n .customerManagedKeyEnabled(true)\n .tags(Map.of(\"Environment\", \"Production\"))\n .build());\n\n var exampleKeyVault = new KeyVault(\"exampleKeyVault\", KeyVaultArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .tenantId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.tenantId()))\n .skuName(\"premium\")\n .purgeProtectionEnabled(true)\n .softDeleteRetentionDays(7)\n .build());\n\n var terraform = new AccessPolicy(\"terraform\", AccessPolicyArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .tenantId(exampleKeyVault.tenantId())\n .objectId(current.applyValue(getClientConfigResult -\u003e getClientConfigResult.objectId()))\n .keyPermissions( \n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\",\n \"GetRotationPolicy\")\n .build());\n\n var exampleKey = new Key(\"exampleKey\", KeyArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .keyType(\"RSA\")\n .keySize(2048)\n .keyOpts( \n \"decrypt\",\n \"encrypt\",\n \"sign\",\n \"unwrapKey\",\n \"verify\",\n \"wrapKey\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(terraform)\n .build());\n\n var databricks = new AccessPolicy(\"databricks\", AccessPolicyArgs.builder() \n .keyVaultId(exampleKeyVault.id())\n .tenantId(exampleWorkspace.storageAccountIdentities().applyValue(storageAccountIdentities -\u003e storageAccountIdentities[0].tenantId()))\n .objectId(exampleWorkspace.storageAccountIdentities().applyValue(storageAccountIdentities -\u003e storageAccountIdentities[0].principalId()))\n .keyPermissions( \n \"Create\",\n \"Delete\",\n \"Get\",\n \"Purge\",\n \"Recover\",\n \"Update\",\n \"List\",\n \"Decrypt\",\n \"Sign\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(exampleWorkspace)\n .build());\n\n var exampleWorkspaceRootDbfsCustomerManagedKey = new WorkspaceRootDbfsCustomerManagedKey(\"exampleWorkspaceRootDbfsCustomerManagedKey\", WorkspaceRootDbfsCustomerManagedKeyArgs.builder() \n .workspaceId(exampleWorkspace.id())\n .keyVaultKeyId(exampleKey.id())\n .build(), CustomResourceOptions.builder()\n .dependsOn(databricks)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleWorkspace:\n type: azure:databricks:Workspace\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n location: ${exampleResourceGroup.location}\n sku: premium\n customerManagedKeyEnabled: true\n tags:\n Environment: Production\n exampleWorkspaceRootDbfsCustomerManagedKey:\n type: azure:databricks:WorkspaceRootDbfsCustomerManagedKey\n properties:\n workspaceId: ${exampleWorkspace.id}\n keyVaultKeyId: ${exampleKey.id}\n options:\n dependson:\n - ${databricks}\n exampleKeyVault:\n type: azure:keyvault:KeyVault\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n tenantId: ${current.tenantId}\n skuName: premium\n purgeProtectionEnabled: true\n softDeleteRetentionDays: 7\n exampleKey:\n type: azure:keyvault:Key\n properties:\n keyVaultId: ${exampleKeyVault.id}\n keyType: RSA\n keySize: 2048\n keyOpts:\n - decrypt\n - encrypt\n - sign\n - unwrapKey\n - verify\n - wrapKey\n options:\n dependson:\n - ${terraform}\n terraform:\n type: azure:keyvault:AccessPolicy\n properties:\n keyVaultId: ${exampleKeyVault.id}\n tenantId: ${exampleKeyVault.tenantId}\n objectId: ${current.objectId}\n keyPermissions:\n - Create\n - Delete\n - Get\n - Purge\n - Recover\n - Update\n - List\n - Decrypt\n - Sign\n - GetRotationPolicy\n databricks:\n type: azure:keyvault:AccessPolicy\n properties:\n keyVaultId: ${exampleKeyVault.id}\n tenantId: ${exampleWorkspace.storageAccountIdentities[0].tenantId}\n objectId: ${exampleWorkspace.storageAccountIdentities[0].principalId}\n keyPermissions:\n - Create\n - Delete\n - Get\n - Purge\n - Recover\n - Update\n - List\n - Decrypt\n - Sign\n options:\n dependson:\n - ${exampleWorkspace}\nvariables:\n current:\n fn::invoke:\n Function: azure:core:getClientConfig\n Arguments: {}\n```\n{{% /example %}}\n{{% /examples %}}\n## Example HCL Configurations\n\n* Databricks Workspace with Root Databricks File System Customer Managed Keys\n* Databricks Workspace with Customer Managed Keys for Managed Services\n* Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys\n\n\n## Import\n\nDatabricks Workspace Root DBFS Customer Managed Key can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:databricks/workspaceRootDbfsCustomerManagedKey:WorkspaceRootDbfsCustomerManagedKey workspace1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Databricks/workspaces/workspace1\n```\n\n ", "properties": { "keyVaultKeyId": { "type": "string", @@ -179650,7 +179659,7 @@ } }, "azure:frontdoor/customHttpsConfiguration:CustomHttpsConfiguration": { - "description": "\n\n\n## Import\n\nFront Door Custom HTTPS Configurations can be imported using the `resource id` of the Front Door Custom HTTPS Configuration, e.g.\n\n```sh\n $ pulumi import azure:frontdoor/customHttpsConfiguration:CustomHttpsConfiguration example_custom_https_1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/frontDoors/frontdoor1/customHttpsConfiguration/endpoint1\n```\n\n ", + "description": "!\u003e **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers.\n\nManages the Custom HTTPS Configuration for an Azure Front Door (classic) Frontend Endpoint.\n\n\u003e **NOTE:** Defining custom HTTPS configurations using a separate `azure.frontdoor.CustomHttpsConfiguration` resource allows for parallel creation/update.\n\n!\u003e **BREAKING CHANGE:** In order to address the ordering issue we have changed the design on how to retrieve existing sub resources such as frontend endpoints. Existing design will be deprecated and will result in an incorrect configuration. Please refer to the updated documentation below for more information.\n\n!\u003e **BREAKING CHANGE:** The `resource_group_name` field has been removed as of the `v2.58.0` provider release. If the `resource_group_name` field has been defined in your current `azure.frontdoor.CustomHttpsConfiguration` resource configuration file please remove it else you will receive a `An argument named \"resource_group_name\" is not expected here.` error. If your pre-existing Front Door instance contained inline `custom_https_configuration` blocks there are additional steps that will need to be completed to successfully migrate your Front Door onto the `v2.58.0` provider which can be found in this guide.\n\n!\u003e **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst vault = azure.keyvault.getKeyVault({\n name: \"example-vault\",\n resourceGroupName: \"example-vault-rg\",\n});\nconst exampleFrontdoor = new azure.frontdoor.Frontdoor(\"exampleFrontdoor\", {\n resourceGroupName: exampleResourceGroup.name,\n routingRules: [{\n name: \"exampleRoutingRule1\",\n acceptedProtocols: [\n \"Http\",\n \"Https\",\n ],\n patternsToMatches: [\"/*\"],\n frontendEndpoints: [\"exampleFrontendEndpoint1\"],\n forwardingConfiguration: {\n forwardingProtocol: \"MatchRequest\",\n backendPoolName: \"exampleBackendBing\",\n },\n }],\n backendPoolLoadBalancings: [{\n name: \"exampleLoadBalancingSettings1\",\n }],\n backendPoolHealthProbes: [{\n name: \"exampleHealthProbeSetting1\",\n }],\n backendPools: [{\n name: \"exampleBackendBing\",\n backends: [{\n hostHeader: \"www.bing.com\",\n address: \"www.bing.com\",\n httpPort: 80,\n httpsPort: 443,\n }],\n loadBalancingName: \"exampleLoadBalancingSettings1\",\n healthProbeName: \"exampleHealthProbeSetting1\",\n }],\n frontendEndpoints: [\n {\n name: \"exampleFrontendEndpoint1\",\n hostName: \"example-FrontDoor.azurefd.net\",\n },\n {\n name: \"exampleFrontendEndpoint2\",\n hostName: \"examplefd1.examplefd.net\",\n },\n ],\n});\nconst exampleCustomHttps0 = new azure.frontdoor.CustomHttpsConfiguration(\"exampleCustomHttps0\", {\n frontendEndpointId: exampleFrontdoor.frontendEndpointsMap.exampleFrontendEndpoint1,\n customHttpsProvisioningEnabled: false,\n});\nconst exampleCustomHttps1 = new azure.frontdoor.CustomHttpsConfiguration(\"exampleCustomHttps1\", {\n frontendEndpointId: exampleFrontdoor.frontendEndpointsMap.exampleFrontendEndpoint2,\n customHttpsProvisioningEnabled: true,\n customHttpsConfiguration: {\n certificateSource: \"AzureKeyVault\",\n azureKeyVaultCertificateSecretName: \"examplefd1\",\n azureKeyVaultCertificateVaultId: vault.then(vault =\u003e vault.id),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nvault = azure.keyvault.get_key_vault(name=\"example-vault\",\n resource_group_name=\"example-vault-rg\")\nexample_frontdoor = azure.frontdoor.Frontdoor(\"exampleFrontdoor\",\n resource_group_name=example_resource_group.name,\n routing_rules=[azure.frontdoor.FrontdoorRoutingRuleArgs(\n name=\"exampleRoutingRule1\",\n accepted_protocols=[\n \"Http\",\n \"Https\",\n ],\n patterns_to_matches=[\"/*\"],\n frontend_endpoints=[\"exampleFrontendEndpoint1\"],\n forwarding_configuration=azure.frontdoor.FrontdoorRoutingRuleForwardingConfigurationArgs(\n forwarding_protocol=\"MatchRequest\",\n backend_pool_name=\"exampleBackendBing\",\n ),\n )],\n backend_pool_load_balancings=[azure.frontdoor.FrontdoorBackendPoolLoadBalancingArgs(\n name=\"exampleLoadBalancingSettings1\",\n )],\n backend_pool_health_probes=[azure.frontdoor.FrontdoorBackendPoolHealthProbeArgs(\n name=\"exampleHealthProbeSetting1\",\n )],\n backend_pools=[azure.frontdoor.FrontdoorBackendPoolArgs(\n name=\"exampleBackendBing\",\n backends=[azure.frontdoor.FrontdoorBackendPoolBackendArgs(\n host_header=\"www.bing.com\",\n address=\"www.bing.com\",\n http_port=80,\n https_port=443,\n )],\n load_balancing_name=\"exampleLoadBalancingSettings1\",\n health_probe_name=\"exampleHealthProbeSetting1\",\n )],\n frontend_endpoints=[\n azure.frontdoor.FrontdoorFrontendEndpointArgs(\n name=\"exampleFrontendEndpoint1\",\n host_name=\"example-FrontDoor.azurefd.net\",\n ),\n azure.frontdoor.FrontdoorFrontendEndpointArgs(\n name=\"exampleFrontendEndpoint2\",\n host_name=\"examplefd1.examplefd.net\",\n ),\n ])\nexample_custom_https0 = azure.frontdoor.CustomHttpsConfiguration(\"exampleCustomHttps0\",\n frontend_endpoint_id=example_frontdoor.frontend_endpoints_map[\"exampleFrontendEndpoint1\"],\n custom_https_provisioning_enabled=False)\nexample_custom_https1 = azure.frontdoor.CustomHttpsConfiguration(\"exampleCustomHttps1\",\n frontend_endpoint_id=example_frontdoor.frontend_endpoints_map[\"exampleFrontendEndpoint2\"],\n custom_https_provisioning_enabled=True,\n custom_https_configuration=azure.frontdoor.CustomHttpsConfigurationCustomHttpsConfigurationArgs(\n certificate_source=\"AzureKeyVault\",\n azure_key_vault_certificate_secret_name=\"examplefd1\",\n azure_key_vault_certificate_vault_id=vault.id,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var vault = Azure.KeyVault.GetKeyVault.Invoke(new()\n {\n Name = \"example-vault\",\n ResourceGroupName = \"example-vault-rg\",\n });\n\n var exampleFrontdoor = new Azure.FrontDoor.Frontdoor(\"exampleFrontdoor\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n RoutingRules = new[]\n {\n new Azure.FrontDoor.Inputs.FrontdoorRoutingRuleArgs\n {\n Name = \"exampleRoutingRule1\",\n AcceptedProtocols = new[]\n {\n \"Http\",\n \"Https\",\n },\n PatternsToMatches = new[]\n {\n \"/*\",\n },\n FrontendEndpoints = new[]\n {\n \"exampleFrontendEndpoint1\",\n },\n ForwardingConfiguration = new Azure.FrontDoor.Inputs.FrontdoorRoutingRuleForwardingConfigurationArgs\n {\n ForwardingProtocol = \"MatchRequest\",\n BackendPoolName = \"exampleBackendBing\",\n },\n },\n },\n BackendPoolLoadBalancings = new[]\n {\n new Azure.FrontDoor.Inputs.FrontdoorBackendPoolLoadBalancingArgs\n {\n Name = \"exampleLoadBalancingSettings1\",\n },\n },\n BackendPoolHealthProbes = new[]\n {\n new Azure.FrontDoor.Inputs.FrontdoorBackendPoolHealthProbeArgs\n {\n Name = \"exampleHealthProbeSetting1\",\n },\n },\n BackendPools = new[]\n {\n new Azure.FrontDoor.Inputs.FrontdoorBackendPoolArgs\n {\n Name = \"exampleBackendBing\",\n Backends = new[]\n {\n new Azure.FrontDoor.Inputs.FrontdoorBackendPoolBackendArgs\n {\n HostHeader = \"www.bing.com\",\n Address = \"www.bing.com\",\n HttpPort = 80,\n HttpsPort = 443,\n },\n },\n LoadBalancingName = \"exampleLoadBalancingSettings1\",\n HealthProbeName = \"exampleHealthProbeSetting1\",\n },\n },\n FrontendEndpoints = new[]\n {\n new Azure.FrontDoor.Inputs.FrontdoorFrontendEndpointArgs\n {\n Name = \"exampleFrontendEndpoint1\",\n HostName = \"example-FrontDoor.azurefd.net\",\n },\n new Azure.FrontDoor.Inputs.FrontdoorFrontendEndpointArgs\n {\n Name = \"exampleFrontendEndpoint2\",\n HostName = \"examplefd1.examplefd.net\",\n },\n },\n });\n\n var exampleCustomHttps0 = new Azure.FrontDoor.CustomHttpsConfiguration(\"exampleCustomHttps0\", new()\n {\n FrontendEndpointId = exampleFrontdoor.FrontendEndpointsMap.Apply(frontendEndpointsMap =\u003e frontendEndpointsMap.ExampleFrontendEndpoint1),\n CustomHttpsProvisioningEnabled = false,\n });\n\n var exampleCustomHttps1 = new Azure.FrontDoor.CustomHttpsConfiguration(\"exampleCustomHttps1\", new()\n {\n FrontendEndpointId = exampleFrontdoor.FrontendEndpointsMap.Apply(frontendEndpointsMap =\u003e frontendEndpointsMap.ExampleFrontendEndpoint2),\n CustomHttpsProvisioningEnabled = true,\n CustomHttpsConfigurationConfig = new Azure.FrontDoor.Inputs.CustomHttpsConfigurationCustomHttpsConfigurationArgs\n {\n CertificateSource = \"AzureKeyVault\",\n AzureKeyVaultCertificateSecretName = \"examplefd1\",\n AzureKeyVaultCertificateVaultId = vault.Apply(getKeyVaultResult =\u003e getKeyVaultResult.Id),\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/frontdoor\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvault, err := keyvault.LookupKeyVault(ctx, \u0026keyvault.LookupKeyVaultArgs{\n\t\t\tName: \"example-vault\",\n\t\t\tResourceGroupName: \"example-vault-rg\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleFrontdoor, err := frontdoor.NewFrontdoor(ctx, \"exampleFrontdoor\", \u0026frontdoor.FrontdoorArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tRoutingRules: frontdoor.FrontdoorRoutingRuleArray{\n\t\t\t\t\u0026frontdoor.FrontdoorRoutingRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"exampleRoutingRule1\"),\n\t\t\t\t\tAcceptedProtocols: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"Http\"),\n\t\t\t\t\t\tpulumi.String(\"Https\"),\n\t\t\t\t\t},\n\t\t\t\t\tPatternsToMatches: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"/*\"),\n\t\t\t\t\t},\n\t\t\t\t\tFrontendEndpoints: pulumi.StringArray{\n\t\t\t\t\t\tpulumi.String(\"exampleFrontendEndpoint1\"),\n\t\t\t\t\t},\n\t\t\t\t\tForwardingConfiguration: \u0026frontdoor.FrontdoorRoutingRuleForwardingConfigurationArgs{\n\t\t\t\t\t\tForwardingProtocol: pulumi.String(\"MatchRequest\"),\n\t\t\t\t\t\tBackendPoolName: pulumi.String(\"exampleBackendBing\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tBackendPoolLoadBalancings: frontdoor.FrontdoorBackendPoolLoadBalancingArray{\n\t\t\t\t\u0026frontdoor.FrontdoorBackendPoolLoadBalancingArgs{\n\t\t\t\t\tName: pulumi.String(\"exampleLoadBalancingSettings1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tBackendPoolHealthProbes: frontdoor.FrontdoorBackendPoolHealthProbeArray{\n\t\t\t\t\u0026frontdoor.FrontdoorBackendPoolHealthProbeArgs{\n\t\t\t\t\tName: pulumi.String(\"exampleHealthProbeSetting1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tBackendPools: frontdoor.FrontdoorBackendPoolArray{\n\t\t\t\t\u0026frontdoor.FrontdoorBackendPoolArgs{\n\t\t\t\t\tName: pulumi.String(\"exampleBackendBing\"),\n\t\t\t\t\tBackends: frontdoor.FrontdoorBackendPoolBackendArray{\n\t\t\t\t\t\t\u0026frontdoor.FrontdoorBackendPoolBackendArgs{\n\t\t\t\t\t\t\tHostHeader: pulumi.String(\"www.bing.com\"),\n\t\t\t\t\t\t\tAddress: pulumi.String(\"www.bing.com\"),\n\t\t\t\t\t\t\tHttpPort: pulumi.Int(80),\n\t\t\t\t\t\t\tHttpsPort: pulumi.Int(443),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tLoadBalancingName: pulumi.String(\"exampleLoadBalancingSettings1\"),\n\t\t\t\t\tHealthProbeName: pulumi.String(\"exampleHealthProbeSetting1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tFrontendEndpoints: frontdoor.FrontdoorFrontendEndpointArray{\n\t\t\t\t\u0026frontdoor.FrontdoorFrontendEndpointArgs{\n\t\t\t\t\tName: pulumi.String(\"exampleFrontendEndpoint1\"),\n\t\t\t\t\tHostName: pulumi.String(\"example-FrontDoor.azurefd.net\"),\n\t\t\t\t},\n\t\t\t\t\u0026frontdoor.FrontdoorFrontendEndpointArgs{\n\t\t\t\t\tName: pulumi.String(\"exampleFrontendEndpoint2\"),\n\t\t\t\t\tHostName: pulumi.String(\"examplefd1.examplefd.net\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = frontdoor.NewCustomHttpsConfiguration(ctx, \"exampleCustomHttps0\", \u0026frontdoor.CustomHttpsConfigurationArgs{\n\t\t\tFrontendEndpointId: exampleFrontdoor.FrontendEndpointsMap.ApplyT(func(frontendEndpointsMap map[string]string) (string, error) {\n\t\t\t\treturn frontendEndpointsMap.ExampleFrontendEndpoint1, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tCustomHttpsProvisioningEnabled: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = frontdoor.NewCustomHttpsConfiguration(ctx, \"exampleCustomHttps1\", \u0026frontdoor.CustomHttpsConfigurationArgs{\n\t\t\tFrontendEndpointId: exampleFrontdoor.FrontendEndpointsMap.ApplyT(func(frontendEndpointsMap map[string]string) (string, error) {\n\t\t\t\treturn frontendEndpointsMap.ExampleFrontendEndpoint2, nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tCustomHttpsProvisioningEnabled: pulumi.Bool(true),\n\t\t\tCustomHttpsConfiguration: \u0026frontdoor.CustomHttpsConfigurationCustomHttpsConfigurationArgs{\n\t\t\t\tCertificateSource: pulumi.String(\"AzureKeyVault\"),\n\t\t\t\tAzureKeyVaultCertificateSecretName: pulumi.String(\"examplefd1\"),\n\t\t\t\tAzureKeyVaultCertificateVaultId: *pulumi.String(vault.Id),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.keyvault.KeyvaultFunctions;\nimport com.pulumi.azure.keyvault.inputs.GetKeyVaultArgs;\nimport com.pulumi.azure.frontdoor.Frontdoor;\nimport com.pulumi.azure.frontdoor.FrontdoorArgs;\nimport com.pulumi.azure.frontdoor.inputs.FrontdoorRoutingRuleArgs;\nimport com.pulumi.azure.frontdoor.inputs.FrontdoorRoutingRuleForwardingConfigurationArgs;\nimport com.pulumi.azure.frontdoor.inputs.FrontdoorBackendPoolLoadBalancingArgs;\nimport com.pulumi.azure.frontdoor.inputs.FrontdoorBackendPoolHealthProbeArgs;\nimport com.pulumi.azure.frontdoor.inputs.FrontdoorBackendPoolArgs;\nimport com.pulumi.azure.frontdoor.inputs.FrontdoorFrontendEndpointArgs;\nimport com.pulumi.azure.frontdoor.CustomHttpsConfiguration;\nimport com.pulumi.azure.frontdoor.CustomHttpsConfigurationArgs;\nimport com.pulumi.azure.frontdoor.inputs.CustomHttpsConfigurationCustomHttpsConfigurationArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n final var vault = KeyvaultFunctions.getKeyVault(GetKeyVaultArgs.builder()\n .name(\"example-vault\")\n .resourceGroupName(\"example-vault-rg\")\n .build());\n\n var exampleFrontdoor = new Frontdoor(\"exampleFrontdoor\", FrontdoorArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .routingRules(FrontdoorRoutingRuleArgs.builder()\n .name(\"exampleRoutingRule1\")\n .acceptedProtocols( \n \"Http\",\n \"Https\")\n .patternsToMatches(\"/*\")\n .frontendEndpoints(\"exampleFrontendEndpoint1\")\n .forwardingConfiguration(FrontdoorRoutingRuleForwardingConfigurationArgs.builder()\n .forwardingProtocol(\"MatchRequest\")\n .backendPoolName(\"exampleBackendBing\")\n .build())\n .build())\n .backendPoolLoadBalancings(FrontdoorBackendPoolLoadBalancingArgs.builder()\n .name(\"exampleLoadBalancingSettings1\")\n .build())\n .backendPoolHealthProbes(FrontdoorBackendPoolHealthProbeArgs.builder()\n .name(\"exampleHealthProbeSetting1\")\n .build())\n .backendPools(FrontdoorBackendPoolArgs.builder()\n .name(\"exampleBackendBing\")\n .backends(FrontdoorBackendPoolBackendArgs.builder()\n .hostHeader(\"www.bing.com\")\n .address(\"www.bing.com\")\n .httpPort(80)\n .httpsPort(443)\n .build())\n .loadBalancingName(\"exampleLoadBalancingSettings1\")\n .healthProbeName(\"exampleHealthProbeSetting1\")\n .build())\n .frontendEndpoints( \n FrontdoorFrontendEndpointArgs.builder()\n .name(\"exampleFrontendEndpoint1\")\n .hostName(\"example-FrontDoor.azurefd.net\")\n .build(),\n FrontdoorFrontendEndpointArgs.builder()\n .name(\"exampleFrontendEndpoint2\")\n .hostName(\"examplefd1.examplefd.net\")\n .build())\n .build());\n\n var exampleCustomHttps0 = new CustomHttpsConfiguration(\"exampleCustomHttps0\", CustomHttpsConfigurationArgs.builder() \n .frontendEndpointId(exampleFrontdoor.frontendEndpointsMap().applyValue(frontendEndpointsMap -\u003e frontendEndpointsMap.exampleFrontendEndpoint1()))\n .customHttpsProvisioningEnabled(false)\n .build());\n\n var exampleCustomHttps1 = new CustomHttpsConfiguration(\"exampleCustomHttps1\", CustomHttpsConfigurationArgs.builder() \n .frontendEndpointId(exampleFrontdoor.frontendEndpointsMap().applyValue(frontendEndpointsMap -\u003e frontendEndpointsMap.exampleFrontendEndpoint2()))\n .customHttpsProvisioningEnabled(true)\n .customHttpsConfiguration(CustomHttpsConfigurationCustomHttpsConfigurationArgs.builder()\n .certificateSource(\"AzureKeyVault\")\n .azureKeyVaultCertificateSecretName(\"examplefd1\")\n .azureKeyVaultCertificateVaultId(vault.applyValue(getKeyVaultResult -\u003e getKeyVaultResult.id()))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleFrontdoor:\n type: azure:frontdoor:Frontdoor\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n routingRules:\n - name: exampleRoutingRule1\n acceptedProtocols:\n - Http\n - Https\n patternsToMatches:\n - /*\n frontendEndpoints:\n - exampleFrontendEndpoint1\n forwardingConfiguration:\n forwardingProtocol: MatchRequest\n backendPoolName: exampleBackendBing\n backendPoolLoadBalancings:\n - name: exampleLoadBalancingSettings1\n backendPoolHealthProbes:\n - name: exampleHealthProbeSetting1\n backendPools:\n - name: exampleBackendBing\n backends:\n - hostHeader: www.bing.com\n address: www.bing.com\n httpPort: 80\n httpsPort: 443\n loadBalancingName: exampleLoadBalancingSettings1\n healthProbeName: exampleHealthProbeSetting1\n frontendEndpoints:\n - name: exampleFrontendEndpoint1\n hostName: example-FrontDoor.azurefd.net\n - name: exampleFrontendEndpoint2\n hostName: examplefd1.examplefd.net\n exampleCustomHttps0:\n type: azure:frontdoor:CustomHttpsConfiguration\n properties:\n frontendEndpointId: ${exampleFrontdoor.frontendEndpointsMap.exampleFrontendEndpoint1}\n customHttpsProvisioningEnabled: false\n exampleCustomHttps1:\n type: azure:frontdoor:CustomHttpsConfiguration\n properties:\n frontendEndpointId: ${exampleFrontdoor.frontendEndpointsMap.exampleFrontendEndpoint2}\n customHttpsProvisioningEnabled: true\n customHttpsConfiguration:\n certificateSource: AzureKeyVault\n azureKeyVaultCertificateSecretName: examplefd1\n azureKeyVaultCertificateVaultId: ${vault.id}\nvariables:\n vault:\n fn::invoke:\n Function: azure:keyvault:getKeyVault\n Arguments:\n name: example-vault\n resourceGroupName: example-vault-rg\n```\n\n\n## Import\n\nFront Door Custom HTTPS Configurations can be imported using the `resource id` of the Front Door Custom HTTPS Configuration, e.g.\n\n```sh\n $ pulumi import azure:frontdoor/customHttpsConfiguration:CustomHttpsConfiguration example_custom_https_1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/frontDoors/frontdoor1/customHttpsConfiguration/endpoint1\n```\n\n ", "properties": { "customHttpsConfiguration": { "$ref": "#/types/azure:frontdoor/CustomHttpsConfigurationCustomHttpsConfiguration:CustomHttpsConfigurationCustomHttpsConfiguration", @@ -179724,7 +179733,7 @@ } }, "azure:frontdoor/firewallPolicy:FirewallPolicy": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleFirewallPolicy = new azure.frontdoor.FirewallPolicy(\"exampleFirewallPolicy\", {\n resourceGroupName: exampleResourceGroup.name,\n enabled: true,\n mode: \"Prevention\",\n redirectUrl: \"https://www.contoso.com\",\n customBlockResponseStatusCode: 403,\n customBlockResponseBody: \"PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\",\n customRules: [\n {\n name: \"Rule1\",\n enabled: true,\n priority: 1,\n rateLimitDurationInMinutes: 1,\n rateLimitThreshold: 10,\n type: \"MatchRule\",\n action: \"Block\",\n matchConditions: [{\n matchVariable: \"RemoteAddr\",\n operator: \"IPMatch\",\n negationCondition: false,\n matchValues: [\n \"192.168.1.0/24\",\n \"10.0.0.0/24\",\n ],\n }],\n },\n {\n name: \"Rule2\",\n enabled: true,\n priority: 2,\n rateLimitDurationInMinutes: 1,\n rateLimitThreshold: 10,\n type: \"MatchRule\",\n action: \"Block\",\n matchConditions: [\n {\n matchVariable: \"RemoteAddr\",\n operator: \"IPMatch\",\n negationCondition: false,\n matchValues: [\"192.168.1.0/24\"],\n },\n {\n matchVariable: \"RequestHeader\",\n selector: \"UserAgent\",\n operator: \"Contains\",\n negationCondition: false,\n matchValues: [\"windows\"],\n transforms: [\n \"Lowercase\",\n \"Trim\",\n ],\n },\n ],\n },\n ],\n managedRules: [\n {\n type: \"DefaultRuleSet\",\n version: \"1.0\",\n exclusions: [{\n matchVariable: \"QueryStringArgNames\",\n operator: \"Equals\",\n selector: \"not_suspicious\",\n }],\n overrides: [\n {\n ruleGroupName: \"PHP\",\n rules: [{\n ruleId: \"933100\",\n enabled: false,\n action: \"Block\",\n }],\n },\n {\n ruleGroupName: \"SQLI\",\n exclusions: [{\n matchVariable: \"QueryStringArgNames\",\n operator: \"Equals\",\n selector: \"really_not_suspicious\",\n }],\n rules: [{\n ruleId: \"942200\",\n action: \"Block\",\n exclusions: [{\n matchVariable: \"QueryStringArgNames\",\n operator: \"Equals\",\n selector: \"innocent\",\n }],\n }],\n },\n ],\n },\n {\n type: \"Microsoft_BotManagerRuleSet\",\n version: \"1.0\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_firewall_policy = azure.frontdoor.FirewallPolicy(\"exampleFirewallPolicy\",\n resource_group_name=example_resource_group.name,\n enabled=True,\n mode=\"Prevention\",\n redirect_url=\"https://www.contoso.com\",\n custom_block_response_status_code=403,\n custom_block_response_body=\"PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\",\n custom_rules=[\n azure.frontdoor.FirewallPolicyCustomRuleArgs(\n name=\"Rule1\",\n enabled=True,\n priority=1,\n rate_limit_duration_in_minutes=1,\n rate_limit_threshold=10,\n type=\"MatchRule\",\n action=\"Block\",\n match_conditions=[azure.frontdoor.FirewallPolicyCustomRuleMatchConditionArgs(\n match_variable=\"RemoteAddr\",\n operator=\"IPMatch\",\n negation_condition=False,\n match_values=[\n \"192.168.1.0/24\",\n \"10.0.0.0/24\",\n ],\n )],\n ),\n azure.frontdoor.FirewallPolicyCustomRuleArgs(\n name=\"Rule2\",\n enabled=True,\n priority=2,\n rate_limit_duration_in_minutes=1,\n rate_limit_threshold=10,\n type=\"MatchRule\",\n action=\"Block\",\n match_conditions=[\n azure.frontdoor.FirewallPolicyCustomRuleMatchConditionArgs(\n match_variable=\"RemoteAddr\",\n operator=\"IPMatch\",\n negation_condition=False,\n match_values=[\"192.168.1.0/24\"],\n ),\n azure.frontdoor.FirewallPolicyCustomRuleMatchConditionArgs(\n match_variable=\"RequestHeader\",\n selector=\"UserAgent\",\n operator=\"Contains\",\n negation_condition=False,\n match_values=[\"windows\"],\n transforms=[\n \"Lowercase\",\n \"Trim\",\n ],\n ),\n ],\n ),\n ],\n managed_rules=[\n azure.frontdoor.FirewallPolicyManagedRuleArgs(\n type=\"DefaultRuleSet\",\n version=\"1.0\",\n exclusions=[azure.frontdoor.FirewallPolicyManagedRuleExclusionArgs(\n match_variable=\"QueryStringArgNames\",\n operator=\"Equals\",\n selector=\"not_suspicious\",\n )],\n overrides=[\n azure.frontdoor.FirewallPolicyManagedRuleOverrideArgs(\n rule_group_name=\"PHP\",\n rules=[azure.frontdoor.FirewallPolicyManagedRuleOverrideRuleArgs(\n rule_id=\"933100\",\n enabled=False,\n action=\"Block\",\n )],\n ),\n azure.frontdoor.FirewallPolicyManagedRuleOverrideArgs(\n rule_group_name=\"SQLI\",\n exclusions=[azure.frontdoor.FirewallPolicyManagedRuleOverrideExclusionArgs(\n match_variable=\"QueryStringArgNames\",\n operator=\"Equals\",\n selector=\"really_not_suspicious\",\n )],\n rules=[azure.frontdoor.FirewallPolicyManagedRuleOverrideRuleArgs(\n rule_id=\"942200\",\n action=\"Block\",\n exclusions=[azure.frontdoor.FirewallPolicyManagedRuleOverrideRuleExclusionArgs(\n match_variable=\"QueryStringArgNames\",\n operator=\"Equals\",\n selector=\"innocent\",\n )],\n )],\n ),\n ],\n ),\n azure.frontdoor.FirewallPolicyManagedRuleArgs(\n type=\"Microsoft_BotManagerRuleSet\",\n version=\"1.0\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleFirewallPolicy = new Azure.FrontDoor.FirewallPolicy(\"exampleFirewallPolicy\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Enabled = true,\n Mode = \"Prevention\",\n RedirectUrl = \"https://www.contoso.com\",\n CustomBlockResponseStatusCode = 403,\n CustomBlockResponseBody = \"PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\",\n CustomRules = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyCustomRuleArgs\n {\n Name = \"Rule1\",\n Enabled = true,\n Priority = 1,\n RateLimitDurationInMinutes = 1,\n RateLimitThreshold = 10,\n Type = \"MatchRule\",\n Action = \"Block\",\n MatchConditions = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyCustomRuleMatchConditionArgs\n {\n MatchVariable = \"RemoteAddr\",\n Operator = \"IPMatch\",\n NegationCondition = false,\n MatchValues = new[]\n {\n \"192.168.1.0/24\",\n \"10.0.0.0/24\",\n },\n },\n },\n },\n new Azure.FrontDoor.Inputs.FirewallPolicyCustomRuleArgs\n {\n Name = \"Rule2\",\n Enabled = true,\n Priority = 2,\n RateLimitDurationInMinutes = 1,\n RateLimitThreshold = 10,\n Type = \"MatchRule\",\n Action = \"Block\",\n MatchConditions = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyCustomRuleMatchConditionArgs\n {\n MatchVariable = \"RemoteAddr\",\n Operator = \"IPMatch\",\n NegationCondition = false,\n MatchValues = new[]\n {\n \"192.168.1.0/24\",\n },\n },\n new Azure.FrontDoor.Inputs.FirewallPolicyCustomRuleMatchConditionArgs\n {\n MatchVariable = \"RequestHeader\",\n Selector = \"UserAgent\",\n Operator = \"Contains\",\n NegationCondition = false,\n MatchValues = new[]\n {\n \"windows\",\n },\n Transforms = new[]\n {\n \"Lowercase\",\n \"Trim\",\n },\n },\n },\n },\n },\n ManagedRules = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleArgs\n {\n Type = \"DefaultRuleSet\",\n Version = \"1.0\",\n Exclusions = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleExclusionArgs\n {\n MatchVariable = \"QueryStringArgNames\",\n Operator = \"Equals\",\n Selector = \"not_suspicious\",\n },\n },\n Overrides = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideArgs\n {\n RuleGroupName = \"PHP\",\n Rules = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideRuleArgs\n {\n RuleId = \"933100\",\n Enabled = false,\n Action = \"Block\",\n },\n },\n },\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideArgs\n {\n RuleGroupName = \"SQLI\",\n Exclusions = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideExclusionArgs\n {\n MatchVariable = \"QueryStringArgNames\",\n Operator = \"Equals\",\n Selector = \"really_not_suspicious\",\n },\n },\n Rules = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideRuleArgs\n {\n RuleId = \"942200\",\n Action = \"Block\",\n Exclusions = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideRuleExclusionArgs\n {\n MatchVariable = \"QueryStringArgNames\",\n Operator = \"Equals\",\n Selector = \"innocent\",\n },\n },\n },\n },\n },\n },\n },\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleArgs\n {\n Type = \"Microsoft_BotManagerRuleSet\",\n Version = \"1.0\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/frontdoor\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = frontdoor.NewFirewallPolicy(ctx, \"exampleFirewallPolicy\", \u0026frontdoor.FirewallPolicyArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tMode: pulumi.String(\"Prevention\"),\n\t\t\tRedirectUrl: pulumi.String(\"https://www.contoso.com\"),\n\t\t\tCustomBlockResponseStatusCode: pulumi.Int(403),\n\t\t\tCustomBlockResponseBody: pulumi.String(\"PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\"),\n\t\t\tCustomRules: frontdoor.FirewallPolicyCustomRuleArray{\n\t\t\t\t\u0026frontdoor.FirewallPolicyCustomRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"Rule1\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRateLimitDurationInMinutes: pulumi.Int(1),\n\t\t\t\t\tRateLimitThreshold: pulumi.Int(10),\n\t\t\t\t\tType: pulumi.String(\"MatchRule\"),\n\t\t\t\t\tAction: pulumi.String(\"Block\"),\n\t\t\t\t\tMatchConditions: frontdoor.FirewallPolicyCustomRuleMatchConditionArray{\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyCustomRuleMatchConditionArgs{\n\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"RemoteAddr\"),\n\t\t\t\t\t\t\tOperator: pulumi.String(\"IPMatch\"),\n\t\t\t\t\t\t\tNegationCondition: pulumi.Bool(false),\n\t\t\t\t\t\t\tMatchValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"192.168.1.0/24\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"10.0.0.0/24\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026frontdoor.FirewallPolicyCustomRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"Rule2\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tRateLimitDurationInMinutes: pulumi.Int(1),\n\t\t\t\t\tRateLimitThreshold: pulumi.Int(10),\n\t\t\t\t\tType: pulumi.String(\"MatchRule\"),\n\t\t\t\t\tAction: pulumi.String(\"Block\"),\n\t\t\t\t\tMatchConditions: frontdoor.FirewallPolicyCustomRuleMatchConditionArray{\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyCustomRuleMatchConditionArgs{\n\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"RemoteAddr\"),\n\t\t\t\t\t\t\tOperator: pulumi.String(\"IPMatch\"),\n\t\t\t\t\t\t\tNegationCondition: pulumi.Bool(false),\n\t\t\t\t\t\t\tMatchValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"192.168.1.0/24\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyCustomRuleMatchConditionArgs{\n\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"RequestHeader\"),\n\t\t\t\t\t\t\tSelector: pulumi.String(\"UserAgent\"),\n\t\t\t\t\t\t\tOperator: pulumi.String(\"Contains\"),\n\t\t\t\t\t\t\tNegationCondition: pulumi.Bool(false),\n\t\t\t\t\t\t\tMatchValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"windows\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tTransforms: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Lowercase\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Trim\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tManagedRules: frontdoor.FirewallPolicyManagedRuleArray{\n\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleArgs{\n\t\t\t\t\tType: pulumi.String(\"DefaultRuleSet\"),\n\t\t\t\t\tVersion: pulumi.String(\"1.0\"),\n\t\t\t\t\tExclusions: frontdoor.FirewallPolicyManagedRuleExclusionArray{\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleExclusionArgs{\n\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"QueryStringArgNames\"),\n\t\t\t\t\t\t\tOperator: pulumi.String(\"Equals\"),\n\t\t\t\t\t\t\tSelector: pulumi.String(\"not_suspicious\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tOverrides: frontdoor.FirewallPolicyManagedRuleOverrideArray{\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideArgs{\n\t\t\t\t\t\t\tRuleGroupName: pulumi.String(\"PHP\"),\n\t\t\t\t\t\t\tRules: frontdoor.FirewallPolicyManagedRuleOverrideRuleArray{\n\t\t\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideRuleArgs{\n\t\t\t\t\t\t\t\t\tRuleId: pulumi.String(\"933100\"),\n\t\t\t\t\t\t\t\t\tEnabled: pulumi.Bool(false),\n\t\t\t\t\t\t\t\t\tAction: pulumi.String(\"Block\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideArgs{\n\t\t\t\t\t\t\tRuleGroupName: pulumi.String(\"SQLI\"),\n\t\t\t\t\t\t\tExclusions: frontdoor.FirewallPolicyManagedRuleOverrideExclusionArray{\n\t\t\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideExclusionArgs{\n\t\t\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"QueryStringArgNames\"),\n\t\t\t\t\t\t\t\t\tOperator: pulumi.String(\"Equals\"),\n\t\t\t\t\t\t\t\t\tSelector: pulumi.String(\"really_not_suspicious\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tRules: frontdoor.FirewallPolicyManagedRuleOverrideRuleArray{\n\t\t\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideRuleArgs{\n\t\t\t\t\t\t\t\t\tRuleId: pulumi.String(\"942200\"),\n\t\t\t\t\t\t\t\t\tAction: pulumi.String(\"Block\"),\n\t\t\t\t\t\t\t\t\tExclusions: frontdoor.FirewallPolicyManagedRuleOverrideRuleExclusionArray{\n\t\t\t\t\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideRuleExclusionArgs{\n\t\t\t\t\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"QueryStringArgNames\"),\n\t\t\t\t\t\t\t\t\t\t\tOperator: pulumi.String(\"Equals\"),\n\t\t\t\t\t\t\t\t\t\t\tSelector: pulumi.String(\"innocent\"),\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleArgs{\n\t\t\t\t\tType: pulumi.String(\"Microsoft_BotManagerRuleSet\"),\n\t\t\t\t\tVersion: pulumi.String(\"1.0\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.frontdoor.FirewallPolicy;\nimport com.pulumi.azure.frontdoor.FirewallPolicyArgs;\nimport com.pulumi.azure.frontdoor.inputs.FirewallPolicyCustomRuleArgs;\nimport com.pulumi.azure.frontdoor.inputs.FirewallPolicyManagedRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleFirewallPolicy = new FirewallPolicy(\"exampleFirewallPolicy\", FirewallPolicyArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .enabled(true)\n .mode(\"Prevention\")\n .redirectUrl(\"https://www.contoso.com\")\n .customBlockResponseStatusCode(403)\n .customBlockResponseBody(\"PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\")\n .customRules( \n FirewallPolicyCustomRuleArgs.builder()\n .name(\"Rule1\")\n .enabled(true)\n .priority(1)\n .rateLimitDurationInMinutes(1)\n .rateLimitThreshold(10)\n .type(\"MatchRule\")\n .action(\"Block\")\n .matchConditions(FirewallPolicyCustomRuleMatchConditionArgs.builder()\n .matchVariable(\"RemoteAddr\")\n .operator(\"IPMatch\")\n .negationCondition(false)\n .matchValues( \n \"192.168.1.0/24\",\n \"10.0.0.0/24\")\n .build())\n .build(),\n FirewallPolicyCustomRuleArgs.builder()\n .name(\"Rule2\")\n .enabled(true)\n .priority(2)\n .rateLimitDurationInMinutes(1)\n .rateLimitThreshold(10)\n .type(\"MatchRule\")\n .action(\"Block\")\n .matchConditions( \n FirewallPolicyCustomRuleMatchConditionArgs.builder()\n .matchVariable(\"RemoteAddr\")\n .operator(\"IPMatch\")\n .negationCondition(false)\n .matchValues(\"192.168.1.0/24\")\n .build(),\n FirewallPolicyCustomRuleMatchConditionArgs.builder()\n .matchVariable(\"RequestHeader\")\n .selector(\"UserAgent\")\n .operator(\"Contains\")\n .negationCondition(false)\n .matchValues(\"windows\")\n .transforms( \n \"Lowercase\",\n \"Trim\")\n .build())\n .build())\n .managedRules( \n FirewallPolicyManagedRuleArgs.builder()\n .type(\"DefaultRuleSet\")\n .version(\"1.0\")\n .exclusions(FirewallPolicyManagedRuleExclusionArgs.builder()\n .matchVariable(\"QueryStringArgNames\")\n .operator(\"Equals\")\n .selector(\"not_suspicious\")\n .build())\n .overrides( \n FirewallPolicyManagedRuleOverrideArgs.builder()\n .ruleGroupName(\"PHP\")\n .rules(FirewallPolicyManagedRuleOverrideRuleArgs.builder()\n .ruleId(\"933100\")\n .enabled(false)\n .action(\"Block\")\n .build())\n .build(),\n FirewallPolicyManagedRuleOverrideArgs.builder()\n .ruleGroupName(\"SQLI\")\n .exclusions(FirewallPolicyManagedRuleOverrideExclusionArgs.builder()\n .matchVariable(\"QueryStringArgNames\")\n .operator(\"Equals\")\n .selector(\"really_not_suspicious\")\n .build())\n .rules(FirewallPolicyManagedRuleOverrideRuleArgs.builder()\n .ruleId(\"942200\")\n .action(\"Block\")\n .exclusions(FirewallPolicyManagedRuleOverrideRuleExclusionArgs.builder()\n .matchVariable(\"QueryStringArgNames\")\n .operator(\"Equals\")\n .selector(\"innocent\")\n .build())\n .build())\n .build())\n .build(),\n FirewallPolicyManagedRuleArgs.builder()\n .type(\"Microsoft_BotManagerRuleSet\")\n .version(\"1.0\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleFirewallPolicy:\n type: azure:frontdoor:FirewallPolicy\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n enabled: true\n mode: Prevention\n redirectUrl: https://www.contoso.com\n customBlockResponseStatusCode: 403\n customBlockResponseBody: PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\n customRules:\n - name: Rule1\n enabled: true\n priority: 1\n rateLimitDurationInMinutes: 1\n rateLimitThreshold: 10\n type: MatchRule\n action: Block\n matchConditions:\n - matchVariable: RemoteAddr\n operator: IPMatch\n negationCondition: false\n matchValues:\n - 192.168.1.0/24\n - 10.0.0.0/24\n - name: Rule2\n enabled: true\n priority: 2\n rateLimitDurationInMinutes: 1\n rateLimitThreshold: 10\n type: MatchRule\n action: Block\n matchConditions:\n - matchVariable: RemoteAddr\n operator: IPMatch\n negationCondition: false\n matchValues:\n - 192.168.1.0/24\n - matchVariable: RequestHeader\n selector: UserAgent\n operator: Contains\n negationCondition: false\n matchValues:\n - windows\n transforms:\n - Lowercase\n - Trim\n managedRules:\n - type: DefaultRuleSet\n version: '1.0'\n exclusions:\n - matchVariable: QueryStringArgNames\n operator: Equals\n selector: not_suspicious\n overrides:\n - ruleGroupName: PHP\n rules:\n - ruleId: '933100'\n enabled: false\n action: Block\n - ruleGroupName: SQLI\n exclusions:\n - matchVariable: QueryStringArgNames\n operator: Equals\n selector: really_not_suspicious\n rules:\n - ruleId: '942200'\n action: Block\n exclusions:\n - matchVariable: QueryStringArgNames\n operator: Equals\n selector: innocent\n - type: Microsoft_BotManagerRuleSet\n version: '1.0'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nFrontDoor Web Application Firewall Policy can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:frontdoor/firewallPolicy:FirewallPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/example-rg/providers/Microsoft.Network/frontDoorWebApplicationFirewallPolicies/examplefdwafpolicy\n```\n\n ", + "description": "!\u003e **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers.\n\nManages an Azure Front Door (classic) Web Application Firewall Policy instance.\n\n!\u003e **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleFirewallPolicy = new azure.frontdoor.FirewallPolicy(\"exampleFirewallPolicy\", {\n resourceGroupName: exampleResourceGroup.name,\n enabled: true,\n mode: \"Prevention\",\n redirectUrl: \"https://www.contoso.com\",\n customBlockResponseStatusCode: 403,\n customBlockResponseBody: \"PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\",\n customRules: [\n {\n name: \"Rule1\",\n enabled: true,\n priority: 1,\n rateLimitDurationInMinutes: 1,\n rateLimitThreshold: 10,\n type: \"MatchRule\",\n action: \"Block\",\n matchConditions: [{\n matchVariable: \"RemoteAddr\",\n operator: \"IPMatch\",\n negationCondition: false,\n matchValues: [\n \"192.168.1.0/24\",\n \"10.0.0.0/24\",\n ],\n }],\n },\n {\n name: \"Rule2\",\n enabled: true,\n priority: 2,\n rateLimitDurationInMinutes: 1,\n rateLimitThreshold: 10,\n type: \"MatchRule\",\n action: \"Block\",\n matchConditions: [\n {\n matchVariable: \"RemoteAddr\",\n operator: \"IPMatch\",\n negationCondition: false,\n matchValues: [\"192.168.1.0/24\"],\n },\n {\n matchVariable: \"RequestHeader\",\n selector: \"UserAgent\",\n operator: \"Contains\",\n negationCondition: false,\n matchValues: [\"windows\"],\n transforms: [\n \"Lowercase\",\n \"Trim\",\n ],\n },\n ],\n },\n ],\n managedRules: [\n {\n type: \"DefaultRuleSet\",\n version: \"1.0\",\n exclusions: [{\n matchVariable: \"QueryStringArgNames\",\n operator: \"Equals\",\n selector: \"not_suspicious\",\n }],\n overrides: [\n {\n ruleGroupName: \"PHP\",\n rules: [{\n ruleId: \"933100\",\n enabled: false,\n action: \"Block\",\n }],\n },\n {\n ruleGroupName: \"SQLI\",\n exclusions: [{\n matchVariable: \"QueryStringArgNames\",\n operator: \"Equals\",\n selector: \"really_not_suspicious\",\n }],\n rules: [{\n ruleId: \"942200\",\n action: \"Block\",\n exclusions: [{\n matchVariable: \"QueryStringArgNames\",\n operator: \"Equals\",\n selector: \"innocent\",\n }],\n }],\n },\n ],\n },\n {\n type: \"Microsoft_BotManagerRuleSet\",\n version: \"1.0\",\n },\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_firewall_policy = azure.frontdoor.FirewallPolicy(\"exampleFirewallPolicy\",\n resource_group_name=example_resource_group.name,\n enabled=True,\n mode=\"Prevention\",\n redirect_url=\"https://www.contoso.com\",\n custom_block_response_status_code=403,\n custom_block_response_body=\"PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\",\n custom_rules=[\n azure.frontdoor.FirewallPolicyCustomRuleArgs(\n name=\"Rule1\",\n enabled=True,\n priority=1,\n rate_limit_duration_in_minutes=1,\n rate_limit_threshold=10,\n type=\"MatchRule\",\n action=\"Block\",\n match_conditions=[azure.frontdoor.FirewallPolicyCustomRuleMatchConditionArgs(\n match_variable=\"RemoteAddr\",\n operator=\"IPMatch\",\n negation_condition=False,\n match_values=[\n \"192.168.1.0/24\",\n \"10.0.0.0/24\",\n ],\n )],\n ),\n azure.frontdoor.FirewallPolicyCustomRuleArgs(\n name=\"Rule2\",\n enabled=True,\n priority=2,\n rate_limit_duration_in_minutes=1,\n rate_limit_threshold=10,\n type=\"MatchRule\",\n action=\"Block\",\n match_conditions=[\n azure.frontdoor.FirewallPolicyCustomRuleMatchConditionArgs(\n match_variable=\"RemoteAddr\",\n operator=\"IPMatch\",\n negation_condition=False,\n match_values=[\"192.168.1.0/24\"],\n ),\n azure.frontdoor.FirewallPolicyCustomRuleMatchConditionArgs(\n match_variable=\"RequestHeader\",\n selector=\"UserAgent\",\n operator=\"Contains\",\n negation_condition=False,\n match_values=[\"windows\"],\n transforms=[\n \"Lowercase\",\n \"Trim\",\n ],\n ),\n ],\n ),\n ],\n managed_rules=[\n azure.frontdoor.FirewallPolicyManagedRuleArgs(\n type=\"DefaultRuleSet\",\n version=\"1.0\",\n exclusions=[azure.frontdoor.FirewallPolicyManagedRuleExclusionArgs(\n match_variable=\"QueryStringArgNames\",\n operator=\"Equals\",\n selector=\"not_suspicious\",\n )],\n overrides=[\n azure.frontdoor.FirewallPolicyManagedRuleOverrideArgs(\n rule_group_name=\"PHP\",\n rules=[azure.frontdoor.FirewallPolicyManagedRuleOverrideRuleArgs(\n rule_id=\"933100\",\n enabled=False,\n action=\"Block\",\n )],\n ),\n azure.frontdoor.FirewallPolicyManagedRuleOverrideArgs(\n rule_group_name=\"SQLI\",\n exclusions=[azure.frontdoor.FirewallPolicyManagedRuleOverrideExclusionArgs(\n match_variable=\"QueryStringArgNames\",\n operator=\"Equals\",\n selector=\"really_not_suspicious\",\n )],\n rules=[azure.frontdoor.FirewallPolicyManagedRuleOverrideRuleArgs(\n rule_id=\"942200\",\n action=\"Block\",\n exclusions=[azure.frontdoor.FirewallPolicyManagedRuleOverrideRuleExclusionArgs(\n match_variable=\"QueryStringArgNames\",\n operator=\"Equals\",\n selector=\"innocent\",\n )],\n )],\n ),\n ],\n ),\n azure.frontdoor.FirewallPolicyManagedRuleArgs(\n type=\"Microsoft_BotManagerRuleSet\",\n version=\"1.0\",\n ),\n ])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleFirewallPolicy = new Azure.FrontDoor.FirewallPolicy(\"exampleFirewallPolicy\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Enabled = true,\n Mode = \"Prevention\",\n RedirectUrl = \"https://www.contoso.com\",\n CustomBlockResponseStatusCode = 403,\n CustomBlockResponseBody = \"PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\",\n CustomRules = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyCustomRuleArgs\n {\n Name = \"Rule1\",\n Enabled = true,\n Priority = 1,\n RateLimitDurationInMinutes = 1,\n RateLimitThreshold = 10,\n Type = \"MatchRule\",\n Action = \"Block\",\n MatchConditions = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyCustomRuleMatchConditionArgs\n {\n MatchVariable = \"RemoteAddr\",\n Operator = \"IPMatch\",\n NegationCondition = false,\n MatchValues = new[]\n {\n \"192.168.1.0/24\",\n \"10.0.0.0/24\",\n },\n },\n },\n },\n new Azure.FrontDoor.Inputs.FirewallPolicyCustomRuleArgs\n {\n Name = \"Rule2\",\n Enabled = true,\n Priority = 2,\n RateLimitDurationInMinutes = 1,\n RateLimitThreshold = 10,\n Type = \"MatchRule\",\n Action = \"Block\",\n MatchConditions = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyCustomRuleMatchConditionArgs\n {\n MatchVariable = \"RemoteAddr\",\n Operator = \"IPMatch\",\n NegationCondition = false,\n MatchValues = new[]\n {\n \"192.168.1.0/24\",\n },\n },\n new Azure.FrontDoor.Inputs.FirewallPolicyCustomRuleMatchConditionArgs\n {\n MatchVariable = \"RequestHeader\",\n Selector = \"UserAgent\",\n Operator = \"Contains\",\n NegationCondition = false,\n MatchValues = new[]\n {\n \"windows\",\n },\n Transforms = new[]\n {\n \"Lowercase\",\n \"Trim\",\n },\n },\n },\n },\n },\n ManagedRules = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleArgs\n {\n Type = \"DefaultRuleSet\",\n Version = \"1.0\",\n Exclusions = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleExclusionArgs\n {\n MatchVariable = \"QueryStringArgNames\",\n Operator = \"Equals\",\n Selector = \"not_suspicious\",\n },\n },\n Overrides = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideArgs\n {\n RuleGroupName = \"PHP\",\n Rules = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideRuleArgs\n {\n RuleId = \"933100\",\n Enabled = false,\n Action = \"Block\",\n },\n },\n },\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideArgs\n {\n RuleGroupName = \"SQLI\",\n Exclusions = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideExclusionArgs\n {\n MatchVariable = \"QueryStringArgNames\",\n Operator = \"Equals\",\n Selector = \"really_not_suspicious\",\n },\n },\n Rules = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideRuleArgs\n {\n RuleId = \"942200\",\n Action = \"Block\",\n Exclusions = new[]\n {\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleOverrideRuleExclusionArgs\n {\n MatchVariable = \"QueryStringArgNames\",\n Operator = \"Equals\",\n Selector = \"innocent\",\n },\n },\n },\n },\n },\n },\n },\n new Azure.FrontDoor.Inputs.FirewallPolicyManagedRuleArgs\n {\n Type = \"Microsoft_BotManagerRuleSet\",\n Version = \"1.0\",\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/frontdoor\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = frontdoor.NewFirewallPolicy(ctx, \"exampleFirewallPolicy\", \u0026frontdoor.FirewallPolicyArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tMode: pulumi.String(\"Prevention\"),\n\t\t\tRedirectUrl: pulumi.String(\"https://www.contoso.com\"),\n\t\t\tCustomBlockResponseStatusCode: pulumi.Int(403),\n\t\t\tCustomBlockResponseBody: pulumi.String(\"PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\"),\n\t\t\tCustomRules: frontdoor.FirewallPolicyCustomRuleArray{\n\t\t\t\t\u0026frontdoor.FirewallPolicyCustomRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"Rule1\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tPriority: pulumi.Int(1),\n\t\t\t\t\tRateLimitDurationInMinutes: pulumi.Int(1),\n\t\t\t\t\tRateLimitThreshold: pulumi.Int(10),\n\t\t\t\t\tType: pulumi.String(\"MatchRule\"),\n\t\t\t\t\tAction: pulumi.String(\"Block\"),\n\t\t\t\t\tMatchConditions: frontdoor.FirewallPolicyCustomRuleMatchConditionArray{\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyCustomRuleMatchConditionArgs{\n\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"RemoteAddr\"),\n\t\t\t\t\t\t\tOperator: pulumi.String(\"IPMatch\"),\n\t\t\t\t\t\t\tNegationCondition: pulumi.Bool(false),\n\t\t\t\t\t\t\tMatchValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"192.168.1.0/24\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"10.0.0.0/24\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026frontdoor.FirewallPolicyCustomRuleArgs{\n\t\t\t\t\tName: pulumi.String(\"Rule2\"),\n\t\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\t\tPriority: pulumi.Int(2),\n\t\t\t\t\tRateLimitDurationInMinutes: pulumi.Int(1),\n\t\t\t\t\tRateLimitThreshold: pulumi.Int(10),\n\t\t\t\t\tType: pulumi.String(\"MatchRule\"),\n\t\t\t\t\tAction: pulumi.String(\"Block\"),\n\t\t\t\t\tMatchConditions: frontdoor.FirewallPolicyCustomRuleMatchConditionArray{\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyCustomRuleMatchConditionArgs{\n\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"RemoteAddr\"),\n\t\t\t\t\t\t\tOperator: pulumi.String(\"IPMatch\"),\n\t\t\t\t\t\t\tNegationCondition: pulumi.Bool(false),\n\t\t\t\t\t\t\tMatchValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"192.168.1.0/24\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyCustomRuleMatchConditionArgs{\n\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"RequestHeader\"),\n\t\t\t\t\t\t\tSelector: pulumi.String(\"UserAgent\"),\n\t\t\t\t\t\t\tOperator: pulumi.String(\"Contains\"),\n\t\t\t\t\t\t\tNegationCondition: pulumi.Bool(false),\n\t\t\t\t\t\t\tMatchValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"windows\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tTransforms: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"Lowercase\"),\n\t\t\t\t\t\t\t\tpulumi.String(\"Trim\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tManagedRules: frontdoor.FirewallPolicyManagedRuleArray{\n\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleArgs{\n\t\t\t\t\tType: pulumi.String(\"DefaultRuleSet\"),\n\t\t\t\t\tVersion: pulumi.String(\"1.0\"),\n\t\t\t\t\tExclusions: frontdoor.FirewallPolicyManagedRuleExclusionArray{\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleExclusionArgs{\n\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"QueryStringArgNames\"),\n\t\t\t\t\t\t\tOperator: pulumi.String(\"Equals\"),\n\t\t\t\t\t\t\tSelector: pulumi.String(\"not_suspicious\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\tOverrides: frontdoor.FirewallPolicyManagedRuleOverrideArray{\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideArgs{\n\t\t\t\t\t\t\tRuleGroupName: pulumi.String(\"PHP\"),\n\t\t\t\t\t\t\tRules: frontdoor.FirewallPolicyManagedRuleOverrideRuleArray{\n\t\t\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideRuleArgs{\n\t\t\t\t\t\t\t\t\tRuleId: pulumi.String(\"933100\"),\n\t\t\t\t\t\t\t\t\tEnabled: pulumi.Bool(false),\n\t\t\t\t\t\t\t\t\tAction: pulumi.String(\"Block\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideArgs{\n\t\t\t\t\t\t\tRuleGroupName: pulumi.String(\"SQLI\"),\n\t\t\t\t\t\t\tExclusions: frontdoor.FirewallPolicyManagedRuleOverrideExclusionArray{\n\t\t\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideExclusionArgs{\n\t\t\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"QueryStringArgNames\"),\n\t\t\t\t\t\t\t\t\tOperator: pulumi.String(\"Equals\"),\n\t\t\t\t\t\t\t\t\tSelector: pulumi.String(\"really_not_suspicious\"),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tRules: frontdoor.FirewallPolicyManagedRuleOverrideRuleArray{\n\t\t\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideRuleArgs{\n\t\t\t\t\t\t\t\t\tRuleId: pulumi.String(\"942200\"),\n\t\t\t\t\t\t\t\t\tAction: pulumi.String(\"Block\"),\n\t\t\t\t\t\t\t\t\tExclusions: frontdoor.FirewallPolicyManagedRuleOverrideRuleExclusionArray{\n\t\t\t\t\t\t\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleOverrideRuleExclusionArgs{\n\t\t\t\t\t\t\t\t\t\t\tMatchVariable: pulumi.String(\"QueryStringArgNames\"),\n\t\t\t\t\t\t\t\t\t\t\tOperator: pulumi.String(\"Equals\"),\n\t\t\t\t\t\t\t\t\t\t\tSelector: pulumi.String(\"innocent\"),\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\t\u0026frontdoor.FirewallPolicyManagedRuleArgs{\n\t\t\t\t\tType: pulumi.String(\"Microsoft_BotManagerRuleSet\"),\n\t\t\t\t\tVersion: pulumi.String(\"1.0\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.frontdoor.FirewallPolicy;\nimport com.pulumi.azure.frontdoor.FirewallPolicyArgs;\nimport com.pulumi.azure.frontdoor.inputs.FirewallPolicyCustomRuleArgs;\nimport com.pulumi.azure.frontdoor.inputs.FirewallPolicyManagedRuleArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleFirewallPolicy = new FirewallPolicy(\"exampleFirewallPolicy\", FirewallPolicyArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .enabled(true)\n .mode(\"Prevention\")\n .redirectUrl(\"https://www.contoso.com\")\n .customBlockResponseStatusCode(403)\n .customBlockResponseBody(\"PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\")\n .customRules( \n FirewallPolicyCustomRuleArgs.builder()\n .name(\"Rule1\")\n .enabled(true)\n .priority(1)\n .rateLimitDurationInMinutes(1)\n .rateLimitThreshold(10)\n .type(\"MatchRule\")\n .action(\"Block\")\n .matchConditions(FirewallPolicyCustomRuleMatchConditionArgs.builder()\n .matchVariable(\"RemoteAddr\")\n .operator(\"IPMatch\")\n .negationCondition(false)\n .matchValues( \n \"192.168.1.0/24\",\n \"10.0.0.0/24\")\n .build())\n .build(),\n FirewallPolicyCustomRuleArgs.builder()\n .name(\"Rule2\")\n .enabled(true)\n .priority(2)\n .rateLimitDurationInMinutes(1)\n .rateLimitThreshold(10)\n .type(\"MatchRule\")\n .action(\"Block\")\n .matchConditions( \n FirewallPolicyCustomRuleMatchConditionArgs.builder()\n .matchVariable(\"RemoteAddr\")\n .operator(\"IPMatch\")\n .negationCondition(false)\n .matchValues(\"192.168.1.0/24\")\n .build(),\n FirewallPolicyCustomRuleMatchConditionArgs.builder()\n .matchVariable(\"RequestHeader\")\n .selector(\"UserAgent\")\n .operator(\"Contains\")\n .negationCondition(false)\n .matchValues(\"windows\")\n .transforms( \n \"Lowercase\",\n \"Trim\")\n .build())\n .build())\n .managedRules( \n FirewallPolicyManagedRuleArgs.builder()\n .type(\"DefaultRuleSet\")\n .version(\"1.0\")\n .exclusions(FirewallPolicyManagedRuleExclusionArgs.builder()\n .matchVariable(\"QueryStringArgNames\")\n .operator(\"Equals\")\n .selector(\"not_suspicious\")\n .build())\n .overrides( \n FirewallPolicyManagedRuleOverrideArgs.builder()\n .ruleGroupName(\"PHP\")\n .rules(FirewallPolicyManagedRuleOverrideRuleArgs.builder()\n .ruleId(\"933100\")\n .enabled(false)\n .action(\"Block\")\n .build())\n .build(),\n FirewallPolicyManagedRuleOverrideArgs.builder()\n .ruleGroupName(\"SQLI\")\n .exclusions(FirewallPolicyManagedRuleOverrideExclusionArgs.builder()\n .matchVariable(\"QueryStringArgNames\")\n .operator(\"Equals\")\n .selector(\"really_not_suspicious\")\n .build())\n .rules(FirewallPolicyManagedRuleOverrideRuleArgs.builder()\n .ruleId(\"942200\")\n .action(\"Block\")\n .exclusions(FirewallPolicyManagedRuleOverrideRuleExclusionArgs.builder()\n .matchVariable(\"QueryStringArgNames\")\n .operator(\"Equals\")\n .selector(\"innocent\")\n .build())\n .build())\n .build())\n .build(),\n FirewallPolicyManagedRuleArgs.builder()\n .type(\"Microsoft_BotManagerRuleSet\")\n .version(\"1.0\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleFirewallPolicy:\n type: azure:frontdoor:FirewallPolicy\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n enabled: true\n mode: Prevention\n redirectUrl: https://www.contoso.com\n customBlockResponseStatusCode: 403\n customBlockResponseBody: PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==\n customRules:\n - name: Rule1\n enabled: true\n priority: 1\n rateLimitDurationInMinutes: 1\n rateLimitThreshold: 10\n type: MatchRule\n action: Block\n matchConditions:\n - matchVariable: RemoteAddr\n operator: IPMatch\n negationCondition: false\n matchValues:\n - 192.168.1.0/24\n - 10.0.0.0/24\n - name: Rule2\n enabled: true\n priority: 2\n rateLimitDurationInMinutes: 1\n rateLimitThreshold: 10\n type: MatchRule\n action: Block\n matchConditions:\n - matchVariable: RemoteAddr\n operator: IPMatch\n negationCondition: false\n matchValues:\n - 192.168.1.0/24\n - matchVariable: RequestHeader\n selector: UserAgent\n operator: Contains\n negationCondition: false\n matchValues:\n - windows\n transforms:\n - Lowercase\n - Trim\n managedRules:\n - type: DefaultRuleSet\n version: '1.0'\n exclusions:\n - matchVariable: QueryStringArgNames\n operator: Equals\n selector: not_suspicious\n overrides:\n - ruleGroupName: PHP\n rules:\n - ruleId: '933100'\n enabled: false\n action: Block\n - ruleGroupName: SQLI\n exclusions:\n - matchVariable: QueryStringArgNames\n operator: Equals\n selector: really_not_suspicious\n rules:\n - ruleId: '942200'\n action: Block\n exclusions:\n - matchVariable: QueryStringArgNames\n operator: Equals\n selector: innocent\n - type: Microsoft_BotManagerRuleSet\n version: '1.0'\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nFrontDoor Web Application Firewall Policy can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:frontdoor/firewallPolicy:FirewallPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/example-rg/providers/Microsoft.Network/frontDoorWebApplicationFirewallPolicies/examplefdwafpolicy\n```\n\n ", "properties": { "customBlockResponseBody": { "type": "string", @@ -211213,7 +211222,8 @@ "description": "Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`.\n\n-\u003e**NOTE:** If `enabled` is `true`, `storage_endpoint` or `log_monitoring_enabled` are required.\n" }, "logMonitoringEnabled": { - "type": "boolean" + "type": "boolean", + "description": "Enable audit events to Azure Monitor? Defaults to `true`.\n\n\u003e **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics.\nTo enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository.\n" }, "retentionInDays": { "type": "integer", @@ -211247,7 +211257,8 @@ "description": "Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`.\n\n-\u003e**NOTE:** If `enabled` is `true`, `storage_endpoint` or `log_monitoring_enabled` are required.\n" }, "logMonitoringEnabled": { - "type": "boolean" + "type": "boolean", + "description": "Enable audit events to Azure Monitor? Defaults to `true`.\n\n\u003e **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics.\nTo enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository.\n" }, "retentionInDays": { "type": "integer", @@ -211283,7 +211294,8 @@ "description": "Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`.\n\n-\u003e**NOTE:** If `enabled` is `true`, `storage_endpoint` or `log_monitoring_enabled` are required.\n" }, "logMonitoringEnabled": { - "type": "boolean" + "type": "boolean", + "description": "Enable audit events to Azure Monitor? Defaults to `true`.\n\n\u003e **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics.\nTo enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository.\n" }, "retentionInDays": { "type": "integer", @@ -212486,7 +212498,7 @@ } }, "azure:mssql/managedInstanceFailoverGroup:ManagedInstanceFailoverGroup": { - "description": "\n\n\n## Import\n\nSQL Instance Failover Groups can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:mssql/managedInstanceFailoverGroup:ManagedInstanceFailoverGroup example /subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Sql/locations/Location/instanceFailoverGroups/failoverGroup1\n```\n\n ", + "description": "Manages an Azure SQL Managed Instance Failover Group.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n\u003e **Note:** For a more complete example, see the `./examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleVirtualNetwork = new azure.network.VirtualNetwork(\"exampleVirtualNetwork\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n addressSpaces: [\"10.0.0.0/16\"],\n});\nconst exampleSubnet = new azure.network.Subnet(\"exampleSubnet\", {\n resourceGroupName: exampleResourceGroup.name,\n virtualNetworkName: exampleVirtualNetwork.name,\n addressPrefixes: [\"10.0.2.0/24\"],\n});\nconst exampleNetworkSecurityGroup = new azure.network.NetworkSecurityGroup(\"exampleNetworkSecurityGroup\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n});\nconst exampleSubnetNetworkSecurityGroupAssociation = new azure.network.SubnetNetworkSecurityGroupAssociation(\"exampleSubnetNetworkSecurityGroupAssociation\", {\n subnetId: exampleSubnet.id,\n networkSecurityGroupId: exampleNetworkSecurityGroup.id,\n});\nconst exampleRouteTable = new azure.network.RouteTable(\"exampleRouteTable\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n});\nconst exampleSubnetRouteTableAssociation = new azure.network.SubnetRouteTableAssociation(\"exampleSubnetRouteTableAssociation\", {\n subnetId: exampleSubnet.id,\n routeTableId: exampleRouteTable.id,\n});\nconst primary = new azure.mssql.ManagedInstance(\"primary\", {\n resourceGroupName: exampleResourceGroup.name,\n location: exampleResourceGroup.location,\n administratorLogin: \"mradministrator\",\n administratorLoginPassword: \"thisIsDog11\",\n licenseType: \"BasePrice\",\n subnetId: exampleSubnet.id,\n skuName: \"GP_Gen5\",\n vcores: 4,\n storageSizeInGb: 32,\n tags: {\n environment: \"prod\",\n },\n}, {\n dependsOn: [\n exampleSubnetNetworkSecurityGroupAssociation,\n exampleSubnetRouteTableAssociation,\n ],\n});\nconst secondary = new azure.mssql.ManagedInstance(\"secondary\", {\n resourceGroupName: exampleResourceGroup.name,\n location: exampleResourceGroup.location,\n administratorLogin: \"mradministrator\",\n administratorLoginPassword: \"thisIsDog11\",\n licenseType: \"BasePrice\",\n subnetId: exampleSubnet.id,\n skuName: \"GP_Gen5\",\n vcores: 4,\n storageSizeInGb: 32,\n tags: {\n environment: \"prod\",\n },\n}, {\n dependsOn: [\n exampleSubnetNetworkSecurityGroupAssociation,\n exampleSubnetRouteTableAssociation,\n ],\n});\nconst exampleManagedInstanceFailoverGroup = new azure.mssql.ManagedInstanceFailoverGroup(\"exampleManagedInstanceFailoverGroup\", {\n location: primary.location,\n managedInstanceId: primary.id,\n partnerManagedInstanceId: secondary.id,\n readWriteEndpointFailoverPolicy: {\n mode: \"Automatic\",\n graceMinutes: 60,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_virtual_network = azure.network.VirtualNetwork(\"exampleVirtualNetwork\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n address_spaces=[\"10.0.0.0/16\"])\nexample_subnet = azure.network.Subnet(\"exampleSubnet\",\n resource_group_name=example_resource_group.name,\n virtual_network_name=example_virtual_network.name,\n address_prefixes=[\"10.0.2.0/24\"])\nexample_network_security_group = azure.network.NetworkSecurityGroup(\"exampleNetworkSecurityGroup\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name)\nexample_subnet_network_security_group_association = azure.network.SubnetNetworkSecurityGroupAssociation(\"exampleSubnetNetworkSecurityGroupAssociation\",\n subnet_id=example_subnet.id,\n network_security_group_id=example_network_security_group.id)\nexample_route_table = azure.network.RouteTable(\"exampleRouteTable\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name)\nexample_subnet_route_table_association = azure.network.SubnetRouteTableAssociation(\"exampleSubnetRouteTableAssociation\",\n subnet_id=example_subnet.id,\n route_table_id=example_route_table.id)\nprimary = azure.mssql.ManagedInstance(\"primary\",\n resource_group_name=example_resource_group.name,\n location=example_resource_group.location,\n administrator_login=\"mradministrator\",\n administrator_login_password=\"thisIsDog11\",\n license_type=\"BasePrice\",\n subnet_id=example_subnet.id,\n sku_name=\"GP_Gen5\",\n vcores=4,\n storage_size_in_gb=32,\n tags={\n \"environment\": \"prod\",\n },\n opts=pulumi.ResourceOptions(depends_on=[\n example_subnet_network_security_group_association,\n example_subnet_route_table_association,\n ]))\nsecondary = azure.mssql.ManagedInstance(\"secondary\",\n resource_group_name=example_resource_group.name,\n location=example_resource_group.location,\n administrator_login=\"mradministrator\",\n administrator_login_password=\"thisIsDog11\",\n license_type=\"BasePrice\",\n subnet_id=example_subnet.id,\n sku_name=\"GP_Gen5\",\n vcores=4,\n storage_size_in_gb=32,\n tags={\n \"environment\": \"prod\",\n },\n opts=pulumi.ResourceOptions(depends_on=[\n example_subnet_network_security_group_association,\n example_subnet_route_table_association,\n ]))\nexample_managed_instance_failover_group = azure.mssql.ManagedInstanceFailoverGroup(\"exampleManagedInstanceFailoverGroup\",\n location=primary.location,\n managed_instance_id=primary.id,\n partner_managed_instance_id=secondary.id,\n read_write_endpoint_failover_policy=azure.mssql.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs(\n mode=\"Automatic\",\n grace_minutes=60,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleVirtualNetwork = new Azure.Network.VirtualNetwork(\"exampleVirtualNetwork\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n AddressSpaces = new[]\n {\n \"10.0.0.0/16\",\n },\n });\n\n var exampleSubnet = new Azure.Network.Subnet(\"exampleSubnet\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n VirtualNetworkName = exampleVirtualNetwork.Name,\n AddressPrefixes = new[]\n {\n \"10.0.2.0/24\",\n },\n });\n\n var exampleNetworkSecurityGroup = new Azure.Network.NetworkSecurityGroup(\"exampleNetworkSecurityGroup\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n });\n\n var exampleSubnetNetworkSecurityGroupAssociation = new Azure.Network.SubnetNetworkSecurityGroupAssociation(\"exampleSubnetNetworkSecurityGroupAssociation\", new()\n {\n SubnetId = exampleSubnet.Id,\n NetworkSecurityGroupId = exampleNetworkSecurityGroup.Id,\n });\n\n var exampleRouteTable = new Azure.Network.RouteTable(\"exampleRouteTable\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n });\n\n var exampleSubnetRouteTableAssociation = new Azure.Network.SubnetRouteTableAssociation(\"exampleSubnetRouteTableAssociation\", new()\n {\n SubnetId = exampleSubnet.Id,\n RouteTableId = exampleRouteTable.Id,\n });\n\n var primary = new Azure.MSSql.ManagedInstance(\"primary\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Location = exampleResourceGroup.Location,\n AdministratorLogin = \"mradministrator\",\n AdministratorLoginPassword = \"thisIsDog11\",\n LicenseType = \"BasePrice\",\n SubnetId = exampleSubnet.Id,\n SkuName = \"GP_Gen5\",\n Vcores = 4,\n StorageSizeInGb = 32,\n Tags = \n {\n { \"environment\", \"prod\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n exampleSubnetNetworkSecurityGroupAssociation,\n exampleSubnetRouteTableAssociation,\n },\n });\n\n var secondary = new Azure.MSSql.ManagedInstance(\"secondary\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Location = exampleResourceGroup.Location,\n AdministratorLogin = \"mradministrator\",\n AdministratorLoginPassword = \"thisIsDog11\",\n LicenseType = \"BasePrice\",\n SubnetId = exampleSubnet.Id,\n SkuName = \"GP_Gen5\",\n Vcores = 4,\n StorageSizeInGb = 32,\n Tags = \n {\n { \"environment\", \"prod\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n exampleSubnetNetworkSecurityGroupAssociation,\n exampleSubnetRouteTableAssociation,\n },\n });\n\n var exampleManagedInstanceFailoverGroup = new Azure.MSSql.ManagedInstanceFailoverGroup(\"exampleManagedInstanceFailoverGroup\", new()\n {\n Location = primary.Location,\n ManagedInstanceId = primary.Id,\n PartnerManagedInstanceId = secondary.Id,\n ReadWriteEndpointFailoverPolicy = new Azure.MSSql.Inputs.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs\n {\n Mode = \"Automatic\",\n GraceMinutes = 60,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, \"exampleVirtualNetwork\", \u0026network.VirtualNetworkArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tAddressSpaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSubnet, err := network.NewSubnet(ctx, \"exampleSubnet\", \u0026network.SubnetArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tVirtualNetworkName: exampleVirtualNetwork.Name,\n\t\t\tAddressPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.2.0/24\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleNetworkSecurityGroup, err := network.NewNetworkSecurityGroup(ctx, \"exampleNetworkSecurityGroup\", \u0026network.NetworkSecurityGroupArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSubnetNetworkSecurityGroupAssociation, err := network.NewSubnetNetworkSecurityGroupAssociation(ctx, \"exampleSubnetNetworkSecurityGroupAssociation\", \u0026network.SubnetNetworkSecurityGroupAssociationArgs{\n\t\t\tSubnetId: exampleSubnet.ID(),\n\t\t\tNetworkSecurityGroupId: exampleNetworkSecurityGroup.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleRouteTable, err := network.NewRouteTable(ctx, \"exampleRouteTable\", \u0026network.RouteTableArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSubnetRouteTableAssociation, err := network.NewSubnetRouteTableAssociation(ctx, \"exampleSubnetRouteTableAssociation\", \u0026network.SubnetRouteTableAssociationArgs{\n\t\t\tSubnetId: exampleSubnet.ID(),\n\t\t\tRouteTableId: exampleRouteTable.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := mssql.NewManagedInstance(ctx, \"primary\", \u0026mssql.ManagedInstanceArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tAdministratorLogin: pulumi.String(\"mradministrator\"),\n\t\t\tAdministratorLoginPassword: pulumi.String(\"thisIsDog11\"),\n\t\t\tLicenseType: pulumi.String(\"BasePrice\"),\n\t\t\tSubnetId: exampleSubnet.ID(),\n\t\t\tSkuName: pulumi.String(\"GP_Gen5\"),\n\t\t\tVcores: pulumi.Int(4),\n\t\t\tStorageSizeInGb: pulumi.Int(32),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"environment\": pulumi.String(\"prod\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleSubnetNetworkSecurityGroupAssociation,\n\t\t\texampleSubnetRouteTableAssociation,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := mssql.NewManagedInstance(ctx, \"secondary\", \u0026mssql.ManagedInstanceArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tAdministratorLogin: pulumi.String(\"mradministrator\"),\n\t\t\tAdministratorLoginPassword: pulumi.String(\"thisIsDog11\"),\n\t\t\tLicenseType: pulumi.String(\"BasePrice\"),\n\t\t\tSubnetId: exampleSubnet.ID(),\n\t\t\tSkuName: pulumi.String(\"GP_Gen5\"),\n\t\t\tVcores: pulumi.Int(4),\n\t\t\tStorageSizeInGb: pulumi.Int(32),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"environment\": pulumi.String(\"prod\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texampleSubnetNetworkSecurityGroupAssociation,\n\t\t\texampleSubnetRouteTableAssociation,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = mssql.NewManagedInstanceFailoverGroup(ctx, \"exampleManagedInstanceFailoverGroup\", \u0026mssql.ManagedInstanceFailoverGroupArgs{\n\t\t\tLocation: primary.Location,\n\t\t\tManagedInstanceId: primary.ID(),\n\t\t\tPartnerManagedInstanceId: secondary.ID(),\n\t\t\tReadWriteEndpointFailoverPolicy: \u0026mssql.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs{\n\t\t\t\tMode: pulumi.String(\"Automatic\"),\n\t\t\t\tGraceMinutes: pulumi.Int(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.network.VirtualNetwork;\nimport com.pulumi.azure.network.VirtualNetworkArgs;\nimport com.pulumi.azure.network.Subnet;\nimport com.pulumi.azure.network.SubnetArgs;\nimport com.pulumi.azure.network.NetworkSecurityGroup;\nimport com.pulumi.azure.network.NetworkSecurityGroupArgs;\nimport com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociation;\nimport com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociationArgs;\nimport com.pulumi.azure.network.RouteTable;\nimport com.pulumi.azure.network.RouteTableArgs;\nimport com.pulumi.azure.network.SubnetRouteTableAssociation;\nimport com.pulumi.azure.network.SubnetRouteTableAssociationArgs;\nimport com.pulumi.azure.mssql.ManagedInstance;\nimport com.pulumi.azure.mssql.ManagedInstanceArgs;\nimport com.pulumi.azure.mssql.ManagedInstanceFailoverGroup;\nimport com.pulumi.azure.mssql.ManagedInstanceFailoverGroupArgs;\nimport com.pulumi.azure.mssql.inputs.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleVirtualNetwork = new VirtualNetwork(\"exampleVirtualNetwork\", VirtualNetworkArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .addressSpaces(\"10.0.0.0/16\")\n .build());\n\n var exampleSubnet = new Subnet(\"exampleSubnet\", SubnetArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .virtualNetworkName(exampleVirtualNetwork.name())\n .addressPrefixes(\"10.0.2.0/24\")\n .build());\n\n var exampleNetworkSecurityGroup = new NetworkSecurityGroup(\"exampleNetworkSecurityGroup\", NetworkSecurityGroupArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .build());\n\n var exampleSubnetNetworkSecurityGroupAssociation = new SubnetNetworkSecurityGroupAssociation(\"exampleSubnetNetworkSecurityGroupAssociation\", SubnetNetworkSecurityGroupAssociationArgs.builder() \n .subnetId(exampleSubnet.id())\n .networkSecurityGroupId(exampleNetworkSecurityGroup.id())\n .build());\n\n var exampleRouteTable = new RouteTable(\"exampleRouteTable\", RouteTableArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .build());\n\n var exampleSubnetRouteTableAssociation = new SubnetRouteTableAssociation(\"exampleSubnetRouteTableAssociation\", SubnetRouteTableAssociationArgs.builder() \n .subnetId(exampleSubnet.id())\n .routeTableId(exampleRouteTable.id())\n .build());\n\n var primary = new ManagedInstance(\"primary\", ManagedInstanceArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .location(exampleResourceGroup.location())\n .administratorLogin(\"mradministrator\")\n .administratorLoginPassword(\"thisIsDog11\")\n .licenseType(\"BasePrice\")\n .subnetId(exampleSubnet.id())\n .skuName(\"GP_Gen5\")\n .vcores(4)\n .storageSizeInGb(32)\n .tags(Map.of(\"environment\", \"prod\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n exampleSubnetNetworkSecurityGroupAssociation,\n exampleSubnetRouteTableAssociation)\n .build());\n\n var secondary = new ManagedInstance(\"secondary\", ManagedInstanceArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .location(exampleResourceGroup.location())\n .administratorLogin(\"mradministrator\")\n .administratorLoginPassword(\"thisIsDog11\")\n .licenseType(\"BasePrice\")\n .subnetId(exampleSubnet.id())\n .skuName(\"GP_Gen5\")\n .vcores(4)\n .storageSizeInGb(32)\n .tags(Map.of(\"environment\", \"prod\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n exampleSubnetNetworkSecurityGroupAssociation,\n exampleSubnetRouteTableAssociation)\n .build());\n\n var exampleManagedInstanceFailoverGroup = new ManagedInstanceFailoverGroup(\"exampleManagedInstanceFailoverGroup\", ManagedInstanceFailoverGroupArgs.builder() \n .location(primary.location())\n .managedInstanceId(primary.id())\n .partnerManagedInstanceId(secondary.id())\n .readWriteEndpointFailoverPolicy(ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs.builder()\n .mode(\"Automatic\")\n .graceMinutes(60)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleVirtualNetwork:\n type: azure:network:VirtualNetwork\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n addressSpaces:\n - 10.0.0.0/16\n exampleSubnet:\n type: azure:network:Subnet\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n virtualNetworkName: ${exampleVirtualNetwork.name}\n addressPrefixes:\n - 10.0.2.0/24\n exampleNetworkSecurityGroup:\n type: azure:network:NetworkSecurityGroup\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n exampleSubnetNetworkSecurityGroupAssociation:\n type: azure:network:SubnetNetworkSecurityGroupAssociation\n properties:\n subnetId: ${exampleSubnet.id}\n networkSecurityGroupId: ${exampleNetworkSecurityGroup.id}\n exampleRouteTable:\n type: azure:network:RouteTable\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n exampleSubnetRouteTableAssociation:\n type: azure:network:SubnetRouteTableAssociation\n properties:\n subnetId: ${exampleSubnet.id}\n routeTableId: ${exampleRouteTable.id}\n primary:\n type: azure:mssql:ManagedInstance\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n location: ${exampleResourceGroup.location}\n administratorLogin: mradministrator\n administratorLoginPassword: thisIsDog11\n licenseType: BasePrice\n subnetId: ${exampleSubnet.id}\n skuName: GP_Gen5\n vcores: 4\n storageSizeInGb: 32\n tags:\n environment: prod\n options:\n dependson:\n - ${exampleSubnetNetworkSecurityGroupAssociation}\n - ${exampleSubnetRouteTableAssociation}\n secondary:\n type: azure:mssql:ManagedInstance\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n location: ${exampleResourceGroup.location}\n administratorLogin: mradministrator\n administratorLoginPassword: thisIsDog11\n licenseType: BasePrice\n subnetId: ${exampleSubnet.id}\n skuName: GP_Gen5\n vcores: 4\n storageSizeInGb: 32\n tags:\n environment: prod\n options:\n dependson:\n - ${exampleSubnetNetworkSecurityGroupAssociation}\n - ${exampleSubnetRouteTableAssociation}\n exampleManagedInstanceFailoverGroup:\n type: azure:mssql:ManagedInstanceFailoverGroup\n properties:\n location: ${primary.location}\n managedInstanceId: ${primary.id}\n partnerManagedInstanceId: ${secondary.id}\n readWriteEndpointFailoverPolicy:\n mode: Automatic\n graceMinutes: 60\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nSQL Instance Failover Groups can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:mssql/managedInstanceFailoverGroup:ManagedInstanceFailoverGroup example /subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Sql/locations/Location/instanceFailoverGroups/failoverGroup1\n```\n\n ", "properties": { "location": { "type": "string", @@ -223243,7 +223255,7 @@ } }, "azure:network/networkWatcherFlowLog:NetworkWatcherFlowLog": { - "description": "{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst example = new azure.core.ResourceGroup(\"example\", {location: \"West Europe\"});\nconst testNetworkSecurityGroup = new azure.network.NetworkSecurityGroup(\"testNetworkSecurityGroup\", {\n location: example.location,\n resourceGroupName: example.name,\n});\nconst testNetworkWatcher = new azure.network.NetworkWatcher(\"testNetworkWatcher\", {\n location: example.location,\n resourceGroupName: example.name,\n});\nconst testAccount = new azure.storage.Account(\"testAccount\", {\n resourceGroupName: example.name,\n location: example.location,\n accountTier: \"Standard\",\n accountKind: \"StorageV2\",\n accountReplicationType: \"LRS\",\n enableHttpsTrafficOnly: true,\n});\nconst testAnalyticsWorkspace = new azure.operationalinsights.AnalyticsWorkspace(\"testAnalyticsWorkspace\", {\n location: example.location,\n resourceGroupName: example.name,\n sku: \"PerGB2018\",\n});\nconst testNetworkWatcherFlowLog = new azure.network.NetworkWatcherFlowLog(\"testNetworkWatcherFlowLog\", {\n networkWatcherName: testNetworkWatcher.name,\n resourceGroupName: example.name,\n networkSecurityGroupId: testNetworkSecurityGroup.id,\n storageAccountId: testAccount.id,\n enabled: true,\n retentionPolicy: {\n enabled: true,\n days: 7,\n },\n trafficAnalytics: {\n enabled: true,\n workspaceId: testAnalyticsWorkspace.workspaceId,\n workspaceRegion: testAnalyticsWorkspace.location,\n workspaceResourceId: testAnalyticsWorkspace.id,\n intervalInMinutes: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample = azure.core.ResourceGroup(\"example\", location=\"West Europe\")\ntest_network_security_group = azure.network.NetworkSecurityGroup(\"testNetworkSecurityGroup\",\n location=example.location,\n resource_group_name=example.name)\ntest_network_watcher = azure.network.NetworkWatcher(\"testNetworkWatcher\",\n location=example.location,\n resource_group_name=example.name)\ntest_account = azure.storage.Account(\"testAccount\",\n resource_group_name=example.name,\n location=example.location,\n account_tier=\"Standard\",\n account_kind=\"StorageV2\",\n account_replication_type=\"LRS\",\n enable_https_traffic_only=True)\ntest_analytics_workspace = azure.operationalinsights.AnalyticsWorkspace(\"testAnalyticsWorkspace\",\n location=example.location,\n resource_group_name=example.name,\n sku=\"PerGB2018\")\ntest_network_watcher_flow_log = azure.network.NetworkWatcherFlowLog(\"testNetworkWatcherFlowLog\",\n network_watcher_name=test_network_watcher.name,\n resource_group_name=example.name,\n network_security_group_id=test_network_security_group.id,\n storage_account_id=test_account.id,\n enabled=True,\n retention_policy=azure.network.NetworkWatcherFlowLogRetentionPolicyArgs(\n enabled=True,\n days=7,\n ),\n traffic_analytics=azure.network.NetworkWatcherFlowLogTrafficAnalyticsArgs(\n enabled=True,\n workspace_id=test_analytics_workspace.workspace_id,\n workspace_region=test_analytics_workspace.location,\n workspace_resource_id=test_analytics_workspace.id,\n interval_in_minutes=10,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Location = \"West Europe\",\n });\n\n var testNetworkSecurityGroup = new Azure.Network.NetworkSecurityGroup(\"testNetworkSecurityGroup\", new()\n {\n Location = example.Location,\n ResourceGroupName = example.Name,\n });\n\n var testNetworkWatcher = new Azure.Network.NetworkWatcher(\"testNetworkWatcher\", new()\n {\n Location = example.Location,\n ResourceGroupName = example.Name,\n });\n\n var testAccount = new Azure.Storage.Account(\"testAccount\", new()\n {\n ResourceGroupName = example.Name,\n Location = example.Location,\n AccountTier = \"Standard\",\n AccountKind = \"StorageV2\",\n AccountReplicationType = \"LRS\",\n EnableHttpsTrafficOnly = true,\n });\n\n var testAnalyticsWorkspace = new Azure.OperationalInsights.AnalyticsWorkspace(\"testAnalyticsWorkspace\", new()\n {\n Location = example.Location,\n ResourceGroupName = example.Name,\n Sku = \"PerGB2018\",\n });\n\n var testNetworkWatcherFlowLog = new Azure.Network.NetworkWatcherFlowLog(\"testNetworkWatcherFlowLog\", new()\n {\n NetworkWatcherName = testNetworkWatcher.Name,\n ResourceGroupName = example.Name,\n NetworkSecurityGroupId = testNetworkSecurityGroup.Id,\n StorageAccountId = testAccount.Id,\n Enabled = true,\n RetentionPolicy = new Azure.Network.Inputs.NetworkWatcherFlowLogRetentionPolicyArgs\n {\n Enabled = true,\n Days = 7,\n },\n TrafficAnalytics = new Azure.Network.Inputs.NetworkWatcherFlowLogTrafficAnalyticsArgs\n {\n Enabled = true,\n WorkspaceId = testAnalyticsWorkspace.WorkspaceId,\n WorkspaceRegion = testAnalyticsWorkspace.Location,\n WorkspaceResourceId = testAnalyticsWorkspace.Id,\n IntervalInMinutes = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/operationalinsights\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestNetworkSecurityGroup, err := network.NewNetworkSecurityGroup(ctx, \"testNetworkSecurityGroup\", \u0026network.NetworkSecurityGroupArgs{\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestNetworkWatcher, err := network.NewNetworkWatcher(ctx, \"testNetworkWatcher\", \u0026network.NetworkWatcherArgs{\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAccount, err := storage.NewAccount(ctx, \"testAccount\", \u0026storage.AccountArgs{\n\t\t\tResourceGroupName: example.Name,\n\t\t\tLocation: example.Location,\n\t\t\tAccountTier: pulumi.String(\"Standard\"),\n\t\t\tAccountKind: pulumi.String(\"StorageV2\"),\n\t\t\tAccountReplicationType: pulumi.String(\"LRS\"),\n\t\t\tEnableHttpsTrafficOnly: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAnalyticsWorkspace, err := operationalinsights.NewAnalyticsWorkspace(ctx, \"testAnalyticsWorkspace\", \u0026operationalinsights.AnalyticsWorkspaceArgs{\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tSku: pulumi.String(\"PerGB2018\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = network.NewNetworkWatcherFlowLog(ctx, \"testNetworkWatcherFlowLog\", \u0026network.NetworkWatcherFlowLogArgs{\n\t\t\tNetworkWatcherName: testNetworkWatcher.Name,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tNetworkSecurityGroupId: testNetworkSecurityGroup.ID(),\n\t\t\tStorageAccountId: testAccount.ID(),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tRetentionPolicy: \u0026network.NetworkWatcherFlowLogRetentionPolicyArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tDays: pulumi.Int(7),\n\t\t\t},\n\t\t\tTrafficAnalytics: \u0026network.NetworkWatcherFlowLogTrafficAnalyticsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tWorkspaceId: testAnalyticsWorkspace.WorkspaceId,\n\t\t\t\tWorkspaceRegion: testAnalyticsWorkspace.Location,\n\t\t\t\tWorkspaceResourceId: testAnalyticsWorkspace.ID(),\n\t\t\t\tIntervalInMinutes: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.network.NetworkSecurityGroup;\nimport com.pulumi.azure.network.NetworkSecurityGroupArgs;\nimport com.pulumi.azure.network.NetworkWatcher;\nimport com.pulumi.azure.network.NetworkWatcherArgs;\nimport com.pulumi.azure.storage.Account;\nimport com.pulumi.azure.storage.AccountArgs;\nimport com.pulumi.azure.operationalinsights.AnalyticsWorkspace;\nimport com.pulumi.azure.operationalinsights.AnalyticsWorkspaceArgs;\nimport com.pulumi.azure.network.NetworkWatcherFlowLog;\nimport com.pulumi.azure.network.NetworkWatcherFlowLogArgs;\nimport com.pulumi.azure.network.inputs.NetworkWatcherFlowLogRetentionPolicyArgs;\nimport com.pulumi.azure.network.inputs.NetworkWatcherFlowLogTrafficAnalyticsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var testNetworkSecurityGroup = new NetworkSecurityGroup(\"testNetworkSecurityGroup\", NetworkSecurityGroupArgs.builder() \n .location(example.location())\n .resourceGroupName(example.name())\n .build());\n\n var testNetworkWatcher = new NetworkWatcher(\"testNetworkWatcher\", NetworkWatcherArgs.builder() \n .location(example.location())\n .resourceGroupName(example.name())\n .build());\n\n var testAccount = new Account(\"testAccount\", AccountArgs.builder() \n .resourceGroupName(example.name())\n .location(example.location())\n .accountTier(\"Standard\")\n .accountKind(\"StorageV2\")\n .accountReplicationType(\"LRS\")\n .enableHttpsTrafficOnly(true)\n .build());\n\n var testAnalyticsWorkspace = new AnalyticsWorkspace(\"testAnalyticsWorkspace\", AnalyticsWorkspaceArgs.builder() \n .location(example.location())\n .resourceGroupName(example.name())\n .sku(\"PerGB2018\")\n .build());\n\n var testNetworkWatcherFlowLog = new NetworkWatcherFlowLog(\"testNetworkWatcherFlowLog\", NetworkWatcherFlowLogArgs.builder() \n .networkWatcherName(testNetworkWatcher.name())\n .resourceGroupName(example.name())\n .networkSecurityGroupId(testNetworkSecurityGroup.id())\n .storageAccountId(testAccount.id())\n .enabled(true)\n .retentionPolicy(NetworkWatcherFlowLogRetentionPolicyArgs.builder()\n .enabled(true)\n .days(7)\n .build())\n .trafficAnalytics(NetworkWatcherFlowLogTrafficAnalyticsArgs.builder()\n .enabled(true)\n .workspaceId(testAnalyticsWorkspace.workspaceId())\n .workspaceRegion(testAnalyticsWorkspace.location())\n .workspaceResourceId(testAnalyticsWorkspace.id())\n .intervalInMinutes(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n testNetworkSecurityGroup:\n type: azure:network:NetworkSecurityGroup\n properties:\n location: ${example.location}\n resourceGroupName: ${example.name}\n testNetworkWatcher:\n type: azure:network:NetworkWatcher\n properties:\n location: ${example.location}\n resourceGroupName: ${example.name}\n testAccount:\n type: azure:storage:Account\n properties:\n resourceGroupName: ${example.name}\n location: ${example.location}\n accountTier: Standard\n accountKind: StorageV2\n accountReplicationType: LRS\n enableHttpsTrafficOnly: true\n testAnalyticsWorkspace:\n type: azure:operationalinsights:AnalyticsWorkspace\n properties:\n location: ${example.location}\n resourceGroupName: ${example.name}\n sku: PerGB2018\n testNetworkWatcherFlowLog:\n type: azure:network:NetworkWatcherFlowLog\n properties:\n networkWatcherName: ${testNetworkWatcher.name}\n resourceGroupName: ${example.name}\n networkSecurityGroupId: ${testNetworkSecurityGroup.id}\n storageAccountId: ${testAccount.id}\n enabled: true\n retentionPolicy:\n enabled: true\n days: 7\n trafficAnalytics:\n enabled: true\n workspaceId: ${testAnalyticsWorkspace.workspaceId}\n workspaceRegion: ${testAnalyticsWorkspace.location}\n workspaceResourceId: ${testAnalyticsWorkspace.id}\n intervalInMinutes: 10\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nNetwork Watcher Flow Logs can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:network/networkWatcherFlowLog:NetworkWatcherFlowLog watcher1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/networkWatchers/watcher1/flowLogs/log1\n```\n\n ", + "description": "Manages a Network Watcher Flow Log.\n\n\u003e **Note** The `azure.network.NetworkWatcherFlowLog` creates a new storage lifecyle management rule that overwrites existing rules. Please make sure to use a `storage_account` with no existing management rules, until the issue is fixed.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst example = new azure.core.ResourceGroup(\"example\", {location: \"West Europe\"});\nconst testNetworkSecurityGroup = new azure.network.NetworkSecurityGroup(\"testNetworkSecurityGroup\", {\n location: example.location,\n resourceGroupName: example.name,\n});\nconst testNetworkWatcher = new azure.network.NetworkWatcher(\"testNetworkWatcher\", {\n location: example.location,\n resourceGroupName: example.name,\n});\nconst testAccount = new azure.storage.Account(\"testAccount\", {\n resourceGroupName: example.name,\n location: example.location,\n accountTier: \"Standard\",\n accountKind: \"StorageV2\",\n accountReplicationType: \"LRS\",\n enableHttpsTrafficOnly: true,\n});\nconst testAnalyticsWorkspace = new azure.operationalinsights.AnalyticsWorkspace(\"testAnalyticsWorkspace\", {\n location: example.location,\n resourceGroupName: example.name,\n sku: \"PerGB2018\",\n});\nconst testNetworkWatcherFlowLog = new azure.network.NetworkWatcherFlowLog(\"testNetworkWatcherFlowLog\", {\n networkWatcherName: testNetworkWatcher.name,\n resourceGroupName: example.name,\n networkSecurityGroupId: testNetworkSecurityGroup.id,\n storageAccountId: testAccount.id,\n enabled: true,\n retentionPolicy: {\n enabled: true,\n days: 7,\n },\n trafficAnalytics: {\n enabled: true,\n workspaceId: testAnalyticsWorkspace.workspaceId,\n workspaceRegion: testAnalyticsWorkspace.location,\n workspaceResourceId: testAnalyticsWorkspace.id,\n intervalInMinutes: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample = azure.core.ResourceGroup(\"example\", location=\"West Europe\")\ntest_network_security_group = azure.network.NetworkSecurityGroup(\"testNetworkSecurityGroup\",\n location=example.location,\n resource_group_name=example.name)\ntest_network_watcher = azure.network.NetworkWatcher(\"testNetworkWatcher\",\n location=example.location,\n resource_group_name=example.name)\ntest_account = azure.storage.Account(\"testAccount\",\n resource_group_name=example.name,\n location=example.location,\n account_tier=\"Standard\",\n account_kind=\"StorageV2\",\n account_replication_type=\"LRS\",\n enable_https_traffic_only=True)\ntest_analytics_workspace = azure.operationalinsights.AnalyticsWorkspace(\"testAnalyticsWorkspace\",\n location=example.location,\n resource_group_name=example.name,\n sku=\"PerGB2018\")\ntest_network_watcher_flow_log = azure.network.NetworkWatcherFlowLog(\"testNetworkWatcherFlowLog\",\n network_watcher_name=test_network_watcher.name,\n resource_group_name=example.name,\n network_security_group_id=test_network_security_group.id,\n storage_account_id=test_account.id,\n enabled=True,\n retention_policy=azure.network.NetworkWatcherFlowLogRetentionPolicyArgs(\n enabled=True,\n days=7,\n ),\n traffic_analytics=azure.network.NetworkWatcherFlowLogTrafficAnalyticsArgs(\n enabled=True,\n workspace_id=test_analytics_workspace.workspace_id,\n workspace_region=test_analytics_workspace.location,\n workspace_resource_id=test_analytics_workspace.id,\n interval_in_minutes=10,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Azure.Core.ResourceGroup(\"example\", new()\n {\n Location = \"West Europe\",\n });\n\n var testNetworkSecurityGroup = new Azure.Network.NetworkSecurityGroup(\"testNetworkSecurityGroup\", new()\n {\n Location = example.Location,\n ResourceGroupName = example.Name,\n });\n\n var testNetworkWatcher = new Azure.Network.NetworkWatcher(\"testNetworkWatcher\", new()\n {\n Location = example.Location,\n ResourceGroupName = example.Name,\n });\n\n var testAccount = new Azure.Storage.Account(\"testAccount\", new()\n {\n ResourceGroupName = example.Name,\n Location = example.Location,\n AccountTier = \"Standard\",\n AccountKind = \"StorageV2\",\n AccountReplicationType = \"LRS\",\n EnableHttpsTrafficOnly = true,\n });\n\n var testAnalyticsWorkspace = new Azure.OperationalInsights.AnalyticsWorkspace(\"testAnalyticsWorkspace\", new()\n {\n Location = example.Location,\n ResourceGroupName = example.Name,\n Sku = \"PerGB2018\",\n });\n\n var testNetworkWatcherFlowLog = new Azure.Network.NetworkWatcherFlowLog(\"testNetworkWatcherFlowLog\", new()\n {\n NetworkWatcherName = testNetworkWatcher.Name,\n ResourceGroupName = example.Name,\n NetworkSecurityGroupId = testNetworkSecurityGroup.Id,\n StorageAccountId = testAccount.Id,\n Enabled = true,\n RetentionPolicy = new Azure.Network.Inputs.NetworkWatcherFlowLogRetentionPolicyArgs\n {\n Enabled = true,\n Days = 7,\n },\n TrafficAnalytics = new Azure.Network.Inputs.NetworkWatcherFlowLogTrafficAnalyticsArgs\n {\n Enabled = true,\n WorkspaceId = testAnalyticsWorkspace.WorkspaceId,\n WorkspaceRegion = testAnalyticsWorkspace.Location,\n WorkspaceResourceId = testAnalyticsWorkspace.Id,\n IntervalInMinutes = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/operationalinsights\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := core.NewResourceGroup(ctx, \"example\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestNetworkSecurityGroup, err := network.NewNetworkSecurityGroup(ctx, \"testNetworkSecurityGroup\", \u0026network.NetworkSecurityGroupArgs{\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestNetworkWatcher, err := network.NewNetworkWatcher(ctx, \"testNetworkWatcher\", \u0026network.NetworkWatcherArgs{\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAccount, err := storage.NewAccount(ctx, \"testAccount\", \u0026storage.AccountArgs{\n\t\t\tResourceGroupName: example.Name,\n\t\t\tLocation: example.Location,\n\t\t\tAccountTier: pulumi.String(\"Standard\"),\n\t\t\tAccountKind: pulumi.String(\"StorageV2\"),\n\t\t\tAccountReplicationType: pulumi.String(\"LRS\"),\n\t\t\tEnableHttpsTrafficOnly: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestAnalyticsWorkspace, err := operationalinsights.NewAnalyticsWorkspace(ctx, \"testAnalyticsWorkspace\", \u0026operationalinsights.AnalyticsWorkspaceArgs{\n\t\t\tLocation: example.Location,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tSku: pulumi.String(\"PerGB2018\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = network.NewNetworkWatcherFlowLog(ctx, \"testNetworkWatcherFlowLog\", \u0026network.NetworkWatcherFlowLogArgs{\n\t\t\tNetworkWatcherName: testNetworkWatcher.Name,\n\t\t\tResourceGroupName: example.Name,\n\t\t\tNetworkSecurityGroupId: testNetworkSecurityGroup.ID(),\n\t\t\tStorageAccountId: testAccount.ID(),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tRetentionPolicy: \u0026network.NetworkWatcherFlowLogRetentionPolicyArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tDays: pulumi.Int(7),\n\t\t\t},\n\t\t\tTrafficAnalytics: \u0026network.NetworkWatcherFlowLogTrafficAnalyticsArgs{\n\t\t\t\tEnabled: pulumi.Bool(true),\n\t\t\t\tWorkspaceId: testAnalyticsWorkspace.WorkspaceId,\n\t\t\t\tWorkspaceRegion: testAnalyticsWorkspace.Location,\n\t\t\t\tWorkspaceResourceId: testAnalyticsWorkspace.ID(),\n\t\t\t\tIntervalInMinutes: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.network.NetworkSecurityGroup;\nimport com.pulumi.azure.network.NetworkSecurityGroupArgs;\nimport com.pulumi.azure.network.NetworkWatcher;\nimport com.pulumi.azure.network.NetworkWatcherArgs;\nimport com.pulumi.azure.storage.Account;\nimport com.pulumi.azure.storage.AccountArgs;\nimport com.pulumi.azure.operationalinsights.AnalyticsWorkspace;\nimport com.pulumi.azure.operationalinsights.AnalyticsWorkspaceArgs;\nimport com.pulumi.azure.network.NetworkWatcherFlowLog;\nimport com.pulumi.azure.network.NetworkWatcherFlowLogArgs;\nimport com.pulumi.azure.network.inputs.NetworkWatcherFlowLogRetentionPolicyArgs;\nimport com.pulumi.azure.network.inputs.NetworkWatcherFlowLogTrafficAnalyticsArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new ResourceGroup(\"example\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var testNetworkSecurityGroup = new NetworkSecurityGroup(\"testNetworkSecurityGroup\", NetworkSecurityGroupArgs.builder() \n .location(example.location())\n .resourceGroupName(example.name())\n .build());\n\n var testNetworkWatcher = new NetworkWatcher(\"testNetworkWatcher\", NetworkWatcherArgs.builder() \n .location(example.location())\n .resourceGroupName(example.name())\n .build());\n\n var testAccount = new Account(\"testAccount\", AccountArgs.builder() \n .resourceGroupName(example.name())\n .location(example.location())\n .accountTier(\"Standard\")\n .accountKind(\"StorageV2\")\n .accountReplicationType(\"LRS\")\n .enableHttpsTrafficOnly(true)\n .build());\n\n var testAnalyticsWorkspace = new AnalyticsWorkspace(\"testAnalyticsWorkspace\", AnalyticsWorkspaceArgs.builder() \n .location(example.location())\n .resourceGroupName(example.name())\n .sku(\"PerGB2018\")\n .build());\n\n var testNetworkWatcherFlowLog = new NetworkWatcherFlowLog(\"testNetworkWatcherFlowLog\", NetworkWatcherFlowLogArgs.builder() \n .networkWatcherName(testNetworkWatcher.name())\n .resourceGroupName(example.name())\n .networkSecurityGroupId(testNetworkSecurityGroup.id())\n .storageAccountId(testAccount.id())\n .enabled(true)\n .retentionPolicy(NetworkWatcherFlowLogRetentionPolicyArgs.builder()\n .enabled(true)\n .days(7)\n .build())\n .trafficAnalytics(NetworkWatcherFlowLogTrafficAnalyticsArgs.builder()\n .enabled(true)\n .workspaceId(testAnalyticsWorkspace.workspaceId())\n .workspaceRegion(testAnalyticsWorkspace.location())\n .workspaceResourceId(testAnalyticsWorkspace.id())\n .intervalInMinutes(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n testNetworkSecurityGroup:\n type: azure:network:NetworkSecurityGroup\n properties:\n location: ${example.location}\n resourceGroupName: ${example.name}\n testNetworkWatcher:\n type: azure:network:NetworkWatcher\n properties:\n location: ${example.location}\n resourceGroupName: ${example.name}\n testAccount:\n type: azure:storage:Account\n properties:\n resourceGroupName: ${example.name}\n location: ${example.location}\n accountTier: Standard\n accountKind: StorageV2\n accountReplicationType: LRS\n enableHttpsTrafficOnly: true\n testAnalyticsWorkspace:\n type: azure:operationalinsights:AnalyticsWorkspace\n properties:\n location: ${example.location}\n resourceGroupName: ${example.name}\n sku: PerGB2018\n testNetworkWatcherFlowLog:\n type: azure:network:NetworkWatcherFlowLog\n properties:\n networkWatcherName: ${testNetworkWatcher.name}\n resourceGroupName: ${example.name}\n networkSecurityGroupId: ${testNetworkSecurityGroup.id}\n storageAccountId: ${testAccount.id}\n enabled: true\n retentionPolicy:\n enabled: true\n days: 7\n trafficAnalytics:\n enabled: true\n workspaceId: ${testAnalyticsWorkspace.workspaceId}\n workspaceRegion: ${testAnalyticsWorkspace.location}\n workspaceResourceId: ${testAnalyticsWorkspace.id}\n intervalInMinutes: 10\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nNetwork Watcher Flow Logs can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:network/networkWatcherFlowLog:NetworkWatcherFlowLog watcher1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/networkWatchers/watcher1/flowLogs/log1\n```\n\n ", "properties": { "enabled": { "type": "boolean", @@ -237423,7 +237435,7 @@ } }, "azure:privatelink/endpoint:Endpoint": { - "description": "\n\n\n## Import\n\nPrivate Endpoints can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:privatelink/endpoint:Endpoint example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Network/privateEndpoints/endpoint1\n```\n\n ", + "description": "Manages a Private Endpoint.\n\nAzure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Private Endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. The service could be an Azure service such as Azure Storage, SQL, etc. or your own Private Link Service.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleVirtualNetwork = new azure.network.VirtualNetwork(\"exampleVirtualNetwork\", {\n addressSpaces: [\"10.0.0.0/16\"],\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n});\nconst service = new azure.network.Subnet(\"service\", {\n resourceGroupName: exampleResourceGroup.name,\n virtualNetworkName: exampleVirtualNetwork.name,\n addressPrefixes: [\"10.0.1.0/24\"],\n enforcePrivateLinkServiceNetworkPolicies: true,\n});\nconst endpoint = new azure.network.Subnet(\"endpoint\", {\n resourceGroupName: exampleResourceGroup.name,\n virtualNetworkName: exampleVirtualNetwork.name,\n addressPrefixes: [\"10.0.2.0/24\"],\n enforcePrivateLinkEndpointNetworkPolicies: true,\n});\nconst examplePublicIp = new azure.network.PublicIp(\"examplePublicIp\", {\n sku: \"Standard\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n allocationMethod: \"Static\",\n});\nconst exampleLoadBalancer = new azure.lb.LoadBalancer(\"exampleLoadBalancer\", {\n sku: \"Standard\",\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n frontendIpConfigurations: [{\n name: examplePublicIp.name,\n publicIpAddressId: examplePublicIp.id,\n }],\n});\nconst exampleLinkService = new azure.privatedns.LinkService(\"exampleLinkService\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n natIpConfigurations: [{\n name: examplePublicIp.name,\n primary: true,\n subnetId: service.id,\n }],\n loadBalancerFrontendIpConfigurationIds: [exampleLoadBalancer.frontendIpConfigurations.apply(frontendIpConfigurations =\u003e frontendIpConfigurations?.[0]?.id)],\n});\nconst exampleEndpoint = new azure.privatelink.Endpoint(\"exampleEndpoint\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n subnetId: endpoint.id,\n privateServiceConnection: {\n name: \"example-privateserviceconnection\",\n privateConnectionResourceId: exampleLinkService.id,\n isManualConnection: false,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_virtual_network = azure.network.VirtualNetwork(\"exampleVirtualNetwork\",\n address_spaces=[\"10.0.0.0/16\"],\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name)\nservice = azure.network.Subnet(\"service\",\n resource_group_name=example_resource_group.name,\n virtual_network_name=example_virtual_network.name,\n address_prefixes=[\"10.0.1.0/24\"],\n enforce_private_link_service_network_policies=True)\nendpoint = azure.network.Subnet(\"endpoint\",\n resource_group_name=example_resource_group.name,\n virtual_network_name=example_virtual_network.name,\n address_prefixes=[\"10.0.2.0/24\"],\n enforce_private_link_endpoint_network_policies=True)\nexample_public_ip = azure.network.PublicIp(\"examplePublicIp\",\n sku=\"Standard\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n allocation_method=\"Static\")\nexample_load_balancer = azure.lb.LoadBalancer(\"exampleLoadBalancer\",\n sku=\"Standard\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n frontend_ip_configurations=[azure.lb.LoadBalancerFrontendIpConfigurationArgs(\n name=example_public_ip.name,\n public_ip_address_id=example_public_ip.id,\n )])\nexample_link_service = azure.privatedns.LinkService(\"exampleLinkService\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n nat_ip_configurations=[azure.privatedns.LinkServiceNatIpConfigurationArgs(\n name=example_public_ip.name,\n primary=True,\n subnet_id=service.id,\n )],\n load_balancer_frontend_ip_configuration_ids=[example_load_balancer.frontend_ip_configurations[0].id])\nexample_endpoint = azure.privatelink.Endpoint(\"exampleEndpoint\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n subnet_id=endpoint.id,\n private_service_connection=azure.privatelink.EndpointPrivateServiceConnectionArgs(\n name=\"example-privateserviceconnection\",\n private_connection_resource_id=example_link_service.id,\n is_manual_connection=False,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleVirtualNetwork = new Azure.Network.VirtualNetwork(\"exampleVirtualNetwork\", new()\n {\n AddressSpaces = new[]\n {\n \"10.0.0.0/16\",\n },\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n });\n\n var service = new Azure.Network.Subnet(\"service\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n VirtualNetworkName = exampleVirtualNetwork.Name,\n AddressPrefixes = new[]\n {\n \"10.0.1.0/24\",\n },\n EnforcePrivateLinkServiceNetworkPolicies = true,\n });\n\n var endpoint = new Azure.Network.Subnet(\"endpoint\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n VirtualNetworkName = exampleVirtualNetwork.Name,\n AddressPrefixes = new[]\n {\n \"10.0.2.0/24\",\n },\n EnforcePrivateLinkEndpointNetworkPolicies = true,\n });\n\n var examplePublicIp = new Azure.Network.PublicIp(\"examplePublicIp\", new()\n {\n Sku = \"Standard\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n AllocationMethod = \"Static\",\n });\n\n var exampleLoadBalancer = new Azure.Lb.LoadBalancer(\"exampleLoadBalancer\", new()\n {\n Sku = \"Standard\",\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n FrontendIpConfigurations = new[]\n {\n new Azure.Lb.Inputs.LoadBalancerFrontendIpConfigurationArgs\n {\n Name = examplePublicIp.Name,\n PublicIpAddressId = examplePublicIp.Id,\n },\n },\n });\n\n var exampleLinkService = new Azure.PrivateDns.LinkService(\"exampleLinkService\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n NatIpConfigurations = new[]\n {\n new Azure.PrivateDns.Inputs.LinkServiceNatIpConfigurationArgs\n {\n Name = examplePublicIp.Name,\n Primary = true,\n SubnetId = service.Id,\n },\n },\n LoadBalancerFrontendIpConfigurationIds = new[]\n {\n exampleLoadBalancer.FrontendIpConfigurations.Apply(frontendIpConfigurations =\u003e frontendIpConfigurations[0]?.Id),\n },\n });\n\n var exampleEndpoint = new Azure.PrivateLink.Endpoint(\"exampleEndpoint\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n SubnetId = endpoint.Id,\n PrivateServiceConnection = new Azure.PrivateLink.Inputs.EndpointPrivateServiceConnectionArgs\n {\n Name = \"example-privateserviceconnection\",\n PrivateConnectionResourceId = exampleLinkService.Id,\n IsManualConnection = false,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/lb\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatedns\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatelink\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, \"exampleVirtualNetwork\", \u0026network.VirtualNetworkArgs{\n\t\t\tAddressSpaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tservice, err := network.NewSubnet(ctx, \"service\", \u0026network.SubnetArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tVirtualNetworkName: exampleVirtualNetwork.Name,\n\t\t\tAddressPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.1.0/24\"),\n\t\t\t},\n\t\t\tEnforcePrivateLinkServiceNetworkPolicies: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tendpoint, err := network.NewSubnet(ctx, \"endpoint\", \u0026network.SubnetArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tVirtualNetworkName: exampleVirtualNetwork.Name,\n\t\t\tAddressPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.2.0/24\"),\n\t\t\t},\n\t\t\tEnforcePrivateLinkEndpointNetworkPolicies: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texamplePublicIp, err := network.NewPublicIp(ctx, \"examplePublicIp\", \u0026network.PublicIpArgs{\n\t\t\tSku: pulumi.String(\"Standard\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tAllocationMethod: pulumi.String(\"Static\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLoadBalancer, err := lb.NewLoadBalancer(ctx, \"exampleLoadBalancer\", \u0026lb.LoadBalancerArgs{\n\t\t\tSku: pulumi.String(\"Standard\"),\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tFrontendIpConfigurations: lb.LoadBalancerFrontendIpConfigurationArray{\n\t\t\t\t\u0026lb.LoadBalancerFrontendIpConfigurationArgs{\n\t\t\t\t\tName: examplePublicIp.Name,\n\t\t\t\t\tPublicIpAddressId: examplePublicIp.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleLinkService, err := privatedns.NewLinkService(ctx, \"exampleLinkService\", \u0026privatedns.LinkServiceArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tNatIpConfigurations: privatedns.LinkServiceNatIpConfigurationArray{\n\t\t\t\t\u0026privatedns.LinkServiceNatIpConfigurationArgs{\n\t\t\t\t\tName: examplePublicIp.Name,\n\t\t\t\t\tPrimary: pulumi.Bool(true),\n\t\t\t\t\tSubnetId: service.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tLoadBalancerFrontendIpConfigurationIds: pulumi.StringArray{\n\t\t\t\texampleLoadBalancer.FrontendIpConfigurations.ApplyT(func(frontendIpConfigurations []lb.LoadBalancerFrontendIpConfiguration) (*string, error) {\n\t\t\t\t\treturn \u0026frontendIpConfigurations[0].Id, nil\n\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = privatelink.NewEndpoint(ctx, \"exampleEndpoint\", \u0026privatelink.EndpointArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tSubnetId: endpoint.ID(),\n\t\t\tPrivateServiceConnection: \u0026privatelink.EndpointPrivateServiceConnectionArgs{\n\t\t\t\tName: pulumi.String(\"example-privateserviceconnection\"),\n\t\t\t\tPrivateConnectionResourceId: exampleLinkService.ID(),\n\t\t\t\tIsManualConnection: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.network.VirtualNetwork;\nimport com.pulumi.azure.network.VirtualNetworkArgs;\nimport com.pulumi.azure.network.Subnet;\nimport com.pulumi.azure.network.SubnetArgs;\nimport com.pulumi.azure.network.PublicIp;\nimport com.pulumi.azure.network.PublicIpArgs;\nimport com.pulumi.azure.lb.LoadBalancer;\nimport com.pulumi.azure.lb.LoadBalancerArgs;\nimport com.pulumi.azure.lb.inputs.LoadBalancerFrontendIpConfigurationArgs;\nimport com.pulumi.azure.privatedns.LinkService;\nimport com.pulumi.azure.privatedns.LinkServiceArgs;\nimport com.pulumi.azure.privatedns.inputs.LinkServiceNatIpConfigurationArgs;\nimport com.pulumi.azure.privatelink.Endpoint;\nimport com.pulumi.azure.privatelink.EndpointArgs;\nimport com.pulumi.azure.privatelink.inputs.EndpointPrivateServiceConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleVirtualNetwork = new VirtualNetwork(\"exampleVirtualNetwork\", VirtualNetworkArgs.builder() \n .addressSpaces(\"10.0.0.0/16\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .build());\n\n var service = new Subnet(\"service\", SubnetArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .virtualNetworkName(exampleVirtualNetwork.name())\n .addressPrefixes(\"10.0.1.0/24\")\n .enforcePrivateLinkServiceNetworkPolicies(true)\n .build());\n\n var endpoint = new Subnet(\"endpoint\", SubnetArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .virtualNetworkName(exampleVirtualNetwork.name())\n .addressPrefixes(\"10.0.2.0/24\")\n .enforcePrivateLinkEndpointNetworkPolicies(true)\n .build());\n\n var examplePublicIp = new PublicIp(\"examplePublicIp\", PublicIpArgs.builder() \n .sku(\"Standard\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .allocationMethod(\"Static\")\n .build());\n\n var exampleLoadBalancer = new LoadBalancer(\"exampleLoadBalancer\", LoadBalancerArgs.builder() \n .sku(\"Standard\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .frontendIpConfigurations(LoadBalancerFrontendIpConfigurationArgs.builder()\n .name(examplePublicIp.name())\n .publicIpAddressId(examplePublicIp.id())\n .build())\n .build());\n\n var exampleLinkService = new LinkService(\"exampleLinkService\", LinkServiceArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .natIpConfigurations(LinkServiceNatIpConfigurationArgs.builder()\n .name(examplePublicIp.name())\n .primary(true)\n .subnetId(service.id())\n .build())\n .loadBalancerFrontendIpConfigurationIds(exampleLoadBalancer.frontendIpConfigurations().applyValue(frontendIpConfigurations -\u003e frontendIpConfigurations[0].id()))\n .build());\n\n var exampleEndpoint = new Endpoint(\"exampleEndpoint\", EndpointArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .subnetId(endpoint.id())\n .privateServiceConnection(EndpointPrivateServiceConnectionArgs.builder()\n .name(\"example-privateserviceconnection\")\n .privateConnectionResourceId(exampleLinkService.id())\n .isManualConnection(false)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleVirtualNetwork:\n type: azure:network:VirtualNetwork\n properties:\n addressSpaces:\n - 10.0.0.0/16\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n service:\n type: azure:network:Subnet\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n virtualNetworkName: ${exampleVirtualNetwork.name}\n addressPrefixes:\n - 10.0.1.0/24\n enforcePrivateLinkServiceNetworkPolicies: true\n endpoint:\n type: azure:network:Subnet\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n virtualNetworkName: ${exampleVirtualNetwork.name}\n addressPrefixes:\n - 10.0.2.0/24\n enforcePrivateLinkEndpointNetworkPolicies: true\n examplePublicIp:\n type: azure:network:PublicIp\n properties:\n sku: Standard\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n allocationMethod: Static\n exampleLoadBalancer:\n type: azure:lb:LoadBalancer\n properties:\n sku: Standard\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n frontendIpConfigurations:\n - name: ${examplePublicIp.name}\n publicIpAddressId: ${examplePublicIp.id}\n exampleLinkService:\n type: azure:privatedns:LinkService\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n natIpConfigurations:\n - name: ${examplePublicIp.name}\n primary: true\n subnetId: ${service.id}\n loadBalancerFrontendIpConfigurationIds:\n - ${exampleLoadBalancer.frontendIpConfigurations[0].id}\n exampleEndpoint:\n type: azure:privatelink:Endpoint\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n subnetId: ${endpoint.id}\n privateServiceConnection:\n name: example-privateserviceconnection\n privateConnectionResourceId: ${exampleLinkService.id}\n isManualConnection: false\n```\n\nUsing a Private Link Service Alias with existing resources:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = azure.core.getResourceGroup({\n name: \"example-resources\",\n});\nconst vnet = exampleResourceGroup.then(exampleResourceGroup =\u003e azure.network.getVirtualNetwork({\n name: \"example-network\",\n resourceGroupName: exampleResourceGroup.name,\n}));\nconst subnet = Promise.all([vnet, exampleResourceGroup]).then(([vnet, exampleResourceGroup]) =\u003e azure.network.getSubnet({\n name: \"default\",\n virtualNetworkName: vnet.name,\n resourceGroupName: exampleResourceGroup.name,\n}));\nconst exampleEndpoint = new azure.privatelink.Endpoint(\"exampleEndpoint\", {\n location: exampleResourceGroup.then(exampleResourceGroup =\u003e exampleResourceGroup.location),\n resourceGroupName: exampleResourceGroup.then(exampleResourceGroup =\u003e exampleResourceGroup.name),\n subnetId: subnet.then(subnet =\u003e subnet.id),\n privateServiceConnection: {\n name: \"example-privateserviceconnection\",\n privateConnectionResourceAlias: \"example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice\",\n isManualConnection: true,\n requestMessage: \"PL\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.get_resource_group(name=\"example-resources\")\nvnet = azure.network.get_virtual_network(name=\"example-network\",\n resource_group_name=example_resource_group.name)\nsubnet = azure.network.get_subnet(name=\"default\",\n virtual_network_name=vnet.name,\n resource_group_name=example_resource_group.name)\nexample_endpoint = azure.privatelink.Endpoint(\"exampleEndpoint\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n subnet_id=subnet.id,\n private_service_connection=azure.privatelink.EndpointPrivateServiceConnectionArgs(\n name=\"example-privateserviceconnection\",\n private_connection_resource_alias=\"example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice\",\n is_manual_connection=True,\n request_message=\"PL\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = Azure.Core.GetResourceGroup.Invoke(new()\n {\n Name = \"example-resources\",\n });\n\n var vnet = Azure.Network.GetVirtualNetwork.Invoke(new()\n {\n Name = \"example-network\",\n ResourceGroupName = exampleResourceGroup.Apply(getResourceGroupResult =\u003e getResourceGroupResult.Name),\n });\n\n var subnet = Azure.Network.GetSubnet.Invoke(new()\n {\n Name = \"default\",\n VirtualNetworkName = vnet.Apply(getVirtualNetworkResult =\u003e getVirtualNetworkResult.Name),\n ResourceGroupName = exampleResourceGroup.Apply(getResourceGroupResult =\u003e getResourceGroupResult.Name),\n });\n\n var exampleEndpoint = new Azure.PrivateLink.Endpoint(\"exampleEndpoint\", new()\n {\n Location = exampleResourceGroup.Apply(getResourceGroupResult =\u003e getResourceGroupResult.Location),\n ResourceGroupName = exampleResourceGroup.Apply(getResourceGroupResult =\u003e getResourceGroupResult.Name),\n SubnetId = subnet.Apply(getSubnetResult =\u003e getSubnetResult.Id),\n PrivateServiceConnection = new Azure.PrivateLink.Inputs.EndpointPrivateServiceConnectionArgs\n {\n Name = \"example-privateserviceconnection\",\n PrivateConnectionResourceAlias = \"example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice\",\n IsManualConnection = true,\n RequestMessage = \"PL\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatelink\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.LookupResourceGroup(ctx, \u0026core.LookupResourceGroupArgs{\n\t\t\tName: \"example-resources\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tvnet, err := network.LookupVirtualNetwork(ctx, \u0026network.LookupVirtualNetworkArgs{\n\t\t\tName: \"example-network\",\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsubnet, err := network.LookupSubnet(ctx, \u0026network.LookupSubnetArgs{\n\t\t\tName: \"default\",\n\t\t\tVirtualNetworkName: vnet.Name,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = privatelink.NewEndpoint(ctx, \"exampleEndpoint\", \u0026privatelink.EndpointArgs{\n\t\t\tLocation: *pulumi.String(exampleResourceGroup.Location),\n\t\t\tResourceGroupName: *pulumi.String(exampleResourceGroup.Name),\n\t\t\tSubnetId: *pulumi.String(subnet.Id),\n\t\t\tPrivateServiceConnection: \u0026privatelink.EndpointPrivateServiceConnectionArgs{\n\t\t\t\tName: pulumi.String(\"example-privateserviceconnection\"),\n\t\t\t\tPrivateConnectionResourceAlias: pulumi.String(\"example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice\"),\n\t\t\t\tIsManualConnection: pulumi.Bool(true),\n\t\t\t\tRequestMessage: pulumi.String(\"PL\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.CoreFunctions;\nimport com.pulumi.azure.core.inputs.GetResourceGroupArgs;\nimport com.pulumi.azure.network.NetworkFunctions;\nimport com.pulumi.azure.network.inputs.GetVirtualNetworkArgs;\nimport com.pulumi.azure.network.inputs.GetSubnetArgs;\nimport com.pulumi.azure.privatelink.Endpoint;\nimport com.pulumi.azure.privatelink.EndpointArgs;\nimport com.pulumi.azure.privatelink.inputs.EndpointPrivateServiceConnectionArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var exampleResourceGroup = CoreFunctions.getResourceGroup(GetResourceGroupArgs.builder()\n .name(\"example-resources\")\n .build());\n\n final var vnet = NetworkFunctions.getVirtualNetwork(GetVirtualNetworkArgs.builder()\n .name(\"example-network\")\n .resourceGroupName(exampleResourceGroup.applyValue(getResourceGroupResult -\u003e getResourceGroupResult.name()))\n .build());\n\n final var subnet = NetworkFunctions.getSubnet(GetSubnetArgs.builder()\n .name(\"default\")\n .virtualNetworkName(vnet.applyValue(getVirtualNetworkResult -\u003e getVirtualNetworkResult.name()))\n .resourceGroupName(exampleResourceGroup.applyValue(getResourceGroupResult -\u003e getResourceGroupResult.name()))\n .build());\n\n var exampleEndpoint = new Endpoint(\"exampleEndpoint\", EndpointArgs.builder() \n .location(exampleResourceGroup.applyValue(getResourceGroupResult -\u003e getResourceGroupResult.location()))\n .resourceGroupName(exampleResourceGroup.applyValue(getResourceGroupResult -\u003e getResourceGroupResult.name()))\n .subnetId(subnet.applyValue(getSubnetResult -\u003e getSubnetResult.id()))\n .privateServiceConnection(EndpointPrivateServiceConnectionArgs.builder()\n .name(\"example-privateserviceconnection\")\n .privateConnectionResourceAlias(\"example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice\")\n .isManualConnection(true)\n .requestMessage(\"PL\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleEndpoint:\n type: azure:privatelink:Endpoint\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n subnetId: ${subnet.id}\n privateServiceConnection:\n name: example-privateserviceconnection\n privateConnectionResourceAlias: example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice\n isManualConnection: true\n requestMessage: PL\nvariables:\n exampleResourceGroup:\n fn::invoke:\n Function: azure:core:getResourceGroup\n Arguments:\n name: example-resources\n vnet:\n fn::invoke:\n Function: azure:network:getVirtualNetwork\n Arguments:\n name: example-network\n resourceGroupName: ${exampleResourceGroup.name}\n subnet:\n fn::invoke:\n Function: azure:network:getSubnet\n Arguments:\n name: default\n virtualNetworkName: ${vnet.name}\n resourceGroupName: ${exampleResourceGroup.name}\n```\n\nUsing a Private Endpoint pointing to an *owned* Azure service, with proper DNS configuration:\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst exampleAccount = new azure.storage.Account(\"exampleAccount\", {\n resourceGroupName: exampleResourceGroup.name,\n location: exampleResourceGroup.location,\n accountTier: \"Standard\",\n accountReplicationType: \"LRS\",\n});\nconst exampleVirtualNetwork = new azure.network.VirtualNetwork(\"exampleVirtualNetwork\", {\n addressSpaces: [\"10.0.0.0/16\"],\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n});\nconst exampleSubnet = new azure.network.Subnet(\"exampleSubnet\", {\n resourceGroupName: exampleResourceGroup.name,\n virtualNetworkName: exampleVirtualNetwork.name,\n addressPrefixes: [\"10.0.2.0/24\"],\n});\nconst exampleZone = new azure.privatedns.Zone(\"exampleZone\", {resourceGroupName: exampleResourceGroup.name});\nconst exampleEndpoint = new azure.privatelink.Endpoint(\"exampleEndpoint\", {\n location: exampleResourceGroup.location,\n resourceGroupName: exampleResourceGroup.name,\n subnetId: exampleSubnet.id,\n privateServiceConnection: {\n name: \"example-privateserviceconnection\",\n privateConnectionResourceId: exampleAccount.id,\n subresourceNames: [\"blob\"],\n isManualConnection: false,\n },\n privateDnsZoneGroup: {\n name: \"example-dns-zone-group\",\n privateDnsZoneIds: [exampleZone.id],\n },\n});\nconst exampleZoneVirtualNetworkLink = new azure.privatedns.ZoneVirtualNetworkLink(\"exampleZoneVirtualNetworkLink\", {\n resourceGroupName: exampleResourceGroup.name,\n privateDnsZoneName: exampleZone.name,\n virtualNetworkId: exampleVirtualNetwork.id,\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nexample_account = azure.storage.Account(\"exampleAccount\",\n resource_group_name=example_resource_group.name,\n location=example_resource_group.location,\n account_tier=\"Standard\",\n account_replication_type=\"LRS\")\nexample_virtual_network = azure.network.VirtualNetwork(\"exampleVirtualNetwork\",\n address_spaces=[\"10.0.0.0/16\"],\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name)\nexample_subnet = azure.network.Subnet(\"exampleSubnet\",\n resource_group_name=example_resource_group.name,\n virtual_network_name=example_virtual_network.name,\n address_prefixes=[\"10.0.2.0/24\"])\nexample_zone = azure.privatedns.Zone(\"exampleZone\", resource_group_name=example_resource_group.name)\nexample_endpoint = azure.privatelink.Endpoint(\"exampleEndpoint\",\n location=example_resource_group.location,\n resource_group_name=example_resource_group.name,\n subnet_id=example_subnet.id,\n private_service_connection=azure.privatelink.EndpointPrivateServiceConnectionArgs(\n name=\"example-privateserviceconnection\",\n private_connection_resource_id=example_account.id,\n subresource_names=[\"blob\"],\n is_manual_connection=False,\n ),\n private_dns_zone_group=azure.privatelink.EndpointPrivateDnsZoneGroupArgs(\n name=\"example-dns-zone-group\",\n private_dns_zone_ids=[example_zone.id],\n ))\nexample_zone_virtual_network_link = azure.privatedns.ZoneVirtualNetworkLink(\"exampleZoneVirtualNetworkLink\",\n resource_group_name=example_resource_group.name,\n private_dns_zone_name=example_zone.name,\n virtual_network_id=example_virtual_network.id)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var exampleAccount = new Azure.Storage.Account(\"exampleAccount\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n Location = exampleResourceGroup.Location,\n AccountTier = \"Standard\",\n AccountReplicationType = \"LRS\",\n });\n\n var exampleVirtualNetwork = new Azure.Network.VirtualNetwork(\"exampleVirtualNetwork\", new()\n {\n AddressSpaces = new[]\n {\n \"10.0.0.0/16\",\n },\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n });\n\n var exampleSubnet = new Azure.Network.Subnet(\"exampleSubnet\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n VirtualNetworkName = exampleVirtualNetwork.Name,\n AddressPrefixes = new[]\n {\n \"10.0.2.0/24\",\n },\n });\n\n var exampleZone = new Azure.PrivateDns.Zone(\"exampleZone\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n });\n\n var exampleEndpoint = new Azure.PrivateLink.Endpoint(\"exampleEndpoint\", new()\n {\n Location = exampleResourceGroup.Location,\n ResourceGroupName = exampleResourceGroup.Name,\n SubnetId = exampleSubnet.Id,\n PrivateServiceConnection = new Azure.PrivateLink.Inputs.EndpointPrivateServiceConnectionArgs\n {\n Name = \"example-privateserviceconnection\",\n PrivateConnectionResourceId = exampleAccount.Id,\n SubresourceNames = new[]\n {\n \"blob\",\n },\n IsManualConnection = false,\n },\n PrivateDnsZoneGroup = new Azure.PrivateLink.Inputs.EndpointPrivateDnsZoneGroupArgs\n {\n Name = \"example-dns-zone-group\",\n PrivateDnsZoneIds = new[]\n {\n exampleZone.Id,\n },\n },\n });\n\n var exampleZoneVirtualNetworkLink = new Azure.PrivateDns.ZoneVirtualNetworkLink(\"exampleZoneVirtualNetworkLink\", new()\n {\n ResourceGroupName = exampleResourceGroup.Name,\n PrivateDnsZoneName = exampleZone.Name,\n VirtualNetworkId = exampleVirtualNetwork.Id,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatedns\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatelink\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texampleResourceGroup, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleAccount, err := storage.NewAccount(ctx, \"exampleAccount\", \u0026storage.AccountArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tAccountTier: pulumi.String(\"Standard\"),\n\t\t\tAccountReplicationType: pulumi.String(\"LRS\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, \"exampleVirtualNetwork\", \u0026network.VirtualNetworkArgs{\n\t\t\tAddressSpaces: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.0.0/16\"),\n\t\t\t},\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleSubnet, err := network.NewSubnet(ctx, \"exampleSubnet\", \u0026network.SubnetArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tVirtualNetworkName: exampleVirtualNetwork.Name,\n\t\t\tAddressPrefixes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"10.0.2.0/24\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleZone, err := privatedns.NewZone(ctx, \"exampleZone\", \u0026privatedns.ZoneArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = privatelink.NewEndpoint(ctx, \"exampleEndpoint\", \u0026privatelink.EndpointArgs{\n\t\t\tLocation: exampleResourceGroup.Location,\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tSubnetId: exampleSubnet.ID(),\n\t\t\tPrivateServiceConnection: \u0026privatelink.EndpointPrivateServiceConnectionArgs{\n\t\t\t\tName: pulumi.String(\"example-privateserviceconnection\"),\n\t\t\t\tPrivateConnectionResourceId: exampleAccount.ID(),\n\t\t\t\tSubresourceNames: pulumi.StringArray{\n\t\t\t\t\tpulumi.String(\"blob\"),\n\t\t\t\t},\n\t\t\t\tIsManualConnection: pulumi.Bool(false),\n\t\t\t},\n\t\t\tPrivateDnsZoneGroup: \u0026privatelink.EndpointPrivateDnsZoneGroupArgs{\n\t\t\t\tName: pulumi.String(\"example-dns-zone-group\"),\n\t\t\t\tPrivateDnsZoneIds: pulumi.StringArray{\n\t\t\t\t\texampleZone.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = privatedns.NewZoneVirtualNetworkLink(ctx, \"exampleZoneVirtualNetworkLink\", \u0026privatedns.ZoneVirtualNetworkLinkArgs{\n\t\t\tResourceGroupName: exampleResourceGroup.Name,\n\t\t\tPrivateDnsZoneName: exampleZone.Name,\n\t\t\tVirtualNetworkId: exampleVirtualNetwork.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.storage.Account;\nimport com.pulumi.azure.storage.AccountArgs;\nimport com.pulumi.azure.network.VirtualNetwork;\nimport com.pulumi.azure.network.VirtualNetworkArgs;\nimport com.pulumi.azure.network.Subnet;\nimport com.pulumi.azure.network.SubnetArgs;\nimport com.pulumi.azure.privatedns.Zone;\nimport com.pulumi.azure.privatedns.ZoneArgs;\nimport com.pulumi.azure.privatelink.Endpoint;\nimport com.pulumi.azure.privatelink.EndpointArgs;\nimport com.pulumi.azure.privatelink.inputs.EndpointPrivateServiceConnectionArgs;\nimport com.pulumi.azure.privatelink.inputs.EndpointPrivateDnsZoneGroupArgs;\nimport com.pulumi.azure.privatedns.ZoneVirtualNetworkLink;\nimport com.pulumi.azure.privatedns.ZoneVirtualNetworkLinkArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var exampleAccount = new Account(\"exampleAccount\", AccountArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .location(exampleResourceGroup.location())\n .accountTier(\"Standard\")\n .accountReplicationType(\"LRS\")\n .build());\n\n var exampleVirtualNetwork = new VirtualNetwork(\"exampleVirtualNetwork\", VirtualNetworkArgs.builder() \n .addressSpaces(\"10.0.0.0/16\")\n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .build());\n\n var exampleSubnet = new Subnet(\"exampleSubnet\", SubnetArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .virtualNetworkName(exampleVirtualNetwork.name())\n .addressPrefixes(\"10.0.2.0/24\")\n .build());\n\n var exampleZone = new Zone(\"exampleZone\", ZoneArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .build());\n\n var exampleEndpoint = new Endpoint(\"exampleEndpoint\", EndpointArgs.builder() \n .location(exampleResourceGroup.location())\n .resourceGroupName(exampleResourceGroup.name())\n .subnetId(exampleSubnet.id())\n .privateServiceConnection(EndpointPrivateServiceConnectionArgs.builder()\n .name(\"example-privateserviceconnection\")\n .privateConnectionResourceId(exampleAccount.id())\n .subresourceNames(\"blob\")\n .isManualConnection(false)\n .build())\n .privateDnsZoneGroup(EndpointPrivateDnsZoneGroupArgs.builder()\n .name(\"example-dns-zone-group\")\n .privateDnsZoneIds(exampleZone.id())\n .build())\n .build());\n\n var exampleZoneVirtualNetworkLink = new ZoneVirtualNetworkLink(\"exampleZoneVirtualNetworkLink\", ZoneVirtualNetworkLinkArgs.builder() \n .resourceGroupName(exampleResourceGroup.name())\n .privateDnsZoneName(exampleZone.name())\n .virtualNetworkId(exampleVirtualNetwork.id())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n exampleAccount:\n type: azure:storage:Account\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n location: ${exampleResourceGroup.location}\n accountTier: Standard\n accountReplicationType: LRS\n exampleVirtualNetwork:\n type: azure:network:VirtualNetwork\n properties:\n addressSpaces:\n - 10.0.0.0/16\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n exampleSubnet:\n type: azure:network:Subnet\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n virtualNetworkName: ${exampleVirtualNetwork.name}\n addressPrefixes:\n - 10.0.2.0/24\n exampleEndpoint:\n type: azure:privatelink:Endpoint\n properties:\n location: ${exampleResourceGroup.location}\n resourceGroupName: ${exampleResourceGroup.name}\n subnetId: ${exampleSubnet.id}\n privateServiceConnection:\n name: example-privateserviceconnection\n privateConnectionResourceId: ${exampleAccount.id}\n subresourceNames:\n - blob\n isManualConnection: false\n privateDnsZoneGroup:\n name: example-dns-zone-group\n privateDnsZoneIds:\n - ${exampleZone.id}\n exampleZone:\n type: azure:privatedns:Zone\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n exampleZoneVirtualNetworkLink:\n type: azure:privatedns:ZoneVirtualNetworkLink\n properties:\n resourceGroupName: ${exampleResourceGroup.name}\n privateDnsZoneName: ${exampleZone.name}\n virtualNetworkId: ${exampleVirtualNetwork.id}\n```\n{{% /example %}}\n{{% /examples %}}\n## Example HCL Configurations\n\n* How to conneca `Private Endpoint` to a Application Gateway\n* How to connect a `Private Endpoint` to a Cosmos MongoDB\n* How to connect a `Private Endpoint` to a Cosmos PostgreSQL\n* How to connect a `Private Endpoint` to a PostgreSQL Server\n* How to connect a `Private Endpoint` to a Private Link Service\n* How to connect a `Private Endpoint` to a Private DNS Group\n* How to connect a `Private Endpoint` to a Databricks Workspace\n\n\n## Import\n\nPrivate Endpoints can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:privatelink/endpoint:Endpoint example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Network/privateEndpoints/endpoint1\n```\n\n ", "properties": { "customDnsConfigs": { "type": "array", @@ -251692,7 +251704,7 @@ } }, "azure:sql/managedInstanceFailoverGroup:ManagedInstanceFailoverGroup": { - "description": "\n\n\n## Import\n\nSQL Instance Failover Groups can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:sql/managedInstanceFailoverGroup:ManagedInstanceFailoverGroup example /subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Sql/locations/Location/instanceFailoverGroups/failoverGroup1\n```\n\n ", + "description": "Manages a SQL Instance Failover Group.\n\n{{% examples %}}\n## Example Usage\n{{% example %}}\n\n\u003e **Note:** The `azure.sql.ManagedInstanceFailoverGroup` resource is deprecated in version 3.0 of the AzureRM provider and will be removed in version 4.0. Please use the `azure.mssql.ManagedInstanceFailoverGroup` resource instead.\n\n\u003e **Note:** For a more complete example, see the the `examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository.\n\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as azure from \"@pulumi/azure\";\n\nconst exampleResourceGroup = new azure.core.ResourceGroup(\"exampleResourceGroup\", {location: \"West Europe\"});\nconst primary = new azure.sql.ManagedInstance(\"primary\", {\n resourceGroupName: azurerm_resource_group.primary.name,\n location: azurerm_resource_group.primary.location,\n administratorLogin: \"mradministrator\",\n administratorLoginPassword: \"thisIsDog11\",\n licenseType: \"BasePrice\",\n subnetId: azurerm_subnet.primary.id,\n skuName: \"GP_Gen5\",\n vcores: 4,\n storageSizeInGb: 32,\n tags: {\n environment: \"prod\",\n },\n}, {\n dependsOn: [\n azurerm_subnet_network_security_group_association.primary,\n azurerm_subnet_route_table_association.primary,\n ],\n});\nconst secondary = new azure.sql.ManagedInstance(\"secondary\", {\n resourceGroupName: azurerm_resource_group.secondary.name,\n location: azurerm_resource_group.secondary.location,\n administratorLogin: \"mradministrator\",\n administratorLoginPassword: \"thisIsDog11\",\n licenseType: \"BasePrice\",\n subnetId: azurerm_subnet.secondary.id,\n skuName: \"GP_Gen5\",\n vcores: 4,\n storageSizeInGb: 32,\n tags: {\n environment: \"prod\",\n },\n}, {\n dependsOn: [\n azurerm_subnet_network_security_group_association.secondary,\n azurerm_subnet_route_table_association.secondary,\n ],\n});\nconst exampleManagedInstanceFailoverGroup = new azure.sql.ManagedInstanceFailoverGroup(\"exampleManagedInstanceFailoverGroup\", {\n resourceGroupName: azurerm_resource_group.primary.name,\n location: primary.location,\n managedInstanceName: primary.name,\n partnerManagedInstanceId: secondary.id,\n readWriteEndpointFailoverPolicy: {\n mode: \"Automatic\",\n graceMinutes: 60,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_azure as azure\n\nexample_resource_group = azure.core.ResourceGroup(\"exampleResourceGroup\", location=\"West Europe\")\nprimary = azure.sql.ManagedInstance(\"primary\",\n resource_group_name=azurerm_resource_group[\"primary\"][\"name\"],\n location=azurerm_resource_group[\"primary\"][\"location\"],\n administrator_login=\"mradministrator\",\n administrator_login_password=\"thisIsDog11\",\n license_type=\"BasePrice\",\n subnet_id=azurerm_subnet[\"primary\"][\"id\"],\n sku_name=\"GP_Gen5\",\n vcores=4,\n storage_size_in_gb=32,\n tags={\n \"environment\": \"prod\",\n },\n opts=pulumi.ResourceOptions(depends_on=[\n azurerm_subnet_network_security_group_association[\"primary\"],\n azurerm_subnet_route_table_association[\"primary\"],\n ]))\nsecondary = azure.sql.ManagedInstance(\"secondary\",\n resource_group_name=azurerm_resource_group[\"secondary\"][\"name\"],\n location=azurerm_resource_group[\"secondary\"][\"location\"],\n administrator_login=\"mradministrator\",\n administrator_login_password=\"thisIsDog11\",\n license_type=\"BasePrice\",\n subnet_id=azurerm_subnet[\"secondary\"][\"id\"],\n sku_name=\"GP_Gen5\",\n vcores=4,\n storage_size_in_gb=32,\n tags={\n \"environment\": \"prod\",\n },\n opts=pulumi.ResourceOptions(depends_on=[\n azurerm_subnet_network_security_group_association[\"secondary\"],\n azurerm_subnet_route_table_association[\"secondary\"],\n ]))\nexample_managed_instance_failover_group = azure.sql.ManagedInstanceFailoverGroup(\"exampleManagedInstanceFailoverGroup\",\n resource_group_name=azurerm_resource_group[\"primary\"][\"name\"],\n location=primary.location,\n managed_instance_name=primary.name,\n partner_managed_instance_id=secondary.id,\n read_write_endpoint_failover_policy=azure.sql.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs(\n mode=\"Automatic\",\n grace_minutes=60,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Azure = Pulumi.Azure;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var exampleResourceGroup = new Azure.Core.ResourceGroup(\"exampleResourceGroup\", new()\n {\n Location = \"West Europe\",\n });\n\n var primary = new Azure.Sql.ManagedInstance(\"primary\", new()\n {\n ResourceGroupName = azurerm_resource_group.Primary.Name,\n Location = azurerm_resource_group.Primary.Location,\n AdministratorLogin = \"mradministrator\",\n AdministratorLoginPassword = \"thisIsDog11\",\n LicenseType = \"BasePrice\",\n SubnetId = azurerm_subnet.Primary.Id,\n SkuName = \"GP_Gen5\",\n Vcores = 4,\n StorageSizeInGb = 32,\n Tags = \n {\n { \"environment\", \"prod\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n azurerm_subnet_network_security_group_association.Primary,\n azurerm_subnet_route_table_association.Primary,\n },\n });\n\n var secondary = new Azure.Sql.ManagedInstance(\"secondary\", new()\n {\n ResourceGroupName = azurerm_resource_group.Secondary.Name,\n Location = azurerm_resource_group.Secondary.Location,\n AdministratorLogin = \"mradministrator\",\n AdministratorLoginPassword = \"thisIsDog11\",\n LicenseType = \"BasePrice\",\n SubnetId = azurerm_subnet.Secondary.Id,\n SkuName = \"GP_Gen5\",\n Vcores = 4,\n StorageSizeInGb = 32,\n Tags = \n {\n { \"environment\", \"prod\" },\n },\n }, new CustomResourceOptions\n {\n DependsOn = new[]\n {\n azurerm_subnet_network_security_group_association.Secondary,\n azurerm_subnet_route_table_association.Secondary,\n },\n });\n\n var exampleManagedInstanceFailoverGroup = new Azure.Sql.ManagedInstanceFailoverGroup(\"exampleManagedInstanceFailoverGroup\", new()\n {\n ResourceGroupName = azurerm_resource_group.Primary.Name,\n Location = primary.Location,\n ManagedInstanceName = primary.Name,\n PartnerManagedInstanceId = secondary.Id,\n ReadWriteEndpointFailoverPolicy = new Azure.Sql.Inputs.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs\n {\n Mode = \"Automatic\",\n GraceMinutes = 60,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core\"\n\t\"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/sql\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := core.NewResourceGroup(ctx, \"exampleResourceGroup\", \u0026core.ResourceGroupArgs{\n\t\t\tLocation: pulumi.String(\"West Europe\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tprimary, err := sql.NewManagedInstance(ctx, \"primary\", \u0026sql.ManagedInstanceArgs{\n\t\t\tResourceGroupName: pulumi.Any(azurerm_resource_group.Primary.Name),\n\t\t\tLocation: pulumi.Any(azurerm_resource_group.Primary.Location),\n\t\t\tAdministratorLogin: pulumi.String(\"mradministrator\"),\n\t\t\tAdministratorLoginPassword: pulumi.String(\"thisIsDog11\"),\n\t\t\tLicenseType: pulumi.String(\"BasePrice\"),\n\t\t\tSubnetId: pulumi.Any(azurerm_subnet.Primary.Id),\n\t\t\tSkuName: pulumi.String(\"GP_Gen5\"),\n\t\t\tVcores: pulumi.Int(4),\n\t\t\tStorageSizeInGb: pulumi.Int(32),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"environment\": pulumi.String(\"prod\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tazurerm_subnet_network_security_group_association.Primary,\n\t\t\tazurerm_subnet_route_table_association.Primary,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecondary, err := sql.NewManagedInstance(ctx, \"secondary\", \u0026sql.ManagedInstanceArgs{\n\t\t\tResourceGroupName: pulumi.Any(azurerm_resource_group.Secondary.Name),\n\t\t\tLocation: pulumi.Any(azurerm_resource_group.Secondary.Location),\n\t\t\tAdministratorLogin: pulumi.String(\"mradministrator\"),\n\t\t\tAdministratorLoginPassword: pulumi.String(\"thisIsDog11\"),\n\t\t\tLicenseType: pulumi.String(\"BasePrice\"),\n\t\t\tSubnetId: pulumi.Any(azurerm_subnet.Secondary.Id),\n\t\t\tSkuName: pulumi.String(\"GP_Gen5\"),\n\t\t\tVcores: pulumi.Int(4),\n\t\t\tStorageSizeInGb: pulumi.Int(32),\n\t\t\tTags: pulumi.StringMap{\n\t\t\t\t\"environment\": pulumi.String(\"prod\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tazurerm_subnet_network_security_group_association.Secondary,\n\t\t\tazurerm_subnet_route_table_association.Secondary,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sql.NewManagedInstanceFailoverGroup(ctx, \"exampleManagedInstanceFailoverGroup\", \u0026sql.ManagedInstanceFailoverGroupArgs{\n\t\t\tResourceGroupName: pulumi.Any(azurerm_resource_group.Primary.Name),\n\t\t\tLocation: primary.Location,\n\t\t\tManagedInstanceName: primary.Name,\n\t\t\tPartnerManagedInstanceId: secondary.ID(),\n\t\t\tReadWriteEndpointFailoverPolicy: \u0026sql.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs{\n\t\t\t\tMode: pulumi.String(\"Automatic\"),\n\t\t\t\tGraceMinutes: pulumi.Int(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.azure.core.ResourceGroup;\nimport com.pulumi.azure.core.ResourceGroupArgs;\nimport com.pulumi.azure.sql.ManagedInstance;\nimport com.pulumi.azure.sql.ManagedInstanceArgs;\nimport com.pulumi.azure.sql.ManagedInstanceFailoverGroup;\nimport com.pulumi.azure.sql.ManagedInstanceFailoverGroupArgs;\nimport com.pulumi.azure.sql.inputs.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleResourceGroup = new ResourceGroup(\"exampleResourceGroup\", ResourceGroupArgs.builder() \n .location(\"West Europe\")\n .build());\n\n var primary = new ManagedInstance(\"primary\", ManagedInstanceArgs.builder() \n .resourceGroupName(azurerm_resource_group.primary().name())\n .location(azurerm_resource_group.primary().location())\n .administratorLogin(\"mradministrator\")\n .administratorLoginPassword(\"thisIsDog11\")\n .licenseType(\"BasePrice\")\n .subnetId(azurerm_subnet.primary().id())\n .skuName(\"GP_Gen5\")\n .vcores(4)\n .storageSizeInGb(32)\n .tags(Map.of(\"environment\", \"prod\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n azurerm_subnet_network_security_group_association.primary(),\n azurerm_subnet_route_table_association.primary())\n .build());\n\n var secondary = new ManagedInstance(\"secondary\", ManagedInstanceArgs.builder() \n .resourceGroupName(azurerm_resource_group.secondary().name())\n .location(azurerm_resource_group.secondary().location())\n .administratorLogin(\"mradministrator\")\n .administratorLoginPassword(\"thisIsDog11\")\n .licenseType(\"BasePrice\")\n .subnetId(azurerm_subnet.secondary().id())\n .skuName(\"GP_Gen5\")\n .vcores(4)\n .storageSizeInGb(32)\n .tags(Map.of(\"environment\", \"prod\"))\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n azurerm_subnet_network_security_group_association.secondary(),\n azurerm_subnet_route_table_association.secondary())\n .build());\n\n var exampleManagedInstanceFailoverGroup = new ManagedInstanceFailoverGroup(\"exampleManagedInstanceFailoverGroup\", ManagedInstanceFailoverGroupArgs.builder() \n .resourceGroupName(azurerm_resource_group.primary().name())\n .location(primary.location())\n .managedInstanceName(primary.name())\n .partnerManagedInstanceId(secondary.id())\n .readWriteEndpointFailoverPolicy(ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs.builder()\n .mode(\"Automatic\")\n .graceMinutes(60)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n exampleResourceGroup:\n type: azure:core:ResourceGroup\n properties:\n location: West Europe\n primary:\n type: azure:sql:ManagedInstance\n properties:\n resourceGroupName: ${azurerm_resource_group.primary.name}\n location: ${azurerm_resource_group.primary.location}\n administratorLogin: mradministrator\n administratorLoginPassword: thisIsDog11\n licenseType: BasePrice\n subnetId: ${azurerm_subnet.primary.id}\n skuName: GP_Gen5\n vcores: 4\n storageSizeInGb: 32\n tags:\n environment: prod\n options:\n dependson:\n - ${azurerm_subnet_network_security_group_association.primary}\n - ${azurerm_subnet_route_table_association.primary}\n secondary:\n type: azure:sql:ManagedInstance\n properties:\n resourceGroupName: ${azurerm_resource_group.secondary.name}\n location: ${azurerm_resource_group.secondary.location}\n administratorLogin: mradministrator\n administratorLoginPassword: thisIsDog11\n licenseType: BasePrice\n subnetId: ${azurerm_subnet.secondary.id}\n skuName: GP_Gen5\n vcores: 4\n storageSizeInGb: 32\n tags:\n environment: prod\n options:\n dependson:\n - ${azurerm_subnet_network_security_group_association.secondary}\n - ${azurerm_subnet_route_table_association.secondary}\n exampleManagedInstanceFailoverGroup:\n type: azure:sql:ManagedInstanceFailoverGroup\n properties:\n resourceGroupName: ${azurerm_resource_group.primary.name}\n location: ${primary.location}\n managedInstanceName: ${primary.name}\n partnerManagedInstanceId: ${secondary.id}\n readWriteEndpointFailoverPolicy:\n mode: Automatic\n graceMinutes: 60\n```\n{{% /example %}}\n{{% /examples %}}\n\n## Import\n\nSQL Instance Failover Groups can be imported using the `resource id`, e.g.\n\n```sh\n $ pulumi import azure:sql/managedInstanceFailoverGroup:ManagedInstanceFailoverGroup example /subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/resGroup1/providers/Microsoft.Sql/locations/Location/instanceFailoverGroups/failoverGroup1\n```\n\n ", "properties": { "location": { "type": "string", diff --git a/provider/go.mod b/provider/go.mod index 8b35f3c357..acc22eca7e 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -9,9 +9,9 @@ require ( github.com/hashicorp/go-azure-sdk v0.20240117.1163544 github.com/hashicorp/terraform-plugin-sdk/v2 v2.29.0 github.com/hashicorp/terraform-provider-azurerm v1.44.1-0.20220923005104-eaa801c358ff - github.com/pulumi/providertest v0.0.5 - github.com/pulumi/pulumi-terraform-bridge/v3 v3.71.0 - github.com/pulumi/pulumi/sdk/v3 v3.101.1 + github.com/pulumi/providertest v0.0.10 + github.com/pulumi/pulumi-terraform-bridge/v3 v3.72.0 + github.com/pulumi/pulumi/sdk/v3 v3.103.1 github.com/stretchr/testify v1.8.4 ) @@ -192,8 +192,8 @@ require ( github.com/pulumi/esc v0.6.2 // indirect github.com/pulumi/pulumi-java/pkg v0.9.9 // indirect github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.7 // indirect - github.com/pulumi/pulumi-yaml v1.4.5 // indirect - github.com/pulumi/pulumi/pkg/v3 v3.101.1 // indirect + github.com/pulumi/pulumi-yaml v1.5.0 // indirect + github.com/pulumi/pulumi/pkg/v3 v3.103.1 // indirect github.com/pulumi/schema-tools v0.1.2 // indirect github.com/pulumi/terraform-diff-reader v0.0.2 // indirect github.com/rickb777/date v1.12.5-0.20200422084442-6300e543c4d9 // indirect @@ -232,14 +232,14 @@ require ( go.uber.org/atomic v1.9.0 // indirect gocloud.dev v0.27.0 // indirect gocloud.dev/secrets/hashivault v0.27.0 // indirect - golang.org/x/crypto v0.17.0 // indirect + golang.org/x/crypto v0.18.0 // indirect golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect golang.org/x/mod v0.14.0 // indirect golang.org/x/net v0.19.0 // indirect golang.org/x/oauth2 v0.13.0 // indirect golang.org/x/sync v0.5.0 // indirect - golang.org/x/sys v0.15.0 // indirect - golang.org/x/term v0.15.0 // indirect + golang.org/x/sys v0.16.0 // indirect + golang.org/x/term v0.16.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.15.0 // indirect diff --git a/provider/go.sum b/provider/go.sum index 1976641b7f..9858eccdec 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -1240,6 +1240,12 @@ github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeME github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= github.com/gin-gonic/gin v1.6.3/go.mod h1:75u5sXoLsGZoRN5Sgbi1eraJ4GU3++wFwWzhwvtwp4M= github.com/gin-gonic/gin v1.7.7/go.mod h1:axIBovoeJpVj8S3BwE0uPMTeReE4+AfFtqpqaZ1qq1U= +github.com/gkampitakis/ciinfo v0.3.0 h1:gWZlOC2+RYYttL0hBqcoQhM7h1qNkVqvRCV1fOvpAv8= +github.com/gkampitakis/ciinfo v0.3.0/go.mod h1:1NIwaOcFChN4fa/B0hEBdAb6npDlFL8Bwx4dfRLRqAo= +github.com/gkampitakis/go-diff v1.3.2 h1:Qyn0J9XJSDTgnsgHRdz9Zp24RaJeKMUHg2+PDZZdC4M= +github.com/gkampitakis/go-diff v1.3.2/go.mod h1:LLgOrpqleQe26cte8s36HTWcTmMEur6OPYerdAAS9tk= +github.com/gkampitakis/go-snaps v0.4.9 h1:x6+GEQeYWC+cnLNsHK5uXXgEQADmlH/1EqMrjfXjzk8= +github.com/gkampitakis/go-snaps v0.4.9/go.mod h1:8HW4KX3JKV8M0GSw69CvT+Jqhd1AlBPMPpBfjBI3bdY= github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4= github.com/go-asn1-ber/asn1-ber v1.3.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= @@ -2214,22 +2220,20 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.6.2 h1:+z+l8cuwIauLSwXQS0uoI3rqB+YG4SzsZYtHfNoXBvw= github.com/pulumi/esc v0.6.2/go.mod h1:jNnYNjzsOgVTjCp0LL24NsCk8ZJxq4IoLQdCT0X7l8k= -github.com/pulumi/providertest v0.0.5 h1:+NQXBudDWSGmSEU6zgh/Bb6sXzv4e8hDVp2n2Tu/GvM= -github.com/pulumi/providertest v0.0.5/go.mod h1:fwGDI/khKruoumzTOisCLooJwJT20OvYHcKMkIsfTCk= +github.com/pulumi/providertest v0.0.10 h1:bx77G0JYPO2Alf/SHRP05XpAYMrboKJkMIVkbFclVhI= +github.com/pulumi/providertest v0.0.10/go.mod h1:HsxjVsytcMIuNj19w1lT2W0QXY0oReXl1+h6eD2JXP8= github.com/pulumi/pulumi-java/pkg v0.9.9 h1:F3xJUtMFDVrTGCxb7Rh2Q8s6tj7gMfM5pcoUthz7vFY= github.com/pulumi/pulumi-java/pkg v0.9.9/go.mod h1:LVF1zeg3UkToHWxb67V+zEIxQc3EdMnlot5NWSt+FpA= -github.com/pulumi/pulumi-terraform-bridge/testing v0.0.1 h1:SCg1gjfY9N4yn8U8peIUYATifjoDABkyR7H9lmefsfc= -github.com/pulumi/pulumi-terraform-bridge/testing v0.0.1/go.mod h1:7OeUPH8rpt5ipyj9EFcnXpuzQ8SHL0dyqdfa8nOacdk= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.71.0 h1:NXBrgVt/5KzEosqB5Tu2grLCUpyL6gYE4EdecqGjsz4= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.71.0/go.mod h1:tQ8A0LWPlu21YrCLZoQq4CQD3zvPSZcqkA/3yKYniN4= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.72.0 h1:xdGSxTC2fOZwRZ2iGLu+s0SF2lts2L7R84Y2c6ndweU= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.72.0/go.mod h1:Yzb9hyI9UxJ+chr4JjOVjwkNtS+uIcq6eiyQoZaliAA= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.7 h1:Z9vmfVTW0QtJrWh+DRR3UKiRZX23f45lFtdhQiUHEqE= github.com/pulumi/pulumi-terraform-bridge/x/muxer v0.0.7/go.mod h1:T9zHpTHyVz2EyobzByFFpjfqgGtXO4C4bNqC0j29D2I= -github.com/pulumi/pulumi-yaml v1.4.5 h1:uSSCKYgbSxhJs3RJYEty5JsZOJFEIE0x8w38VyeSkNs= -github.com/pulumi/pulumi-yaml v1.4.5/go.mod h1:wEZjuwid6ZF8aWwLPQSG3h+1NpWGat87oHOKSHSN+eM= -github.com/pulumi/pulumi/pkg/v3 v3.101.1 h1:6+fm+wIE4A7sF93nl9t8MwoaBXjjHgFwk/8LCAJXI/s= -github.com/pulumi/pulumi/pkg/v3 v3.101.1/go.mod h1:zh7NVOEB/ncG51l1+EwlR0pQVLB7RSkzMamFMGcadH0= -github.com/pulumi/pulumi/sdk/v3 v3.101.1 h1:jBUGbLZjfeQkpheacnqXbuw/zSJEq11Gmond2EENkwQ= -github.com/pulumi/pulumi/sdk/v3 v3.101.1/go.mod h1:SB8P0BEGBRaONBxwoTjUFhGPLU5P3+MHF6/tGitlHOM= +github.com/pulumi/pulumi-yaml v1.5.0 h1:HfXu+WSFNpycref9CK935cViYJzXwSgHGWM/RepyrW0= +github.com/pulumi/pulumi-yaml v1.5.0/go.mod h1:AvKSmEQv2EkPbpvAQroR1eP1LkJGC8z5NDM34rVWOtg= +github.com/pulumi/pulumi/pkg/v3 v3.103.1 h1:sxacPM2TyDSCufZkescZGnMR22t+REu9nhv68u9rLQ8= +github.com/pulumi/pulumi/pkg/v3 v3.103.1/go.mod h1:AotODpuSfN4XommpmMifBExNmucrnH84cbEhVOeqEQM= +github.com/pulumi/pulumi/sdk/v3 v3.103.1 h1:6o0zt5srgIjDsOI5JWNSwMqoB8vGiI3xow0RDZ3JX2c= +github.com/pulumi/pulumi/sdk/v3 v3.103.1/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= github.com/pulumi/schema-tools v0.1.2 h1:Fd9xvUjgck4NA+7/jSk7InqCUT4Kj940+EcnbQKpfZo= github.com/pulumi/schema-tools v0.1.2/go.mod h1:62lgj52Tzq11eqWTIaKd+EVyYAu5dEcDJxMhTjvMO/k= github.com/pulumi/terraform-diff-reader v0.0.2 h1:kTE4nEXU3/SYXESvAIem+wyHMI3abqkI3OhJ0G04LLI= @@ -2385,7 +2389,15 @@ github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ github.com/tedsuo/ifrit v0.0.0-20180802180643-bea94bb476cc/go.mod h1:eyZnKCc955uh98WQvzOm0dgAeLnf2O0Rz0LPoC5ze+0= github.com/texttheater/golang-levenshtein v1.0.1 h1:+cRNoVrfiwufQPhoMzB6N0Yf/Mqajr6t1lOv8GyGE2U= github.com/texttheater/golang-levenshtein v1.0.1/go.mod h1:PYAKrbF5sAiq9wd+H82hs7gNaen0CplQ9uvm6+enD/8= +github.com/tidwall/gjson v1.17.0 h1:/Jocvlh98kcTfpN2+JzGQWQcqrPQwDrVEMApx/M5ZwM= +github.com/tidwall/gjson v1.17.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= +github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= +github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= +github.com/tidwall/pretty v1.2.1 h1:qjsOFOWWQl+N3RsoF5/ssm1pHmJJwhjlSbZ51I6wMl4= +github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= +github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY= +github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= @@ -2623,8 +2635,8 @@ golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= +golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -3002,8 +3014,8 @@ golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -3020,8 +3032,8 @@ golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= -golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= +golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE= +golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/provider/resources.go b/provider/resources.go index e173d0f7db..80a099e18d 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -3463,6 +3463,7 @@ func Provider() tfbridge.ProviderInfo { // For all resources with `location` properties, default to the resource group's location to which the // resource belongs. This ensures that each resource doesn't need to be given a location explicitly. rgRegionMap := make(map[string]string) + ctx := context.Background() for resname, res := range prov.Resources { if schema := prov.P.ResourcesMap().Get(resname); schema != nil { if tfs, has := schema.Schema().GetOk(azureLocation); has && (tfs.Optional() || tfs.Required()) { @@ -3473,7 +3474,7 @@ func Provider() tfbridge.ProviderInfo { res.Fields[azureLocation] = &tfbridge.SchemaInfo{ Name: azureLocation, Default: &tfbridge.DefaultInfo{ - From: defaultAzureLocation(p, rgRegionMap), + From: defaultAzureLocation(ctx, p, rgRegionMap), }, } } @@ -3484,7 +3485,7 @@ func Provider() tfbridge.ProviderInfo { return prov } -func defaultAzureLocation( +func defaultAzureLocation(ctx context.Context, p tfshim.Provider, rgRegionMap map[string]string, ) func(res *tfbridge.PulumiResource) (interface{}, error) { return func(res *tfbridge.PulumiResource) (interface{}, error) { @@ -3507,7 +3508,7 @@ func defaultAzureLocation( contract.Assertf(importer != nil, "importer cannot be nil") states, err := importer("azurerm_resource_group", fmt.Sprintf("/subscriptions/_/resourceGroups/%s", - rg.StringValue()), p.Meta()) + rg.StringValue()), p.Meta(ctx)) if err != nil { return nil, err } @@ -3515,7 +3516,7 @@ func defaultAzureLocation( case 0: rgRegion = tfbridge.TerraformUnknownVariableValue case 1: - state, err := p.Refresh("azurerm_resource_group", states[0], nil) + state, err := p.Refresh(ctx, "azurerm_resource_group", states[0], nil) switch { case err != nil: return nil, err diff --git a/sdk/dotnet/AppService/EnvironmentV3.cs b/sdk/dotnet/AppService/EnvironmentV3.cs index 3ee10de4d0..bdd419c404 100644 --- a/sdk/dotnet/AppService/EnvironmentV3.cs +++ b/sdk/dotnet/AppService/EnvironmentV3.cs @@ -10,6 +10,102 @@ namespace Pulumi.Azure.AppService { /// + /// Manages a 3rd Generation (v3) App Service Environment. + /// + /// ## Example Usage + /// + /// This example provisions an App Service Environment V3. Additional examples of how to use the `azure.appservice.EnvironmentV3` resource can be found in the `./examples/app-service-environment-v3` directory within the GitHub Repository. + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("exampleVirtualNetwork", new() + /// { + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// AddressSpaces = new[] + /// { + /// "10.0.0.0/16", + /// }, + /// }); + /// + /// var exampleSubnet = new Azure.Network.Subnet("exampleSubnet", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// VirtualNetworkName = exampleVirtualNetwork.Name, + /// AddressPrefixes = new[] + /// { + /// "10.0.2.0/24", + /// }, + /// Delegations = new[] + /// { + /// new Azure.Network.Inputs.SubnetDelegationArgs + /// { + /// Name = "Microsoft.Web.hostingEnvironments", + /// ServiceDelegation = new Azure.Network.Inputs.SubnetDelegationServiceDelegationArgs + /// { + /// Name = "Microsoft.Web/hostingEnvironments", + /// Actions = new[] + /// { + /// "Microsoft.Network/virtualNetworks/subnets/action", + /// }, + /// }, + /// }, + /// }, + /// }); + /// + /// var exampleEnvironmentV3 = new Azure.AppService.EnvironmentV3("exampleEnvironmentV3", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// SubnetId = exampleSubnet.Id, + /// InternalLoadBalancingMode = "Web, Publishing", + /// ClusterSettings = new[] + /// { + /// new Azure.AppService.Inputs.EnvironmentV3ClusterSettingArgs + /// { + /// Name = "DisableTls1.0", + /// Value = "1", + /// }, + /// new Azure.AppService.Inputs.EnvironmentV3ClusterSettingArgs + /// { + /// Name = "InternalEncryption", + /// Value = "true", + /// }, + /// new Azure.AppService.Inputs.EnvironmentV3ClusterSettingArgs + /// { + /// Name = "FrontEndSSLCipherSuiteOrder", + /// Value = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + /// }, + /// }, + /// Tags = + /// { + /// { "env", "production" }, + /// { "terraformed", "true" }, + /// }, + /// }); + /// + /// var exampleServicePlan = new Azure.AppService.ServicePlan("exampleServicePlan", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// Location = exampleResourceGroup.Location, + /// OsType = "Linux", + /// SkuName = "I1v2", + /// AppServiceEnvironmentId = exampleEnvironmentV3.Id, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// A 3rd Generation (v3) App Service Environment can be imported using the `resource id`, e.g. diff --git a/sdk/dotnet/AppService/Inputs/SlotSiteConfigArgs.cs b/sdk/dotnet/AppService/Inputs/SlotSiteConfigArgs.cs index 272482cfdb..294c0b652f 100644 --- a/sdk/dotnet/AppService/Inputs/SlotSiteConfigArgs.cs +++ b/sdk/dotnet/AppService/Inputs/SlotSiteConfigArgs.cs @@ -223,6 +223,11 @@ public InputList ScmIpRestrictions [Input("websocketsEnabled")] public Input? WebsocketsEnabled { get; set; } + /// + /// The Windows Docker container image (`DOCKER|<user/image:tag>`) + /// + /// Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + /// [Input("windowsFxVersion")] public Input? WindowsFxVersion { get; set; } diff --git a/sdk/dotnet/AppService/Inputs/SlotSiteConfigGetArgs.cs b/sdk/dotnet/AppService/Inputs/SlotSiteConfigGetArgs.cs index a34bc49f68..368cd3df62 100644 --- a/sdk/dotnet/AppService/Inputs/SlotSiteConfigGetArgs.cs +++ b/sdk/dotnet/AppService/Inputs/SlotSiteConfigGetArgs.cs @@ -223,6 +223,11 @@ public InputList ScmIpRestrictions [Input("websocketsEnabled")] public Input? WebsocketsEnabled { get; set; } + /// + /// The Windows Docker container image (`DOCKER|<user/image:tag>`) + /// + /// Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + /// [Input("windowsFxVersion")] public Input? WindowsFxVersion { get; set; } diff --git a/sdk/dotnet/AppService/Outputs/SlotSiteConfig.cs b/sdk/dotnet/AppService/Outputs/SlotSiteConfig.cs index 80aadcf4a4..2c69c79aaf 100644 --- a/sdk/dotnet/AppService/Outputs/SlotSiteConfig.cs +++ b/sdk/dotnet/AppService/Outputs/SlotSiteConfig.cs @@ -146,6 +146,11 @@ public sealed class SlotSiteConfig /// Should WebSockets be enabled? /// public readonly bool? WebsocketsEnabled; + /// + /// The Windows Docker container image (`DOCKER|<user/image:tag>`) + /// + /// Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + /// public readonly string? WindowsFxVersion; [OutputConstructor] diff --git a/sdk/dotnet/ArcKubernetes/Cluster.cs b/sdk/dotnet/ArcKubernetes/Cluster.cs index 1670dec24c..14d43a9c48 100644 --- a/sdk/dotnet/ArcKubernetes/Cluster.cs +++ b/sdk/dotnet/ArcKubernetes/Cluster.cs @@ -10,6 +10,53 @@ namespace Pulumi.Azure.ArcKubernetes { /// + /// Manages an Arc Kubernetes Cluster. + /// + /// > **Note:** Installing and configuring the Azure Arc Agent on your Kubernetes Cluster to establish connectivity is outside the scope of this document. For more details refer to [Deploy agents to your cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/conceptual-agent-overview#deploy-agents-to-your-cluster) and [Connect an existing Kubernetes Cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/quickstart-connect-cluster?tabs=azure-cli#connect-an-existing-kubernetes-cluster). If you encounter issues connecting your Kubernetes Cluster to Azure Arc, we'd recommend opening a ticket with Microsoft Support. + /// + /// ## Example Usage + /// + /// ```csharp + /// using System; + /// using System.Collections.Generic; + /// using System.IO; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// + /// string ReadFileBase64(string path) + /// { + /// return Convert.ToBase64String(Encoding.UTF8.GetBytes(File.ReadAllText(path))); + /// } + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var exampleCluster = new Azure.ArcKubernetes.Cluster("exampleCluster", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// Location = "West Europe", + /// AgentPublicKeyCertificate = ReadFileBase64("testdata/public.cer"), + /// Identity = new Azure.ArcKubernetes.Inputs.ClusterIdentityArgs + /// { + /// Type = "SystemAssigned", + /// }, + /// Tags = + /// { + /// { "ENV", "Test" }, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// > **Note:** An extensive example on connecting the `azure.arckubernetes.Cluster` to an external kubernetes cluster can be found in the `./examples/arckubernetes` directory within the GitHub Repository. + /// /// ## Import /// /// Arc Kubernetes Cluster can be imported using the `resource id`, e.g. diff --git a/sdk/dotnet/Cdn/Endpoint.cs b/sdk/dotnet/Cdn/Endpoint.cs index 9596e1d4df..c76537c9c3 100644 --- a/sdk/dotnet/Cdn/Endpoint.cs +++ b/sdk/dotnet/Cdn/Endpoint.cs @@ -10,6 +10,10 @@ namespace Pulumi.Azure.Cdn { /// + /// A CDN Endpoint is the entity within a CDN Profile containing configuration information regarding caching behaviours and origins. The CDN Endpoint is exposed using the URL format `<endpointname>.azureedge.net`. + /// + /// !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + /// /// ## Example Usage /// /// ```csharp diff --git a/sdk/dotnet/Cdn/FrontdoorOrigin.cs b/sdk/dotnet/Cdn/FrontdoorOrigin.cs index d636dd5d38..b70421f53f 100644 --- a/sdk/dotnet/Cdn/FrontdoorOrigin.cs +++ b/sdk/dotnet/Cdn/FrontdoorOrigin.cs @@ -10,6 +10,251 @@ namespace Pulumi.Azure.Cdn { /// + /// Manages a Front Door (standard/premium) Origin. + /// + /// !>**IMPORTANT:** If you are attempting to implement an Origin that uses its own Private Link Service with a Load Balancer the Profile resource in your configuration file **must** have a `depends_on` meta-argument which references the `azure.privatedns.LinkService`, see `Example Usage With Private Link Service` below. + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var exampleFrontdoorProfile = new Azure.Cdn.FrontdoorProfile("exampleFrontdoorProfile", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// SkuName = "Premium_AzureFrontDoor", + /// }); + /// + /// var exampleFrontdoorOriginGroup = new Azure.Cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", new() + /// { + /// CdnFrontdoorProfileId = exampleFrontdoorProfile.Id, + /// LoadBalancing = null, + /// }); + /// + /// var exampleFrontdoorOrigin = new Azure.Cdn.FrontdoorOrigin("exampleFrontdoorOrigin", new() + /// { + /// CdnFrontdoorOriginGroupId = exampleFrontdoorOriginGroup.Id, + /// Enabled = true, + /// CertificateNameCheckEnabled = false, + /// HostName = "contoso.com", + /// HttpPort = 80, + /// HttpsPort = 443, + /// OriginHostHeader = "www.contoso.com", + /// Priority = 1, + /// Weight = 1, + /// }); + /// + /// }); + /// ``` + /// ### With Private Link + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var exampleAccount = new Azure.Storage.Account("exampleAccount", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// Location = exampleResourceGroup.Location, + /// AccountTier = "Premium", + /// AccountReplicationType = "LRS", + /// AllowNestedItemsToBePublic = false, + /// NetworkRules = new Azure.Storage.Inputs.AccountNetworkRulesArgs + /// { + /// DefaultAction = "Deny", + /// }, + /// Tags = + /// { + /// { "environment", "Example" }, + /// }, + /// }); + /// + /// var exampleFrontdoorProfile = new Azure.Cdn.FrontdoorProfile("exampleFrontdoorProfile", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// SkuName = "Premium_AzureFrontDoor", + /// }); + /// + /// var exampleFrontdoorOriginGroup = new Azure.Cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", new() + /// { + /// CdnFrontdoorProfileId = exampleFrontdoorProfile.Id, + /// LoadBalancing = null, + /// }); + /// + /// var exampleFrontdoorOrigin = new Azure.Cdn.FrontdoorOrigin("exampleFrontdoorOrigin", new() + /// { + /// CdnFrontdoorOriginGroupId = exampleFrontdoorOriginGroup.Id, + /// Enabled = true, + /// CertificateNameCheckEnabled = true, + /// HostName = exampleAccount.PrimaryBlobHost, + /// OriginHostHeader = exampleAccount.PrimaryBlobHost, + /// Priority = 1, + /// Weight = 500, + /// PrivateLink = new Azure.Cdn.Inputs.FrontdoorOriginPrivateLinkArgs + /// { + /// RequestMessage = "Request access for Private Link Origin CDN Frontdoor", + /// TargetType = "blob", + /// Location = exampleAccount.Location, + /// PrivateLinkTargetId = exampleAccount.Id, + /// }, + /// }); + /// + /// }); + /// ``` + /// ### With Private Link Service + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var current = Azure.Core.GetClientConfig.Invoke(); + /// + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("exampleVirtualNetwork", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// Location = exampleResourceGroup.Location, + /// AddressSpaces = new[] + /// { + /// "10.5.0.0/16", + /// }, + /// }); + /// + /// var exampleSubnet = new Azure.Network.Subnet("exampleSubnet", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// VirtualNetworkName = exampleVirtualNetwork.Name, + /// AddressPrefixes = new[] + /// { + /// "10.5.1.0/24", + /// }, + /// PrivateLinkServiceNetworkPoliciesEnabled = false, + /// }); + /// + /// var examplePublicIp = new Azure.Network.PublicIp("examplePublicIp", new() + /// { + /// Sku = "Standard", + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// AllocationMethod = "Static", + /// }); + /// + /// var exampleLoadBalancer = new Azure.Lb.LoadBalancer("exampleLoadBalancer", new() + /// { + /// Sku = "Standard", + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// FrontendIpConfigurations = new[] + /// { + /// new Azure.Lb.Inputs.LoadBalancerFrontendIpConfigurationArgs + /// { + /// Name = examplePublicIp.Name, + /// PublicIpAddressId = examplePublicIp.Id, + /// }, + /// }, + /// }); + /// + /// var exampleLinkService = new Azure.PrivateDns.LinkService("exampleLinkService", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// Location = exampleResourceGroup.Location, + /// VisibilitySubscriptionIds = new[] + /// { + /// current.Apply(getClientConfigResult => getClientConfigResult.SubscriptionId), + /// }, + /// LoadBalancerFrontendIpConfigurationIds = new[] + /// { + /// exampleLoadBalancer.FrontendIpConfigurations.Apply(frontendIpConfigurations => frontendIpConfigurations[0]?.Id), + /// }, + /// NatIpConfigurations = new[] + /// { + /// new Azure.PrivateDns.Inputs.LinkServiceNatIpConfigurationArgs + /// { + /// Name = "primary", + /// PrivateIpAddress = "10.5.1.17", + /// PrivateIpAddressVersion = "IPv4", + /// SubnetId = exampleSubnet.Id, + /// Primary = true, + /// }, + /// }, + /// }); + /// + /// var exampleFrontdoorProfile = new Azure.Cdn.FrontdoorProfile("exampleFrontdoorProfile", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// SkuName = "Premium_AzureFrontDoor", + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// exampleLinkService, + /// }, + /// }); + /// + /// var exampleFrontdoorOriginGroup = new Azure.Cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", new() + /// { + /// CdnFrontdoorProfileId = exampleFrontdoorProfile.Id, + /// LoadBalancing = new Azure.Cdn.Inputs.FrontdoorOriginGroupLoadBalancingArgs + /// { + /// AdditionalLatencyInMilliseconds = 0, + /// SampleSize = 16, + /// SuccessfulSamplesRequired = 3, + /// }, + /// }); + /// + /// var exampleFrontdoorOrigin = new Azure.Cdn.FrontdoorOrigin("exampleFrontdoorOrigin", new() + /// { + /// CdnFrontdoorOriginGroupId = exampleFrontdoorOriginGroup.Id, + /// Enabled = true, + /// HostName = "example.com", + /// OriginHostHeader = "example.com", + /// Priority = 1, + /// Weight = 1000, + /// CertificateNameCheckEnabled = false, + /// PrivateLink = new Azure.Cdn.Inputs.FrontdoorOriginPrivateLinkArgs + /// { + /// RequestMessage = "Request access for Private Link Origin CDN Frontdoor", + /// Location = exampleResourceGroup.Location, + /// PrivateLinkTargetId = exampleLinkService.Id, + /// }, + /// }); + /// + /// }); + /// ``` + /// ## Example HCL Configurations + /// + /// * Private Link Origin with Storage Account Blob + /// * Private Link Origin with Storage Account Static Web Site + /// * Private Link Origin with Linux Web Application + /// * Private Link Origin with Internal Load Balancer + /// /// ## Import /// /// Front Door Origins can be imported using the `resource id`, e.g. diff --git a/sdk/dotnet/Cdn/Profile.cs b/sdk/dotnet/Cdn/Profile.cs index 21422135f4..d33927fbb0 100644 --- a/sdk/dotnet/Cdn/Profile.cs +++ b/sdk/dotnet/Cdn/Profile.cs @@ -10,6 +10,10 @@ namespace Pulumi.Azure.Cdn { /// + /// Manages a CDN Profile to create a collection of CDN Endpoints. + /// + /// !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + /// /// ## Example Usage /// /// ```csharp diff --git a/sdk/dotnet/Compute/Image.cs b/sdk/dotnet/Compute/Image.cs index 8612cbfaa6..dc6ed56c2d 100644 --- a/sdk/dotnet/Compute/Image.cs +++ b/sdk/dotnet/Compute/Image.cs @@ -10,6 +10,36 @@ namespace Pulumi.Azure.Compute { /// + /// Manages a custom virtual machine image that can be used to create virtual machines. + /// + /// ## Example Usage + /// + /// > **Note:** For a more complete example, see the `examples/image` directory within the GitHub Repository. + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleVirtualMachine = Azure.Compute.GetVirtualMachine.Invoke(new() + /// { + /// Name = "examplevm", + /// ResourceGroupName = "example-resources", + /// }); + /// + /// var exampleImage = new Azure.Compute.Image("exampleImage", new() + /// { + /// Location = exampleVirtualMachine.Apply(getVirtualMachineResult => getVirtualMachineResult.Location), + /// ResourceGroupName = exampleVirtualMachine.Apply(getVirtualMachineResult => getVirtualMachineResult.Name), + /// SourceVirtualMachineId = exampleVirtualMachine.Apply(getVirtualMachineResult => getVirtualMachineResult.Id), + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// Images can be imported using the `resource id`, e.g. diff --git a/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationArgs.cs b/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationArgs.cs index 8778419dff..234e0321da 100644 --- a/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationArgs.cs +++ b/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationArgs.cs @@ -68,6 +68,11 @@ public InputList? PatchAssessmentMode { get; set; } + /// + /// Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + /// + /// > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + /// [Input("patchMode")] public Input? PatchMode { get; set; } diff --git a/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationGetArgs.cs b/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationGetArgs.cs index aa1d59f5a9..73ba79c649 100644 --- a/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationGetArgs.cs @@ -68,6 +68,11 @@ public InputList? PatchAssessmentMode { get; set; } + /// + /// Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + /// + /// > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + /// [Input("patchMode")] public Input? PatchMode { get; set; } diff --git a/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationArgs.cs b/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationArgs.cs index 7cdd29afac..c1997028cd 100644 --- a/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationArgs.cs +++ b/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationArgs.cs @@ -46,6 +46,11 @@ public Input? AdminPassword [Input("enableAutomaticUpdates")] public Input? EnableAutomaticUpdates { get; set; } + /// + /// Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + /// + /// > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + /// [Input("hotpatchingEnabled")] public Input? HotpatchingEnabled { get; set; } diff --git a/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationGetArgs.cs b/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationGetArgs.cs index b5c73fc942..df9887bf42 100644 --- a/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationGetArgs.cs @@ -46,6 +46,11 @@ public Input? AdminPassword [Input("enableAutomaticUpdates")] public Input? EnableAutomaticUpdates { get; set; } + /// + /// Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + /// + /// > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + /// [Input("hotpatchingEnabled")] public Input? HotpatchingEnabled { get; set; } diff --git a/sdk/dotnet/Compute/Outputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration.cs b/sdk/dotnet/Compute/Outputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration.cs index de3190e8fb..b0db86a395 100644 --- a/sdk/dotnet/Compute/Outputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration.cs +++ b/sdk/dotnet/Compute/Outputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration.cs @@ -41,6 +41,11 @@ public sealed class OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguratio /// > **NOTE:** If the `patch_assessment_mode` is set to `AutomaticByPlatform` then the `provision_vm_agent` field must be set to `true`. /// public readonly string? PatchAssessmentMode; + /// + /// Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + /// + /// > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + /// public readonly string? PatchMode; /// /// Should the Azure VM Agent be provisioned on each Virtual Machine in the Scale Set? Defaults to `true`. Changing this value forces a new resource to be created. diff --git a/sdk/dotnet/Compute/Outputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration.cs b/sdk/dotnet/Compute/Outputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration.cs index 7e3697cbf0..10172452ab 100644 --- a/sdk/dotnet/Compute/Outputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration.cs +++ b/sdk/dotnet/Compute/Outputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration.cs @@ -29,6 +29,11 @@ public sealed class OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurat /// Are automatic updates enabled for this Virtual Machine? Defaults to `true`. /// public readonly bool? EnableAutomaticUpdates; + /// + /// Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + /// + /// > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + /// public readonly bool? HotpatchingEnabled; /// /// Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. diff --git a/sdk/dotnet/Compute/WindowsVirtualMachine.cs b/sdk/dotnet/Compute/WindowsVirtualMachine.cs index 9be3e9ad9d..11102bb0d5 100644 --- a/sdk/dotnet/Compute/WindowsVirtualMachine.cs +++ b/sdk/dotnet/Compute/WindowsVirtualMachine.cs @@ -235,6 +235,11 @@ public partial class WindowsVirtualMachine : global::Pulumi.CustomResource [Output("galleryApplications")] public Output> GalleryApplications { get; private set; } = null!; + /// + /// Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + /// + /// > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + /// [Output("hotpatchingEnabled")] public Output HotpatchingEnabled { get; private set; } = null!; @@ -661,6 +666,11 @@ public InputList GalleryAppl set => _galleryApplications = value; } + /// + /// Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + /// + /// > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + /// [Input("hotpatchingEnabled")] public Input? HotpatchingEnabled { get; set; } @@ -1038,6 +1048,11 @@ public InputList GalleryA set => _galleryApplications = value; } + /// + /// Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + /// + /// > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + /// [Input("hotpatchingEnabled")] public Input? HotpatchingEnabled { get; set; } diff --git a/sdk/dotnet/DataBricks/WorkspaceCustomerManagedKey.cs b/sdk/dotnet/DataBricks/WorkspaceCustomerManagedKey.cs index 171cc1126a..7e820d1c30 100644 --- a/sdk/dotnet/DataBricks/WorkspaceCustomerManagedKey.cs +++ b/sdk/dotnet/DataBricks/WorkspaceCustomerManagedKey.cs @@ -10,6 +10,136 @@ namespace Pulumi.Azure.DataBricks { /// + /// Manages a Customer Managed Key for a Databricks Workspace root DBFS + /// + /// !>**IMPORTANT:** This resource has been deprecated and will be removed from the 4.0 Azure provider. Please use the `azure.databricks.WorkspaceRootDbfsCustomerManagedKey` resource instead. + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var current = Azure.Core.GetClientConfig.Invoke(); + /// + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var exampleWorkspace = new Azure.DataBricks.Workspace("exampleWorkspace", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// Location = exampleResourceGroup.Location, + /// Sku = "premium", + /// CustomerManagedKeyEnabled = true, + /// Tags = + /// { + /// { "Environment", "Production" }, + /// }, + /// }); + /// + /// var exampleKeyVault = new Azure.KeyVault.KeyVault("exampleKeyVault", new() + /// { + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId), + /// SkuName = "premium", + /// PurgeProtectionEnabled = true, + /// SoftDeleteRetentionDays = 7, + /// }); + /// + /// var terraform = new Azure.KeyVault.AccessPolicy("terraform", new() + /// { + /// KeyVaultId = exampleKeyVault.Id, + /// TenantId = exampleKeyVault.TenantId, + /// ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId), + /// KeyPermissions = new[] + /// { + /// "Create", + /// "Delete", + /// "Get", + /// "Purge", + /// "Recover", + /// "Update", + /// "List", + /// "Decrypt", + /// "Sign", + /// "GetRotationPolicy", + /// }, + /// }); + /// + /// var exampleKey = new Azure.KeyVault.Key("exampleKey", new() + /// { + /// KeyVaultId = exampleKeyVault.Id, + /// KeyType = "RSA", + /// KeySize = 2048, + /// KeyOpts = new[] + /// { + /// "decrypt", + /// "encrypt", + /// "sign", + /// "unwrapKey", + /// "verify", + /// "wrapKey", + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// terraform, + /// }, + /// }); + /// + /// var databricks = new Azure.KeyVault.AccessPolicy("databricks", new() + /// { + /// KeyVaultId = exampleKeyVault.Id, + /// TenantId = exampleWorkspace.StorageAccountIdentities.Apply(storageAccountIdentities => storageAccountIdentities[0].TenantId), + /// ObjectId = exampleWorkspace.StorageAccountIdentities.Apply(storageAccountIdentities => storageAccountIdentities[0].PrincipalId), + /// KeyPermissions = new[] + /// { + /// "Create", + /// "Delete", + /// "Get", + /// "Purge", + /// "Recover", + /// "Update", + /// "List", + /// "Decrypt", + /// "Sign", + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// exampleWorkspace, + /// }, + /// }); + /// + /// var exampleWorkspaceRootDbfsCustomerManagedKey = new Azure.DataBricks.WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", new() + /// { + /// WorkspaceId = exampleWorkspace.Id, + /// KeyVaultKeyId = exampleKey.Id, + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// databricks, + /// }, + /// }); + /// + /// }); + /// ``` + /// ## Example HCL Configurations + /// + /// * Databricks Workspace with Root Databricks File System Customer Managed Keys + /// * Databricks Workspace with Customer Managed Keys for Managed Services + /// * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys + /// /// ## Import /// /// Databricks Workspace Customer Managed Key can be imported using the `resource id`, e.g. diff --git a/sdk/dotnet/DataBricks/WorkspaceRootDbfsCustomerManagedKey.cs b/sdk/dotnet/DataBricks/WorkspaceRootDbfsCustomerManagedKey.cs index d4aa51f942..026e15ee11 100644 --- a/sdk/dotnet/DataBricks/WorkspaceRootDbfsCustomerManagedKey.cs +++ b/sdk/dotnet/DataBricks/WorkspaceRootDbfsCustomerManagedKey.cs @@ -10,6 +10,134 @@ namespace Pulumi.Azure.DataBricks { /// + /// Manages a Customer Managed Key for the Databricks Workspaces root Databricks File System(DBFS) + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var current = Azure.Core.GetClientConfig.Invoke(); + /// + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var exampleWorkspace = new Azure.DataBricks.Workspace("exampleWorkspace", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// Location = exampleResourceGroup.Location, + /// Sku = "premium", + /// CustomerManagedKeyEnabled = true, + /// Tags = + /// { + /// { "Environment", "Production" }, + /// }, + /// }); + /// + /// var exampleKeyVault = new Azure.KeyVault.KeyVault("exampleKeyVault", new() + /// { + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId), + /// SkuName = "premium", + /// PurgeProtectionEnabled = true, + /// SoftDeleteRetentionDays = 7, + /// }); + /// + /// var terraform = new Azure.KeyVault.AccessPolicy("terraform", new() + /// { + /// KeyVaultId = exampleKeyVault.Id, + /// TenantId = exampleKeyVault.TenantId, + /// ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId), + /// KeyPermissions = new[] + /// { + /// "Create", + /// "Delete", + /// "Get", + /// "Purge", + /// "Recover", + /// "Update", + /// "List", + /// "Decrypt", + /// "Sign", + /// "GetRotationPolicy", + /// }, + /// }); + /// + /// var exampleKey = new Azure.KeyVault.Key("exampleKey", new() + /// { + /// KeyVaultId = exampleKeyVault.Id, + /// KeyType = "RSA", + /// KeySize = 2048, + /// KeyOpts = new[] + /// { + /// "decrypt", + /// "encrypt", + /// "sign", + /// "unwrapKey", + /// "verify", + /// "wrapKey", + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// terraform, + /// }, + /// }); + /// + /// var databricks = new Azure.KeyVault.AccessPolicy("databricks", new() + /// { + /// KeyVaultId = exampleKeyVault.Id, + /// TenantId = exampleWorkspace.StorageAccountIdentities.Apply(storageAccountIdentities => storageAccountIdentities[0].TenantId), + /// ObjectId = exampleWorkspace.StorageAccountIdentities.Apply(storageAccountIdentities => storageAccountIdentities[0].PrincipalId), + /// KeyPermissions = new[] + /// { + /// "Create", + /// "Delete", + /// "Get", + /// "Purge", + /// "Recover", + /// "Update", + /// "List", + /// "Decrypt", + /// "Sign", + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// exampleWorkspace, + /// }, + /// }); + /// + /// var exampleWorkspaceRootDbfsCustomerManagedKey = new Azure.DataBricks.WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", new() + /// { + /// WorkspaceId = exampleWorkspace.Id, + /// KeyVaultKeyId = exampleKey.Id, + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// databricks, + /// }, + /// }); + /// + /// }); + /// ``` + /// ## Example HCL Configurations + /// + /// * Databricks Workspace with Root Databricks File System Customer Managed Keys + /// * Databricks Workspace with Customer Managed Keys for Managed Services + /// * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys + /// /// ## Import /// /// Databricks Workspace Root DBFS Customer Managed Key can be imported using the `resource id`, e.g. diff --git a/sdk/dotnet/FrontDoor/CustomHttpsConfiguration.cs b/sdk/dotnet/FrontDoor/CustomHttpsConfiguration.cs index 104674d00e..72861fcdc0 100644 --- a/sdk/dotnet/FrontDoor/CustomHttpsConfiguration.cs +++ b/sdk/dotnet/FrontDoor/CustomHttpsConfiguration.cs @@ -10,6 +10,134 @@ namespace Pulumi.Azure.FrontDoor { /// + /// !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. + /// + /// Manages the Custom HTTPS Configuration for an Azure Front Door (classic) Frontend Endpoint. + /// + /// > **NOTE:** Defining custom HTTPS configurations using a separate `azure.frontdoor.CustomHttpsConfiguration` resource allows for parallel creation/update. + /// + /// !> **BREAKING CHANGE:** In order to address the ordering issue we have changed the design on how to retrieve existing sub resources such as frontend endpoints. Existing design will be deprecated and will result in an incorrect configuration. Please refer to the updated documentation below for more information. + /// + /// !> **BREAKING CHANGE:** The `resource_group_name` field has been removed as of the `v2.58.0` provider release. If the `resource_group_name` field has been defined in your current `azure.frontdoor.CustomHttpsConfiguration` resource configuration file please remove it else you will receive a `An argument named "resource_group_name" is not expected here.` error. If your pre-existing Front Door instance contained inline `custom_https_configuration` blocks there are additional steps that will need to be completed to successfully migrate your Front Door onto the `v2.58.0` provider which can be found in this guide. + /// + /// !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var vault = Azure.KeyVault.GetKeyVault.Invoke(new() + /// { + /// Name = "example-vault", + /// ResourceGroupName = "example-vault-rg", + /// }); + /// + /// var exampleFrontdoor = new Azure.FrontDoor.Frontdoor("exampleFrontdoor", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// RoutingRules = new[] + /// { + /// new Azure.FrontDoor.Inputs.FrontdoorRoutingRuleArgs + /// { + /// Name = "exampleRoutingRule1", + /// AcceptedProtocols = new[] + /// { + /// "Http", + /// "Https", + /// }, + /// PatternsToMatches = new[] + /// { + /// "/*", + /// }, + /// FrontendEndpoints = new[] + /// { + /// "exampleFrontendEndpoint1", + /// }, + /// ForwardingConfiguration = new Azure.FrontDoor.Inputs.FrontdoorRoutingRuleForwardingConfigurationArgs + /// { + /// ForwardingProtocol = "MatchRequest", + /// BackendPoolName = "exampleBackendBing", + /// }, + /// }, + /// }, + /// BackendPoolLoadBalancings = new[] + /// { + /// new Azure.FrontDoor.Inputs.FrontdoorBackendPoolLoadBalancingArgs + /// { + /// Name = "exampleLoadBalancingSettings1", + /// }, + /// }, + /// BackendPoolHealthProbes = new[] + /// { + /// new Azure.FrontDoor.Inputs.FrontdoorBackendPoolHealthProbeArgs + /// { + /// Name = "exampleHealthProbeSetting1", + /// }, + /// }, + /// BackendPools = new[] + /// { + /// new Azure.FrontDoor.Inputs.FrontdoorBackendPoolArgs + /// { + /// Name = "exampleBackendBing", + /// Backends = new[] + /// { + /// new Azure.FrontDoor.Inputs.FrontdoorBackendPoolBackendArgs + /// { + /// HostHeader = "www.bing.com", + /// Address = "www.bing.com", + /// HttpPort = 80, + /// HttpsPort = 443, + /// }, + /// }, + /// LoadBalancingName = "exampleLoadBalancingSettings1", + /// HealthProbeName = "exampleHealthProbeSetting1", + /// }, + /// }, + /// FrontendEndpoints = new[] + /// { + /// new Azure.FrontDoor.Inputs.FrontdoorFrontendEndpointArgs + /// { + /// Name = "exampleFrontendEndpoint1", + /// HostName = "example-FrontDoor.azurefd.net", + /// }, + /// new Azure.FrontDoor.Inputs.FrontdoorFrontendEndpointArgs + /// { + /// Name = "exampleFrontendEndpoint2", + /// HostName = "examplefd1.examplefd.net", + /// }, + /// }, + /// }); + /// + /// var exampleCustomHttps0 = new Azure.FrontDoor.CustomHttpsConfiguration("exampleCustomHttps0", new() + /// { + /// FrontendEndpointId = exampleFrontdoor.FrontendEndpointsMap.Apply(frontendEndpointsMap => frontendEndpointsMap.ExampleFrontendEndpoint1), + /// CustomHttpsProvisioningEnabled = false, + /// }); + /// + /// var exampleCustomHttps1 = new Azure.FrontDoor.CustomHttpsConfiguration("exampleCustomHttps1", new() + /// { + /// FrontendEndpointId = exampleFrontdoor.FrontendEndpointsMap.Apply(frontendEndpointsMap => frontendEndpointsMap.ExampleFrontendEndpoint2), + /// CustomHttpsProvisioningEnabled = true, + /// CustomHttpsConfigurationConfig = new Azure.FrontDoor.Inputs.CustomHttpsConfigurationCustomHttpsConfigurationArgs + /// { + /// CertificateSource = "AzureKeyVault", + /// AzureKeyVaultCertificateSecretName = "examplefd1", + /// AzureKeyVaultCertificateVaultId = vault.Apply(getKeyVaultResult => getKeyVaultResult.Id), + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// Front Door Custom HTTPS Configurations can be imported using the `resource id` of the Front Door Custom HTTPS Configuration, e.g. diff --git a/sdk/dotnet/FrontDoor/FirewallPolicy.cs b/sdk/dotnet/FrontDoor/FirewallPolicy.cs index f19fdc8ffa..8f151a16d9 100644 --- a/sdk/dotnet/FrontDoor/FirewallPolicy.cs +++ b/sdk/dotnet/FrontDoor/FirewallPolicy.cs @@ -10,6 +10,12 @@ namespace Pulumi.Azure.FrontDoor { /// + /// !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. + /// + /// Manages an Azure Front Door (classic) Web Application Firewall Policy instance. + /// + /// !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + /// /// ## Example Usage /// /// ```csharp diff --git a/sdk/dotnet/MSSql/DatabaseExtendedAuditingPolicy.cs b/sdk/dotnet/MSSql/DatabaseExtendedAuditingPolicy.cs index d07eb330af..e381c501ff 100644 --- a/sdk/dotnet/MSSql/DatabaseExtendedAuditingPolicy.cs +++ b/sdk/dotnet/MSSql/DatabaseExtendedAuditingPolicy.cs @@ -86,6 +86,12 @@ public partial class DatabaseExtendedAuditingPolicy : global::Pulumi.CustomResou [Output("enabled")] public Output Enabled { get; private set; } = null!; + /// + /// Enable audit events to Azure Monitor? Defaults to `true`. + /// + /// > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + /// To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + /// [Output("logMonitoringEnabled")] public Output LogMonitoringEnabled { get; private set; } = null!; @@ -177,6 +183,12 @@ public sealed class DatabaseExtendedAuditingPolicyArgs : global::Pulumi.Resource [Input("enabled")] public Input? Enabled { get; set; } + /// + /// Enable audit events to Azure Monitor? Defaults to `true`. + /// + /// > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + /// To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + /// [Input("logMonitoringEnabled")] public Input? LogMonitoringEnabled { get; set; } @@ -236,6 +248,12 @@ public sealed class DatabaseExtendedAuditingPolicyState : global::Pulumi.Resourc [Input("enabled")] public Input? Enabled { get; set; } + /// + /// Enable audit events to Azure Monitor? Defaults to `true`. + /// + /// > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + /// To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + /// [Input("logMonitoringEnabled")] public Input? LogMonitoringEnabled { get; set; } diff --git a/sdk/dotnet/MSSql/ManagedInstanceFailoverGroup.cs b/sdk/dotnet/MSSql/ManagedInstanceFailoverGroup.cs index 0903679cbc..950e4ead1f 100644 --- a/sdk/dotnet/MSSql/ManagedInstanceFailoverGroup.cs +++ b/sdk/dotnet/MSSql/ManagedInstanceFailoverGroup.cs @@ -10,6 +10,132 @@ namespace Pulumi.Azure.MSSql { /// + /// Manages an Azure SQL Managed Instance Failover Group. + /// + /// ## Example Usage + /// + /// > **Note:** For a more complete example, see the `./examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("exampleVirtualNetwork", new() + /// { + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// AddressSpaces = new[] + /// { + /// "10.0.0.0/16", + /// }, + /// }); + /// + /// var exampleSubnet = new Azure.Network.Subnet("exampleSubnet", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// VirtualNetworkName = exampleVirtualNetwork.Name, + /// AddressPrefixes = new[] + /// { + /// "10.0.2.0/24", + /// }, + /// }); + /// + /// var exampleNetworkSecurityGroup = new Azure.Network.NetworkSecurityGroup("exampleNetworkSecurityGroup", new() + /// { + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// }); + /// + /// var exampleSubnetNetworkSecurityGroupAssociation = new Azure.Network.SubnetNetworkSecurityGroupAssociation("exampleSubnetNetworkSecurityGroupAssociation", new() + /// { + /// SubnetId = exampleSubnet.Id, + /// NetworkSecurityGroupId = exampleNetworkSecurityGroup.Id, + /// }); + /// + /// var exampleRouteTable = new Azure.Network.RouteTable("exampleRouteTable", new() + /// { + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// }); + /// + /// var exampleSubnetRouteTableAssociation = new Azure.Network.SubnetRouteTableAssociation("exampleSubnetRouteTableAssociation", new() + /// { + /// SubnetId = exampleSubnet.Id, + /// RouteTableId = exampleRouteTable.Id, + /// }); + /// + /// var primary = new Azure.MSSql.ManagedInstance("primary", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// Location = exampleResourceGroup.Location, + /// AdministratorLogin = "mradministrator", + /// AdministratorLoginPassword = "thisIsDog11", + /// LicenseType = "BasePrice", + /// SubnetId = exampleSubnet.Id, + /// SkuName = "GP_Gen5", + /// Vcores = 4, + /// StorageSizeInGb = 32, + /// Tags = + /// { + /// { "environment", "prod" }, + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// exampleSubnetNetworkSecurityGroupAssociation, + /// exampleSubnetRouteTableAssociation, + /// }, + /// }); + /// + /// var secondary = new Azure.MSSql.ManagedInstance("secondary", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// Location = exampleResourceGroup.Location, + /// AdministratorLogin = "mradministrator", + /// AdministratorLoginPassword = "thisIsDog11", + /// LicenseType = "BasePrice", + /// SubnetId = exampleSubnet.Id, + /// SkuName = "GP_Gen5", + /// Vcores = 4, + /// StorageSizeInGb = 32, + /// Tags = + /// { + /// { "environment", "prod" }, + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// exampleSubnetNetworkSecurityGroupAssociation, + /// exampleSubnetRouteTableAssociation, + /// }, + /// }); + /// + /// var exampleManagedInstanceFailoverGroup = new Azure.MSSql.ManagedInstanceFailoverGroup("exampleManagedInstanceFailoverGroup", new() + /// { + /// Location = primary.Location, + /// ManagedInstanceId = primary.Id, + /// PartnerManagedInstanceId = secondary.Id, + /// ReadWriteEndpointFailoverPolicy = new Azure.MSSql.Inputs.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs + /// { + /// Mode = "Automatic", + /// GraceMinutes = 60, + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// SQL Instance Failover Groups can be imported using the `resource id`, e.g. diff --git a/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionReplicationArgs.cs b/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionReplicationArgs.cs index d59791a06e..2a98e96675 100644 --- a/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionReplicationArgs.cs +++ b/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionReplicationArgs.cs @@ -30,6 +30,13 @@ public sealed class VolumeDataProtectionReplicationArgs : global::Pulumi.Resourc [Input("remoteVolumeResourceId", required: true)] public Input RemoteVolumeResourceId { get; set; } = null!; + /// + /// Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + /// + /// A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + /// + /// > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + /// [Input("replicationFrequency", required: true)] public Input ReplicationFrequency { get; set; } = null!; diff --git a/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionReplicationGetArgs.cs b/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionReplicationGetArgs.cs index 55fec731b6..15454bbbe1 100644 --- a/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionReplicationGetArgs.cs +++ b/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionReplicationGetArgs.cs @@ -30,6 +30,13 @@ public sealed class VolumeDataProtectionReplicationGetArgs : global::Pulumi.Reso [Input("remoteVolumeResourceId", required: true)] public Input RemoteVolumeResourceId { get; set; } = null!; + /// + /// Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + /// + /// A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + /// + /// > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + /// [Input("replicationFrequency", required: true)] public Input ReplicationFrequency { get; set; } = null!; diff --git a/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionSnapshotPolicyArgs.cs b/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionSnapshotPolicyArgs.cs index a192a21140..1fb2f42f02 100644 --- a/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionSnapshotPolicyArgs.cs +++ b/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionSnapshotPolicyArgs.cs @@ -12,6 +12,13 @@ namespace Pulumi.Azure.NetApp.Inputs public sealed class VolumeDataProtectionSnapshotPolicyArgs : global::Pulumi.ResourceArgs { + /// + /// Resource ID of the snapshot policy to apply to the volume. + /// + /// A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + /// + /// > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + /// [Input("snapshotPolicyId", required: true)] public Input SnapshotPolicyId { get; set; } = null!; diff --git a/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionSnapshotPolicyGetArgs.cs b/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionSnapshotPolicyGetArgs.cs index d8e833f5a0..4a34533d80 100644 --- a/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionSnapshotPolicyGetArgs.cs +++ b/sdk/dotnet/NetApp/Inputs/VolumeDataProtectionSnapshotPolicyGetArgs.cs @@ -12,6 +12,13 @@ namespace Pulumi.Azure.NetApp.Inputs public sealed class VolumeDataProtectionSnapshotPolicyGetArgs : global::Pulumi.ResourceArgs { + /// + /// Resource ID of the snapshot policy to apply to the volume. + /// + /// A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + /// + /// > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + /// [Input("snapshotPolicyId", required: true)] public Input SnapshotPolicyId { get; set; } = null!; diff --git a/sdk/dotnet/NetApp/Outputs/VolumeDataProtectionReplication.cs b/sdk/dotnet/NetApp/Outputs/VolumeDataProtectionReplication.cs index fd0c179b59..4a8a4fefb7 100644 --- a/sdk/dotnet/NetApp/Outputs/VolumeDataProtectionReplication.cs +++ b/sdk/dotnet/NetApp/Outputs/VolumeDataProtectionReplication.cs @@ -25,6 +25,13 @@ public sealed class VolumeDataProtectionReplication /// Resource ID of the primary volume. /// public readonly string RemoteVolumeResourceId; + /// + /// Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + /// + /// A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + /// + /// > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + /// public readonly string ReplicationFrequency; [OutputConstructor] diff --git a/sdk/dotnet/NetApp/Outputs/VolumeDataProtectionSnapshotPolicy.cs b/sdk/dotnet/NetApp/Outputs/VolumeDataProtectionSnapshotPolicy.cs index 1bced1e2da..bc48b29664 100644 --- a/sdk/dotnet/NetApp/Outputs/VolumeDataProtectionSnapshotPolicy.cs +++ b/sdk/dotnet/NetApp/Outputs/VolumeDataProtectionSnapshotPolicy.cs @@ -13,6 +13,13 @@ namespace Pulumi.Azure.NetApp.Outputs [OutputType] public sealed class VolumeDataProtectionSnapshotPolicy { + /// + /// Resource ID of the snapshot policy to apply to the volume. + /// + /// A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + /// + /// > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + /// public readonly string SnapshotPolicyId; [OutputConstructor] diff --git a/sdk/dotnet/Network/Inputs/FirewallIpConfigurationArgs.cs b/sdk/dotnet/Network/Inputs/FirewallIpConfigurationArgs.cs index 229fd5e7ba..1b397aa4c6 100644 --- a/sdk/dotnet/Network/Inputs/FirewallIpConfigurationArgs.cs +++ b/sdk/dotnet/Network/Inputs/FirewallIpConfigurationArgs.cs @@ -24,6 +24,15 @@ public sealed class FirewallIpConfigurationArgs : global::Pulumi.ResourceArgs [Input("privateIpAddress")] public Input? PrivateIpAddress { get; set; } + /// + /// The ID of the Public IP Address associated with the firewall. + /// + /// > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + /// + /// > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + /// + /// > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + /// [Input("publicIpAddressId")] public Input? PublicIpAddressId { get; set; } diff --git a/sdk/dotnet/Network/Inputs/FirewallIpConfigurationGetArgs.cs b/sdk/dotnet/Network/Inputs/FirewallIpConfigurationGetArgs.cs index 2dfb6e1fb9..f61b188004 100644 --- a/sdk/dotnet/Network/Inputs/FirewallIpConfigurationGetArgs.cs +++ b/sdk/dotnet/Network/Inputs/FirewallIpConfigurationGetArgs.cs @@ -24,6 +24,15 @@ public sealed class FirewallIpConfigurationGetArgs : global::Pulumi.ResourceArgs [Input("privateIpAddress")] public Input? PrivateIpAddress { get; set; } + /// + /// The ID of the Public IP Address associated with the firewall. + /// + /// > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + /// + /// > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + /// + /// > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + /// [Input("publicIpAddressId")] public Input? PublicIpAddressId { get; set; } diff --git a/sdk/dotnet/Network/NetworkWatcherFlowLog.cs b/sdk/dotnet/Network/NetworkWatcherFlowLog.cs index 719eb167d0..9c4a4700a8 100644 --- a/sdk/dotnet/Network/NetworkWatcherFlowLog.cs +++ b/sdk/dotnet/Network/NetworkWatcherFlowLog.cs @@ -10,6 +10,10 @@ namespace Pulumi.Azure.Network { /// + /// Manages a Network Watcher Flow Log. + /// + /// > **Note** The `azure.network.NetworkWatcherFlowLog` creates a new storage lifecyle management rule that overwrites existing rules. Please make sure to use a `storage_account` with no existing management rules, until the issue is fixed. + /// /// ## Example Usage /// /// ```csharp diff --git a/sdk/dotnet/Network/Outputs/FirewallIpConfiguration.cs b/sdk/dotnet/Network/Outputs/FirewallIpConfiguration.cs index 9824b940ef..04945c1fcd 100644 --- a/sdk/dotnet/Network/Outputs/FirewallIpConfiguration.cs +++ b/sdk/dotnet/Network/Outputs/FirewallIpConfiguration.cs @@ -21,6 +21,15 @@ public sealed class FirewallIpConfiguration /// The private IP address associated with the Firewall. /// public readonly string? PrivateIpAddress; + /// + /// The ID of the Public IP Address associated with the firewall. + /// + /// > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + /// + /// > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + /// + /// > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + /// public readonly string? PublicIpAddressId; /// /// Reference to the subnet associated with the IP Configuration. Changing this forces a new resource to be created. diff --git a/sdk/dotnet/PrivateLink/Endpoint.cs b/sdk/dotnet/PrivateLink/Endpoint.cs index 2079644907..e543d589d0 100644 --- a/sdk/dotnet/PrivateLink/Endpoint.cs +++ b/sdk/dotnet/PrivateLink/Endpoint.cs @@ -10,6 +10,252 @@ namespace Pulumi.Azure.PrivateLink { /// + /// Manages a Private Endpoint. + /// + /// Azure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Private Endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. The service could be an Azure service such as Azure Storage, SQL, etc. or your own Private Link Service. + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("exampleVirtualNetwork", new() + /// { + /// AddressSpaces = new[] + /// { + /// "10.0.0.0/16", + /// }, + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// }); + /// + /// var service = new Azure.Network.Subnet("service", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// VirtualNetworkName = exampleVirtualNetwork.Name, + /// AddressPrefixes = new[] + /// { + /// "10.0.1.0/24", + /// }, + /// EnforcePrivateLinkServiceNetworkPolicies = true, + /// }); + /// + /// var endpoint = new Azure.Network.Subnet("endpoint", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// VirtualNetworkName = exampleVirtualNetwork.Name, + /// AddressPrefixes = new[] + /// { + /// "10.0.2.0/24", + /// }, + /// EnforcePrivateLinkEndpointNetworkPolicies = true, + /// }); + /// + /// var examplePublicIp = new Azure.Network.PublicIp("examplePublicIp", new() + /// { + /// Sku = "Standard", + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// AllocationMethod = "Static", + /// }); + /// + /// var exampleLoadBalancer = new Azure.Lb.LoadBalancer("exampleLoadBalancer", new() + /// { + /// Sku = "Standard", + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// FrontendIpConfigurations = new[] + /// { + /// new Azure.Lb.Inputs.LoadBalancerFrontendIpConfigurationArgs + /// { + /// Name = examplePublicIp.Name, + /// PublicIpAddressId = examplePublicIp.Id, + /// }, + /// }, + /// }); + /// + /// var exampleLinkService = new Azure.PrivateDns.LinkService("exampleLinkService", new() + /// { + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// NatIpConfigurations = new[] + /// { + /// new Azure.PrivateDns.Inputs.LinkServiceNatIpConfigurationArgs + /// { + /// Name = examplePublicIp.Name, + /// Primary = true, + /// SubnetId = service.Id, + /// }, + /// }, + /// LoadBalancerFrontendIpConfigurationIds = new[] + /// { + /// exampleLoadBalancer.FrontendIpConfigurations.Apply(frontendIpConfigurations => frontendIpConfigurations[0]?.Id), + /// }, + /// }); + /// + /// var exampleEndpoint = new Azure.PrivateLink.Endpoint("exampleEndpoint", new() + /// { + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// SubnetId = endpoint.Id, + /// PrivateServiceConnection = new Azure.PrivateLink.Inputs.EndpointPrivateServiceConnectionArgs + /// { + /// Name = "example-privateserviceconnection", + /// PrivateConnectionResourceId = exampleLinkService.Id, + /// IsManualConnection = false, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// Using a Private Link Service Alias with existing resources: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleResourceGroup = Azure.Core.GetResourceGroup.Invoke(new() + /// { + /// Name = "example-resources", + /// }); + /// + /// var vnet = Azure.Network.GetVirtualNetwork.Invoke(new() + /// { + /// Name = "example-network", + /// ResourceGroupName = exampleResourceGroup.Apply(getResourceGroupResult => getResourceGroupResult.Name), + /// }); + /// + /// var subnet = Azure.Network.GetSubnet.Invoke(new() + /// { + /// Name = "default", + /// VirtualNetworkName = vnet.Apply(getVirtualNetworkResult => getVirtualNetworkResult.Name), + /// ResourceGroupName = exampleResourceGroup.Apply(getResourceGroupResult => getResourceGroupResult.Name), + /// }); + /// + /// var exampleEndpoint = new Azure.PrivateLink.Endpoint("exampleEndpoint", new() + /// { + /// Location = exampleResourceGroup.Apply(getResourceGroupResult => getResourceGroupResult.Location), + /// ResourceGroupName = exampleResourceGroup.Apply(getResourceGroupResult => getResourceGroupResult.Name), + /// SubnetId = subnet.Apply(getSubnetResult => getSubnetResult.Id), + /// PrivateServiceConnection = new Azure.PrivateLink.Inputs.EndpointPrivateServiceConnectionArgs + /// { + /// Name = "example-privateserviceconnection", + /// PrivateConnectionResourceAlias = "example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice", + /// IsManualConnection = true, + /// RequestMessage = "PL", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// Using a Private Endpoint pointing to an *owned* Azure service, with proper DNS configuration: + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var exampleAccount = new Azure.Storage.Account("exampleAccount", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// Location = exampleResourceGroup.Location, + /// AccountTier = "Standard", + /// AccountReplicationType = "LRS", + /// }); + /// + /// var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("exampleVirtualNetwork", new() + /// { + /// AddressSpaces = new[] + /// { + /// "10.0.0.0/16", + /// }, + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// }); + /// + /// var exampleSubnet = new Azure.Network.Subnet("exampleSubnet", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// VirtualNetworkName = exampleVirtualNetwork.Name, + /// AddressPrefixes = new[] + /// { + /// "10.0.2.0/24", + /// }, + /// }); + /// + /// var exampleZone = new Azure.PrivateDns.Zone("exampleZone", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// }); + /// + /// var exampleEndpoint = new Azure.PrivateLink.Endpoint("exampleEndpoint", new() + /// { + /// Location = exampleResourceGroup.Location, + /// ResourceGroupName = exampleResourceGroup.Name, + /// SubnetId = exampleSubnet.Id, + /// PrivateServiceConnection = new Azure.PrivateLink.Inputs.EndpointPrivateServiceConnectionArgs + /// { + /// Name = "example-privateserviceconnection", + /// PrivateConnectionResourceId = exampleAccount.Id, + /// SubresourceNames = new[] + /// { + /// "blob", + /// }, + /// IsManualConnection = false, + /// }, + /// PrivateDnsZoneGroup = new Azure.PrivateLink.Inputs.EndpointPrivateDnsZoneGroupArgs + /// { + /// Name = "example-dns-zone-group", + /// PrivateDnsZoneIds = new[] + /// { + /// exampleZone.Id, + /// }, + /// }, + /// }); + /// + /// var exampleZoneVirtualNetworkLink = new Azure.PrivateDns.ZoneVirtualNetworkLink("exampleZoneVirtualNetworkLink", new() + /// { + /// ResourceGroupName = exampleResourceGroup.Name, + /// PrivateDnsZoneName = exampleZone.Name, + /// VirtualNetworkId = exampleVirtualNetwork.Id, + /// }); + /// + /// }); + /// ``` + /// ## Example HCL Configurations + /// + /// * How to conneca `Private Endpoint` to a Application Gateway + /// * How to connect a `Private Endpoint` to a Cosmos MongoDB + /// * How to connect a `Private Endpoint` to a Cosmos PostgreSQL + /// * How to connect a `Private Endpoint` to a PostgreSQL Server + /// * How to connect a `Private Endpoint` to a Private Link Service + /// * How to connect a `Private Endpoint` to a Private DNS Group + /// * How to connect a `Private Endpoint` to a Databricks Workspace + /// /// ## Import /// /// Private Endpoints can be imported using the `resource id`, e.g. diff --git a/sdk/dotnet/Sql/ManagedInstanceFailoverGroup.cs b/sdk/dotnet/Sql/ManagedInstanceFailoverGroup.cs index 49b355bb85..b92cf29e9f 100644 --- a/sdk/dotnet/Sql/ManagedInstanceFailoverGroup.cs +++ b/sdk/dotnet/Sql/ManagedInstanceFailoverGroup.cs @@ -10,6 +10,91 @@ namespace Pulumi.Azure.Sql { /// + /// Manages a SQL Instance Failover Group. + /// + /// ## Example Usage + /// + /// > **Note:** The `azure.sql.ManagedInstanceFailoverGroup` resource is deprecated in version 3.0 of the AzureRM provider and will be removed in version 4.0. Please use the `azure.mssql.ManagedInstanceFailoverGroup` resource instead. + /// + /// > **Note:** For a more complete example, see the the `examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Azure = Pulumi.Azure; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new() + /// { + /// Location = "West Europe", + /// }); + /// + /// var primary = new Azure.Sql.ManagedInstance("primary", new() + /// { + /// ResourceGroupName = azurerm_resource_group.Primary.Name, + /// Location = azurerm_resource_group.Primary.Location, + /// AdministratorLogin = "mradministrator", + /// AdministratorLoginPassword = "thisIsDog11", + /// LicenseType = "BasePrice", + /// SubnetId = azurerm_subnet.Primary.Id, + /// SkuName = "GP_Gen5", + /// Vcores = 4, + /// StorageSizeInGb = 32, + /// Tags = + /// { + /// { "environment", "prod" }, + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// azurerm_subnet_network_security_group_association.Primary, + /// azurerm_subnet_route_table_association.Primary, + /// }, + /// }); + /// + /// var secondary = new Azure.Sql.ManagedInstance("secondary", new() + /// { + /// ResourceGroupName = azurerm_resource_group.Secondary.Name, + /// Location = azurerm_resource_group.Secondary.Location, + /// AdministratorLogin = "mradministrator", + /// AdministratorLoginPassword = "thisIsDog11", + /// LicenseType = "BasePrice", + /// SubnetId = azurerm_subnet.Secondary.Id, + /// SkuName = "GP_Gen5", + /// Vcores = 4, + /// StorageSizeInGb = 32, + /// Tags = + /// { + /// { "environment", "prod" }, + /// }, + /// }, new CustomResourceOptions + /// { + /// DependsOn = new[] + /// { + /// azurerm_subnet_network_security_group_association.Secondary, + /// azurerm_subnet_route_table_association.Secondary, + /// }, + /// }); + /// + /// var exampleManagedInstanceFailoverGroup = new Azure.Sql.ManagedInstanceFailoverGroup("exampleManagedInstanceFailoverGroup", new() + /// { + /// ResourceGroupName = azurerm_resource_group.Primary.Name, + /// Location = primary.Location, + /// ManagedInstanceName = primary.Name, + /// PartnerManagedInstanceId = secondary.Id, + /// ReadWriteEndpointFailoverPolicy = new Azure.Sql.Inputs.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs + /// { + /// Mode = "Automatic", + /// GraceMinutes = 60, + /// }, + /// }); + /// + /// }); + /// ``` + /// /// ## Import /// /// SQL Instance Failover Groups can be imported using the `resource id`, e.g. diff --git a/sdk/go.mod b/sdk/go.mod index 463ac62587..f8becf878e 100644 --- a/sdk/go.mod +++ b/sdk/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/blang/semver v3.5.1+incompatible - github.com/pulumi/pulumi/sdk/v3 v3.101.1 + github.com/pulumi/pulumi/sdk/v3 v3.103.1 ) require ( diff --git a/sdk/go.sum b/sdk/go.sum index 15b8ae207e..ea284fed1a 100644 --- a/sdk/go.sum +++ b/sdk/go.sum @@ -148,8 +148,8 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.6.2 h1:+z+l8cuwIauLSwXQS0uoI3rqB+YG4SzsZYtHfNoXBvw= github.com/pulumi/esc v0.6.2/go.mod h1:jNnYNjzsOgVTjCp0LL24NsCk8ZJxq4IoLQdCT0X7l8k= -github.com/pulumi/pulumi/sdk/v3 v3.101.1 h1:jBUGbLZjfeQkpheacnqXbuw/zSJEq11Gmond2EENkwQ= -github.com/pulumi/pulumi/sdk/v3 v3.101.1/go.mod h1:SB8P0BEGBRaONBxwoTjUFhGPLU5P3+MHF6/tGitlHOM= +github.com/pulumi/pulumi/sdk/v3 v3.103.1 h1:6o0zt5srgIjDsOI5JWNSwMqoB8vGiI3xow0RDZ3JX2c= +github.com/pulumi/pulumi/sdk/v3 v3.103.1/go.mod h1:Ml3rpGfyZlI4zQCG7LN2XDSmH4XUNYdyBwJ3yEr/OpI= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= diff --git a/sdk/go/azure/appservice/environmentV3.go b/sdk/go/azure/appservice/environmentV3.go index cf1171de30..6470df48ba 100644 --- a/sdk/go/azure/appservice/environmentV3.go +++ b/sdk/go/azure/appservice/environmentV3.go @@ -12,6 +12,105 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages a 3rd Generation (v3) App Service Environment. +// +// ## Example Usage +// +// This example provisions an App Service Environment V3. Additional examples of how to use the `appservice.EnvironmentV3` resource can be found in the `./examples/app-service-environment-v3` directory within the GitHub Repository. +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/appservice" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "exampleVirtualNetwork", &network.VirtualNetworkArgs{ +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// AddressSpaces: pulumi.StringArray{ +// pulumi.String("10.0.0.0/16"), +// }, +// }) +// if err != nil { +// return err +// } +// exampleSubnet, err := network.NewSubnet(ctx, "exampleSubnet", &network.SubnetArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// VirtualNetworkName: exampleVirtualNetwork.Name, +// AddressPrefixes: pulumi.StringArray{ +// pulumi.String("10.0.2.0/24"), +// }, +// Delegations: network.SubnetDelegationArray{ +// &network.SubnetDelegationArgs{ +// Name: pulumi.String("Microsoft.Web.hostingEnvironments"), +// ServiceDelegation: &network.SubnetDelegationServiceDelegationArgs{ +// Name: pulumi.String("Microsoft.Web/hostingEnvironments"), +// Actions: pulumi.StringArray{ +// pulumi.String("Microsoft.Network/virtualNetworks/subnets/action"), +// }, +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// exampleEnvironmentV3, err := appservice.NewEnvironmentV3(ctx, "exampleEnvironmentV3", &appservice.EnvironmentV3Args{ +// ResourceGroupName: exampleResourceGroup.Name, +// SubnetId: exampleSubnet.ID(), +// InternalLoadBalancingMode: pulumi.String("Web, Publishing"), +// ClusterSettings: appservice.EnvironmentV3ClusterSettingArray{ +// &appservice.EnvironmentV3ClusterSettingArgs{ +// Name: pulumi.String("DisableTls1.0"), +// Value: pulumi.String("1"), +// }, +// &appservice.EnvironmentV3ClusterSettingArgs{ +// Name: pulumi.String("InternalEncryption"), +// Value: pulumi.String("true"), +// }, +// &appservice.EnvironmentV3ClusterSettingArgs{ +// Name: pulumi.String("FrontEndSSLCipherSuiteOrder"), +// Value: pulumi.String("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"), +// }, +// }, +// Tags: pulumi.StringMap{ +// "env": pulumi.String("production"), +// "terraformed": pulumi.String("true"), +// }, +// }) +// if err != nil { +// return err +// } +// _, err = appservice.NewServicePlan(ctx, "exampleServicePlan", &appservice.ServicePlanArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// Location: exampleResourceGroup.Location, +// OsType: pulumi.String("Linux"), +// SkuName: pulumi.String("I1v2"), +// AppServiceEnvironmentId: exampleEnvironmentV3.ID(), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // A 3rd Generation (v3) App Service Environment can be imported using the `resource id`, e.g. diff --git a/sdk/go/azure/appservice/pulumiTypes.go b/sdk/go/azure/appservice/pulumiTypes.go index 3f0cf94fbd..2368208ad8 100644 --- a/sdk/go/azure/appservice/pulumiTypes.go +++ b/sdk/go/azure/appservice/pulumiTypes.go @@ -49422,8 +49422,11 @@ type SlotSiteConfig struct { Use32BitWorkerProcess *bool `pulumi:"use32BitWorkerProcess"` VnetRouteAllEnabled *bool `pulumi:"vnetRouteAllEnabled"` // Should WebSockets be enabled? - WebsocketsEnabled *bool `pulumi:"websocketsEnabled"` - WindowsFxVersion *string `pulumi:"windowsFxVersion"` + WebsocketsEnabled *bool `pulumi:"websocketsEnabled"` + // The Windows Docker container image (`DOCKER|`) + // + // Additional examples of how to run Containers via the `appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + WindowsFxVersion *string `pulumi:"windowsFxVersion"` } // SlotSiteConfigInput is an input type that accepts SlotSiteConfigArgs and SlotSiteConfigOutput values. @@ -49512,8 +49515,11 @@ type SlotSiteConfigArgs struct { Use32BitWorkerProcess pulumi.BoolPtrInput `pulumi:"use32BitWorkerProcess"` VnetRouteAllEnabled pulumi.BoolPtrInput `pulumi:"vnetRouteAllEnabled"` // Should WebSockets be enabled? - WebsocketsEnabled pulumi.BoolPtrInput `pulumi:"websocketsEnabled"` - WindowsFxVersion pulumi.StringPtrInput `pulumi:"windowsFxVersion"` + WebsocketsEnabled pulumi.BoolPtrInput `pulumi:"websocketsEnabled"` + // The Windows Docker container image (`DOCKER|`) + // + // Additional examples of how to run Containers via the `appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + WindowsFxVersion pulumi.StringPtrInput `pulumi:"windowsFxVersion"` } func (SlotSiteConfigArgs) ElementType() reflect.Type { @@ -49758,6 +49764,9 @@ func (o SlotSiteConfigOutput) WebsocketsEnabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v SlotSiteConfig) *bool { return v.WebsocketsEnabled }).(pulumi.BoolPtrOutput) } +// The Windows Docker container image (`DOCKER|`) +// +// Additional examples of how to run Containers via the `appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. func (o SlotSiteConfigOutput) WindowsFxVersion() pulumi.StringPtrOutput { return o.ApplyT(func(v SlotSiteConfig) *string { return v.WindowsFxVersion }).(pulumi.StringPtrOutput) } @@ -50101,6 +50110,9 @@ func (o SlotSiteConfigPtrOutput) WebsocketsEnabled() pulumi.BoolPtrOutput { }).(pulumi.BoolPtrOutput) } +// The Windows Docker container image (`DOCKER|`) +// +// Additional examples of how to run Containers via the `appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. func (o SlotSiteConfigPtrOutput) WindowsFxVersion() pulumi.StringPtrOutput { return o.ApplyT(func(v *SlotSiteConfig) *string { if v == nil { diff --git a/sdk/go/azure/arckubernetes/cluster.go b/sdk/go/azure/arckubernetes/cluster.go index 4980c0e987..04fcd66733 100644 --- a/sdk/go/azure/arckubernetes/cluster.go +++ b/sdk/go/azure/arckubernetes/cluster.go @@ -12,6 +12,64 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages an Arc Kubernetes Cluster. +// +// > **Note:** Installing and configuring the Azure Arc Agent on your Kubernetes Cluster to establish connectivity is outside the scope of this document. For more details refer to [Deploy agents to your cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/conceptual-agent-overview#deploy-agents-to-your-cluster) and [Connect an existing Kubernetes Cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/quickstart-connect-cluster?tabs=azure-cli#connect-an-existing-kubernetes-cluster). If you encounter issues connecting your Kubernetes Cluster to Azure Arc, we'd recommend opening a ticket with Microsoft Support. +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "encoding/base64" +// "os" +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/arckubernetes" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func filebase64OrPanic(path string) string { +// if fileData, err := os.ReadFile(path); err == nil { +// return base64.StdEncoding.EncodeToString(fileData[:]) +// } else { +// panic(err.Error()) +// } +// } +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// _, err = arckubernetes.NewCluster(ctx, "exampleCluster", &arckubernetes.ClusterArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// Location: pulumi.String("West Europe"), +// AgentPublicKeyCertificate: filebase64OrPanic("testdata/public.cer"), +// Identity: &arckubernetes.ClusterIdentityArgs{ +// Type: pulumi.String("SystemAssigned"), +// }, +// Tags: pulumi.StringMap{ +// "ENV": pulumi.String("Test"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// > **Note:** An extensive example on connecting the `arckubernetes.Cluster` to an external kubernetes cluster can be found in the `./examples/arckubernetes` directory within the GitHub Repository. +// // ## Import // // Arc Kubernetes Cluster can be imported using the `resource id`, e.g. diff --git a/sdk/go/azure/cdn/endpoint.go b/sdk/go/azure/cdn/endpoint.go index 00ca316970..51068145c7 100644 --- a/sdk/go/azure/cdn/endpoint.go +++ b/sdk/go/azure/cdn/endpoint.go @@ -12,6 +12,10 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// A CDN Endpoint is the entity within a CDN Profile containing configuration information regarding caching behaviours and origins. The CDN Endpoint is exposed using the URL format `.azureedge.net`. +// +// !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. +// // ## Example Usage // // ```go diff --git a/sdk/go/azure/cdn/frontdoorOrigin.go b/sdk/go/azure/cdn/frontdoorOrigin.go index bfce51be7e..9de7c95068 100644 --- a/sdk/go/azure/cdn/frontdoorOrigin.go +++ b/sdk/go/azure/cdn/frontdoorOrigin.go @@ -12,6 +12,284 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages a Front Door (standard/premium) Origin. +// +// !>**IMPORTANT:** If you are attempting to implement an Origin that uses its own Private Link Service with a Load Balancer the Profile resource in your configuration file **must** have a `dependsOn` meta-argument which references the `privatedns.LinkService`, see `Example Usage With Private Link Service` below. +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// exampleFrontdoorProfile, err := cdn.NewFrontdoorProfile(ctx, "exampleFrontdoorProfile", &cdn.FrontdoorProfileArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// SkuName: pulumi.String("Premium_AzureFrontDoor"), +// }) +// if err != nil { +// return err +// } +// exampleFrontdoorOriginGroup, err := cdn.NewFrontdoorOriginGroup(ctx, "exampleFrontdoorOriginGroup", &cdn.FrontdoorOriginGroupArgs{ +// CdnFrontdoorProfileId: exampleFrontdoorProfile.ID(), +// LoadBalancing: nil, +// }) +// if err != nil { +// return err +// } +// _, err = cdn.NewFrontdoorOrigin(ctx, "exampleFrontdoorOrigin", &cdn.FrontdoorOriginArgs{ +// CdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.ID(), +// Enabled: pulumi.Bool(true), +// CertificateNameCheckEnabled: pulumi.Bool(false), +// HostName: pulumi.String("contoso.com"), +// HttpPort: pulumi.Int(80), +// HttpsPort: pulumi.Int(443), +// OriginHostHeader: pulumi.String("www.contoso.com"), +// Priority: pulumi.Int(1), +// Weight: pulumi.Int(1), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### With Private Link +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// exampleAccount, err := storage.NewAccount(ctx, "exampleAccount", &storage.AccountArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// Location: exampleResourceGroup.Location, +// AccountTier: pulumi.String("Premium"), +// AccountReplicationType: pulumi.String("LRS"), +// AllowNestedItemsToBePublic: pulumi.Bool(false), +// NetworkRules: &storage.AccountNetworkRulesTypeArgs{ +// DefaultAction: pulumi.String("Deny"), +// }, +// Tags: pulumi.StringMap{ +// "environment": pulumi.String("Example"), +// }, +// }) +// if err != nil { +// return err +// } +// exampleFrontdoorProfile, err := cdn.NewFrontdoorProfile(ctx, "exampleFrontdoorProfile", &cdn.FrontdoorProfileArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// SkuName: pulumi.String("Premium_AzureFrontDoor"), +// }) +// if err != nil { +// return err +// } +// exampleFrontdoorOriginGroup, err := cdn.NewFrontdoorOriginGroup(ctx, "exampleFrontdoorOriginGroup", &cdn.FrontdoorOriginGroupArgs{ +// CdnFrontdoorProfileId: exampleFrontdoorProfile.ID(), +// LoadBalancing: nil, +// }) +// if err != nil { +// return err +// } +// _, err = cdn.NewFrontdoorOrigin(ctx, "exampleFrontdoorOrigin", &cdn.FrontdoorOriginArgs{ +// CdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.ID(), +// Enabled: pulumi.Bool(true), +// CertificateNameCheckEnabled: pulumi.Bool(true), +// HostName: exampleAccount.PrimaryBlobHost, +// OriginHostHeader: exampleAccount.PrimaryBlobHost, +// Priority: pulumi.Int(1), +// Weight: pulumi.Int(500), +// PrivateLink: &cdn.FrontdoorOriginPrivateLinkArgs{ +// RequestMessage: pulumi.String("Request access for Private Link Origin CDN Frontdoor"), +// TargetType: pulumi.String("blob"), +// Location: exampleAccount.Location, +// PrivateLinkTargetId: exampleAccount.ID(), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### With Private Link Service +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/cdn" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/lb" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatedns" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// current, err := core.GetClientConfig(ctx, nil, nil) +// if err != nil { +// return err +// } +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "exampleVirtualNetwork", &network.VirtualNetworkArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// Location: exampleResourceGroup.Location, +// AddressSpaces: pulumi.StringArray{ +// pulumi.String("10.5.0.0/16"), +// }, +// }) +// if err != nil { +// return err +// } +// exampleSubnet, err := network.NewSubnet(ctx, "exampleSubnet", &network.SubnetArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// VirtualNetworkName: exampleVirtualNetwork.Name, +// AddressPrefixes: pulumi.StringArray{ +// pulumi.String("10.5.1.0/24"), +// }, +// PrivateLinkServiceNetworkPoliciesEnabled: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// examplePublicIp, err := network.NewPublicIp(ctx, "examplePublicIp", &network.PublicIpArgs{ +// Sku: pulumi.String("Standard"), +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// AllocationMethod: pulumi.String("Static"), +// }) +// if err != nil { +// return err +// } +// exampleLoadBalancer, err := lb.NewLoadBalancer(ctx, "exampleLoadBalancer", &lb.LoadBalancerArgs{ +// Sku: pulumi.String("Standard"), +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// FrontendIpConfigurations: lb.LoadBalancerFrontendIpConfigurationArray{ +// &lb.LoadBalancerFrontendIpConfigurationArgs{ +// Name: examplePublicIp.Name, +// PublicIpAddressId: examplePublicIp.ID(), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// exampleLinkService, err := privatedns.NewLinkService(ctx, "exampleLinkService", &privatedns.LinkServiceArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// Location: exampleResourceGroup.Location, +// VisibilitySubscriptionIds: pulumi.StringArray{ +// *pulumi.String(current.SubscriptionId), +// }, +// LoadBalancerFrontendIpConfigurationIds: pulumi.StringArray{ +// exampleLoadBalancer.FrontendIpConfigurations.ApplyT(func(frontendIpConfigurations []lb.LoadBalancerFrontendIpConfiguration) (*string, error) { +// return &frontendIpConfigurations[0].Id, nil +// }).(pulumi.StringPtrOutput), +// }, +// NatIpConfigurations: privatedns.LinkServiceNatIpConfigurationArray{ +// &privatedns.LinkServiceNatIpConfigurationArgs{ +// Name: pulumi.String("primary"), +// PrivateIpAddress: pulumi.String("10.5.1.17"), +// PrivateIpAddressVersion: pulumi.String("IPv4"), +// SubnetId: exampleSubnet.ID(), +// Primary: pulumi.Bool(true), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// exampleFrontdoorProfile, err := cdn.NewFrontdoorProfile(ctx, "exampleFrontdoorProfile", &cdn.FrontdoorProfileArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// SkuName: pulumi.String("Premium_AzureFrontDoor"), +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleLinkService, +// })) +// if err != nil { +// return err +// } +// exampleFrontdoorOriginGroup, err := cdn.NewFrontdoorOriginGroup(ctx, "exampleFrontdoorOriginGroup", &cdn.FrontdoorOriginGroupArgs{ +// CdnFrontdoorProfileId: exampleFrontdoorProfile.ID(), +// LoadBalancing: &cdn.FrontdoorOriginGroupLoadBalancingArgs{ +// AdditionalLatencyInMilliseconds: pulumi.Int(0), +// SampleSize: pulumi.Int(16), +// SuccessfulSamplesRequired: pulumi.Int(3), +// }, +// }) +// if err != nil { +// return err +// } +// _, err = cdn.NewFrontdoorOrigin(ctx, "exampleFrontdoorOrigin", &cdn.FrontdoorOriginArgs{ +// CdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.ID(), +// Enabled: pulumi.Bool(true), +// HostName: pulumi.String("example.com"), +// OriginHostHeader: pulumi.String("example.com"), +// Priority: pulumi.Int(1), +// Weight: pulumi.Int(1000), +// CertificateNameCheckEnabled: pulumi.Bool(false), +// PrivateLink: &cdn.FrontdoorOriginPrivateLinkArgs{ +// RequestMessage: pulumi.String("Request access for Private Link Origin CDN Frontdoor"), +// Location: exampleResourceGroup.Location, +// PrivateLinkTargetId: exampleLinkService.ID(), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## Example HCL Configurations +// +// * Private Link Origin with Storage Account Blob +// * Private Link Origin with Storage Account Static Web Site +// * Private Link Origin with Linux Web Application +// * Private Link Origin with Internal Load Balancer +// // ## Import // // Front Door Origins can be imported using the `resource id`, e.g. diff --git a/sdk/go/azure/cdn/profile.go b/sdk/go/azure/cdn/profile.go index d47e6e2e9d..36c6401127 100644 --- a/sdk/go/azure/cdn/profile.go +++ b/sdk/go/azure/cdn/profile.go @@ -12,6 +12,10 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages a CDN Profile to create a collection of CDN Endpoints. +// +// !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. +// // ## Example Usage // // ```go diff --git a/sdk/go/azure/compute/image.go b/sdk/go/azure/compute/image.go index 59e7a0204a..d12f9b2ea9 100644 --- a/sdk/go/azure/compute/image.go +++ b/sdk/go/azure/compute/image.go @@ -12,6 +12,45 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages a custom virtual machine image that can be used to create virtual machines. +// +// ## Example Usage +// +// > **Note:** For a more complete example, see the `examples/image` directory within the GitHub Repository. +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleVirtualMachine, err := compute.LookupVirtualMachine(ctx, &compute.LookupVirtualMachineArgs{ +// Name: "examplevm", +// ResourceGroupName: "example-resources", +// }, nil) +// if err != nil { +// return err +// } +// _, err = compute.NewImage(ctx, "exampleImage", &compute.ImageArgs{ +// Location: *pulumi.String(exampleVirtualMachine.Location), +// ResourceGroupName: *pulumi.String(exampleVirtualMachine.Name), +// SourceVirtualMachineId: *pulumi.String(exampleVirtualMachine.Id), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // Images can be imported using the `resource id`, e.g. diff --git a/sdk/go/azure/compute/pulumiTypes.go b/sdk/go/azure/compute/pulumiTypes.go index 2fcd5dedfc..1cb5e24bb8 100644 --- a/sdk/go/azure/compute/pulumiTypes.go +++ b/sdk/go/azure/compute/pulumiTypes.go @@ -10525,7 +10525,10 @@ type OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration struct { // // > **NOTE:** If the `patchAssessmentMode` is set to `AutomaticByPlatform` then the `provisionVmAgent` field must be set to `true`. PatchAssessmentMode *string `pulumi:"patchAssessmentMode"` - PatchMode *string `pulumi:"patchMode"` + // Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + // + // > **NOTE:** If `patchMode` is set to `AutomaticByPlatform` the `provisionVmAgent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + PatchMode *string `pulumi:"patchMode"` // Should the Azure VM Agent be provisioned on each Virtual Machine in the Scale Set? Defaults to `true`. Changing this value forces a new resource to be created. ProvisionVmAgent *bool `pulumi:"provisionVmAgent"` // One or more `secret` blocks as defined below. @@ -10560,7 +10563,10 @@ type OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationArgs struct { // // > **NOTE:** If the `patchAssessmentMode` is set to `AutomaticByPlatform` then the `provisionVmAgent` field must be set to `true`. PatchAssessmentMode pulumi.StringPtrInput `pulumi:"patchAssessmentMode"` - PatchMode pulumi.StringPtrInput `pulumi:"patchMode"` + // Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + // + // > **NOTE:** If `patchMode` is set to `AutomaticByPlatform` the `provisionVmAgent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + PatchMode pulumi.StringPtrInput `pulumi:"patchMode"` // Should the Azure VM Agent be provisioned on each Virtual Machine in the Scale Set? Defaults to `true`. Changing this value forces a new resource to be created. ProvisionVmAgent pulumi.BoolPtrInput `pulumi:"provisionVmAgent"` // One or more `secret` blocks as defined below. @@ -10686,6 +10692,9 @@ func (o OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationOutput) Pat }).(pulumi.StringPtrOutput) } +// Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). +// +// > **NOTE:** If `patchMode` is set to `AutomaticByPlatform` the `provisionVmAgent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. func (o OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationOutput) PatchMode() pulumi.StringPtrOutput { return o.ApplyT(func(v OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration) *string { return v.PatchMode }).(pulumi.StringPtrOutput) } @@ -10790,6 +10799,9 @@ func (o OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationPtrOutput) }).(pulumi.StringPtrOutput) } +// Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). +// +// > **NOTE:** If `patchMode` is set to `AutomaticByPlatform` the `provisionVmAgent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. func (o OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationPtrOutput) PatchMode() pulumi.StringPtrOutput { return o.ApplyT(func(v *OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration) *string { if v == nil { @@ -11165,7 +11177,10 @@ type OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration struct { ComputerNamePrefix *string `pulumi:"computerNamePrefix"` // Are automatic updates enabled for this Virtual Machine? Defaults to `true`. EnableAutomaticUpdates *bool `pulumi:"enableAutomaticUpdates"` - HotpatchingEnabled *bool `pulumi:"hotpatchingEnabled"` + // Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + // + // > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, the VM's `skuName` is set to a Azure generation 2 directory within the GitHub Repository. + HotpatchingEnabled *bool `pulumi:"hotpatchingEnabled"` // Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. // // > **NOTE:** If the `patchAssessmentMode` is set to `AutomaticByPlatform` then the `provisionVmAgent` field must be set to `true`. @@ -11204,7 +11219,10 @@ type OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationArgs struct ComputerNamePrefix pulumi.StringPtrInput `pulumi:"computerNamePrefix"` // Are automatic updates enabled for this Virtual Machine? Defaults to `true`. EnableAutomaticUpdates pulumi.BoolPtrInput `pulumi:"enableAutomaticUpdates"` - HotpatchingEnabled pulumi.BoolPtrInput `pulumi:"hotpatchingEnabled"` + // Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + // + // > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, the VM's `skuName` is set to a Azure generation 2 directory within the GitHub Repository. + HotpatchingEnabled pulumi.BoolPtrInput `pulumi:"hotpatchingEnabled"` // Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. // // > **NOTE:** If the `patchAssessmentMode` is set to `AutomaticByPlatform` then the `provisionVmAgent` field must be set to `true`. @@ -11324,6 +11342,9 @@ func (o OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationOutput) E }).(pulumi.BoolPtrOutput) } +// Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). +// +// > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, the VM's `skuName` is set to a Azure generation 2 directory within the GitHub Repository. func (o OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationOutput) HotpatchingEnabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration) *bool { return v.HotpatchingEnabled @@ -11436,6 +11457,9 @@ func (o OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationPtrOutput }).(pulumi.BoolPtrOutput) } +// Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). +// +// > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, the VM's `skuName` is set to a Azure generation 2 directory within the GitHub Repository. func (o OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationPtrOutput) HotpatchingEnabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v *OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration) *bool { if v == nil { diff --git a/sdk/go/azure/compute/windowsVirtualMachine.go b/sdk/go/azure/compute/windowsVirtualMachine.go index 4f82bc39a4..dbc83a26be 100644 --- a/sdk/go/azure/compute/windowsVirtualMachine.go +++ b/sdk/go/azure/compute/windowsVirtualMachine.go @@ -169,7 +169,10 @@ type WindowsVirtualMachine struct { ExtensionsTimeBudget pulumi.StringPtrOutput `pulumi:"extensionsTimeBudget"` // One or more `galleryApplication` blocks as defined below. GalleryApplications WindowsVirtualMachineGalleryApplicationArrayOutput `pulumi:"galleryApplications"` - HotpatchingEnabled pulumi.BoolPtrOutput `pulumi:"hotpatchingEnabled"` + // Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + // + // > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + HotpatchingEnabled pulumi.BoolPtrOutput `pulumi:"hotpatchingEnabled"` // An `identity` block as defined below. Identity WindowsVirtualMachineIdentityPtrOutput `pulumi:"identity"` // Specifies the type of on-premise license (also known as [Azure Hybrid Use Benefit](https://docs.microsoft.com/windows-server/get-started/azure-hybrid-benefit)) which should be used for this Virtual Machine. Possible values are `None`, `Windows_Client` and `Windows_Server`. @@ -359,7 +362,10 @@ type windowsVirtualMachineState struct { ExtensionsTimeBudget *string `pulumi:"extensionsTimeBudget"` // One or more `galleryApplication` blocks as defined below. GalleryApplications []WindowsVirtualMachineGalleryApplication `pulumi:"galleryApplications"` - HotpatchingEnabled *bool `pulumi:"hotpatchingEnabled"` + // Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + // + // > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + HotpatchingEnabled *bool `pulumi:"hotpatchingEnabled"` // An `identity` block as defined below. Identity *WindowsVirtualMachineIdentity `pulumi:"identity"` // Specifies the type of on-premise license (also known as [Azure Hybrid Use Benefit](https://docs.microsoft.com/windows-server/get-started/azure-hybrid-benefit)) which should be used for this Virtual Machine. Possible values are `None`, `Windows_Client` and `Windows_Server`. @@ -491,7 +497,10 @@ type WindowsVirtualMachineState struct { ExtensionsTimeBudget pulumi.StringPtrInput // One or more `galleryApplication` blocks as defined below. GalleryApplications WindowsVirtualMachineGalleryApplicationArrayInput - HotpatchingEnabled pulumi.BoolPtrInput + // Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + // + // > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + HotpatchingEnabled pulumi.BoolPtrInput // An `identity` block as defined below. Identity WindowsVirtualMachineIdentityPtrInput // Specifies the type of on-premise license (also known as [Azure Hybrid Use Benefit](https://docs.microsoft.com/windows-server/get-started/azure-hybrid-benefit)) which should be used for this Virtual Machine. Possible values are `None`, `Windows_Client` and `Windows_Server`. @@ -627,7 +636,10 @@ type windowsVirtualMachineArgs struct { ExtensionsTimeBudget *string `pulumi:"extensionsTimeBudget"` // One or more `galleryApplication` blocks as defined below. GalleryApplications []WindowsVirtualMachineGalleryApplication `pulumi:"galleryApplications"` - HotpatchingEnabled *bool `pulumi:"hotpatchingEnabled"` + // Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + // + // > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + HotpatchingEnabled *bool `pulumi:"hotpatchingEnabled"` // An `identity` block as defined below. Identity *WindowsVirtualMachineIdentity `pulumi:"identity"` // Specifies the type of on-premise license (also known as [Azure Hybrid Use Benefit](https://docs.microsoft.com/windows-server/get-started/azure-hybrid-benefit)) which should be used for this Virtual Machine. Possible values are `None`, `Windows_Client` and `Windows_Server`. @@ -750,7 +762,10 @@ type WindowsVirtualMachineArgs struct { ExtensionsTimeBudget pulumi.StringPtrInput // One or more `galleryApplication` blocks as defined below. GalleryApplications WindowsVirtualMachineGalleryApplicationArrayInput - HotpatchingEnabled pulumi.BoolPtrInput + // Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + // + // > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + HotpatchingEnabled pulumi.BoolPtrInput // An `identity` block as defined below. Identity WindowsVirtualMachineIdentityPtrInput // Specifies the type of on-premise license (also known as [Azure Hybrid Use Benefit](https://docs.microsoft.com/windows-server/get-started/azure-hybrid-benefit)) which should be used for this Virtual Machine. Possible values are `None`, `Windows_Client` and `Windows_Server`. @@ -1023,6 +1038,9 @@ func (o WindowsVirtualMachineOutput) GalleryApplications() WindowsVirtualMachine }).(WindowsVirtualMachineGalleryApplicationArrayOutput) } +// Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). +// +// > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. func (o WindowsVirtualMachineOutput) HotpatchingEnabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v *WindowsVirtualMachine) pulumi.BoolPtrOutput { return v.HotpatchingEnabled }).(pulumi.BoolPtrOutput) } diff --git a/sdk/go/azure/databricks/workspaceCustomerManagedKey.go b/sdk/go/azure/databricks/workspaceCustomerManagedKey.go index fdd65d279f..5b440a5c3e 100644 --- a/sdk/go/azure/databricks/workspaceCustomerManagedKey.go +++ b/sdk/go/azure/databricks/workspaceCustomerManagedKey.go @@ -12,6 +12,142 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages a Customer Managed Key for a Databricks Workspace root DBFS +// +// !>**IMPORTANT:** This resource has been deprecated and will be removed from the 4.0 Azure provider. Please use the `databricks.WorkspaceRootDbfsCustomerManagedKey` resource instead. +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/databricks" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// current, err := core.GetClientConfig(ctx, nil, nil) +// if err != nil { +// return err +// } +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// exampleWorkspace, err := databricks.NewWorkspace(ctx, "exampleWorkspace", &databricks.WorkspaceArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// Location: exampleResourceGroup.Location, +// Sku: pulumi.String("premium"), +// CustomerManagedKeyEnabled: pulumi.Bool(true), +// Tags: pulumi.StringMap{ +// "Environment": pulumi.String("Production"), +// }, +// }) +// if err != nil { +// return err +// } +// exampleKeyVault, err := keyvault.NewKeyVault(ctx, "exampleKeyVault", &keyvault.KeyVaultArgs{ +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// TenantId: *pulumi.String(current.TenantId), +// SkuName: pulumi.String("premium"), +// PurgeProtectionEnabled: pulumi.Bool(true), +// SoftDeleteRetentionDays: pulumi.Int(7), +// }) +// if err != nil { +// return err +// } +// terraform, err := keyvault.NewAccessPolicy(ctx, "terraform", &keyvault.AccessPolicyArgs{ +// KeyVaultId: exampleKeyVault.ID(), +// TenantId: exampleKeyVault.TenantId, +// ObjectId: *pulumi.String(current.ObjectId), +// KeyPermissions: pulumi.StringArray{ +// pulumi.String("Create"), +// pulumi.String("Delete"), +// pulumi.String("Get"), +// pulumi.String("Purge"), +// pulumi.String("Recover"), +// pulumi.String("Update"), +// pulumi.String("List"), +// pulumi.String("Decrypt"), +// pulumi.String("Sign"), +// pulumi.String("GetRotationPolicy"), +// }, +// }) +// if err != nil { +// return err +// } +// exampleKey, err := keyvault.NewKey(ctx, "exampleKey", &keyvault.KeyArgs{ +// KeyVaultId: exampleKeyVault.ID(), +// KeyType: pulumi.String("RSA"), +// KeySize: pulumi.Int(2048), +// KeyOpts: pulumi.StringArray{ +// pulumi.String("decrypt"), +// pulumi.String("encrypt"), +// pulumi.String("sign"), +// pulumi.String("unwrapKey"), +// pulumi.String("verify"), +// pulumi.String("wrapKey"), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// terraform, +// })) +// if err != nil { +// return err +// } +// databricks, err := keyvault.NewAccessPolicy(ctx, "databricks", &keyvault.AccessPolicyArgs{ +// KeyVaultId: exampleKeyVault.ID(), +// TenantId: exampleWorkspace.StorageAccountIdentities.ApplyT(func(storageAccountIdentities []databricks.WorkspaceStorageAccountIdentity) (*string, error) { +// return &storageAccountIdentities[0].TenantId, nil +// }).(pulumi.StringPtrOutput), +// ObjectId: exampleWorkspace.StorageAccountIdentities.ApplyT(func(storageAccountIdentities []databricks.WorkspaceStorageAccountIdentity) (*string, error) { +// return &storageAccountIdentities[0].PrincipalId, nil +// }).(pulumi.StringPtrOutput), +// KeyPermissions: pulumi.StringArray{ +// pulumi.String("Create"), +// pulumi.String("Delete"), +// pulumi.String("Get"), +// pulumi.String("Purge"), +// pulumi.String("Recover"), +// pulumi.String("Update"), +// pulumi.String("List"), +// pulumi.String("Decrypt"), +// pulumi.String("Sign"), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleWorkspace, +// })) +// if err != nil { +// return err +// } +// _, err = databricks.NewWorkspaceRootDbfsCustomerManagedKey(ctx, "exampleWorkspaceRootDbfsCustomerManagedKey", &databricks.WorkspaceRootDbfsCustomerManagedKeyArgs{ +// WorkspaceId: exampleWorkspace.ID(), +// KeyVaultKeyId: exampleKey.ID(), +// }, pulumi.DependsOn([]pulumi.Resource{ +// databricks, +// })) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## Example HCL Configurations +// +// * Databricks Workspace with Root Databricks File System Customer Managed Keys +// * Databricks Workspace with Customer Managed Keys for Managed Services +// * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys +// // ## Import // // Databricks Workspace Customer Managed Key can be imported using the `resource id`, e.g. diff --git a/sdk/go/azure/databricks/workspaceRootDbfsCustomerManagedKey.go b/sdk/go/azure/databricks/workspaceRootDbfsCustomerManagedKey.go index 3a26722e78..16ffbb1b30 100644 --- a/sdk/go/azure/databricks/workspaceRootDbfsCustomerManagedKey.go +++ b/sdk/go/azure/databricks/workspaceRootDbfsCustomerManagedKey.go @@ -12,6 +12,140 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages a Customer Managed Key for the Databricks Workspaces root Databricks File System(DBFS) +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/databricks" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// current, err := core.GetClientConfig(ctx, nil, nil) +// if err != nil { +// return err +// } +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// exampleWorkspace, err := databricks.NewWorkspace(ctx, "exampleWorkspace", &databricks.WorkspaceArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// Location: exampleResourceGroup.Location, +// Sku: pulumi.String("premium"), +// CustomerManagedKeyEnabled: pulumi.Bool(true), +// Tags: pulumi.StringMap{ +// "Environment": pulumi.String("Production"), +// }, +// }) +// if err != nil { +// return err +// } +// exampleKeyVault, err := keyvault.NewKeyVault(ctx, "exampleKeyVault", &keyvault.KeyVaultArgs{ +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// TenantId: *pulumi.String(current.TenantId), +// SkuName: pulumi.String("premium"), +// PurgeProtectionEnabled: pulumi.Bool(true), +// SoftDeleteRetentionDays: pulumi.Int(7), +// }) +// if err != nil { +// return err +// } +// terraform, err := keyvault.NewAccessPolicy(ctx, "terraform", &keyvault.AccessPolicyArgs{ +// KeyVaultId: exampleKeyVault.ID(), +// TenantId: exampleKeyVault.TenantId, +// ObjectId: *pulumi.String(current.ObjectId), +// KeyPermissions: pulumi.StringArray{ +// pulumi.String("Create"), +// pulumi.String("Delete"), +// pulumi.String("Get"), +// pulumi.String("Purge"), +// pulumi.String("Recover"), +// pulumi.String("Update"), +// pulumi.String("List"), +// pulumi.String("Decrypt"), +// pulumi.String("Sign"), +// pulumi.String("GetRotationPolicy"), +// }, +// }) +// if err != nil { +// return err +// } +// exampleKey, err := keyvault.NewKey(ctx, "exampleKey", &keyvault.KeyArgs{ +// KeyVaultId: exampleKeyVault.ID(), +// KeyType: pulumi.String("RSA"), +// KeySize: pulumi.Int(2048), +// KeyOpts: pulumi.StringArray{ +// pulumi.String("decrypt"), +// pulumi.String("encrypt"), +// pulumi.String("sign"), +// pulumi.String("unwrapKey"), +// pulumi.String("verify"), +// pulumi.String("wrapKey"), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// terraform, +// })) +// if err != nil { +// return err +// } +// databricks, err := keyvault.NewAccessPolicy(ctx, "databricks", &keyvault.AccessPolicyArgs{ +// KeyVaultId: exampleKeyVault.ID(), +// TenantId: exampleWorkspace.StorageAccountIdentities.ApplyT(func(storageAccountIdentities []databricks.WorkspaceStorageAccountIdentity) (*string, error) { +// return &storageAccountIdentities[0].TenantId, nil +// }).(pulumi.StringPtrOutput), +// ObjectId: exampleWorkspace.StorageAccountIdentities.ApplyT(func(storageAccountIdentities []databricks.WorkspaceStorageAccountIdentity) (*string, error) { +// return &storageAccountIdentities[0].PrincipalId, nil +// }).(pulumi.StringPtrOutput), +// KeyPermissions: pulumi.StringArray{ +// pulumi.String("Create"), +// pulumi.String("Delete"), +// pulumi.String("Get"), +// pulumi.String("Purge"), +// pulumi.String("Recover"), +// pulumi.String("Update"), +// pulumi.String("List"), +// pulumi.String("Decrypt"), +// pulumi.String("Sign"), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleWorkspace, +// })) +// if err != nil { +// return err +// } +// _, err = databricks.NewWorkspaceRootDbfsCustomerManagedKey(ctx, "exampleWorkspaceRootDbfsCustomerManagedKey", &databricks.WorkspaceRootDbfsCustomerManagedKeyArgs{ +// WorkspaceId: exampleWorkspace.ID(), +// KeyVaultKeyId: exampleKey.ID(), +// }, pulumi.DependsOn([]pulumi.Resource{ +// databricks, +// })) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## Example HCL Configurations +// +// * Databricks Workspace with Root Databricks File System Customer Managed Keys +// * Databricks Workspace with Customer Managed Keys for Managed Services +// * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys +// // ## Import // // Databricks Workspace Root DBFS Customer Managed Key can be imported using the `resource id`, e.g. diff --git a/sdk/go/azure/frontdoor/customHttpsConfiguration.go b/sdk/go/azure/frontdoor/customHttpsConfiguration.go index 7c649c5648..a50ded3324 100644 --- a/sdk/go/azure/frontdoor/customHttpsConfiguration.go +++ b/sdk/go/azure/frontdoor/customHttpsConfiguration.go @@ -12,6 +12,134 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. +// +// Manages the Custom HTTPS Configuration for an Azure Front Door (classic) Frontend Endpoint. +// +// > **NOTE:** Defining custom HTTPS configurations using a separate `frontdoor.CustomHttpsConfiguration` resource allows for parallel creation/update. +// +// !> **BREAKING CHANGE:** In order to address the ordering issue we have changed the design on how to retrieve existing sub resources such as frontend endpoints. Existing design will be deprecated and will result in an incorrect configuration. Please refer to the updated documentation below for more information. +// +// !> **BREAKING CHANGE:** The `resourceGroupName` field has been removed as of the `v2.58.0` provider release. If the `resourceGroupName` field has been defined in your current `frontdoor.CustomHttpsConfiguration` resource configuration file please remove it else you will receive a `An argument named "resourceGroupName" is not expected here.` error. If your pre-existing Front Door instance contained inline `customHttpsConfiguration` blocks there are additional steps that will need to be completed to successfully migrate your Front Door onto the `v2.58.0` provider which can be found in this guide. +// +// !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/frontdoor" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// vault, err := keyvault.LookupKeyVault(ctx, &keyvault.LookupKeyVaultArgs{ +// Name: "example-vault", +// ResourceGroupName: "example-vault-rg", +// }, nil) +// if err != nil { +// return err +// } +// exampleFrontdoor, err := frontdoor.NewFrontdoor(ctx, "exampleFrontdoor", &frontdoor.FrontdoorArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// RoutingRules: frontdoor.FrontdoorRoutingRuleArray{ +// &frontdoor.FrontdoorRoutingRuleArgs{ +// Name: pulumi.String("exampleRoutingRule1"), +// AcceptedProtocols: pulumi.StringArray{ +// pulumi.String("Http"), +// pulumi.String("Https"), +// }, +// PatternsToMatches: pulumi.StringArray{ +// pulumi.String("/*"), +// }, +// FrontendEndpoints: pulumi.StringArray{ +// pulumi.String("exampleFrontendEndpoint1"), +// }, +// ForwardingConfiguration: &frontdoor.FrontdoorRoutingRuleForwardingConfigurationArgs{ +// ForwardingProtocol: pulumi.String("MatchRequest"), +// BackendPoolName: pulumi.String("exampleBackendBing"), +// }, +// }, +// }, +// BackendPoolLoadBalancings: frontdoor.FrontdoorBackendPoolLoadBalancingArray{ +// &frontdoor.FrontdoorBackendPoolLoadBalancingArgs{ +// Name: pulumi.String("exampleLoadBalancingSettings1"), +// }, +// }, +// BackendPoolHealthProbes: frontdoor.FrontdoorBackendPoolHealthProbeArray{ +// &frontdoor.FrontdoorBackendPoolHealthProbeArgs{ +// Name: pulumi.String("exampleHealthProbeSetting1"), +// }, +// }, +// BackendPools: frontdoor.FrontdoorBackendPoolArray{ +// &frontdoor.FrontdoorBackendPoolArgs{ +// Name: pulumi.String("exampleBackendBing"), +// Backends: frontdoor.FrontdoorBackendPoolBackendArray{ +// &frontdoor.FrontdoorBackendPoolBackendArgs{ +// HostHeader: pulumi.String("www.bing.com"), +// Address: pulumi.String("www.bing.com"), +// HttpPort: pulumi.Int(80), +// HttpsPort: pulumi.Int(443), +// }, +// }, +// LoadBalancingName: pulumi.String("exampleLoadBalancingSettings1"), +// HealthProbeName: pulumi.String("exampleHealthProbeSetting1"), +// }, +// }, +// FrontendEndpoints: frontdoor.FrontdoorFrontendEndpointArray{ +// &frontdoor.FrontdoorFrontendEndpointArgs{ +// Name: pulumi.String("exampleFrontendEndpoint1"), +// HostName: pulumi.String("example-FrontDoor.azurefd.net"), +// }, +// &frontdoor.FrontdoorFrontendEndpointArgs{ +// Name: pulumi.String("exampleFrontendEndpoint2"), +// HostName: pulumi.String("examplefd1.examplefd.net"), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// _, err = frontdoor.NewCustomHttpsConfiguration(ctx, "exampleCustomHttps0", &frontdoor.CustomHttpsConfigurationArgs{ +// FrontendEndpointId: exampleFrontdoor.FrontendEndpointsMap.ApplyT(func(frontendEndpointsMap map[string]string) (string, error) { +// return frontendEndpointsMap.ExampleFrontendEndpoint1, nil +// }).(pulumi.StringOutput), +// CustomHttpsProvisioningEnabled: pulumi.Bool(false), +// }) +// if err != nil { +// return err +// } +// _, err = frontdoor.NewCustomHttpsConfiguration(ctx, "exampleCustomHttps1", &frontdoor.CustomHttpsConfigurationArgs{ +// FrontendEndpointId: exampleFrontdoor.FrontendEndpointsMap.ApplyT(func(frontendEndpointsMap map[string]string) (string, error) { +// return frontendEndpointsMap.ExampleFrontendEndpoint2, nil +// }).(pulumi.StringOutput), +// CustomHttpsProvisioningEnabled: pulumi.Bool(true), +// CustomHttpsConfiguration: &frontdoor.CustomHttpsConfigurationCustomHttpsConfigurationArgs{ +// CertificateSource: pulumi.String("AzureKeyVault"), +// AzureKeyVaultCertificateSecretName: pulumi.String("examplefd1"), +// AzureKeyVaultCertificateVaultId: *pulumi.String(vault.Id), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // Front Door Custom HTTPS Configurations can be imported using the `resource id` of the Front Door Custom HTTPS Configuration, e.g. diff --git a/sdk/go/azure/frontdoor/firewallPolicy.go b/sdk/go/azure/frontdoor/firewallPolicy.go index e19facc99b..c752a72d8c 100644 --- a/sdk/go/azure/frontdoor/firewallPolicy.go +++ b/sdk/go/azure/frontdoor/firewallPolicy.go @@ -12,6 +12,12 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. +// +// Manages an Azure Front Door (classic) Web Application Firewall Policy instance. +// +// !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. +// // ## Example Usage // // ```go diff --git a/sdk/go/azure/mssql/databaseExtendedAuditingPolicy.go b/sdk/go/azure/mssql/databaseExtendedAuditingPolicy.go index f95b428b16..934df11d7a 100644 --- a/sdk/go/azure/mssql/databaseExtendedAuditingPolicy.go +++ b/sdk/go/azure/mssql/databaseExtendedAuditingPolicy.go @@ -94,7 +94,11 @@ type DatabaseExtendedAuditingPolicy struct { // Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. // // ->**NOTE:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. - Enabled pulumi.BoolPtrOutput `pulumi:"enabled"` + Enabled pulumi.BoolPtrOutput `pulumi:"enabled"` + // Enable audit events to Azure Monitor? Defaults to `true`. + // + // > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + // To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. LogMonitoringEnabled pulumi.BoolPtrOutput `pulumi:"logMonitoringEnabled"` // The number of days to retain logs for in the storage account. Defaults to `0`. RetentionInDays pulumi.IntPtrOutput `pulumi:"retentionInDays"` @@ -151,7 +155,11 @@ type databaseExtendedAuditingPolicyState struct { // Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. // // ->**NOTE:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. - Enabled *bool `pulumi:"enabled"` + Enabled *bool `pulumi:"enabled"` + // Enable audit events to Azure Monitor? Defaults to `true`. + // + // > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + // To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. LogMonitoringEnabled *bool `pulumi:"logMonitoringEnabled"` // The number of days to retain logs for in the storage account. Defaults to `0`. RetentionInDays *int `pulumi:"retentionInDays"` @@ -169,7 +177,11 @@ type DatabaseExtendedAuditingPolicyState struct { // Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. // // ->**NOTE:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. - Enabled pulumi.BoolPtrInput + Enabled pulumi.BoolPtrInput + // Enable audit events to Azure Monitor? Defaults to `true`. + // + // > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + // To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. LogMonitoringEnabled pulumi.BoolPtrInput // The number of days to retain logs for in the storage account. Defaults to `0`. RetentionInDays pulumi.IntPtrInput @@ -191,7 +203,11 @@ type databaseExtendedAuditingPolicyArgs struct { // Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. // // ->**NOTE:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. - Enabled *bool `pulumi:"enabled"` + Enabled *bool `pulumi:"enabled"` + // Enable audit events to Azure Monitor? Defaults to `true`. + // + // > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + // To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. LogMonitoringEnabled *bool `pulumi:"logMonitoringEnabled"` // The number of days to retain logs for in the storage account. Defaults to `0`. RetentionInDays *int `pulumi:"retentionInDays"` @@ -210,7 +226,11 @@ type DatabaseExtendedAuditingPolicyArgs struct { // Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. // // ->**NOTE:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. - Enabled pulumi.BoolPtrInput + Enabled pulumi.BoolPtrInput + // Enable audit events to Azure Monitor? Defaults to `true`. + // + // > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + // To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. LogMonitoringEnabled pulumi.BoolPtrInput // The number of days to retain logs for in the storage account. Defaults to `0`. RetentionInDays pulumi.IntPtrInput @@ -321,6 +341,10 @@ func (o DatabaseExtendedAuditingPolicyOutput) Enabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v *DatabaseExtendedAuditingPolicy) pulumi.BoolPtrOutput { return v.Enabled }).(pulumi.BoolPtrOutput) } +// Enable audit events to Azure Monitor? Defaults to `true`. +// +// > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. +// To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. func (o DatabaseExtendedAuditingPolicyOutput) LogMonitoringEnabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v *DatabaseExtendedAuditingPolicy) pulumi.BoolPtrOutput { return v.LogMonitoringEnabled }).(pulumi.BoolPtrOutput) } diff --git a/sdk/go/azure/mssql/managedInstanceFailoverGroup.go b/sdk/go/azure/mssql/managedInstanceFailoverGroup.go index 14341872b1..c20fb04b54 100644 --- a/sdk/go/azure/mssql/managedInstanceFailoverGroup.go +++ b/sdk/go/azure/mssql/managedInstanceFailoverGroup.go @@ -12,6 +12,138 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages an Azure SQL Managed Instance Failover Group. +// +// ## Example Usage +// +// > **Note:** For a more complete example, see the `./examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "exampleVirtualNetwork", &network.VirtualNetworkArgs{ +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// AddressSpaces: pulumi.StringArray{ +// pulumi.String("10.0.0.0/16"), +// }, +// }) +// if err != nil { +// return err +// } +// exampleSubnet, err := network.NewSubnet(ctx, "exampleSubnet", &network.SubnetArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// VirtualNetworkName: exampleVirtualNetwork.Name, +// AddressPrefixes: pulumi.StringArray{ +// pulumi.String("10.0.2.0/24"), +// }, +// }) +// if err != nil { +// return err +// } +// exampleNetworkSecurityGroup, err := network.NewNetworkSecurityGroup(ctx, "exampleNetworkSecurityGroup", &network.NetworkSecurityGroupArgs{ +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// }) +// if err != nil { +// return err +// } +// exampleSubnetNetworkSecurityGroupAssociation, err := network.NewSubnetNetworkSecurityGroupAssociation(ctx, "exampleSubnetNetworkSecurityGroupAssociation", &network.SubnetNetworkSecurityGroupAssociationArgs{ +// SubnetId: exampleSubnet.ID(), +// NetworkSecurityGroupId: exampleNetworkSecurityGroup.ID(), +// }) +// if err != nil { +// return err +// } +// exampleRouteTable, err := network.NewRouteTable(ctx, "exampleRouteTable", &network.RouteTableArgs{ +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// }) +// if err != nil { +// return err +// } +// exampleSubnetRouteTableAssociation, err := network.NewSubnetRouteTableAssociation(ctx, "exampleSubnetRouteTableAssociation", &network.SubnetRouteTableAssociationArgs{ +// SubnetId: exampleSubnet.ID(), +// RouteTableId: exampleRouteTable.ID(), +// }) +// if err != nil { +// return err +// } +// primary, err := mssql.NewManagedInstance(ctx, "primary", &mssql.ManagedInstanceArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// Location: exampleResourceGroup.Location, +// AdministratorLogin: pulumi.String("mradministrator"), +// AdministratorLoginPassword: pulumi.String("thisIsDog11"), +// LicenseType: pulumi.String("BasePrice"), +// SubnetId: exampleSubnet.ID(), +// SkuName: pulumi.String("GP_Gen5"), +// Vcores: pulumi.Int(4), +// StorageSizeInGb: pulumi.Int(32), +// Tags: pulumi.StringMap{ +// "environment": pulumi.String("prod"), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleSubnetNetworkSecurityGroupAssociation, +// exampleSubnetRouteTableAssociation, +// })) +// if err != nil { +// return err +// } +// secondary, err := mssql.NewManagedInstance(ctx, "secondary", &mssql.ManagedInstanceArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// Location: exampleResourceGroup.Location, +// AdministratorLogin: pulumi.String("mradministrator"), +// AdministratorLoginPassword: pulumi.String("thisIsDog11"), +// LicenseType: pulumi.String("BasePrice"), +// SubnetId: exampleSubnet.ID(), +// SkuName: pulumi.String("GP_Gen5"), +// Vcores: pulumi.Int(4), +// StorageSizeInGb: pulumi.Int(32), +// Tags: pulumi.StringMap{ +// "environment": pulumi.String("prod"), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// exampleSubnetNetworkSecurityGroupAssociation, +// exampleSubnetRouteTableAssociation, +// })) +// if err != nil { +// return err +// } +// _, err = mssql.NewManagedInstanceFailoverGroup(ctx, "exampleManagedInstanceFailoverGroup", &mssql.ManagedInstanceFailoverGroupArgs{ +// Location: primary.Location, +// ManagedInstanceId: primary.ID(), +// PartnerManagedInstanceId: secondary.ID(), +// ReadWriteEndpointFailoverPolicy: &mssql.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs{ +// Mode: pulumi.String("Automatic"), +// GraceMinutes: pulumi.Int(60), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // SQL Instance Failover Groups can be imported using the `resource id`, e.g. diff --git a/sdk/go/azure/netapp/pulumiTypes.go b/sdk/go/azure/netapp/pulumiTypes.go index 99efa7a024..6e23413594 100644 --- a/sdk/go/azure/netapp/pulumiTypes.go +++ b/sdk/go/azure/netapp/pulumiTypes.go @@ -971,7 +971,12 @@ type VolumeDataProtectionReplication struct { RemoteVolumeLocation string `pulumi:"remoteVolumeLocation"` // Resource ID of the primary volume. RemoteVolumeResourceId string `pulumi:"remoteVolumeResourceId"` - ReplicationFrequency string `pulumi:"replicationFrequency"` + // Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + // + // A full example of the `dataProtectionReplication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + // + // > **NOTE:** `dataProtectionReplication` can be defined only once per secondary volume, adding a second instance of it is not supported. + ReplicationFrequency string `pulumi:"replicationFrequency"` } // VolumeDataProtectionReplicationInput is an input type that accepts VolumeDataProtectionReplicationArgs and VolumeDataProtectionReplicationOutput values. @@ -992,7 +997,12 @@ type VolumeDataProtectionReplicationArgs struct { RemoteVolumeLocation pulumi.StringInput `pulumi:"remoteVolumeLocation"` // Resource ID of the primary volume. RemoteVolumeResourceId pulumi.StringInput `pulumi:"remoteVolumeResourceId"` - ReplicationFrequency pulumi.StringInput `pulumi:"replicationFrequency"` + // Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + // + // A full example of the `dataProtectionReplication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + // + // > **NOTE:** `dataProtectionReplication` can be defined only once per secondary volume, adding a second instance of it is not supported. + ReplicationFrequency pulumi.StringInput `pulumi:"replicationFrequency"` } func (VolumeDataProtectionReplicationArgs) ElementType() reflect.Type { @@ -1087,6 +1097,11 @@ func (o VolumeDataProtectionReplicationOutput) RemoteVolumeResourceId() pulumi.S return o.ApplyT(func(v VolumeDataProtectionReplication) string { return v.RemoteVolumeResourceId }).(pulumi.StringOutput) } +// Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. +// +// A full example of the `dataProtectionReplication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository +// +// > **NOTE:** `dataProtectionReplication` can be defined only once per secondary volume, adding a second instance of it is not supported. func (o VolumeDataProtectionReplicationOutput) ReplicationFrequency() pulumi.StringOutput { return o.ApplyT(func(v VolumeDataProtectionReplication) string { return v.ReplicationFrequency }).(pulumi.StringOutput) } @@ -1145,6 +1160,11 @@ func (o VolumeDataProtectionReplicationPtrOutput) RemoteVolumeResourceId() pulum }).(pulumi.StringPtrOutput) } +// Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. +// +// A full example of the `dataProtectionReplication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository +// +// > **NOTE:** `dataProtectionReplication` can be defined only once per secondary volume, adding a second instance of it is not supported. func (o VolumeDataProtectionReplicationPtrOutput) ReplicationFrequency() pulumi.StringPtrOutput { return o.ApplyT(func(v *VolumeDataProtectionReplication) *string { if v == nil { @@ -1155,6 +1175,11 @@ func (o VolumeDataProtectionReplicationPtrOutput) ReplicationFrequency() pulumi. } type VolumeDataProtectionSnapshotPolicy struct { + // Resource ID of the snapshot policy to apply to the volume. + // + // A full example of the `dataProtectionSnapshotPolicy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + // + // > **NOTE:** `dataProtectionSnapshotPolicy` block can be used alone or with dataProtectionReplication in the primary volume only, if enabling it in the secondary, an error will be thrown. SnapshotPolicyId string `pulumi:"snapshotPolicyId"` } @@ -1170,6 +1195,11 @@ type VolumeDataProtectionSnapshotPolicyInput interface { } type VolumeDataProtectionSnapshotPolicyArgs struct { + // Resource ID of the snapshot policy to apply to the volume. + // + // A full example of the `dataProtectionSnapshotPolicy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + // + // > **NOTE:** `dataProtectionSnapshotPolicy` block can be used alone or with dataProtectionReplication in the primary volume only, if enabling it in the secondary, an error will be thrown. SnapshotPolicyId pulumi.StringInput `pulumi:"snapshotPolicyId"` } @@ -1250,6 +1280,11 @@ func (o VolumeDataProtectionSnapshotPolicyOutput) ToVolumeDataProtectionSnapshot }).(VolumeDataProtectionSnapshotPolicyPtrOutput) } +// Resource ID of the snapshot policy to apply to the volume. +// +// A full example of the `dataProtectionSnapshotPolicy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository +// +// > **NOTE:** `dataProtectionSnapshotPolicy` block can be used alone or with dataProtectionReplication in the primary volume only, if enabling it in the secondary, an error will be thrown. func (o VolumeDataProtectionSnapshotPolicyOutput) SnapshotPolicyId() pulumi.StringOutput { return o.ApplyT(func(v VolumeDataProtectionSnapshotPolicy) string { return v.SnapshotPolicyId }).(pulumi.StringOutput) } @@ -1278,6 +1313,11 @@ func (o VolumeDataProtectionSnapshotPolicyPtrOutput) Elem() VolumeDataProtection }).(VolumeDataProtectionSnapshotPolicyOutput) } +// Resource ID of the snapshot policy to apply to the volume. +// +// A full example of the `dataProtectionSnapshotPolicy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository +// +// > **NOTE:** `dataProtectionSnapshotPolicy` block can be used alone or with dataProtectionReplication in the primary volume only, if enabling it in the secondary, an error will be thrown. func (o VolumeDataProtectionSnapshotPolicyPtrOutput) SnapshotPolicyId() pulumi.StringPtrOutput { return o.ApplyT(func(v *VolumeDataProtectionSnapshotPolicy) *string { if v == nil { diff --git a/sdk/go/azure/network/networkWatcherFlowLog.go b/sdk/go/azure/network/networkWatcherFlowLog.go index 6ab3248621..161a87b6ee 100644 --- a/sdk/go/azure/network/networkWatcherFlowLog.go +++ b/sdk/go/azure/network/networkWatcherFlowLog.go @@ -12,6 +12,10 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages a Network Watcher Flow Log. +// +// > **Note** The `network.NetworkWatcherFlowLog` creates a new storage lifecyle management rule that overwrites existing rules. Please make sure to use a `storageAccount` with no existing management rules, until the issue is fixed. +// // ## Example Usage // // ```go diff --git a/sdk/go/azure/network/pulumiTypes.go b/sdk/go/azure/network/pulumiTypes.go index b22617f5eb..fa183d67b2 100644 --- a/sdk/go/azure/network/pulumiTypes.go +++ b/sdk/go/azure/network/pulumiTypes.go @@ -8360,7 +8360,14 @@ type FirewallIpConfiguration struct { // Specifies the name of the IP Configuration. Name string `pulumi:"name"` // The private IP address associated with the Firewall. - PrivateIpAddress *string `pulumi:"privateIpAddress"` + PrivateIpAddress *string `pulumi:"privateIpAddress"` + // The ID of the Public IP Address associated with the firewall. + // + // > **NOTE** A public ip address is required unless a `managementIpConfiguration` block is specified. + // + // > **NOTE** When multiple `ipConfiguration` blocks with `publicIpAddressId` are configured, `pulumi up` will raise an error when one or some of these `ipConfiguration` blocks are removed. because the `publicIpAddressId` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `network.PublicIp` happens before the update of firewall by default. to destroy of `network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + // + // > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. PublicIpAddressId *string `pulumi:"publicIpAddressId"` // Reference to the subnet associated with the IP Configuration. Changing this forces a new resource to be created. // @@ -8385,7 +8392,14 @@ type FirewallIpConfigurationArgs struct { // Specifies the name of the IP Configuration. Name pulumi.StringInput `pulumi:"name"` // The private IP address associated with the Firewall. - PrivateIpAddress pulumi.StringPtrInput `pulumi:"privateIpAddress"` + PrivateIpAddress pulumi.StringPtrInput `pulumi:"privateIpAddress"` + // The ID of the Public IP Address associated with the firewall. + // + // > **NOTE** A public ip address is required unless a `managementIpConfiguration` block is specified. + // + // > **NOTE** When multiple `ipConfiguration` blocks with `publicIpAddressId` are configured, `pulumi up` will raise an error when one or some of these `ipConfiguration` blocks are removed. because the `publicIpAddressId` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `network.PublicIp` happens before the update of firewall by default. to destroy of `network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + // + // > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. PublicIpAddressId pulumi.StringPtrInput `pulumi:"publicIpAddressId"` // Reference to the subnet associated with the IP Configuration. Changing this forces a new resource to be created. // @@ -8456,6 +8470,13 @@ func (o FirewallIpConfigurationOutput) PrivateIpAddress() pulumi.StringPtrOutput return o.ApplyT(func(v FirewallIpConfiguration) *string { return v.PrivateIpAddress }).(pulumi.StringPtrOutput) } +// The ID of the Public IP Address associated with the firewall. +// +// > **NOTE** A public ip address is required unless a `managementIpConfiguration` block is specified. +// +// > **NOTE** When multiple `ipConfiguration` blocks with `publicIpAddressId` are configured, `pulumi up` will raise an error when one or some of these `ipConfiguration` blocks are removed. because the `publicIpAddressId` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `network.PublicIp` happens before the update of firewall by default. to destroy of `network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy +// +// > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. func (o FirewallIpConfigurationOutput) PublicIpAddressId() pulumi.StringPtrOutput { return o.ApplyT(func(v FirewallIpConfiguration) *string { return v.PublicIpAddressId }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/azure/privatelink/endpoint.go b/sdk/go/azure/privatelink/endpoint.go index b703acd00e..7beec8a06a 100644 --- a/sdk/go/azure/privatelink/endpoint.go +++ b/sdk/go/azure/privatelink/endpoint.go @@ -12,6 +12,288 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages a Private Endpoint. +// +// Azure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Private Endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. The service could be an Azure service such as Azure Storage, SQL, etc. or your own Private Link Service. +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/lb" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatedns" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatelink" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "exampleVirtualNetwork", &network.VirtualNetworkArgs{ +// AddressSpaces: pulumi.StringArray{ +// pulumi.String("10.0.0.0/16"), +// }, +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// }) +// if err != nil { +// return err +// } +// service, err := network.NewSubnet(ctx, "service", &network.SubnetArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// VirtualNetworkName: exampleVirtualNetwork.Name, +// AddressPrefixes: pulumi.StringArray{ +// pulumi.String("10.0.1.0/24"), +// }, +// EnforcePrivateLinkServiceNetworkPolicies: pulumi.Bool(true), +// }) +// if err != nil { +// return err +// } +// endpoint, err := network.NewSubnet(ctx, "endpoint", &network.SubnetArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// VirtualNetworkName: exampleVirtualNetwork.Name, +// AddressPrefixes: pulumi.StringArray{ +// pulumi.String("10.0.2.0/24"), +// }, +// EnforcePrivateLinkEndpointNetworkPolicies: pulumi.Bool(true), +// }) +// if err != nil { +// return err +// } +// examplePublicIp, err := network.NewPublicIp(ctx, "examplePublicIp", &network.PublicIpArgs{ +// Sku: pulumi.String("Standard"), +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// AllocationMethod: pulumi.String("Static"), +// }) +// if err != nil { +// return err +// } +// exampleLoadBalancer, err := lb.NewLoadBalancer(ctx, "exampleLoadBalancer", &lb.LoadBalancerArgs{ +// Sku: pulumi.String("Standard"), +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// FrontendIpConfigurations: lb.LoadBalancerFrontendIpConfigurationArray{ +// &lb.LoadBalancerFrontendIpConfigurationArgs{ +// Name: examplePublicIp.Name, +// PublicIpAddressId: examplePublicIp.ID(), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// exampleLinkService, err := privatedns.NewLinkService(ctx, "exampleLinkService", &privatedns.LinkServiceArgs{ +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// NatIpConfigurations: privatedns.LinkServiceNatIpConfigurationArray{ +// &privatedns.LinkServiceNatIpConfigurationArgs{ +// Name: examplePublicIp.Name, +// Primary: pulumi.Bool(true), +// SubnetId: service.ID(), +// }, +// }, +// LoadBalancerFrontendIpConfigurationIds: pulumi.StringArray{ +// exampleLoadBalancer.FrontendIpConfigurations.ApplyT(func(frontendIpConfigurations []lb.LoadBalancerFrontendIpConfiguration) (*string, error) { +// return &frontendIpConfigurations[0].Id, nil +// }).(pulumi.StringPtrOutput), +// }, +// }) +// if err != nil { +// return err +// } +// _, err = privatelink.NewEndpoint(ctx, "exampleEndpoint", &privatelink.EndpointArgs{ +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// SubnetId: endpoint.ID(), +// PrivateServiceConnection: &privatelink.EndpointPrivateServiceConnectionArgs{ +// Name: pulumi.String("example-privateserviceconnection"), +// PrivateConnectionResourceId: exampleLinkService.ID(), +// IsManualConnection: pulumi.Bool(false), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// Using a Private Link Service Alias with existing resources: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatelink" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleResourceGroup, err := core.LookupResourceGroup(ctx, &core.LookupResourceGroupArgs{ +// Name: "example-resources", +// }, nil) +// if err != nil { +// return err +// } +// vnet, err := network.LookupVirtualNetwork(ctx, &network.LookupVirtualNetworkArgs{ +// Name: "example-network", +// ResourceGroupName: exampleResourceGroup.Name, +// }, nil) +// if err != nil { +// return err +// } +// subnet, err := network.LookupSubnet(ctx, &network.LookupSubnetArgs{ +// Name: "default", +// VirtualNetworkName: vnet.Name, +// ResourceGroupName: exampleResourceGroup.Name, +// }, nil) +// if err != nil { +// return err +// } +// _, err = privatelink.NewEndpoint(ctx, "exampleEndpoint", &privatelink.EndpointArgs{ +// Location: *pulumi.String(exampleResourceGroup.Location), +// ResourceGroupName: *pulumi.String(exampleResourceGroup.Name), +// SubnetId: *pulumi.String(subnet.Id), +// PrivateServiceConnection: &privatelink.EndpointPrivateServiceConnectionArgs{ +// Name: pulumi.String("example-privateserviceconnection"), +// PrivateConnectionResourceAlias: pulumi.String("example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice"), +// IsManualConnection: pulumi.Bool(true), +// RequestMessage: pulumi.String("PL"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// Using a Private Endpoint pointing to an *owned* Azure service, with proper DNS configuration: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatedns" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/privatelink" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// exampleAccount, err := storage.NewAccount(ctx, "exampleAccount", &storage.AccountArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// Location: exampleResourceGroup.Location, +// AccountTier: pulumi.String("Standard"), +// AccountReplicationType: pulumi.String("LRS"), +// }) +// if err != nil { +// return err +// } +// exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "exampleVirtualNetwork", &network.VirtualNetworkArgs{ +// AddressSpaces: pulumi.StringArray{ +// pulumi.String("10.0.0.0/16"), +// }, +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// }) +// if err != nil { +// return err +// } +// exampleSubnet, err := network.NewSubnet(ctx, "exampleSubnet", &network.SubnetArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// VirtualNetworkName: exampleVirtualNetwork.Name, +// AddressPrefixes: pulumi.StringArray{ +// pulumi.String("10.0.2.0/24"), +// }, +// }) +// if err != nil { +// return err +// } +// exampleZone, err := privatedns.NewZone(ctx, "exampleZone", &privatedns.ZoneArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// }) +// if err != nil { +// return err +// } +// _, err = privatelink.NewEndpoint(ctx, "exampleEndpoint", &privatelink.EndpointArgs{ +// Location: exampleResourceGroup.Location, +// ResourceGroupName: exampleResourceGroup.Name, +// SubnetId: exampleSubnet.ID(), +// PrivateServiceConnection: &privatelink.EndpointPrivateServiceConnectionArgs{ +// Name: pulumi.String("example-privateserviceconnection"), +// PrivateConnectionResourceId: exampleAccount.ID(), +// SubresourceNames: pulumi.StringArray{ +// pulumi.String("blob"), +// }, +// IsManualConnection: pulumi.Bool(false), +// }, +// PrivateDnsZoneGroup: &privatelink.EndpointPrivateDnsZoneGroupArgs{ +// Name: pulumi.String("example-dns-zone-group"), +// PrivateDnsZoneIds: pulumi.StringArray{ +// exampleZone.ID(), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// _, err = privatedns.NewZoneVirtualNetworkLink(ctx, "exampleZoneVirtualNetworkLink", &privatedns.ZoneVirtualNetworkLinkArgs{ +// ResourceGroupName: exampleResourceGroup.Name, +// PrivateDnsZoneName: exampleZone.Name, +// VirtualNetworkId: exampleVirtualNetwork.ID(), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ## Example HCL Configurations +// +// * How to conneca `Private Endpoint` to a Application Gateway +// * How to connect a `Private Endpoint` to a Cosmos MongoDB +// * How to connect a `Private Endpoint` to a Cosmos PostgreSQL +// * How to connect a `Private Endpoint` to a PostgreSQL Server +// * How to connect a `Private Endpoint` to a Private Link Service +// * How to connect a `Private Endpoint` to a Private DNS Group +// * How to connect a `Private Endpoint` to a Databricks Workspace +// // ## Import // // Private Endpoints can be imported using the `resource id`, e.g. diff --git a/sdk/go/azure/sql/managedInstanceFailoverGroup.go b/sdk/go/azure/sql/managedInstanceFailoverGroup.go index 94d8d357b8..9f24ca6a1e 100644 --- a/sdk/go/azure/sql/managedInstanceFailoverGroup.go +++ b/sdk/go/azure/sql/managedInstanceFailoverGroup.go @@ -12,6 +12,92 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// Manages a SQL Instance Failover Group. +// +// ## Example Usage +// +// > **Note:** The `sql.ManagedInstanceFailoverGroup` resource is deprecated in version 3.0 of the AzureRM provider and will be removed in version 4.0. Please use the `mssql.ManagedInstanceFailoverGroup` resource instead. +// +// > **Note:** For a more complete example, see the the `examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core" +// "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/sql" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{ +// Location: pulumi.String("West Europe"), +// }) +// if err != nil { +// return err +// } +// primary, err := sql.NewManagedInstance(ctx, "primary", &sql.ManagedInstanceArgs{ +// ResourceGroupName: pulumi.Any(azurerm_resource_group.Primary.Name), +// Location: pulumi.Any(azurerm_resource_group.Primary.Location), +// AdministratorLogin: pulumi.String("mradministrator"), +// AdministratorLoginPassword: pulumi.String("thisIsDog11"), +// LicenseType: pulumi.String("BasePrice"), +// SubnetId: pulumi.Any(azurerm_subnet.Primary.Id), +// SkuName: pulumi.String("GP_Gen5"), +// Vcores: pulumi.Int(4), +// StorageSizeInGb: pulumi.Int(32), +// Tags: pulumi.StringMap{ +// "environment": pulumi.String("prod"), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// azurerm_subnet_network_security_group_association.Primary, +// azurerm_subnet_route_table_association.Primary, +// })) +// if err != nil { +// return err +// } +// secondary, err := sql.NewManagedInstance(ctx, "secondary", &sql.ManagedInstanceArgs{ +// ResourceGroupName: pulumi.Any(azurerm_resource_group.Secondary.Name), +// Location: pulumi.Any(azurerm_resource_group.Secondary.Location), +// AdministratorLogin: pulumi.String("mradministrator"), +// AdministratorLoginPassword: pulumi.String("thisIsDog11"), +// LicenseType: pulumi.String("BasePrice"), +// SubnetId: pulumi.Any(azurerm_subnet.Secondary.Id), +// SkuName: pulumi.String("GP_Gen5"), +// Vcores: pulumi.Int(4), +// StorageSizeInGb: pulumi.Int(32), +// Tags: pulumi.StringMap{ +// "environment": pulumi.String("prod"), +// }, +// }, pulumi.DependsOn([]pulumi.Resource{ +// azurerm_subnet_network_security_group_association.Secondary, +// azurerm_subnet_route_table_association.Secondary, +// })) +// if err != nil { +// return err +// } +// _, err = sql.NewManagedInstanceFailoverGroup(ctx, "exampleManagedInstanceFailoverGroup", &sql.ManagedInstanceFailoverGroupArgs{ +// ResourceGroupName: pulumi.Any(azurerm_resource_group.Primary.Name), +// Location: primary.Location, +// ManagedInstanceName: primary.Name, +// PartnerManagedInstanceId: secondary.ID(), +// ReadWriteEndpointFailoverPolicy: &sql.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs{ +// Mode: pulumi.String("Automatic"), +// GraceMinutes: pulumi.Int(60), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // // SQL Instance Failover Groups can be imported using the `resource id`, e.g. diff --git a/sdk/java/src/main/java/com/pulumi/azure/appservice/EnvironmentV3.java b/sdk/java/src/main/java/com/pulumi/azure/appservice/EnvironmentV3.java index 3a0e552c7b..23f9b13aa7 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/appservice/EnvironmentV3.java +++ b/sdk/java/src/main/java/com/pulumi/azure/appservice/EnvironmentV3.java @@ -21,6 +21,101 @@ import javax.annotation.Nullable; /** + * Manages a 3rd Generation (v3) App Service Environment. + * + * ## Example Usage + * + * This example provisions an App Service Environment V3. Additional examples of how to use the `azure.appservice.EnvironmentV3` resource can be found in the `./examples/app-service-environment-v3` directory within the GitHub Repository. + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.network.VirtualNetwork; + * import com.pulumi.azure.network.VirtualNetworkArgs; + * import com.pulumi.azure.network.Subnet; + * import com.pulumi.azure.network.SubnetArgs; + * import com.pulumi.azure.network.inputs.SubnetDelegationArgs; + * import com.pulumi.azure.network.inputs.SubnetDelegationServiceDelegationArgs; + * import com.pulumi.azure.appservice.EnvironmentV3; + * import com.pulumi.azure.appservice.EnvironmentV3Args; + * import com.pulumi.azure.appservice.inputs.EnvironmentV3ClusterSettingArgs; + * import com.pulumi.azure.appservice.ServicePlan; + * import com.pulumi.azure.appservice.ServicePlanArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder() + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .addressSpaces("10.0.0.0/16") + * .build()); + * + * var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .virtualNetworkName(exampleVirtualNetwork.name()) + * .addressPrefixes("10.0.2.0/24") + * .delegations(SubnetDelegationArgs.builder() + * .name("Microsoft.Web.hostingEnvironments") + * .serviceDelegation(SubnetDelegationServiceDelegationArgs.builder() + * .name("Microsoft.Web/hostingEnvironments") + * .actions("Microsoft.Network/virtualNetworks/subnets/action") + * .build()) + * .build()) + * .build()); + * + * var exampleEnvironmentV3 = new EnvironmentV3("exampleEnvironmentV3", EnvironmentV3Args.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .subnetId(exampleSubnet.id()) + * .internalLoadBalancingMode("Web, Publishing") + * .clusterSettings( + * EnvironmentV3ClusterSettingArgs.builder() + * .name("DisableTls1.0") + * .value("1") + * .build(), + * EnvironmentV3ClusterSettingArgs.builder() + * .name("InternalEncryption") + * .value("true") + * .build(), + * EnvironmentV3ClusterSettingArgs.builder() + * .name("FrontEndSSLCipherSuiteOrder") + * .value("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256") + * .build()) + * .tags(Map.ofEntries( + * Map.entry("env", "production"), + * Map.entry("terraformed", "true") + * )) + * .build()); + * + * var exampleServicePlan = new ServicePlan("exampleServicePlan", ServicePlanArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .location(exampleResourceGroup.location()) + * .osType("Linux") + * .skuName("I1v2") + * .appServiceEnvironmentId(exampleEnvironmentV3.id()) + * .build()); + * + * } + * } + * ``` + * * ## Import * * A 3rd Generation (v3) App Service Environment can be imported using the `resource id`, e.g. diff --git a/sdk/java/src/main/java/com/pulumi/azure/appservice/inputs/SlotSiteConfigArgs.java b/sdk/java/src/main/java/com/pulumi/azure/appservice/inputs/SlotSiteConfigArgs.java index 22c6450435..13797fa15c 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/appservice/inputs/SlotSiteConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azure/appservice/inputs/SlotSiteConfigArgs.java @@ -495,9 +495,21 @@ public Optional> websocketsEnabled() { return Optional.ofNullable(this.websocketsEnabled); } + /** + * The Windows Docker container image (`DOCKER|<user/image:tag>`) + * + * Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + * + */ @Import(name="windowsFxVersion") private @Nullable Output windowsFxVersion; + /** + * @return The Windows Docker container image (`DOCKER|<user/image:tag>`) + * + * Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + * + */ public Optional> windowsFxVersion() { return Optional.ofNullable(this.windowsFxVersion); } @@ -1240,11 +1252,27 @@ public Builder websocketsEnabled(Boolean websocketsEnabled) { return websocketsEnabled(Output.of(websocketsEnabled)); } + /** + * @param windowsFxVersion The Windows Docker container image (`DOCKER|<user/image:tag>`) + * + * Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + * + * @return builder + * + */ public Builder windowsFxVersion(@Nullable Output windowsFxVersion) { $.windowsFxVersion = windowsFxVersion; return this; } + /** + * @param windowsFxVersion The Windows Docker container image (`DOCKER|<user/image:tag>`) + * + * Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + * + * @return builder + * + */ public Builder windowsFxVersion(String windowsFxVersion) { return windowsFxVersion(Output.of(windowsFxVersion)); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/appservice/outputs/SlotSiteConfig.java b/sdk/java/src/main/java/com/pulumi/azure/appservice/outputs/SlotSiteConfig.java index f6d6203142..ed508c3f99 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/appservice/outputs/SlotSiteConfig.java +++ b/sdk/java/src/main/java/com/pulumi/azure/appservice/outputs/SlotSiteConfig.java @@ -179,6 +179,12 @@ public final class SlotSiteConfig { * */ private @Nullable Boolean websocketsEnabled; + /** + * @return The Windows Docker container image (`DOCKER|<user/image:tag>`) + * + * Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + * + */ private @Nullable String windowsFxVersion; private SlotSiteConfig() {} @@ -404,6 +410,12 @@ public Optional vnetRouteAllEnabled() { public Optional websocketsEnabled() { return Optional.ofNullable(this.websocketsEnabled); } + /** + * @return The Windows Docker container image (`DOCKER|<user/image:tag>`) + * + * Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + * + */ public Optional windowsFxVersion() { return Optional.ofNullable(this.windowsFxVersion); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/arckubernetes/Cluster.java b/sdk/java/src/main/java/com/pulumi/azure/arckubernetes/Cluster.java index d3e1688159..ab6f398630 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/arckubernetes/Cluster.java +++ b/sdk/java/src/main/java/com/pulumi/azure/arckubernetes/Cluster.java @@ -18,6 +18,55 @@ import javax.annotation.Nullable; /** + * Manages an Arc Kubernetes Cluster. + * + * > **Note:** Installing and configuring the Azure Arc Agent on your Kubernetes Cluster to establish connectivity is outside the scope of this document. For more details refer to [Deploy agents to your cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/conceptual-agent-overview#deploy-agents-to-your-cluster) and [Connect an existing Kubernetes Cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/quickstart-connect-cluster?tabs=azure-cli#connect-an-existing-kubernetes-cluster). If you encounter issues connecting your Kubernetes Cluster to Azure Arc, we'd recommend opening a ticket with Microsoft Support. + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.arckubernetes.Cluster; + * import com.pulumi.azure.arckubernetes.ClusterArgs; + * import com.pulumi.azure.arckubernetes.inputs.ClusterIdentityArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var exampleCluster = new Cluster("exampleCluster", ClusterArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .location("West Europe") + * .agentPublicKeyCertificate(Base64.getEncoder().encodeToString(Files.readAllBytes(Paths.get("testdata/public.cer")))) + * .identity(ClusterIdentityArgs.builder() + * .type("SystemAssigned") + * .build()) + * .tags(Map.of("ENV", "Test")) + * .build()); + * + * } + * } + * ``` + * + * > **Note:** An extensive example on connecting the `azure.arckubernetes.Cluster` to an external kubernetes cluster can be found in the `./examples/arckubernetes` directory within the GitHub Repository. + * * ## Import * * Arc Kubernetes Cluster can be imported using the `resource id`, e.g. diff --git a/sdk/java/src/main/java/com/pulumi/azure/cdn/Endpoint.java b/sdk/java/src/main/java/com/pulumi/azure/cdn/Endpoint.java index 2fdb571710..bd3cbb78b3 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/cdn/Endpoint.java +++ b/sdk/java/src/main/java/com/pulumi/azure/cdn/Endpoint.java @@ -22,6 +22,10 @@ import javax.annotation.Nullable; /** + * A CDN Endpoint is the entity within a CDN Profile containing configuration information regarding caching behaviours and origins. The CDN Endpoint is exposed using the URL format `<endpointname>.azureedge.net`. + * + * !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + * * ## Example Usage * ```java * package generated_program; diff --git a/sdk/java/src/main/java/com/pulumi/azure/cdn/FrontdoorOrigin.java b/sdk/java/src/main/java/com/pulumi/azure/cdn/FrontdoorOrigin.java index dcbfb8da34..ac4f60baa3 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/cdn/FrontdoorOrigin.java +++ b/sdk/java/src/main/java/com/pulumi/azure/cdn/FrontdoorOrigin.java @@ -18,6 +18,281 @@ import javax.annotation.Nullable; /** + * Manages a Front Door (standard/premium) Origin. + * + * !>**IMPORTANT:** If you are attempting to implement an Origin that uses its own Private Link Service with a Load Balancer the Profile resource in your configuration file **must** have a `depends_on` meta-argument which references the `azure.privatedns.LinkService`, see `Example Usage With Private Link Service` below. + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.cdn.FrontdoorProfile; + * import com.pulumi.azure.cdn.FrontdoorProfileArgs; + * import com.pulumi.azure.cdn.FrontdoorOriginGroup; + * import com.pulumi.azure.cdn.FrontdoorOriginGroupArgs; + * import com.pulumi.azure.cdn.inputs.FrontdoorOriginGroupLoadBalancingArgs; + * import com.pulumi.azure.cdn.FrontdoorOrigin; + * import com.pulumi.azure.cdn.FrontdoorOriginArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var exampleFrontdoorProfile = new FrontdoorProfile("exampleFrontdoorProfile", FrontdoorProfileArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .skuName("Premium_AzureFrontDoor") + * .build()); + * + * var exampleFrontdoorOriginGroup = new FrontdoorOriginGroup("exampleFrontdoorOriginGroup", FrontdoorOriginGroupArgs.builder() + * .cdnFrontdoorProfileId(exampleFrontdoorProfile.id()) + * .loadBalancing() + * .build()); + * + * var exampleFrontdoorOrigin = new FrontdoorOrigin("exampleFrontdoorOrigin", FrontdoorOriginArgs.builder() + * .cdnFrontdoorOriginGroupId(exampleFrontdoorOriginGroup.id()) + * .enabled(true) + * .certificateNameCheckEnabled(false) + * .hostName("contoso.com") + * .httpPort(80) + * .httpsPort(443) + * .originHostHeader("www.contoso.com") + * .priority(1) + * .weight(1) + * .build()); + * + * } + * } + * ``` + * ### With Private Link + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.storage.Account; + * import com.pulumi.azure.storage.AccountArgs; + * import com.pulumi.azure.storage.inputs.AccountNetworkRulesArgs; + * import com.pulumi.azure.cdn.FrontdoorProfile; + * import com.pulumi.azure.cdn.FrontdoorProfileArgs; + * import com.pulumi.azure.cdn.FrontdoorOriginGroup; + * import com.pulumi.azure.cdn.FrontdoorOriginGroupArgs; + * import com.pulumi.azure.cdn.inputs.FrontdoorOriginGroupLoadBalancingArgs; + * import com.pulumi.azure.cdn.FrontdoorOrigin; + * import com.pulumi.azure.cdn.FrontdoorOriginArgs; + * import com.pulumi.azure.cdn.inputs.FrontdoorOriginPrivateLinkArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var exampleAccount = new Account("exampleAccount", AccountArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .location(exampleResourceGroup.location()) + * .accountTier("Premium") + * .accountReplicationType("LRS") + * .allowNestedItemsToBePublic(false) + * .networkRules(AccountNetworkRulesArgs.builder() + * .defaultAction("Deny") + * .build()) + * .tags(Map.of("environment", "Example")) + * .build()); + * + * var exampleFrontdoorProfile = new FrontdoorProfile("exampleFrontdoorProfile", FrontdoorProfileArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .skuName("Premium_AzureFrontDoor") + * .build()); + * + * var exampleFrontdoorOriginGroup = new FrontdoorOriginGroup("exampleFrontdoorOriginGroup", FrontdoorOriginGroupArgs.builder() + * .cdnFrontdoorProfileId(exampleFrontdoorProfile.id()) + * .loadBalancing() + * .build()); + * + * var exampleFrontdoorOrigin = new FrontdoorOrigin("exampleFrontdoorOrigin", FrontdoorOriginArgs.builder() + * .cdnFrontdoorOriginGroupId(exampleFrontdoorOriginGroup.id()) + * .enabled(true) + * .certificateNameCheckEnabled(true) + * .hostName(exampleAccount.primaryBlobHost()) + * .originHostHeader(exampleAccount.primaryBlobHost()) + * .priority(1) + * .weight(500) + * .privateLink(FrontdoorOriginPrivateLinkArgs.builder() + * .requestMessage("Request access for Private Link Origin CDN Frontdoor") + * .targetType("blob") + * .location(exampleAccount.location()) + * .privateLinkTargetId(exampleAccount.id()) + * .build()) + * .build()); + * + * } + * } + * ``` + * ### With Private Link Service + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.CoreFunctions; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.network.VirtualNetwork; + * import com.pulumi.azure.network.VirtualNetworkArgs; + * import com.pulumi.azure.network.Subnet; + * import com.pulumi.azure.network.SubnetArgs; + * import com.pulumi.azure.network.PublicIp; + * import com.pulumi.azure.network.PublicIpArgs; + * import com.pulumi.azure.lb.LoadBalancer; + * import com.pulumi.azure.lb.LoadBalancerArgs; + * import com.pulumi.azure.lb.inputs.LoadBalancerFrontendIpConfigurationArgs; + * import com.pulumi.azure.privatedns.LinkService; + * import com.pulumi.azure.privatedns.LinkServiceArgs; + * import com.pulumi.azure.privatedns.inputs.LinkServiceNatIpConfigurationArgs; + * import com.pulumi.azure.cdn.FrontdoorProfile; + * import com.pulumi.azure.cdn.FrontdoorProfileArgs; + * import com.pulumi.azure.cdn.FrontdoorOriginGroup; + * import com.pulumi.azure.cdn.FrontdoorOriginGroupArgs; + * import com.pulumi.azure.cdn.inputs.FrontdoorOriginGroupLoadBalancingArgs; + * import com.pulumi.azure.cdn.FrontdoorOrigin; + * import com.pulumi.azure.cdn.FrontdoorOriginArgs; + * import com.pulumi.azure.cdn.inputs.FrontdoorOriginPrivateLinkArgs; + * import com.pulumi.resources.CustomResourceOptions; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var current = CoreFunctions.getClientConfig(); + * + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .location(exampleResourceGroup.location()) + * .addressSpaces("10.5.0.0/16") + * .build()); + * + * var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .virtualNetworkName(exampleVirtualNetwork.name()) + * .addressPrefixes("10.5.1.0/24") + * .privateLinkServiceNetworkPoliciesEnabled(false) + * .build()); + * + * var examplePublicIp = new PublicIp("examplePublicIp", PublicIpArgs.builder() + * .sku("Standard") + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .allocationMethod("Static") + * .build()); + * + * var exampleLoadBalancer = new LoadBalancer("exampleLoadBalancer", LoadBalancerArgs.builder() + * .sku("Standard") + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .frontendIpConfigurations(LoadBalancerFrontendIpConfigurationArgs.builder() + * .name(examplePublicIp.name()) + * .publicIpAddressId(examplePublicIp.id()) + * .build()) + * .build()); + * + * var exampleLinkService = new LinkService("exampleLinkService", LinkServiceArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .location(exampleResourceGroup.location()) + * .visibilitySubscriptionIds(current.applyValue(getClientConfigResult -> getClientConfigResult.subscriptionId())) + * .loadBalancerFrontendIpConfigurationIds(exampleLoadBalancer.frontendIpConfigurations().applyValue(frontendIpConfigurations -> frontendIpConfigurations[0].id())) + * .natIpConfigurations(LinkServiceNatIpConfigurationArgs.builder() + * .name("primary") + * .privateIpAddress("10.5.1.17") + * .privateIpAddressVersion("IPv4") + * .subnetId(exampleSubnet.id()) + * .primary(true) + * .build()) + * .build()); + * + * var exampleFrontdoorProfile = new FrontdoorProfile("exampleFrontdoorProfile", FrontdoorProfileArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .skuName("Premium_AzureFrontDoor") + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleLinkService) + * .build()); + * + * var exampleFrontdoorOriginGroup = new FrontdoorOriginGroup("exampleFrontdoorOriginGroup", FrontdoorOriginGroupArgs.builder() + * .cdnFrontdoorProfileId(exampleFrontdoorProfile.id()) + * .loadBalancing(FrontdoorOriginGroupLoadBalancingArgs.builder() + * .additionalLatencyInMilliseconds(0) + * .sampleSize(16) + * .successfulSamplesRequired(3) + * .build()) + * .build()); + * + * var exampleFrontdoorOrigin = new FrontdoorOrigin("exampleFrontdoorOrigin", FrontdoorOriginArgs.builder() + * .cdnFrontdoorOriginGroupId(exampleFrontdoorOriginGroup.id()) + * .enabled(true) + * .hostName("example.com") + * .originHostHeader("example.com") + * .priority(1) + * .weight(1000) + * .certificateNameCheckEnabled(false) + * .privateLink(FrontdoorOriginPrivateLinkArgs.builder() + * .requestMessage("Request access for Private Link Origin CDN Frontdoor") + * .location(exampleResourceGroup.location()) + * .privateLinkTargetId(exampleLinkService.id()) + * .build()) + * .build()); + * + * } + * } + * ``` + * ## Example HCL Configurations + * + * * Private Link Origin with Storage Account Blob + * * Private Link Origin with Storage Account Static Web Site + * * Private Link Origin with Linux Web Application + * * Private Link Origin with Internal Load Balancer + * * ## Import * * Front Door Origins can be imported using the `resource id`, e.g. diff --git a/sdk/java/src/main/java/com/pulumi/azure/cdn/Profile.java b/sdk/java/src/main/java/com/pulumi/azure/cdn/Profile.java index 0d485ee2c2..f6d5dc1579 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/cdn/Profile.java +++ b/sdk/java/src/main/java/com/pulumi/azure/cdn/Profile.java @@ -16,6 +16,10 @@ import javax.annotation.Nullable; /** + * Manages a CDN Profile to create a collection of CDN Endpoints. + * + * !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + * * ## Example Usage * ```java * package generated_program; diff --git a/sdk/java/src/main/java/com/pulumi/azure/compute/Image.java b/sdk/java/src/main/java/com/pulumi/azure/compute/Image.java index a729cca474..013623f04d 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/compute/Image.java +++ b/sdk/java/src/main/java/com/pulumi/azure/compute/Image.java @@ -20,6 +20,49 @@ import javax.annotation.Nullable; /** + * Manages a custom virtual machine image that can be used to create virtual machines. + * + * ## Example Usage + * + * > **Note:** For a more complete example, see the `examples/image` directory within the GitHub Repository. + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.compute.ComputeFunctions; + * import com.pulumi.azure.compute.inputs.GetVirtualMachineArgs; + * import com.pulumi.azure.compute.Image; + * import com.pulumi.azure.compute.ImageArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var exampleVirtualMachine = ComputeFunctions.getVirtualMachine(GetVirtualMachineArgs.builder() + * .name("examplevm") + * .resourceGroupName("example-resources") + * .build()); + * + * var exampleImage = new Image("exampleImage", ImageArgs.builder() + * .location(exampleVirtualMachine.applyValue(getVirtualMachineResult -> getVirtualMachineResult.location())) + * .resourceGroupName(exampleVirtualMachine.applyValue(getVirtualMachineResult -> getVirtualMachineResult.name())) + * .sourceVirtualMachineId(exampleVirtualMachine.applyValue(getVirtualMachineResult -> getVirtualMachineResult.id())) + * .build()); + * + * } + * } + * ``` + * * ## Import * * Images can be imported using the `resource id`, e.g. diff --git a/sdk/java/src/main/java/com/pulumi/azure/compute/WindowsVirtualMachine.java b/sdk/java/src/main/java/com/pulumi/azure/compute/WindowsVirtualMachine.java index 323e15bde4..24bf48fcc2 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/compute/WindowsVirtualMachine.java +++ b/sdk/java/src/main/java/com/pulumi/azure/compute/WindowsVirtualMachine.java @@ -418,9 +418,21 @@ public Output> extensionsTimeBudget() { public Output>> galleryApplications() { return Codegen.optional(this.galleryApplications); } + /** + * Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + * + */ @Export(name="hotpatchingEnabled", refs={Boolean.class}, tree="[0]") private Output hotpatchingEnabled; + /** + * @return Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + * + */ public Output> hotpatchingEnabled() { return Codegen.optional(this.hotpatchingEnabled); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/compute/WindowsVirtualMachineArgs.java b/sdk/java/src/main/java/com/pulumi/azure/compute/WindowsVirtualMachineArgs.java index ab6db2e68d..4bed42c083 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/compute/WindowsVirtualMachineArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azure/compute/WindowsVirtualMachineArgs.java @@ -329,9 +329,21 @@ public Optional>> galle return Optional.ofNullable(this.galleryApplications); } + /** + * Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + * + */ @Import(name="hotpatchingEnabled") private @Nullable Output hotpatchingEnabled; + /** + * @return Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + * + */ public Optional> hotpatchingEnabled() { return Optional.ofNullable(this.hotpatchingEnabled); } @@ -1306,11 +1318,27 @@ public Builder galleryApplications(WindowsVirtualMachineGalleryApplicationArgs.. return galleryApplications(List.of(galleryApplications)); } + /** + * @param hotpatchingEnabled Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + * + * @return builder + * + */ public Builder hotpatchingEnabled(@Nullable Output hotpatchingEnabled) { $.hotpatchingEnabled = hotpatchingEnabled; return this; } + /** + * @param hotpatchingEnabled Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + * + * @return builder + * + */ public Builder hotpatchingEnabled(Boolean hotpatchingEnabled) { return hotpatchingEnabled(Output.of(hotpatchingEnabled)); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationArgs.java b/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationArgs.java index 0bdfe5c3c4..d6bc30c662 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationArgs.java @@ -118,9 +118,21 @@ public Optional> patchAssessmentMode() { return Optional.ofNullable(this.patchAssessmentMode); } + /** + * Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + * + * > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + * + */ @Import(name="patchMode") private @Nullable Output patchMode; + /** + * @return Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + * + * > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + * + */ public Optional> patchMode() { return Optional.ofNullable(this.patchMode); } @@ -331,11 +343,27 @@ public Builder patchAssessmentMode(String patchAssessmentMode) { return patchAssessmentMode(Output.of(patchAssessmentMode)); } + /** + * @param patchMode Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + * + * > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + * + * @return builder + * + */ public Builder patchMode(@Nullable Output patchMode) { $.patchMode = patchMode; return this; } + /** + * @param patchMode Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + * + * > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + * + * @return builder + * + */ public Builder patchMode(String patchMode) { return patchMode(Output.of(patchMode)); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationArgs.java b/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationArgs.java index f14239524a..49e1c8dba0 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurationArgs.java @@ -80,9 +80,21 @@ public Optional> enableAutomaticUpdates() { return Optional.ofNullable(this.enableAutomaticUpdates); } + /** + * Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + * + */ @Import(name="hotpatchingEnabled") private @Nullable Output hotpatchingEnabled; + /** + * @return Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + * + */ public Optional> hotpatchingEnabled() { return Optional.ofNullable(this.hotpatchingEnabled); } @@ -303,11 +315,27 @@ public Builder enableAutomaticUpdates(Boolean enableAutomaticUpdates) { return enableAutomaticUpdates(Output.of(enableAutomaticUpdates)); } + /** + * @param hotpatchingEnabled Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + * + * @return builder + * + */ public Builder hotpatchingEnabled(@Nullable Output hotpatchingEnabled) { $.hotpatchingEnabled = hotpatchingEnabled; return this; } + /** + * @param hotpatchingEnabled Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + * + * @return builder + * + */ public Builder hotpatchingEnabled(Boolean hotpatchingEnabled) { return hotpatchingEnabled(Output.of(hotpatchingEnabled)); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/WindowsVirtualMachineState.java b/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/WindowsVirtualMachineState.java index 30d07e7e98..9a0a27cc27 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/WindowsVirtualMachineState.java +++ b/sdk/java/src/main/java/com/pulumi/azure/compute/inputs/WindowsVirtualMachineState.java @@ -328,9 +328,21 @@ public Optional>> galle return Optional.ofNullable(this.galleryApplications); } + /** + * Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + * + */ @Import(name="hotpatchingEnabled") private @Nullable Output hotpatchingEnabled; + /** + * @return Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + * + */ public Optional> hotpatchingEnabled() { return Optional.ofNullable(this.hotpatchingEnabled); } @@ -1385,11 +1397,27 @@ public Builder galleryApplications(WindowsVirtualMachineGalleryApplicationArgs.. return galleryApplications(List.of(galleryApplications)); } + /** + * @param hotpatchingEnabled Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + * + * @return builder + * + */ public Builder hotpatchingEnabled(@Nullable Output hotpatchingEnabled) { $.hotpatchingEnabled = hotpatchingEnabled; return this; } + /** + * @param hotpatchingEnabled Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + * + * @return builder + * + */ public Builder hotpatchingEnabled(Boolean hotpatchingEnabled) { return hotpatchingEnabled(Output.of(hotpatchingEnabled)); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/compute/outputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration.java b/sdk/java/src/main/java/com/pulumi/azure/compute/outputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration.java index fc3e2d33d1..7696f05d16 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/compute/outputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/azure/compute/outputs/OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration.java @@ -50,6 +50,12 @@ public final class OrchestratedVirtualMachineScaleSetOsProfileLinuxConfiguration * */ private @Nullable String patchAssessmentMode; + /** + * @return Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + * + * > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + * + */ private @Nullable String patchMode; /** * @return Should the Azure VM Agent be provisioned on each Virtual Machine in the Scale Set? Defaults to `true`. Changing this value forces a new resource to be created. @@ -109,6 +115,12 @@ public Optional disablePasswordAuthentication() { public Optional patchAssessmentMode() { return Optional.ofNullable(this.patchAssessmentMode); } + /** + * @return Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + * + * > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + * + */ public Optional patchMode() { return Optional.ofNullable(this.patchMode); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/compute/outputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration.java b/sdk/java/src/main/java/com/pulumi/azure/compute/outputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration.java index 5b5fed5c63..87e1cc46bd 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/compute/outputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/azure/compute/outputs/OrchestratedVirtualMachineScaleSetOsProfileWindowsConfiguration.java @@ -36,6 +36,12 @@ public final class OrchestratedVirtualMachineScaleSetOsProfileWindowsConfigurati * */ private @Nullable Boolean enableAutomaticUpdates; + /** + * @return Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + * + */ private @Nullable Boolean hotpatchingEnabled; /** * @return Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. @@ -101,6 +107,12 @@ public Optional computerNamePrefix() { public Optional enableAutomaticUpdates() { return Optional.ofNullable(this.enableAutomaticUpdates); } + /** + * @return Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + * + */ public Optional hotpatchingEnabled() { return Optional.ofNullable(this.hotpatchingEnabled); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/databricks/WorkspaceCustomerManagedKey.java b/sdk/java/src/main/java/com/pulumi/azure/databricks/WorkspaceCustomerManagedKey.java index 776e972b98..6032c4f307 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/databricks/WorkspaceCustomerManagedKey.java +++ b/sdk/java/src/main/java/com/pulumi/azure/databricks/WorkspaceCustomerManagedKey.java @@ -14,6 +14,133 @@ import javax.annotation.Nullable; /** + * Manages a Customer Managed Key for a Databricks Workspace root DBFS + * + * !>**IMPORTANT:** This resource has been deprecated and will be removed from the 4.0 Azure provider. Please use the `azure.databricks.WorkspaceRootDbfsCustomerManagedKey` resource instead. + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.CoreFunctions; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.databricks.Workspace; + * import com.pulumi.azure.databricks.WorkspaceArgs; + * import com.pulumi.azure.keyvault.KeyVault; + * import com.pulumi.azure.keyvault.KeyVaultArgs; + * import com.pulumi.azure.keyvault.AccessPolicy; + * import com.pulumi.azure.keyvault.AccessPolicyArgs; + * import com.pulumi.azure.keyvault.Key; + * import com.pulumi.azure.keyvault.KeyArgs; + * import com.pulumi.azure.databricks.WorkspaceRootDbfsCustomerManagedKey; + * import com.pulumi.azure.databricks.WorkspaceRootDbfsCustomerManagedKeyArgs; + * import com.pulumi.resources.CustomResourceOptions; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var current = CoreFunctions.getClientConfig(); + * + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var exampleWorkspace = new Workspace("exampleWorkspace", WorkspaceArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .location(exampleResourceGroup.location()) + * .sku("premium") + * .customerManagedKeyEnabled(true) + * .tags(Map.of("Environment", "Production")) + * .build()); + * + * var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder() + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId())) + * .skuName("premium") + * .purgeProtectionEnabled(true) + * .softDeleteRetentionDays(7) + * .build()); + * + * var terraform = new AccessPolicy("terraform", AccessPolicyArgs.builder() + * .keyVaultId(exampleKeyVault.id()) + * .tenantId(exampleKeyVault.tenantId()) + * .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId())) + * .keyPermissions( + * "Create", + * "Delete", + * "Get", + * "Purge", + * "Recover", + * "Update", + * "List", + * "Decrypt", + * "Sign", + * "GetRotationPolicy") + * .build()); + * + * var exampleKey = new Key("exampleKey", KeyArgs.builder() + * .keyVaultId(exampleKeyVault.id()) + * .keyType("RSA") + * .keySize(2048) + * .keyOpts( + * "decrypt", + * "encrypt", + * "sign", + * "unwrapKey", + * "verify", + * "wrapKey") + * .build(), CustomResourceOptions.builder() + * .dependsOn(terraform) + * .build()); + * + * var databricks = new AccessPolicy("databricks", AccessPolicyArgs.builder() + * .keyVaultId(exampleKeyVault.id()) + * .tenantId(exampleWorkspace.storageAccountIdentities().applyValue(storageAccountIdentities -> storageAccountIdentities[0].tenantId())) + * .objectId(exampleWorkspace.storageAccountIdentities().applyValue(storageAccountIdentities -> storageAccountIdentities[0].principalId())) + * .keyPermissions( + * "Create", + * "Delete", + * "Get", + * "Purge", + * "Recover", + * "Update", + * "List", + * "Decrypt", + * "Sign") + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleWorkspace) + * .build()); + * + * var exampleWorkspaceRootDbfsCustomerManagedKey = new WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", WorkspaceRootDbfsCustomerManagedKeyArgs.builder() + * .workspaceId(exampleWorkspace.id()) + * .keyVaultKeyId(exampleKey.id()) + * .build(), CustomResourceOptions.builder() + * .dependsOn(databricks) + * .build()); + * + * } + * } + * ``` + * ## Example HCL Configurations + * + * * Databricks Workspace with Root Databricks File System Customer Managed Keys + * * Databricks Workspace with Customer Managed Keys for Managed Services + * * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys + * * ## Import * * Databricks Workspace Customer Managed Key can be imported using the `resource id`, e.g. diff --git a/sdk/java/src/main/java/com/pulumi/azure/databricks/WorkspaceRootDbfsCustomerManagedKey.java b/sdk/java/src/main/java/com/pulumi/azure/databricks/WorkspaceRootDbfsCustomerManagedKey.java index 4598e6c333..74b22a4657 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/databricks/WorkspaceRootDbfsCustomerManagedKey.java +++ b/sdk/java/src/main/java/com/pulumi/azure/databricks/WorkspaceRootDbfsCustomerManagedKey.java @@ -14,6 +14,131 @@ import javax.annotation.Nullable; /** + * Manages a Customer Managed Key for the Databricks Workspaces root Databricks File System(DBFS) + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.CoreFunctions; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.databricks.Workspace; + * import com.pulumi.azure.databricks.WorkspaceArgs; + * import com.pulumi.azure.keyvault.KeyVault; + * import com.pulumi.azure.keyvault.KeyVaultArgs; + * import com.pulumi.azure.keyvault.AccessPolicy; + * import com.pulumi.azure.keyvault.AccessPolicyArgs; + * import com.pulumi.azure.keyvault.Key; + * import com.pulumi.azure.keyvault.KeyArgs; + * import com.pulumi.azure.databricks.WorkspaceRootDbfsCustomerManagedKey; + * import com.pulumi.azure.databricks.WorkspaceRootDbfsCustomerManagedKeyArgs; + * import com.pulumi.resources.CustomResourceOptions; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var current = CoreFunctions.getClientConfig(); + * + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var exampleWorkspace = new Workspace("exampleWorkspace", WorkspaceArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .location(exampleResourceGroup.location()) + * .sku("premium") + * .customerManagedKeyEnabled(true) + * .tags(Map.of("Environment", "Production")) + * .build()); + * + * var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder() + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId())) + * .skuName("premium") + * .purgeProtectionEnabled(true) + * .softDeleteRetentionDays(7) + * .build()); + * + * var terraform = new AccessPolicy("terraform", AccessPolicyArgs.builder() + * .keyVaultId(exampleKeyVault.id()) + * .tenantId(exampleKeyVault.tenantId()) + * .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId())) + * .keyPermissions( + * "Create", + * "Delete", + * "Get", + * "Purge", + * "Recover", + * "Update", + * "List", + * "Decrypt", + * "Sign", + * "GetRotationPolicy") + * .build()); + * + * var exampleKey = new Key("exampleKey", KeyArgs.builder() + * .keyVaultId(exampleKeyVault.id()) + * .keyType("RSA") + * .keySize(2048) + * .keyOpts( + * "decrypt", + * "encrypt", + * "sign", + * "unwrapKey", + * "verify", + * "wrapKey") + * .build(), CustomResourceOptions.builder() + * .dependsOn(terraform) + * .build()); + * + * var databricks = new AccessPolicy("databricks", AccessPolicyArgs.builder() + * .keyVaultId(exampleKeyVault.id()) + * .tenantId(exampleWorkspace.storageAccountIdentities().applyValue(storageAccountIdentities -> storageAccountIdentities[0].tenantId())) + * .objectId(exampleWorkspace.storageAccountIdentities().applyValue(storageAccountIdentities -> storageAccountIdentities[0].principalId())) + * .keyPermissions( + * "Create", + * "Delete", + * "Get", + * "Purge", + * "Recover", + * "Update", + * "List", + * "Decrypt", + * "Sign") + * .build(), CustomResourceOptions.builder() + * .dependsOn(exampleWorkspace) + * .build()); + * + * var exampleWorkspaceRootDbfsCustomerManagedKey = new WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", WorkspaceRootDbfsCustomerManagedKeyArgs.builder() + * .workspaceId(exampleWorkspace.id()) + * .keyVaultKeyId(exampleKey.id()) + * .build(), CustomResourceOptions.builder() + * .dependsOn(databricks) + * .build()); + * + * } + * } + * ``` + * ## Example HCL Configurations + * + * * Databricks Workspace with Root Databricks File System Customer Managed Keys + * * Databricks Workspace with Customer Managed Keys for Managed Services + * * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys + * * ## Import * * Databricks Workspace Root DBFS Customer Managed Key can be imported using the `resource id`, e.g. diff --git a/sdk/java/src/main/java/com/pulumi/azure/frontdoor/CustomHttpsConfiguration.java b/sdk/java/src/main/java/com/pulumi/azure/frontdoor/CustomHttpsConfiguration.java index 74c22edeff..1c41311c15 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/frontdoor/CustomHttpsConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/azure/frontdoor/CustomHttpsConfiguration.java @@ -17,6 +17,121 @@ import javax.annotation.Nullable; /** + * !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. + * + * Manages the Custom HTTPS Configuration for an Azure Front Door (classic) Frontend Endpoint. + * + * > **NOTE:** Defining custom HTTPS configurations using a separate `azure.frontdoor.CustomHttpsConfiguration` resource allows for parallel creation/update. + * + * !> **BREAKING CHANGE:** In order to address the ordering issue we have changed the design on how to retrieve existing sub resources such as frontend endpoints. Existing design will be deprecated and will result in an incorrect configuration. Please refer to the updated documentation below for more information. + * + * !> **BREAKING CHANGE:** The `resource_group_name` field has been removed as of the `v2.58.0` provider release. If the `resource_group_name` field has been defined in your current `azure.frontdoor.CustomHttpsConfiguration` resource configuration file please remove it else you will receive a `An argument named "resource_group_name" is not expected here.` error. If your pre-existing Front Door instance contained inline `custom_https_configuration` blocks there are additional steps that will need to be completed to successfully migrate your Front Door onto the `v2.58.0` provider which can be found in this guide. + * + * !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.keyvault.KeyvaultFunctions; + * import com.pulumi.azure.keyvault.inputs.GetKeyVaultArgs; + * import com.pulumi.azure.frontdoor.Frontdoor; + * import com.pulumi.azure.frontdoor.FrontdoorArgs; + * import com.pulumi.azure.frontdoor.inputs.FrontdoorRoutingRuleArgs; + * import com.pulumi.azure.frontdoor.inputs.FrontdoorRoutingRuleForwardingConfigurationArgs; + * import com.pulumi.azure.frontdoor.inputs.FrontdoorBackendPoolLoadBalancingArgs; + * import com.pulumi.azure.frontdoor.inputs.FrontdoorBackendPoolHealthProbeArgs; + * import com.pulumi.azure.frontdoor.inputs.FrontdoorBackendPoolArgs; + * import com.pulumi.azure.frontdoor.inputs.FrontdoorFrontendEndpointArgs; + * import com.pulumi.azure.frontdoor.CustomHttpsConfiguration; + * import com.pulumi.azure.frontdoor.CustomHttpsConfigurationArgs; + * import com.pulumi.azure.frontdoor.inputs.CustomHttpsConfigurationCustomHttpsConfigurationArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * final var vault = KeyvaultFunctions.getKeyVault(GetKeyVaultArgs.builder() + * .name("example-vault") + * .resourceGroupName("example-vault-rg") + * .build()); + * + * var exampleFrontdoor = new Frontdoor("exampleFrontdoor", FrontdoorArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .routingRules(FrontdoorRoutingRuleArgs.builder() + * .name("exampleRoutingRule1") + * .acceptedProtocols( + * "Http", + * "Https") + * .patternsToMatches("/*") + * .frontendEndpoints("exampleFrontendEndpoint1") + * .forwardingConfiguration(FrontdoorRoutingRuleForwardingConfigurationArgs.builder() + * .forwardingProtocol("MatchRequest") + * .backendPoolName("exampleBackendBing") + * .build()) + * .build()) + * .backendPoolLoadBalancings(FrontdoorBackendPoolLoadBalancingArgs.builder() + * .name("exampleLoadBalancingSettings1") + * .build()) + * .backendPoolHealthProbes(FrontdoorBackendPoolHealthProbeArgs.builder() + * .name("exampleHealthProbeSetting1") + * .build()) + * .backendPools(FrontdoorBackendPoolArgs.builder() + * .name("exampleBackendBing") + * .backends(FrontdoorBackendPoolBackendArgs.builder() + * .hostHeader("www.bing.com") + * .address("www.bing.com") + * .httpPort(80) + * .httpsPort(443) + * .build()) + * .loadBalancingName("exampleLoadBalancingSettings1") + * .healthProbeName("exampleHealthProbeSetting1") + * .build()) + * .frontendEndpoints( + * FrontdoorFrontendEndpointArgs.builder() + * .name("exampleFrontendEndpoint1") + * .hostName("example-FrontDoor.azurefd.net") + * .build(), + * FrontdoorFrontendEndpointArgs.builder() + * .name("exampleFrontendEndpoint2") + * .hostName("examplefd1.examplefd.net") + * .build()) + * .build()); + * + * var exampleCustomHttps0 = new CustomHttpsConfiguration("exampleCustomHttps0", CustomHttpsConfigurationArgs.builder() + * .frontendEndpointId(exampleFrontdoor.frontendEndpointsMap().applyValue(frontendEndpointsMap -> frontendEndpointsMap.exampleFrontendEndpoint1())) + * .customHttpsProvisioningEnabled(false) + * .build()); + * + * var exampleCustomHttps1 = new CustomHttpsConfiguration("exampleCustomHttps1", CustomHttpsConfigurationArgs.builder() + * .frontendEndpointId(exampleFrontdoor.frontendEndpointsMap().applyValue(frontendEndpointsMap -> frontendEndpointsMap.exampleFrontendEndpoint2())) + * .customHttpsProvisioningEnabled(true) + * .customHttpsConfiguration(CustomHttpsConfigurationCustomHttpsConfigurationArgs.builder() + * .certificateSource("AzureKeyVault") + * .azureKeyVaultCertificateSecretName("examplefd1") + * .azureKeyVaultCertificateVaultId(vault.applyValue(getKeyVaultResult -> getKeyVaultResult.id())) + * .build()) + * .build()); + * + * } + * } + * ``` + * * ## Import * * Front Door Custom HTTPS Configurations can be imported using the `resource id` of the Front Door Custom HTTPS Configuration, e.g. diff --git a/sdk/java/src/main/java/com/pulumi/azure/frontdoor/FirewallPolicy.java b/sdk/java/src/main/java/com/pulumi/azure/frontdoor/FirewallPolicy.java index d9553ff1ae..d3a758d040 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/frontdoor/FirewallPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/azure/frontdoor/FirewallPolicy.java @@ -21,6 +21,12 @@ import javax.annotation.Nullable; /** + * !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. + * + * Manages an Azure Front Door (classic) Web Application Firewall Policy instance. + * + * !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + * * ## Example Usage * ```java * package generated_program; diff --git a/sdk/java/src/main/java/com/pulumi/azure/mssql/DatabaseExtendedAuditingPolicy.java b/sdk/java/src/main/java/com/pulumi/azure/mssql/DatabaseExtendedAuditingPolicy.java index 4cae98e61c..2ec8e6844d 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/mssql/DatabaseExtendedAuditingPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/azure/mssql/DatabaseExtendedAuditingPolicy.java @@ -128,9 +128,23 @@ public Output databaseId() { public Output> enabled() { return Codegen.optional(this.enabled); } + /** + * Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + * + */ @Export(name="logMonitoringEnabled", refs={Boolean.class}, tree="[0]") private Output logMonitoringEnabled; + /** + * @return Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + * + */ public Output> logMonitoringEnabled() { return Codegen.optional(this.logMonitoringEnabled); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/mssql/DatabaseExtendedAuditingPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/azure/mssql/DatabaseExtendedAuditingPolicyArgs.java index f6d7314c19..3616a8e3f7 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/mssql/DatabaseExtendedAuditingPolicyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azure/mssql/DatabaseExtendedAuditingPolicyArgs.java @@ -52,9 +52,23 @@ public Optional> enabled() { return Optional.ofNullable(this.enabled); } + /** + * Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + * + */ @Import(name="logMonitoringEnabled") private @Nullable Output logMonitoringEnabled; + /** + * @return Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + * + */ public Optional> logMonitoringEnabled() { return Optional.ofNullable(this.logMonitoringEnabled); } @@ -195,11 +209,29 @@ public Builder enabled(Boolean enabled) { return enabled(Output.of(enabled)); } + /** + * @param logMonitoringEnabled Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + * + * @return builder + * + */ public Builder logMonitoringEnabled(@Nullable Output logMonitoringEnabled) { $.logMonitoringEnabled = logMonitoringEnabled; return this; } + /** + * @param logMonitoringEnabled Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + * + * @return builder + * + */ public Builder logMonitoringEnabled(Boolean logMonitoringEnabled) { return logMonitoringEnabled(Output.of(logMonitoringEnabled)); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/mssql/ManagedInstanceFailoverGroup.java b/sdk/java/src/main/java/com/pulumi/azure/mssql/ManagedInstanceFailoverGroup.java index 47618683f4..190bf0794b 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/mssql/ManagedInstanceFailoverGroup.java +++ b/sdk/java/src/main/java/com/pulumi/azure/mssql/ManagedInstanceFailoverGroup.java @@ -19,6 +19,134 @@ import javax.annotation.Nullable; /** + * Manages an Azure SQL Managed Instance Failover Group. + * + * ## Example Usage + * + * > **Note:** For a more complete example, see the `./examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.network.VirtualNetwork; + * import com.pulumi.azure.network.VirtualNetworkArgs; + * import com.pulumi.azure.network.Subnet; + * import com.pulumi.azure.network.SubnetArgs; + * import com.pulumi.azure.network.NetworkSecurityGroup; + * import com.pulumi.azure.network.NetworkSecurityGroupArgs; + * import com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociation; + * import com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociationArgs; + * import com.pulumi.azure.network.RouteTable; + * import com.pulumi.azure.network.RouteTableArgs; + * import com.pulumi.azure.network.SubnetRouteTableAssociation; + * import com.pulumi.azure.network.SubnetRouteTableAssociationArgs; + * import com.pulumi.azure.mssql.ManagedInstance; + * import com.pulumi.azure.mssql.ManagedInstanceArgs; + * import com.pulumi.azure.mssql.ManagedInstanceFailoverGroup; + * import com.pulumi.azure.mssql.ManagedInstanceFailoverGroupArgs; + * import com.pulumi.azure.mssql.inputs.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs; + * import com.pulumi.resources.CustomResourceOptions; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder() + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .addressSpaces("10.0.0.0/16") + * .build()); + * + * var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .virtualNetworkName(exampleVirtualNetwork.name()) + * .addressPrefixes("10.0.2.0/24") + * .build()); + * + * var exampleNetworkSecurityGroup = new NetworkSecurityGroup("exampleNetworkSecurityGroup", NetworkSecurityGroupArgs.builder() + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .build()); + * + * var exampleSubnetNetworkSecurityGroupAssociation = new SubnetNetworkSecurityGroupAssociation("exampleSubnetNetworkSecurityGroupAssociation", SubnetNetworkSecurityGroupAssociationArgs.builder() + * .subnetId(exampleSubnet.id()) + * .networkSecurityGroupId(exampleNetworkSecurityGroup.id()) + * .build()); + * + * var exampleRouteTable = new RouteTable("exampleRouteTable", RouteTableArgs.builder() + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .build()); + * + * var exampleSubnetRouteTableAssociation = new SubnetRouteTableAssociation("exampleSubnetRouteTableAssociation", SubnetRouteTableAssociationArgs.builder() + * .subnetId(exampleSubnet.id()) + * .routeTableId(exampleRouteTable.id()) + * .build()); + * + * var primary = new ManagedInstance("primary", ManagedInstanceArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .location(exampleResourceGroup.location()) + * .administratorLogin("mradministrator") + * .administratorLoginPassword("thisIsDog11") + * .licenseType("BasePrice") + * .subnetId(exampleSubnet.id()) + * .skuName("GP_Gen5") + * .vcores(4) + * .storageSizeInGb(32) + * .tags(Map.of("environment", "prod")) + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * exampleSubnetNetworkSecurityGroupAssociation, + * exampleSubnetRouteTableAssociation) + * .build()); + * + * var secondary = new ManagedInstance("secondary", ManagedInstanceArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .location(exampleResourceGroup.location()) + * .administratorLogin("mradministrator") + * .administratorLoginPassword("thisIsDog11") + * .licenseType("BasePrice") + * .subnetId(exampleSubnet.id()) + * .skuName("GP_Gen5") + * .vcores(4) + * .storageSizeInGb(32) + * .tags(Map.of("environment", "prod")) + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * exampleSubnetNetworkSecurityGroupAssociation, + * exampleSubnetRouteTableAssociation) + * .build()); + * + * var exampleManagedInstanceFailoverGroup = new ManagedInstanceFailoverGroup("exampleManagedInstanceFailoverGroup", ManagedInstanceFailoverGroupArgs.builder() + * .location(primary.location()) + * .managedInstanceId(primary.id()) + * .partnerManagedInstanceId(secondary.id()) + * .readWriteEndpointFailoverPolicy(ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs.builder() + * .mode("Automatic") + * .graceMinutes(60) + * .build()) + * .build()); + * + * } + * } + * ``` + * * ## Import * * SQL Instance Failover Groups can be imported using the `resource id`, e.g. diff --git a/sdk/java/src/main/java/com/pulumi/azure/mssql/inputs/DatabaseExtendedAuditingPolicyState.java b/sdk/java/src/main/java/com/pulumi/azure/mssql/inputs/DatabaseExtendedAuditingPolicyState.java index 3a167eb011..1745a5486e 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/mssql/inputs/DatabaseExtendedAuditingPolicyState.java +++ b/sdk/java/src/main/java/com/pulumi/azure/mssql/inputs/DatabaseExtendedAuditingPolicyState.java @@ -51,9 +51,23 @@ public Optional> enabled() { return Optional.ofNullable(this.enabled); } + /** + * Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + * + */ @Import(name="logMonitoringEnabled") private @Nullable Output logMonitoringEnabled; + /** + * @return Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + * + */ public Optional> logMonitoringEnabled() { return Optional.ofNullable(this.logMonitoringEnabled); } @@ -194,11 +208,29 @@ public Builder enabled(Boolean enabled) { return enabled(Output.of(enabled)); } + /** + * @param logMonitoringEnabled Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + * + * @return builder + * + */ public Builder logMonitoringEnabled(@Nullable Output logMonitoringEnabled) { $.logMonitoringEnabled = logMonitoringEnabled; return this; } + /** + * @param logMonitoringEnabled Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + * + * @return builder + * + */ public Builder logMonitoringEnabled(Boolean logMonitoringEnabled) { return logMonitoringEnabled(Output.of(logMonitoringEnabled)); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/netapp/inputs/VolumeDataProtectionReplicationArgs.java b/sdk/java/src/main/java/com/pulumi/azure/netapp/inputs/VolumeDataProtectionReplicationArgs.java index 53ed93293a..e81700547f 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/netapp/inputs/VolumeDataProtectionReplicationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azure/netapp/inputs/VolumeDataProtectionReplicationArgs.java @@ -61,9 +61,25 @@ public Output remoteVolumeResourceId() { return this.remoteVolumeResourceId; } + /** + * Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + * + * A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + * + */ @Import(name="replicationFrequency", required=true) private Output replicationFrequency; + /** + * @return Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + * + * A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + * + */ public Output replicationFrequency() { return this.replicationFrequency; } @@ -158,11 +174,31 @@ public Builder remoteVolumeResourceId(String remoteVolumeResourceId) { return remoteVolumeResourceId(Output.of(remoteVolumeResourceId)); } + /** + * @param replicationFrequency Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + * + * A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + * + * @return builder + * + */ public Builder replicationFrequency(Output replicationFrequency) { $.replicationFrequency = replicationFrequency; return this; } + /** + * @param replicationFrequency Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + * + * A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + * + * @return builder + * + */ public Builder replicationFrequency(String replicationFrequency) { return replicationFrequency(Output.of(replicationFrequency)); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/netapp/inputs/VolumeDataProtectionSnapshotPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/azure/netapp/inputs/VolumeDataProtectionSnapshotPolicyArgs.java index 3dabcdecc6..c746281e50 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/netapp/inputs/VolumeDataProtectionSnapshotPolicyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azure/netapp/inputs/VolumeDataProtectionSnapshotPolicyArgs.java @@ -14,9 +14,25 @@ public final class VolumeDataProtectionSnapshotPolicyArgs extends com.pulumi.res public static final VolumeDataProtectionSnapshotPolicyArgs Empty = new VolumeDataProtectionSnapshotPolicyArgs(); + /** + * Resource ID of the snapshot policy to apply to the volume. + * + * A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + * + */ @Import(name="snapshotPolicyId", required=true) private Output snapshotPolicyId; + /** + * @return Resource ID of the snapshot policy to apply to the volume. + * + * A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + * + */ public Output snapshotPolicyId() { return this.snapshotPolicyId; } @@ -45,11 +61,31 @@ public Builder(VolumeDataProtectionSnapshotPolicyArgs defaults) { $ = new VolumeDataProtectionSnapshotPolicyArgs(Objects.requireNonNull(defaults)); } + /** + * @param snapshotPolicyId Resource ID of the snapshot policy to apply to the volume. + * + * A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + * + * @return builder + * + */ public Builder snapshotPolicyId(Output snapshotPolicyId) { $.snapshotPolicyId = snapshotPolicyId; return this; } + /** + * @param snapshotPolicyId Resource ID of the snapshot policy to apply to the volume. + * + * A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + * + * @return builder + * + */ public Builder snapshotPolicyId(String snapshotPolicyId) { return snapshotPolicyId(Output.of(snapshotPolicyId)); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/netapp/outputs/VolumeDataProtectionReplication.java b/sdk/java/src/main/java/com/pulumi/azure/netapp/outputs/VolumeDataProtectionReplication.java index 758f3757e9..74dbeacc78 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/netapp/outputs/VolumeDataProtectionReplication.java +++ b/sdk/java/src/main/java/com/pulumi/azure/netapp/outputs/VolumeDataProtectionReplication.java @@ -27,6 +27,14 @@ public final class VolumeDataProtectionReplication { * */ private String remoteVolumeResourceId; + /** + * @return Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + * + * A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + * + */ private String replicationFrequency; private VolumeDataProtectionReplication() {} @@ -51,6 +59,14 @@ public String remoteVolumeLocation() { public String remoteVolumeResourceId() { return this.remoteVolumeResourceId; } + /** + * @return Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + * + * A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + * + */ public String replicationFrequency() { return this.replicationFrequency; } diff --git a/sdk/java/src/main/java/com/pulumi/azure/netapp/outputs/VolumeDataProtectionSnapshotPolicy.java b/sdk/java/src/main/java/com/pulumi/azure/netapp/outputs/VolumeDataProtectionSnapshotPolicy.java index e0a98d65c0..a353f7bec3 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/netapp/outputs/VolumeDataProtectionSnapshotPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/azure/netapp/outputs/VolumeDataProtectionSnapshotPolicy.java @@ -10,9 +10,25 @@ @CustomType public final class VolumeDataProtectionSnapshotPolicy { + /** + * @return Resource ID of the snapshot policy to apply to the volume. + * + * A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + * + */ private String snapshotPolicyId; private VolumeDataProtectionSnapshotPolicy() {} + /** + * @return Resource ID of the snapshot policy to apply to the volume. + * + * A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + * + * > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + * + */ public String snapshotPolicyId() { return this.snapshotPolicyId; } diff --git a/sdk/java/src/main/java/com/pulumi/azure/network/NetworkWatcherFlowLog.java b/sdk/java/src/main/java/com/pulumi/azure/network/NetworkWatcherFlowLog.java index 8959a48af7..7d15247c9a 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/network/NetworkWatcherFlowLog.java +++ b/sdk/java/src/main/java/com/pulumi/azure/network/NetworkWatcherFlowLog.java @@ -20,6 +20,10 @@ import javax.annotation.Nullable; /** + * Manages a Network Watcher Flow Log. + * + * > **Note** The `azure.network.NetworkWatcherFlowLog` creates a new storage lifecyle management rule that overwrites existing rules. Please make sure to use a `storage_account` with no existing management rules, until the issue is fixed. + * * ## Example Usage * ```java * package generated_program; diff --git a/sdk/java/src/main/java/com/pulumi/azure/network/inputs/FirewallIpConfigurationArgs.java b/sdk/java/src/main/java/com/pulumi/azure/network/inputs/FirewallIpConfigurationArgs.java index 81b1c1d564..0661a350a0 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/network/inputs/FirewallIpConfigurationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/azure/network/inputs/FirewallIpConfigurationArgs.java @@ -46,9 +46,29 @@ public Optional> privateIpAddress() { return Optional.ofNullable(this.privateIpAddress); } + /** + * The ID of the Public IP Address associated with the firewall. + * + * > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + * + * > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + * + * > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + * + */ @Import(name="publicIpAddressId") private @Nullable Output publicIpAddressId; + /** + * @return The ID of the Public IP Address associated with the firewall. + * + * > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + * + * > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + * + * > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + * + */ public Optional> publicIpAddressId() { return Optional.ofNullable(this.publicIpAddressId); } @@ -145,11 +165,35 @@ public Builder privateIpAddress(String privateIpAddress) { return privateIpAddress(Output.of(privateIpAddress)); } + /** + * @param publicIpAddressId The ID of the Public IP Address associated with the firewall. + * + * > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + * + * > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + * + * > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + * + * @return builder + * + */ public Builder publicIpAddressId(@Nullable Output publicIpAddressId) { $.publicIpAddressId = publicIpAddressId; return this; } + /** + * @param publicIpAddressId The ID of the Public IP Address associated with the firewall. + * + * > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + * + * > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + * + * > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + * + * @return builder + * + */ public Builder publicIpAddressId(String publicIpAddressId) { return publicIpAddressId(Output.of(publicIpAddressId)); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/network/outputs/FirewallIpConfiguration.java b/sdk/java/src/main/java/com/pulumi/azure/network/outputs/FirewallIpConfiguration.java index 3fe1b2c3a4..b2815762b7 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/network/outputs/FirewallIpConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/azure/network/outputs/FirewallIpConfiguration.java @@ -22,6 +22,16 @@ public final class FirewallIpConfiguration { * */ private @Nullable String privateIpAddress; + /** + * @return The ID of the Public IP Address associated with the firewall. + * + * > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + * + * > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + * + * > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + * + */ private @Nullable String publicIpAddressId; /** * @return Reference to the subnet associated with the IP Configuration. Changing this forces a new resource to be created. @@ -48,6 +58,16 @@ public String name() { public Optional privateIpAddress() { return Optional.ofNullable(this.privateIpAddress); } + /** + * @return The ID of the Public IP Address associated with the firewall. + * + * > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + * + * > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + * + * > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + * + */ public Optional publicIpAddressId() { return Optional.ofNullable(this.publicIpAddressId); } diff --git a/sdk/java/src/main/java/com/pulumi/azure/privatelink/Endpoint.java b/sdk/java/src/main/java/com/pulumi/azure/privatelink/Endpoint.java index 3121341537..08fec1b147 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/privatelink/Endpoint.java +++ b/sdk/java/src/main/java/com/pulumi/azure/privatelink/Endpoint.java @@ -23,6 +23,271 @@ import javax.annotation.Nullable; /** + * Manages a Private Endpoint. + * + * Azure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Private Endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. The service could be an Azure service such as Azure Storage, SQL, etc. or your own Private Link Service. + * + * ## Example Usage + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.network.VirtualNetwork; + * import com.pulumi.azure.network.VirtualNetworkArgs; + * import com.pulumi.azure.network.Subnet; + * import com.pulumi.azure.network.SubnetArgs; + * import com.pulumi.azure.network.PublicIp; + * import com.pulumi.azure.network.PublicIpArgs; + * import com.pulumi.azure.lb.LoadBalancer; + * import com.pulumi.azure.lb.LoadBalancerArgs; + * import com.pulumi.azure.lb.inputs.LoadBalancerFrontendIpConfigurationArgs; + * import com.pulumi.azure.privatedns.LinkService; + * import com.pulumi.azure.privatedns.LinkServiceArgs; + * import com.pulumi.azure.privatedns.inputs.LinkServiceNatIpConfigurationArgs; + * import com.pulumi.azure.privatelink.Endpoint; + * import com.pulumi.azure.privatelink.EndpointArgs; + * import com.pulumi.azure.privatelink.inputs.EndpointPrivateServiceConnectionArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder() + * .addressSpaces("10.0.0.0/16") + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .build()); + * + * var service = new Subnet("service", SubnetArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .virtualNetworkName(exampleVirtualNetwork.name()) + * .addressPrefixes("10.0.1.0/24") + * .enforcePrivateLinkServiceNetworkPolicies(true) + * .build()); + * + * var endpoint = new Subnet("endpoint", SubnetArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .virtualNetworkName(exampleVirtualNetwork.name()) + * .addressPrefixes("10.0.2.0/24") + * .enforcePrivateLinkEndpointNetworkPolicies(true) + * .build()); + * + * var examplePublicIp = new PublicIp("examplePublicIp", PublicIpArgs.builder() + * .sku("Standard") + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .allocationMethod("Static") + * .build()); + * + * var exampleLoadBalancer = new LoadBalancer("exampleLoadBalancer", LoadBalancerArgs.builder() + * .sku("Standard") + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .frontendIpConfigurations(LoadBalancerFrontendIpConfigurationArgs.builder() + * .name(examplePublicIp.name()) + * .publicIpAddressId(examplePublicIp.id()) + * .build()) + * .build()); + * + * var exampleLinkService = new LinkService("exampleLinkService", LinkServiceArgs.builder() + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .natIpConfigurations(LinkServiceNatIpConfigurationArgs.builder() + * .name(examplePublicIp.name()) + * .primary(true) + * .subnetId(service.id()) + * .build()) + * .loadBalancerFrontendIpConfigurationIds(exampleLoadBalancer.frontendIpConfigurations().applyValue(frontendIpConfigurations -> frontendIpConfigurations[0].id())) + * .build()); + * + * var exampleEndpoint = new Endpoint("exampleEndpoint", EndpointArgs.builder() + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .subnetId(endpoint.id()) + * .privateServiceConnection(EndpointPrivateServiceConnectionArgs.builder() + * .name("example-privateserviceconnection") + * .privateConnectionResourceId(exampleLinkService.id()) + * .isManualConnection(false) + * .build()) + * .build()); + * + * } + * } + * ``` + * + * Using a Private Link Service Alias with existing resources: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.CoreFunctions; + * import com.pulumi.azure.core.inputs.GetResourceGroupArgs; + * import com.pulumi.azure.network.NetworkFunctions; + * import com.pulumi.azure.network.inputs.GetVirtualNetworkArgs; + * import com.pulumi.azure.network.inputs.GetSubnetArgs; + * import com.pulumi.azure.privatelink.Endpoint; + * import com.pulumi.azure.privatelink.EndpointArgs; + * import com.pulumi.azure.privatelink.inputs.EndpointPrivateServiceConnectionArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * final var exampleResourceGroup = CoreFunctions.getResourceGroup(GetResourceGroupArgs.builder() + * .name("example-resources") + * .build()); + * + * final var vnet = NetworkFunctions.getVirtualNetwork(GetVirtualNetworkArgs.builder() + * .name("example-network") + * .resourceGroupName(exampleResourceGroup.applyValue(getResourceGroupResult -> getResourceGroupResult.name())) + * .build()); + * + * final var subnet = NetworkFunctions.getSubnet(GetSubnetArgs.builder() + * .name("default") + * .virtualNetworkName(vnet.applyValue(getVirtualNetworkResult -> getVirtualNetworkResult.name())) + * .resourceGroupName(exampleResourceGroup.applyValue(getResourceGroupResult -> getResourceGroupResult.name())) + * .build()); + * + * var exampleEndpoint = new Endpoint("exampleEndpoint", EndpointArgs.builder() + * .location(exampleResourceGroup.applyValue(getResourceGroupResult -> getResourceGroupResult.location())) + * .resourceGroupName(exampleResourceGroup.applyValue(getResourceGroupResult -> getResourceGroupResult.name())) + * .subnetId(subnet.applyValue(getSubnetResult -> getSubnetResult.id())) + * .privateServiceConnection(EndpointPrivateServiceConnectionArgs.builder() + * .name("example-privateserviceconnection") + * .privateConnectionResourceAlias("example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice") + * .isManualConnection(true) + * .requestMessage("PL") + * .build()) + * .build()); + * + * } + * } + * ``` + * + * Using a Private Endpoint pointing to an *owned* Azure service, with proper DNS configuration: + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.storage.Account; + * import com.pulumi.azure.storage.AccountArgs; + * import com.pulumi.azure.network.VirtualNetwork; + * import com.pulumi.azure.network.VirtualNetworkArgs; + * import com.pulumi.azure.network.Subnet; + * import com.pulumi.azure.network.SubnetArgs; + * import com.pulumi.azure.privatedns.Zone; + * import com.pulumi.azure.privatedns.ZoneArgs; + * import com.pulumi.azure.privatelink.Endpoint; + * import com.pulumi.azure.privatelink.EndpointArgs; + * import com.pulumi.azure.privatelink.inputs.EndpointPrivateServiceConnectionArgs; + * import com.pulumi.azure.privatelink.inputs.EndpointPrivateDnsZoneGroupArgs; + * import com.pulumi.azure.privatedns.ZoneVirtualNetworkLink; + * import com.pulumi.azure.privatedns.ZoneVirtualNetworkLinkArgs; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var exampleAccount = new Account("exampleAccount", AccountArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .location(exampleResourceGroup.location()) + * .accountTier("Standard") + * .accountReplicationType("LRS") + * .build()); + * + * var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder() + * .addressSpaces("10.0.0.0/16") + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .build()); + * + * var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .virtualNetworkName(exampleVirtualNetwork.name()) + * .addressPrefixes("10.0.2.0/24") + * .build()); + * + * var exampleZone = new Zone("exampleZone", ZoneArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .build()); + * + * var exampleEndpoint = new Endpoint("exampleEndpoint", EndpointArgs.builder() + * .location(exampleResourceGroup.location()) + * .resourceGroupName(exampleResourceGroup.name()) + * .subnetId(exampleSubnet.id()) + * .privateServiceConnection(EndpointPrivateServiceConnectionArgs.builder() + * .name("example-privateserviceconnection") + * .privateConnectionResourceId(exampleAccount.id()) + * .subresourceNames("blob") + * .isManualConnection(false) + * .build()) + * .privateDnsZoneGroup(EndpointPrivateDnsZoneGroupArgs.builder() + * .name("example-dns-zone-group") + * .privateDnsZoneIds(exampleZone.id()) + * .build()) + * .build()); + * + * var exampleZoneVirtualNetworkLink = new ZoneVirtualNetworkLink("exampleZoneVirtualNetworkLink", ZoneVirtualNetworkLinkArgs.builder() + * .resourceGroupName(exampleResourceGroup.name()) + * .privateDnsZoneName(exampleZone.name()) + * .virtualNetworkId(exampleVirtualNetwork.id()) + * .build()); + * + * } + * } + * ``` + * ## Example HCL Configurations + * + * * How to conneca `Private Endpoint` to a Application Gateway + * * How to connect a `Private Endpoint` to a Cosmos MongoDB + * * How to connect a `Private Endpoint` to a Cosmos PostgreSQL + * * How to connect a `Private Endpoint` to a PostgreSQL Server + * * How to connect a `Private Endpoint` to a Private Link Service + * * How to connect a `Private Endpoint` to a Private DNS Group + * * How to connect a `Private Endpoint` to a Databricks Workspace + * * ## Import * * Private Endpoints can be imported using the `resource id`, e.g. diff --git a/sdk/java/src/main/java/com/pulumi/azure/sql/ManagedInstanceFailoverGroup.java b/sdk/java/src/main/java/com/pulumi/azure/sql/ManagedInstanceFailoverGroup.java index 05447d5ddb..a2bb2d4190 100644 --- a/sdk/java/src/main/java/com/pulumi/azure/sql/ManagedInstanceFailoverGroup.java +++ b/sdk/java/src/main/java/com/pulumi/azure/sql/ManagedInstanceFailoverGroup.java @@ -19,6 +19,93 @@ import javax.annotation.Nullable; /** + * Manages a SQL Instance Failover Group. + * + * ## Example Usage + * + * > **Note:** The `azure.sql.ManagedInstanceFailoverGroup` resource is deprecated in version 3.0 of the AzureRM provider and will be removed in version 4.0. Please use the `azure.mssql.ManagedInstanceFailoverGroup` resource instead. + * + * > **Note:** For a more complete example, see the the `examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. + * ```java + * package generated_program; + * + * import com.pulumi.Context; + * import com.pulumi.Pulumi; + * import com.pulumi.core.Output; + * import com.pulumi.azure.core.ResourceGroup; + * import com.pulumi.azure.core.ResourceGroupArgs; + * import com.pulumi.azure.sql.ManagedInstance; + * import com.pulumi.azure.sql.ManagedInstanceArgs; + * import com.pulumi.azure.sql.ManagedInstanceFailoverGroup; + * import com.pulumi.azure.sql.ManagedInstanceFailoverGroupArgs; + * import com.pulumi.azure.sql.inputs.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs; + * import com.pulumi.resources.CustomResourceOptions; + * import java.util.List; + * import java.util.ArrayList; + * import java.util.Map; + * import java.io.File; + * import java.nio.file.Files; + * import java.nio.file.Paths; + * + * public class App { + * public static void main(String[] args) { + * Pulumi.run(App::stack); + * } + * + * public static void stack(Context ctx) { + * var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder() + * .location("West Europe") + * .build()); + * + * var primary = new ManagedInstance("primary", ManagedInstanceArgs.builder() + * .resourceGroupName(azurerm_resource_group.primary().name()) + * .location(azurerm_resource_group.primary().location()) + * .administratorLogin("mradministrator") + * .administratorLoginPassword("thisIsDog11") + * .licenseType("BasePrice") + * .subnetId(azurerm_subnet.primary().id()) + * .skuName("GP_Gen5") + * .vcores(4) + * .storageSizeInGb(32) + * .tags(Map.of("environment", "prod")) + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * azurerm_subnet_network_security_group_association.primary(), + * azurerm_subnet_route_table_association.primary()) + * .build()); + * + * var secondary = new ManagedInstance("secondary", ManagedInstanceArgs.builder() + * .resourceGroupName(azurerm_resource_group.secondary().name()) + * .location(azurerm_resource_group.secondary().location()) + * .administratorLogin("mradministrator") + * .administratorLoginPassword("thisIsDog11") + * .licenseType("BasePrice") + * .subnetId(azurerm_subnet.secondary().id()) + * .skuName("GP_Gen5") + * .vcores(4) + * .storageSizeInGb(32) + * .tags(Map.of("environment", "prod")) + * .build(), CustomResourceOptions.builder() + * .dependsOn( + * azurerm_subnet_network_security_group_association.secondary(), + * azurerm_subnet_route_table_association.secondary()) + * .build()); + * + * var exampleManagedInstanceFailoverGroup = new ManagedInstanceFailoverGroup("exampleManagedInstanceFailoverGroup", ManagedInstanceFailoverGroupArgs.builder() + * .resourceGroupName(azurerm_resource_group.primary().name()) + * .location(primary.location()) + * .managedInstanceName(primary.name()) + * .partnerManagedInstanceId(secondary.id()) + * .readWriteEndpointFailoverPolicy(ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs.builder() + * .mode("Automatic") + * .graceMinutes(60) + * .build()) + * .build()); + * + * } + * } + * ``` + * * ## Import * * SQL Instance Failover Groups can be imported using the `resource id`, e.g. diff --git a/sdk/nodejs/appservice/environmentV3.ts b/sdk/nodejs/appservice/environmentV3.ts index 7e3220a737..02c2594637 100644 --- a/sdk/nodejs/appservice/environmentV3.ts +++ b/sdk/nodejs/appservice/environmentV3.ts @@ -7,6 +7,66 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * Manages a 3rd Generation (v3) App Service Environment. + * + * ## Example Usage + * + * This example provisions an App Service Environment V3. Additional examples of how to use the `azure.appservice.EnvironmentV3` resource can be found in the `./examples/app-service-environment-v3` directory within the GitHub Repository. + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const exampleVirtualNetwork = new azure.network.VirtualNetwork("exampleVirtualNetwork", { + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * addressSpaces: ["10.0.0.0/16"], + * }); + * const exampleSubnet = new azure.network.Subnet("exampleSubnet", { + * resourceGroupName: exampleResourceGroup.name, + * virtualNetworkName: exampleVirtualNetwork.name, + * addressPrefixes: ["10.0.2.0/24"], + * delegations: [{ + * name: "Microsoft.Web.hostingEnvironments", + * serviceDelegation: { + * name: "Microsoft.Web/hostingEnvironments", + * actions: ["Microsoft.Network/virtualNetworks/subnets/action"], + * }, + * }], + * }); + * const exampleEnvironmentV3 = new azure.appservice.EnvironmentV3("exampleEnvironmentV3", { + * resourceGroupName: exampleResourceGroup.name, + * subnetId: exampleSubnet.id, + * internalLoadBalancingMode: "Web, Publishing", + * clusterSettings: [ + * { + * name: "DisableTls1.0", + * value: "1", + * }, + * { + * name: "InternalEncryption", + * value: "true", + * }, + * { + * name: "FrontEndSSLCipherSuiteOrder", + * value: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + * }, + * ], + * tags: { + * env: "production", + * terraformed: "true", + * }, + * }); + * const exampleServicePlan = new azure.appservice.ServicePlan("exampleServicePlan", { + * resourceGroupName: exampleResourceGroup.name, + * location: exampleResourceGroup.location, + * osType: "Linux", + * skuName: "I1v2", + * appServiceEnvironmentId: exampleEnvironmentV3.id, + * }); + * ``` + * * ## Import * * A 3rd Generation (v3) App Service Environment can be imported using the `resource id`, e.g. diff --git a/sdk/nodejs/arckubernetes/cluster.ts b/sdk/nodejs/arckubernetes/cluster.ts index 959698831d..83a4095b79 100644 --- a/sdk/nodejs/arckubernetes/cluster.ts +++ b/sdk/nodejs/arckubernetes/cluster.ts @@ -7,6 +7,33 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * Manages an Arc Kubernetes Cluster. + * + * > **Note:** Installing and configuring the Azure Arc Agent on your Kubernetes Cluster to establish connectivity is outside the scope of this document. For more details refer to [Deploy agents to your cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/conceptual-agent-overview#deploy-agents-to-your-cluster) and [Connect an existing Kubernetes Cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/quickstart-connect-cluster?tabs=azure-cli#connect-an-existing-kubernetes-cluster). If you encounter issues connecting your Kubernetes Cluster to Azure Arc, we'd recommend opening a ticket with Microsoft Support. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * import * as fs from "fs"; + * + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const exampleCluster = new azure.arckubernetes.Cluster("exampleCluster", { + * resourceGroupName: exampleResourceGroup.name, + * location: "West Europe", + * agentPublicKeyCertificate: Buffer.from(fs.readFileSync("testdata/public.cer", 'binary')).toString('base64'), + * identity: { + * type: "SystemAssigned", + * }, + * tags: { + * ENV: "Test", + * }, + * }); + * ``` + * + * > **Note:** An extensive example on connecting the `azure.arckubernetes.Cluster` to an external kubernetes cluster can be found in the `./examples/arckubernetes` directory within the GitHub Repository. + * * ## Import * * Arc Kubernetes Cluster can be imported using the `resource id`, e.g. diff --git a/sdk/nodejs/cdn/endpoint.ts b/sdk/nodejs/cdn/endpoint.ts index b164578c18..28715ca4ee 100644 --- a/sdk/nodejs/cdn/endpoint.ts +++ b/sdk/nodejs/cdn/endpoint.ts @@ -7,6 +7,10 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * A CDN Endpoint is the entity within a CDN Profile containing configuration information regarding caching behaviours and origins. The CDN Endpoint is exposed using the URL format `.azureedge.net`. + * + * !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + * * ## Example Usage * * ```typescript diff --git a/sdk/nodejs/cdn/frontdoorOrigin.ts b/sdk/nodejs/cdn/frontdoorOrigin.ts index 6bbd5ee284..d0a98a02ad 100644 --- a/sdk/nodejs/cdn/frontdoorOrigin.ts +++ b/sdk/nodejs/cdn/frontdoorOrigin.ts @@ -7,6 +7,164 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * Manages a Front Door (standard/premium) Origin. + * + * !>**IMPORTANT:** If you are attempting to implement an Origin that uses its own Private Link Service with a Load Balancer the Profile resource in your configuration file **must** have a `dependsOn` meta-argument which references the `azure.privatedns.LinkService`, see `Example Usage With Private Link Service` below. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const exampleFrontdoorProfile = new azure.cdn.FrontdoorProfile("exampleFrontdoorProfile", { + * resourceGroupName: exampleResourceGroup.name, + * skuName: "Premium_AzureFrontDoor", + * }); + * const exampleFrontdoorOriginGroup = new azure.cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", { + * cdnFrontdoorProfileId: exampleFrontdoorProfile.id, + * loadBalancing: {}, + * }); + * const exampleFrontdoorOrigin = new azure.cdn.FrontdoorOrigin("exampleFrontdoorOrigin", { + * cdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.id, + * enabled: true, + * certificateNameCheckEnabled: false, + * hostName: "contoso.com", + * httpPort: 80, + * httpsPort: 443, + * originHostHeader: "www.contoso.com", + * priority: 1, + * weight: 1, + * }); + * ``` + * ### With Private Link + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const exampleAccount = new azure.storage.Account("exampleAccount", { + * resourceGroupName: exampleResourceGroup.name, + * location: exampleResourceGroup.location, + * accountTier: "Premium", + * accountReplicationType: "LRS", + * allowNestedItemsToBePublic: false, + * networkRules: { + * defaultAction: "Deny", + * }, + * tags: { + * environment: "Example", + * }, + * }); + * const exampleFrontdoorProfile = new azure.cdn.FrontdoorProfile("exampleFrontdoorProfile", { + * resourceGroupName: exampleResourceGroup.name, + * skuName: "Premium_AzureFrontDoor", + * }); + * const exampleFrontdoorOriginGroup = new azure.cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", { + * cdnFrontdoorProfileId: exampleFrontdoorProfile.id, + * loadBalancing: {}, + * }); + * const exampleFrontdoorOrigin = new azure.cdn.FrontdoorOrigin("exampleFrontdoorOrigin", { + * cdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.id, + * enabled: true, + * certificateNameCheckEnabled: true, + * hostName: exampleAccount.primaryBlobHost, + * originHostHeader: exampleAccount.primaryBlobHost, + * priority: 1, + * weight: 500, + * privateLink: { + * requestMessage: "Request access for Private Link Origin CDN Frontdoor", + * targetType: "blob", + * location: exampleAccount.location, + * privateLinkTargetId: exampleAccount.id, + * }, + * }); + * ``` + * ### With Private Link Service + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const current = azure.core.getClientConfig({}); + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const exampleVirtualNetwork = new azure.network.VirtualNetwork("exampleVirtualNetwork", { + * resourceGroupName: exampleResourceGroup.name, + * location: exampleResourceGroup.location, + * addressSpaces: ["10.5.0.0/16"], + * }); + * const exampleSubnet = new azure.network.Subnet("exampleSubnet", { + * resourceGroupName: exampleResourceGroup.name, + * virtualNetworkName: exampleVirtualNetwork.name, + * addressPrefixes: ["10.5.1.0/24"], + * privateLinkServiceNetworkPoliciesEnabled: false, + * }); + * const examplePublicIp = new azure.network.PublicIp("examplePublicIp", { + * sku: "Standard", + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * allocationMethod: "Static", + * }); + * const exampleLoadBalancer = new azure.lb.LoadBalancer("exampleLoadBalancer", { + * sku: "Standard", + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * frontendIpConfigurations: [{ + * name: examplePublicIp.name, + * publicIpAddressId: examplePublicIp.id, + * }], + * }); + * const exampleLinkService = new azure.privatedns.LinkService("exampleLinkService", { + * resourceGroupName: exampleResourceGroup.name, + * location: exampleResourceGroup.location, + * visibilitySubscriptionIds: [current.then(current => current.subscriptionId)], + * loadBalancerFrontendIpConfigurationIds: [exampleLoadBalancer.frontendIpConfigurations.apply(frontendIpConfigurations => frontendIpConfigurations?.[0]?.id)], + * natIpConfigurations: [{ + * name: "primary", + * privateIpAddress: "10.5.1.17", + * privateIpAddressVersion: "IPv4", + * subnetId: exampleSubnet.id, + * primary: true, + * }], + * }); + * const exampleFrontdoorProfile = new azure.cdn.FrontdoorProfile("exampleFrontdoorProfile", { + * resourceGroupName: exampleResourceGroup.name, + * skuName: "Premium_AzureFrontDoor", + * }, { + * dependsOn: [exampleLinkService], + * }); + * const exampleFrontdoorOriginGroup = new azure.cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", { + * cdnFrontdoorProfileId: exampleFrontdoorProfile.id, + * loadBalancing: { + * additionalLatencyInMilliseconds: 0, + * sampleSize: 16, + * successfulSamplesRequired: 3, + * }, + * }); + * const exampleFrontdoorOrigin = new azure.cdn.FrontdoorOrigin("exampleFrontdoorOrigin", { + * cdnFrontdoorOriginGroupId: exampleFrontdoorOriginGroup.id, + * enabled: true, + * hostName: "example.com", + * originHostHeader: "example.com", + * priority: 1, + * weight: 1000, + * certificateNameCheckEnabled: false, + * privateLink: { + * requestMessage: "Request access for Private Link Origin CDN Frontdoor", + * location: exampleResourceGroup.location, + * privateLinkTargetId: exampleLinkService.id, + * }, + * }); + * ``` + * ## Example HCL Configurations + * + * * Private Link Origin with Storage Account Blob + * * Private Link Origin with Storage Account Static Web Site + * * Private Link Origin with Linux Web Application + * * Private Link Origin with Internal Load Balancer + * * ## Import * * Front Door Origins can be imported using the `resource id`, e.g. diff --git a/sdk/nodejs/cdn/profile.ts b/sdk/nodejs/cdn/profile.ts index a4b49ae441..8370de9f11 100644 --- a/sdk/nodejs/cdn/profile.ts +++ b/sdk/nodejs/cdn/profile.ts @@ -5,6 +5,10 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; /** + * Manages a CDN Profile to create a collection of CDN Endpoints. + * + * !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + * * ## Example Usage * * ```typescript diff --git a/sdk/nodejs/compute/image.ts b/sdk/nodejs/compute/image.ts index 6671c5d0ec..65a62a4acf 100644 --- a/sdk/nodejs/compute/image.ts +++ b/sdk/nodejs/compute/image.ts @@ -7,6 +7,27 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * Manages a custom virtual machine image that can be used to create virtual machines. + * + * ## Example Usage + * + * > **Note:** For a more complete example, see the `examples/image` directory within the GitHub Repository. + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const exampleVirtualMachine = azure.compute.getVirtualMachine({ + * name: "examplevm", + * resourceGroupName: "example-resources", + * }); + * const exampleImage = new azure.compute.Image("exampleImage", { + * location: exampleVirtualMachine.then(exampleVirtualMachine => exampleVirtualMachine.location), + * resourceGroupName: exampleVirtualMachine.then(exampleVirtualMachine => exampleVirtualMachine.name), + * sourceVirtualMachineId: exampleVirtualMachine.then(exampleVirtualMachine => exampleVirtualMachine.id), + * }); + * ``` + * * ## Import * * Images can be imported using the `resource id`, e.g. diff --git a/sdk/nodejs/compute/windowsVirtualMachine.ts b/sdk/nodejs/compute/windowsVirtualMachine.ts index aea9780833..87572b493b 100644 --- a/sdk/nodejs/compute/windowsVirtualMachine.ts +++ b/sdk/nodejs/compute/windowsVirtualMachine.ts @@ -187,6 +187,11 @@ export class WindowsVirtualMachine extends pulumi.CustomResource { * One or more `galleryApplication` blocks as defined below. */ public readonly galleryApplications!: pulumi.Output; + /** + * Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + */ public readonly hotpatchingEnabled!: pulumi.Output; /** * An `identity` block as defined below. @@ -576,6 +581,11 @@ export interface WindowsVirtualMachineState { * One or more `galleryApplication` blocks as defined below. */ galleryApplications?: pulumi.Input[]>; + /** + * Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + */ hotpatchingEnabled?: pulumi.Input; /** * An `identity` block as defined below. @@ -817,6 +827,11 @@ export interface WindowsVirtualMachineArgs { * One or more `galleryApplication` blocks as defined below. */ galleryApplications?: pulumi.Input[]>; + /** + * Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + */ hotpatchingEnabled?: pulumi.Input; /** * An `identity` block as defined below. diff --git a/sdk/nodejs/databricks/workspaceCustomerManagedKey.ts b/sdk/nodejs/databricks/workspaceCustomerManagedKey.ts index e539c9c986..b1bf7c4120 100644 --- a/sdk/nodejs/databricks/workspaceCustomerManagedKey.ts +++ b/sdk/nodejs/databricks/workspaceCustomerManagedKey.ts @@ -5,6 +5,98 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; /** + * Manages a Customer Managed Key for a Databricks Workspace root DBFS + * + * !>**IMPORTANT:** This resource has been deprecated and will be removed from the 4.0 Azure provider. Please use the `azure.databricks.WorkspaceRootDbfsCustomerManagedKey` resource instead. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const current = azure.core.getClientConfig({}); + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const exampleWorkspace = new azure.databricks.Workspace("exampleWorkspace", { + * resourceGroupName: exampleResourceGroup.name, + * location: exampleResourceGroup.location, + * sku: "premium", + * customerManagedKeyEnabled: true, + * tags: { + * Environment: "Production", + * }, + * }); + * const exampleKeyVault = new azure.keyvault.KeyVault("exampleKeyVault", { + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * tenantId: current.then(current => current.tenantId), + * skuName: "premium", + * purgeProtectionEnabled: true, + * softDeleteRetentionDays: 7, + * }); + * const terraform = new azure.keyvault.AccessPolicy("terraform", { + * keyVaultId: exampleKeyVault.id, + * tenantId: exampleKeyVault.tenantId, + * objectId: current.then(current => current.objectId), + * keyPermissions: [ + * "Create", + * "Delete", + * "Get", + * "Purge", + * "Recover", + * "Update", + * "List", + * "Decrypt", + * "Sign", + * "GetRotationPolicy", + * ], + * }); + * const exampleKey = new azure.keyvault.Key("exampleKey", { + * keyVaultId: exampleKeyVault.id, + * keyType: "RSA", + * keySize: 2048, + * keyOpts: [ + * "decrypt", + * "encrypt", + * "sign", + * "unwrapKey", + * "verify", + * "wrapKey", + * ], + * }, { + * dependsOn: [terraform], + * }); + * const databricks = new azure.keyvault.AccessPolicy("databricks", { + * keyVaultId: exampleKeyVault.id, + * tenantId: exampleWorkspace.storageAccountIdentities.apply(storageAccountIdentities => storageAccountIdentities[0].tenantId), + * objectId: exampleWorkspace.storageAccountIdentities.apply(storageAccountIdentities => storageAccountIdentities[0].principalId), + * keyPermissions: [ + * "Create", + * "Delete", + * "Get", + * "Purge", + * "Recover", + * "Update", + * "List", + * "Decrypt", + * "Sign", + * ], + * }, { + * dependsOn: [exampleWorkspace], + * }); + * const exampleWorkspaceRootDbfsCustomerManagedKey = new azure.databricks.WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", { + * workspaceId: exampleWorkspace.id, + * keyVaultKeyId: exampleKey.id, + * }, { + * dependsOn: [databricks], + * }); + * ``` + * ## Example HCL Configurations + * + * * Databricks Workspace with Root Databricks File System Customer Managed Keys + * * Databricks Workspace with Customer Managed Keys for Managed Services + * * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys + * * ## Import * * Databricks Workspace Customer Managed Key can be imported using the `resource id`, e.g. diff --git a/sdk/nodejs/databricks/workspaceRootDbfsCustomerManagedKey.ts b/sdk/nodejs/databricks/workspaceRootDbfsCustomerManagedKey.ts index a579ab874b..3706c4783b 100644 --- a/sdk/nodejs/databricks/workspaceRootDbfsCustomerManagedKey.ts +++ b/sdk/nodejs/databricks/workspaceRootDbfsCustomerManagedKey.ts @@ -5,6 +5,96 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; /** + * Manages a Customer Managed Key for the Databricks Workspaces root Databricks File System(DBFS) + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const current = azure.core.getClientConfig({}); + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const exampleWorkspace = new azure.databricks.Workspace("exampleWorkspace", { + * resourceGroupName: exampleResourceGroup.name, + * location: exampleResourceGroup.location, + * sku: "premium", + * customerManagedKeyEnabled: true, + * tags: { + * Environment: "Production", + * }, + * }); + * const exampleKeyVault = new azure.keyvault.KeyVault("exampleKeyVault", { + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * tenantId: current.then(current => current.tenantId), + * skuName: "premium", + * purgeProtectionEnabled: true, + * softDeleteRetentionDays: 7, + * }); + * const terraform = new azure.keyvault.AccessPolicy("terraform", { + * keyVaultId: exampleKeyVault.id, + * tenantId: exampleKeyVault.tenantId, + * objectId: current.then(current => current.objectId), + * keyPermissions: [ + * "Create", + * "Delete", + * "Get", + * "Purge", + * "Recover", + * "Update", + * "List", + * "Decrypt", + * "Sign", + * "GetRotationPolicy", + * ], + * }); + * const exampleKey = new azure.keyvault.Key("exampleKey", { + * keyVaultId: exampleKeyVault.id, + * keyType: "RSA", + * keySize: 2048, + * keyOpts: [ + * "decrypt", + * "encrypt", + * "sign", + * "unwrapKey", + * "verify", + * "wrapKey", + * ], + * }, { + * dependsOn: [terraform], + * }); + * const databricks = new azure.keyvault.AccessPolicy("databricks", { + * keyVaultId: exampleKeyVault.id, + * tenantId: exampleWorkspace.storageAccountIdentities.apply(storageAccountIdentities => storageAccountIdentities[0].tenantId), + * objectId: exampleWorkspace.storageAccountIdentities.apply(storageAccountIdentities => storageAccountIdentities[0].principalId), + * keyPermissions: [ + * "Create", + * "Delete", + * "Get", + * "Purge", + * "Recover", + * "Update", + * "List", + * "Decrypt", + * "Sign", + * ], + * }, { + * dependsOn: [exampleWorkspace], + * }); + * const exampleWorkspaceRootDbfsCustomerManagedKey = new azure.databricks.WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", { + * workspaceId: exampleWorkspace.id, + * keyVaultKeyId: exampleKey.id, + * }, { + * dependsOn: [databricks], + * }); + * ``` + * ## Example HCL Configurations + * + * * Databricks Workspace with Root Databricks File System Customer Managed Keys + * * Databricks Workspace with Customer Managed Keys for Managed Services + * * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys + * * ## Import * * Databricks Workspace Root DBFS Customer Managed Key can be imported using the `resource id`, e.g. diff --git a/sdk/nodejs/frontdoor/customHttpsConfiguration.ts b/sdk/nodejs/frontdoor/customHttpsConfiguration.ts index 550fd8e93b..c9e61573d2 100644 --- a/sdk/nodejs/frontdoor/customHttpsConfiguration.ts +++ b/sdk/nodejs/frontdoor/customHttpsConfiguration.ts @@ -7,6 +7,85 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. + * + * Manages the Custom HTTPS Configuration for an Azure Front Door (classic) Frontend Endpoint. + * + * > **NOTE:** Defining custom HTTPS configurations using a separate `azure.frontdoor.CustomHttpsConfiguration` resource allows for parallel creation/update. + * + * !> **BREAKING CHANGE:** In order to address the ordering issue we have changed the design on how to retrieve existing sub resources such as frontend endpoints. Existing design will be deprecated and will result in an incorrect configuration. Please refer to the updated documentation below for more information. + * + * !> **BREAKING CHANGE:** The `resourceGroupName` field has been removed as of the `v2.58.0` provider release. If the `resourceGroupName` field has been defined in your current `azure.frontdoor.CustomHttpsConfiguration` resource configuration file please remove it else you will receive a `An argument named "resourceGroupName" is not expected here.` error. If your pre-existing Front Door instance contained inline `customHttpsConfiguration` blocks there are additional steps that will need to be completed to successfully migrate your Front Door onto the `v2.58.0` provider which can be found in this guide. + * + * !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const vault = azure.keyvault.getKeyVault({ + * name: "example-vault", + * resourceGroupName: "example-vault-rg", + * }); + * const exampleFrontdoor = new azure.frontdoor.Frontdoor("exampleFrontdoor", { + * resourceGroupName: exampleResourceGroup.name, + * routingRules: [{ + * name: "exampleRoutingRule1", + * acceptedProtocols: [ + * "Http", + * "Https", + * ], + * patternsToMatches: ["/*"], + * frontendEndpoints: ["exampleFrontendEndpoint1"], + * forwardingConfiguration: { + * forwardingProtocol: "MatchRequest", + * backendPoolName: "exampleBackendBing", + * }, + * }], + * backendPoolLoadBalancings: [{ + * name: "exampleLoadBalancingSettings1", + * }], + * backendPoolHealthProbes: [{ + * name: "exampleHealthProbeSetting1", + * }], + * backendPools: [{ + * name: "exampleBackendBing", + * backends: [{ + * hostHeader: "www.bing.com", + * address: "www.bing.com", + * httpPort: 80, + * httpsPort: 443, + * }], + * loadBalancingName: "exampleLoadBalancingSettings1", + * healthProbeName: "exampleHealthProbeSetting1", + * }], + * frontendEndpoints: [ + * { + * name: "exampleFrontendEndpoint1", + * hostName: "example-FrontDoor.azurefd.net", + * }, + * { + * name: "exampleFrontendEndpoint2", + * hostName: "examplefd1.examplefd.net", + * }, + * ], + * }); + * const exampleCustomHttps0 = new azure.frontdoor.CustomHttpsConfiguration("exampleCustomHttps0", { + * frontendEndpointId: exampleFrontdoor.frontendEndpointsMap.exampleFrontendEndpoint1, + * customHttpsProvisioningEnabled: false, + * }); + * const exampleCustomHttps1 = new azure.frontdoor.CustomHttpsConfiguration("exampleCustomHttps1", { + * frontendEndpointId: exampleFrontdoor.frontendEndpointsMap.exampleFrontendEndpoint2, + * customHttpsProvisioningEnabled: true, + * customHttpsConfiguration: { + * certificateSource: "AzureKeyVault", + * azureKeyVaultCertificateSecretName: "examplefd1", + * azureKeyVaultCertificateVaultId: vault.then(vault => vault.id), + * }, + * }); + * ``` + * * ## Import * * Front Door Custom HTTPS Configurations can be imported using the `resource id` of the Front Door Custom HTTPS Configuration, e.g. diff --git a/sdk/nodejs/frontdoor/firewallPolicy.ts b/sdk/nodejs/frontdoor/firewallPolicy.ts index e71c8f5181..d60cc434c4 100644 --- a/sdk/nodejs/frontdoor/firewallPolicy.ts +++ b/sdk/nodejs/frontdoor/firewallPolicy.ts @@ -7,6 +7,12 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. + * + * Manages an Azure Front Door (classic) Web Application Firewall Policy instance. + * + * !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + * * ## Example Usage * * ```typescript diff --git a/sdk/nodejs/mssql/databaseExtendedAuditingPolicy.ts b/sdk/nodejs/mssql/databaseExtendedAuditingPolicy.ts index 9e14d391b4..7fc4faf602 100644 --- a/sdk/nodejs/mssql/databaseExtendedAuditingPolicy.ts +++ b/sdk/nodejs/mssql/databaseExtendedAuditingPolicy.ts @@ -83,6 +83,12 @@ export class DatabaseExtendedAuditingPolicy extends pulumi.CustomResource { * ->**NOTE:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. */ public readonly enabled!: pulumi.Output; + /** + * Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + */ public readonly logMonitoringEnabled!: pulumi.Output; /** * The number of days to retain logs for in the storage account. Defaults to `0`. @@ -155,6 +161,12 @@ export interface DatabaseExtendedAuditingPolicyState { * ->**NOTE:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. */ enabled?: pulumi.Input; + /** + * Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + */ logMonitoringEnabled?: pulumi.Input; /** * The number of days to retain logs for in the storage account. Defaults to `0`. @@ -188,6 +200,12 @@ export interface DatabaseExtendedAuditingPolicyArgs { * ->**NOTE:** If `enabled` is `true`, `storageEndpoint` or `logMonitoringEnabled` are required. */ enabled?: pulumi.Input; + /** + * Enable audit events to Azure Monitor? Defaults to `true`. + * + * > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + * To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + */ logMonitoringEnabled?: pulumi.Input; /** * The number of days to retain logs for in the storage account. Defaults to `0`. diff --git a/sdk/nodejs/mssql/managedInstanceFailoverGroup.ts b/sdk/nodejs/mssql/managedInstanceFailoverGroup.ts index d72e925d94..29ae9b2529 100644 --- a/sdk/nodejs/mssql/managedInstanceFailoverGroup.ts +++ b/sdk/nodejs/mssql/managedInstanceFailoverGroup.ts @@ -7,6 +7,92 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * Manages an Azure SQL Managed Instance Failover Group. + * + * ## Example Usage + * + * > **Note:** For a more complete example, see the `./examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const exampleVirtualNetwork = new azure.network.VirtualNetwork("exampleVirtualNetwork", { + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * addressSpaces: ["10.0.0.0/16"], + * }); + * const exampleSubnet = new azure.network.Subnet("exampleSubnet", { + * resourceGroupName: exampleResourceGroup.name, + * virtualNetworkName: exampleVirtualNetwork.name, + * addressPrefixes: ["10.0.2.0/24"], + * }); + * const exampleNetworkSecurityGroup = new azure.network.NetworkSecurityGroup("exampleNetworkSecurityGroup", { + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * }); + * const exampleSubnetNetworkSecurityGroupAssociation = new azure.network.SubnetNetworkSecurityGroupAssociation("exampleSubnetNetworkSecurityGroupAssociation", { + * subnetId: exampleSubnet.id, + * networkSecurityGroupId: exampleNetworkSecurityGroup.id, + * }); + * const exampleRouteTable = new azure.network.RouteTable("exampleRouteTable", { + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * }); + * const exampleSubnetRouteTableAssociation = new azure.network.SubnetRouteTableAssociation("exampleSubnetRouteTableAssociation", { + * subnetId: exampleSubnet.id, + * routeTableId: exampleRouteTable.id, + * }); + * const primary = new azure.mssql.ManagedInstance("primary", { + * resourceGroupName: exampleResourceGroup.name, + * location: exampleResourceGroup.location, + * administratorLogin: "mradministrator", + * administratorLoginPassword: "thisIsDog11", + * licenseType: "BasePrice", + * subnetId: exampleSubnet.id, + * skuName: "GP_Gen5", + * vcores: 4, + * storageSizeInGb: 32, + * tags: { + * environment: "prod", + * }, + * }, { + * dependsOn: [ + * exampleSubnetNetworkSecurityGroupAssociation, + * exampleSubnetRouteTableAssociation, + * ], + * }); + * const secondary = new azure.mssql.ManagedInstance("secondary", { + * resourceGroupName: exampleResourceGroup.name, + * location: exampleResourceGroup.location, + * administratorLogin: "mradministrator", + * administratorLoginPassword: "thisIsDog11", + * licenseType: "BasePrice", + * subnetId: exampleSubnet.id, + * skuName: "GP_Gen5", + * vcores: 4, + * storageSizeInGb: 32, + * tags: { + * environment: "prod", + * }, + * }, { + * dependsOn: [ + * exampleSubnetNetworkSecurityGroupAssociation, + * exampleSubnetRouteTableAssociation, + * ], + * }); + * const exampleManagedInstanceFailoverGroup = new azure.mssql.ManagedInstanceFailoverGroup("exampleManagedInstanceFailoverGroup", { + * location: primary.location, + * managedInstanceId: primary.id, + * partnerManagedInstanceId: secondary.id, + * readWriteEndpointFailoverPolicy: { + * mode: "Automatic", + * graceMinutes: 60, + * }, + * }); + * ``` + * * ## Import * * SQL Instance Failover Groups can be imported using the `resource id`, e.g. diff --git a/sdk/nodejs/network/networkWatcherFlowLog.ts b/sdk/nodejs/network/networkWatcherFlowLog.ts index 26c54e51a2..e7ddc326b5 100644 --- a/sdk/nodejs/network/networkWatcherFlowLog.ts +++ b/sdk/nodejs/network/networkWatcherFlowLog.ts @@ -7,6 +7,10 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * Manages a Network Watcher Flow Log. + * + * > **Note** The `azure.network.NetworkWatcherFlowLog` creates a new storage lifecyle management rule that overwrites existing rules. Please make sure to use a `storageAccount` with no existing management rules, until the issue is fixed. + * * ## Example Usage * * ```typescript diff --git a/sdk/nodejs/privatelink/endpoint.ts b/sdk/nodejs/privatelink/endpoint.ts index a2b96507f2..3de1f587e9 100644 --- a/sdk/nodejs/privatelink/endpoint.ts +++ b/sdk/nodejs/privatelink/endpoint.ts @@ -7,6 +7,157 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * Manages a Private Endpoint. + * + * Azure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Private Endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. The service could be an Azure service such as Azure Storage, SQL, etc. or your own Private Link Service. + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const exampleVirtualNetwork = new azure.network.VirtualNetwork("exampleVirtualNetwork", { + * addressSpaces: ["10.0.0.0/16"], + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * }); + * const service = new azure.network.Subnet("service", { + * resourceGroupName: exampleResourceGroup.name, + * virtualNetworkName: exampleVirtualNetwork.name, + * addressPrefixes: ["10.0.1.0/24"], + * enforcePrivateLinkServiceNetworkPolicies: true, + * }); + * const endpoint = new azure.network.Subnet("endpoint", { + * resourceGroupName: exampleResourceGroup.name, + * virtualNetworkName: exampleVirtualNetwork.name, + * addressPrefixes: ["10.0.2.0/24"], + * enforcePrivateLinkEndpointNetworkPolicies: true, + * }); + * const examplePublicIp = new azure.network.PublicIp("examplePublicIp", { + * sku: "Standard", + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * allocationMethod: "Static", + * }); + * const exampleLoadBalancer = new azure.lb.LoadBalancer("exampleLoadBalancer", { + * sku: "Standard", + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * frontendIpConfigurations: [{ + * name: examplePublicIp.name, + * publicIpAddressId: examplePublicIp.id, + * }], + * }); + * const exampleLinkService = new azure.privatedns.LinkService("exampleLinkService", { + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * natIpConfigurations: [{ + * name: examplePublicIp.name, + * primary: true, + * subnetId: service.id, + * }], + * loadBalancerFrontendIpConfigurationIds: [exampleLoadBalancer.frontendIpConfigurations.apply(frontendIpConfigurations => frontendIpConfigurations?.[0]?.id)], + * }); + * const exampleEndpoint = new azure.privatelink.Endpoint("exampleEndpoint", { + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * subnetId: endpoint.id, + * privateServiceConnection: { + * name: "example-privateserviceconnection", + * privateConnectionResourceId: exampleLinkService.id, + * isManualConnection: false, + * }, + * }); + * ``` + * + * Using a Private Link Service Alias with existing resources: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const exampleResourceGroup = azure.core.getResourceGroup({ + * name: "example-resources", + * }); + * const vnet = exampleResourceGroup.then(exampleResourceGroup => azure.network.getVirtualNetwork({ + * name: "example-network", + * resourceGroupName: exampleResourceGroup.name, + * })); + * const subnet = Promise.all([vnet, exampleResourceGroup]).then(([vnet, exampleResourceGroup]) => azure.network.getSubnet({ + * name: "default", + * virtualNetworkName: vnet.name, + * resourceGroupName: exampleResourceGroup.name, + * })); + * const exampleEndpoint = new azure.privatelink.Endpoint("exampleEndpoint", { + * location: exampleResourceGroup.then(exampleResourceGroup => exampleResourceGroup.location), + * resourceGroupName: exampleResourceGroup.then(exampleResourceGroup => exampleResourceGroup.name), + * subnetId: subnet.then(subnet => subnet.id), + * privateServiceConnection: { + * name: "example-privateserviceconnection", + * privateConnectionResourceAlias: "example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice", + * isManualConnection: true, + * requestMessage: "PL", + * }, + * }); + * ``` + * + * Using a Private Endpoint pointing to an *owned* Azure service, with proper DNS configuration: + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const exampleAccount = new azure.storage.Account("exampleAccount", { + * resourceGroupName: exampleResourceGroup.name, + * location: exampleResourceGroup.location, + * accountTier: "Standard", + * accountReplicationType: "LRS", + * }); + * const exampleVirtualNetwork = new azure.network.VirtualNetwork("exampleVirtualNetwork", { + * addressSpaces: ["10.0.0.0/16"], + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * }); + * const exampleSubnet = new azure.network.Subnet("exampleSubnet", { + * resourceGroupName: exampleResourceGroup.name, + * virtualNetworkName: exampleVirtualNetwork.name, + * addressPrefixes: ["10.0.2.0/24"], + * }); + * const exampleZone = new azure.privatedns.Zone("exampleZone", {resourceGroupName: exampleResourceGroup.name}); + * const exampleEndpoint = new azure.privatelink.Endpoint("exampleEndpoint", { + * location: exampleResourceGroup.location, + * resourceGroupName: exampleResourceGroup.name, + * subnetId: exampleSubnet.id, + * privateServiceConnection: { + * name: "example-privateserviceconnection", + * privateConnectionResourceId: exampleAccount.id, + * subresourceNames: ["blob"], + * isManualConnection: false, + * }, + * privateDnsZoneGroup: { + * name: "example-dns-zone-group", + * privateDnsZoneIds: [exampleZone.id], + * }, + * }); + * const exampleZoneVirtualNetworkLink = new azure.privatedns.ZoneVirtualNetworkLink("exampleZoneVirtualNetworkLink", { + * resourceGroupName: exampleResourceGroup.name, + * privateDnsZoneName: exampleZone.name, + * virtualNetworkId: exampleVirtualNetwork.id, + * }); + * ``` + * ## Example HCL Configurations + * + * * How to conneca `Private Endpoint` to a Application Gateway + * * How to connect a `Private Endpoint` to a Cosmos MongoDB + * * How to connect a `Private Endpoint` to a Cosmos PostgreSQL + * * How to connect a `Private Endpoint` to a PostgreSQL Server + * * How to connect a `Private Endpoint` to a Private Link Service + * * How to connect a `Private Endpoint` to a Private DNS Group + * * How to connect a `Private Endpoint` to a Databricks Workspace + * * ## Import * * Private Endpoints can be imported using the `resource id`, e.g. diff --git a/sdk/nodejs/sql/managedInstanceFailoverGroup.ts b/sdk/nodejs/sql/managedInstanceFailoverGroup.ts index f99b877d74..5e4cf0da8d 100644 --- a/sdk/nodejs/sql/managedInstanceFailoverGroup.ts +++ b/sdk/nodejs/sql/managedInstanceFailoverGroup.ts @@ -7,6 +7,69 @@ import * as outputs from "../types/output"; import * as utilities from "../utilities"; /** + * Manages a SQL Instance Failover Group. + * + * ## Example Usage + * + * > **Note:** The `azure.sql.ManagedInstanceFailoverGroup` resource is deprecated in version 3.0 of the AzureRM provider and will be removed in version 4.0. Please use the `azure.mssql.ManagedInstanceFailoverGroup` resource instead. + * + * > **Note:** For a more complete example, see the the `examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as azure from "@pulumi/azure"; + * + * const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"}); + * const primary = new azure.sql.ManagedInstance("primary", { + * resourceGroupName: azurerm_resource_group.primary.name, + * location: azurerm_resource_group.primary.location, + * administratorLogin: "mradministrator", + * administratorLoginPassword: "thisIsDog11", + * licenseType: "BasePrice", + * subnetId: azurerm_subnet.primary.id, + * skuName: "GP_Gen5", + * vcores: 4, + * storageSizeInGb: 32, + * tags: { + * environment: "prod", + * }, + * }, { + * dependsOn: [ + * azurerm_subnet_network_security_group_association.primary, + * azurerm_subnet_route_table_association.primary, + * ], + * }); + * const secondary = new azure.sql.ManagedInstance("secondary", { + * resourceGroupName: azurerm_resource_group.secondary.name, + * location: azurerm_resource_group.secondary.location, + * administratorLogin: "mradministrator", + * administratorLoginPassword: "thisIsDog11", + * licenseType: "BasePrice", + * subnetId: azurerm_subnet.secondary.id, + * skuName: "GP_Gen5", + * vcores: 4, + * storageSizeInGb: 32, + * tags: { + * environment: "prod", + * }, + * }, { + * dependsOn: [ + * azurerm_subnet_network_security_group_association.secondary, + * azurerm_subnet_route_table_association.secondary, + * ], + * }); + * const exampleManagedInstanceFailoverGroup = new azure.sql.ManagedInstanceFailoverGroup("exampleManagedInstanceFailoverGroup", { + * resourceGroupName: azurerm_resource_group.primary.name, + * location: primary.location, + * managedInstanceName: primary.name, + * partnerManagedInstanceId: secondary.id, + * readWriteEndpointFailoverPolicy: { + * mode: "Automatic", + * graceMinutes: 60, + * }, + * }); + * ``` + * * ## Import * * SQL Instance Failover Groups can be imported using the `resource id`, e.g. diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index 3b854ca2ba..02282d3885 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -9209,6 +9209,11 @@ export namespace appservice { * Should WebSockets be enabled? */ websocketsEnabled?: pulumi.Input; + /** + * The Windows Docker container image (`DOCKER|`) + * + * Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + */ windowsFxVersion?: pulumi.Input; } @@ -18742,6 +18747,11 @@ export namespace compute { * > **NOTE:** If the `patchAssessmentMode` is set to `AutomaticByPlatform` then the `provisionVmAgent` field must be set to `true`. */ patchAssessmentMode?: pulumi.Input; + /** + * Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + * + * > **NOTE:** If `patchMode` is set to `AutomaticByPlatform` the `provisionVmAgent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + */ patchMode?: pulumi.Input; /** * Should the Azure VM Agent be provisioned on each Virtual Machine in the Scale Set? Defaults to `true`. Changing this value forces a new resource to be created. @@ -18805,6 +18815,11 @@ export namespace compute { * Are automatic updates enabled for this Virtual Machine? Defaults to `true`. */ enableAutomaticUpdates?: pulumi.Input; + /** + * Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, the VM's `skuName` is set to a Azure generation 2 directory within the GitHub Repository. + */ hotpatchingEnabled?: pulumi.Input; /** * Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. @@ -41793,10 +41808,24 @@ export namespace netapp { * Resource ID of the primary volume. */ remoteVolumeResourceId: pulumi.Input; + /** + * Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + * + * A full example of the `dataProtectionReplication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + * + * > **NOTE:** `dataProtectionReplication` can be defined only once per secondary volume, adding a second instance of it is not supported. + */ replicationFrequency: pulumi.Input; } export interface VolumeDataProtectionSnapshotPolicy { + /** + * Resource ID of the snapshot policy to apply to the volume. + * + * A full example of the `dataProtectionSnapshotPolicy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + * + * > **NOTE:** `dataProtectionSnapshotPolicy` block can be used alone or with dataProtectionReplication in the primary volume only, if enabling it in the secondary, an error will be thrown. + */ snapshotPolicyId: pulumi.Input; } @@ -43197,6 +43226,15 @@ export namespace network { * The private IP address associated with the Firewall. */ privateIpAddress?: pulumi.Input; + /** + * The ID of the Public IP Address associated with the firewall. + * + * > **NOTE** A public ip address is required unless a `managementIpConfiguration` block is specified. + * + * > **NOTE** When multiple `ipConfiguration` blocks with `publicIpAddressId` are configured, `pulumi up` will raise an error when one or some of these `ipConfiguration` blocks are removed. because the `publicIpAddressId` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + * + * > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + */ publicIpAddressId?: pulumi.Input; /** * Reference to the subnet associated with the IP Configuration. Changing this forces a new resource to be created. diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index 3fd7604e60..8e238381f6 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -14166,6 +14166,11 @@ export namespace appservice { * Should WebSockets be enabled? */ websocketsEnabled: boolean; + /** + * The Windows Docker container image (`DOCKER|`) + * + * Additional examples of how to run Containers via the `azure.appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + */ windowsFxVersion: string; } @@ -25368,6 +25373,11 @@ export namespace compute { * > **NOTE:** If the `patchAssessmentMode` is set to `AutomaticByPlatform` then the `provisionVmAgent` field must be set to `true`. */ patchAssessmentMode?: string; + /** + * Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + * + * > **NOTE:** If `patchMode` is set to `AutomaticByPlatform` the `provisionVmAgent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + */ patchMode?: string; /** * Should the Azure VM Agent be provisioned on each Virtual Machine in the Scale Set? Defaults to `true`. Changing this value forces a new resource to be created. @@ -25431,6 +25441,11 @@ export namespace compute { * Are automatic updates enabled for this Virtual Machine? Defaults to `true`. */ enableAutomaticUpdates?: boolean; + /** + * Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + * + * > **NOTE:** Hotpatching can only be enabled if the `patchMode` is set to `AutomaticByPlatform`, the `provisionVmAgent` is set to `true`, your `sourceImageReference` references a hotpatching enabled image, the VM's `skuName` is set to a Azure generation 2 directory within the GitHub Repository. + */ hotpatchingEnabled?: boolean; /** * Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. @@ -52686,10 +52701,24 @@ export namespace netapp { * Resource ID of the primary volume. */ remoteVolumeResourceId: string; + /** + * Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + * + * A full example of the `dataProtectionReplication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + * + * > **NOTE:** `dataProtectionReplication` can be defined only once per secondary volume, adding a second instance of it is not supported. + */ replicationFrequency: string; } export interface VolumeDataProtectionSnapshotPolicy { + /** + * Resource ID of the snapshot policy to apply to the volume. + * + * A full example of the `dataProtectionSnapshotPolicy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + * + * > **NOTE:** `dataProtectionSnapshotPolicy` block can be used alone or with dataProtectionReplication in the primary volume only, if enabling it in the secondary, an error will be thrown. + */ snapshotPolicyId: string; } @@ -54091,6 +54120,15 @@ export namespace network { * The private IP address associated with the Firewall. */ privateIpAddress: string; + /** + * The ID of the Public IP Address associated with the firewall. + * + * > **NOTE** A public ip address is required unless a `managementIpConfiguration` block is specified. + * + * > **NOTE** When multiple `ipConfiguration` blocks with `publicIpAddressId` are configured, `pulumi up` will raise an error when one or some of these `ipConfiguration` blocks are removed. because the `publicIpAddressId` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `azure.network.PublicIp` happens before the update of firewall by default. to destroy of `azure.network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `azure.network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + * + * > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + */ publicIpAddressId?: string; /** * Reference to the subnet associated with the IP Configuration. Changing this forces a new resource to be created. diff --git a/sdk/python/pulumi_azure/appservice/_inputs.py b/sdk/python/pulumi_azure/appservice/_inputs.py index b2c927417b..c388f5f057 100644 --- a/sdk/python/pulumi_azure/appservice/_inputs.py +++ b/sdk/python/pulumi_azure/appservice/_inputs.py @@ -23088,6 +23088,9 @@ def __init__(__self__, *, > **NOTE:** when using an App Service Plan in the `Free` or `Shared` Tiers `use_32_bit_worker_process` must be set to `true`. :param pulumi.Input[bool] websockets_enabled: Should WebSockets be enabled? + :param pulumi.Input[str] windows_fx_version: The Windows Docker container image (`DOCKER|`) + + Additional examples of how to run Containers via the `appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. """ if acr_use_managed_identity_credentials is not None: pulumi.set(__self__, "acr_use_managed_identity_credentials", acr_use_managed_identity_credentials) @@ -23528,6 +23531,11 @@ def websockets_enabled(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="windowsFxVersion") def windows_fx_version(self) -> Optional[pulumi.Input[str]]: + """ + The Windows Docker container image (`DOCKER|`) + + Additional examples of how to run Containers via the `appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + """ return pulumi.get(self, "windows_fx_version") @windows_fx_version.setter diff --git a/sdk/python/pulumi_azure/appservice/environment_v3.py b/sdk/python/pulumi_azure/appservice/environment_v3.py index 8c88ad48d2..e19d676551 100644 --- a/sdk/python/pulumi_azure/appservice/environment_v3.py +++ b/sdk/python/pulumi_azure/appservice/environment_v3.py @@ -491,6 +491,62 @@ def __init__(__self__, zone_redundant: Optional[pulumi.Input[bool]] = None, __props__=None): """ + Manages a 3rd Generation (v3) App Service Environment. + + ## Example Usage + + This example provisions an App Service Environment V3. Additional examples of how to use the `appservice.EnvironmentV3` resource can be found in the `./examples/app-service-environment-v3` directory within the GitHub Repository. + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + address_spaces=["10.0.0.0/16"]) + example_subnet = azure.network.Subnet("exampleSubnet", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.0.2.0/24"], + delegations=[azure.network.SubnetDelegationArgs( + name="Microsoft.Web.hostingEnvironments", + service_delegation=azure.network.SubnetDelegationServiceDelegationArgs( + name="Microsoft.Web/hostingEnvironments", + actions=["Microsoft.Network/virtualNetworks/subnets/action"], + ), + )]) + example_environment_v3 = azure.appservice.EnvironmentV3("exampleEnvironmentV3", + resource_group_name=example_resource_group.name, + subnet_id=example_subnet.id, + internal_load_balancing_mode="Web, Publishing", + cluster_settings=[ + azure.appservice.EnvironmentV3ClusterSettingArgs( + name="DisableTls1.0", + value="1", + ), + azure.appservice.EnvironmentV3ClusterSettingArgs( + name="InternalEncryption", + value="true", + ), + azure.appservice.EnvironmentV3ClusterSettingArgs( + name="FrontEndSSLCipherSuiteOrder", + value="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + ), + ], + tags={ + "env": "production", + "terraformed": "true", + }) + example_service_plan = azure.appservice.ServicePlan("exampleServicePlan", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + os_type="Linux", + sku_name="I1v2", + app_service_environment_id=example_environment_v3.id) + ``` + ## Import A 3rd Generation (v3) App Service Environment can be imported using the `resource id`, e.g. @@ -523,6 +579,62 @@ def __init__(__self__, args: EnvironmentV3Args, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages a 3rd Generation (v3) App Service Environment. + + ## Example Usage + + This example provisions an App Service Environment V3. Additional examples of how to use the `appservice.EnvironmentV3` resource can be found in the `./examples/app-service-environment-v3` directory within the GitHub Repository. + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + address_spaces=["10.0.0.0/16"]) + example_subnet = azure.network.Subnet("exampleSubnet", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.0.2.0/24"], + delegations=[azure.network.SubnetDelegationArgs( + name="Microsoft.Web.hostingEnvironments", + service_delegation=azure.network.SubnetDelegationServiceDelegationArgs( + name="Microsoft.Web/hostingEnvironments", + actions=["Microsoft.Network/virtualNetworks/subnets/action"], + ), + )]) + example_environment_v3 = azure.appservice.EnvironmentV3("exampleEnvironmentV3", + resource_group_name=example_resource_group.name, + subnet_id=example_subnet.id, + internal_load_balancing_mode="Web, Publishing", + cluster_settings=[ + azure.appservice.EnvironmentV3ClusterSettingArgs( + name="DisableTls1.0", + value="1", + ), + azure.appservice.EnvironmentV3ClusterSettingArgs( + name="InternalEncryption", + value="true", + ), + azure.appservice.EnvironmentV3ClusterSettingArgs( + name="FrontEndSSLCipherSuiteOrder", + value="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + ), + ], + tags={ + "env": "production", + "terraformed": "true", + }) + example_service_plan = azure.appservice.ServicePlan("exampleServicePlan", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + os_type="Linux", + sku_name="I1v2", + app_service_environment_id=example_environment_v3.id) + ``` + ## Import A 3rd Generation (v3) App Service Environment can be imported using the `resource id`, e.g. diff --git a/sdk/python/pulumi_azure/appservice/outputs.py b/sdk/python/pulumi_azure/appservice/outputs.py index 414aa40406..5e5af697b5 100644 --- a/sdk/python/pulumi_azure/appservice/outputs.py +++ b/sdk/python/pulumi_azure/appservice/outputs.py @@ -23395,6 +23395,9 @@ def __init__(__self__, *, > **NOTE:** when using an App Service Plan in the `Free` or `Shared` Tiers `use_32_bit_worker_process` must be set to `true`. :param bool websockets_enabled: Should WebSockets be enabled? + :param str windows_fx_version: The Windows Docker container image (`DOCKER|`) + + Additional examples of how to run Containers via the `appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. """ if acr_use_managed_identity_credentials is not None: pulumi.set(__self__, "acr_use_managed_identity_credentials", acr_use_managed_identity_credentials) @@ -23715,6 +23718,11 @@ def websockets_enabled(self) -> Optional[bool]: @property @pulumi.getter(name="windowsFxVersion") def windows_fx_version(self) -> Optional[str]: + """ + The Windows Docker container image (`DOCKER|`) + + Additional examples of how to run Containers via the `appservice.Slot` resource can be found in the `./examples/app-service` directory within the GitHub Repository. + """ return pulumi.get(self, "windows_fx_version") diff --git a/sdk/python/pulumi_azure/arckubernetes/cluster.py b/sdk/python/pulumi_azure/arckubernetes/cluster.py index bce0a72667..d99d901253 100644 --- a/sdk/python/pulumi_azure/arckubernetes/cluster.py +++ b/sdk/python/pulumi_azure/arckubernetes/cluster.py @@ -343,6 +343,32 @@ def __init__(__self__, tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, __props__=None): """ + Manages an Arc Kubernetes Cluster. + + > **Note:** Installing and configuring the Azure Arc Agent on your Kubernetes Cluster to establish connectivity is outside the scope of this document. For more details refer to [Deploy agents to your cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/conceptual-agent-overview#deploy-agents-to-your-cluster) and [Connect an existing Kubernetes Cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/quickstart-connect-cluster?tabs=azure-cli#connect-an-existing-kubernetes-cluster). If you encounter issues connecting your Kubernetes Cluster to Azure Arc, we'd recommend opening a ticket with Microsoft Support. + + ## Example Usage + + ```python + import pulumi + import base64 + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_cluster = azure.arckubernetes.Cluster("exampleCluster", + resource_group_name=example_resource_group.name, + location="West Europe", + agent_public_key_certificate=(lambda path: base64.b64encode(open(path).read().encode()).decode())("testdata/public.cer"), + identity=azure.arckubernetes.ClusterIdentityArgs( + type="SystemAssigned", + ), + tags={ + "ENV": "Test", + }) + ``` + + > **Note:** An extensive example on connecting the `arckubernetes.Cluster` to an external kubernetes cluster can be found in the `./examples/arckubernetes` directory within the GitHub Repository. + ## Import Arc Kubernetes Cluster can be imported using the `resource id`, e.g. @@ -367,6 +393,32 @@ def __init__(__self__, args: ClusterArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages an Arc Kubernetes Cluster. + + > **Note:** Installing and configuring the Azure Arc Agent on your Kubernetes Cluster to establish connectivity is outside the scope of this document. For more details refer to [Deploy agents to your cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/conceptual-agent-overview#deploy-agents-to-your-cluster) and [Connect an existing Kubernetes Cluster](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/quickstart-connect-cluster?tabs=azure-cli#connect-an-existing-kubernetes-cluster). If you encounter issues connecting your Kubernetes Cluster to Azure Arc, we'd recommend opening a ticket with Microsoft Support. + + ## Example Usage + + ```python + import pulumi + import base64 + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_cluster = azure.arckubernetes.Cluster("exampleCluster", + resource_group_name=example_resource_group.name, + location="West Europe", + agent_public_key_certificate=(lambda path: base64.b64encode(open(path).read().encode()).decode())("testdata/public.cer"), + identity=azure.arckubernetes.ClusterIdentityArgs( + type="SystemAssigned", + ), + tags={ + "ENV": "Test", + }) + ``` + + > **Note:** An extensive example on connecting the `arckubernetes.Cluster` to an external kubernetes cluster can be found in the `./examples/arckubernetes` directory within the GitHub Repository. + ## Import Arc Kubernetes Cluster can be imported using the `resource id`, e.g. diff --git a/sdk/python/pulumi_azure/cdn/endpoint.py b/sdk/python/pulumi_azure/cdn/endpoint.py index 6833506de8..1e6822465b 100644 --- a/sdk/python/pulumi_azure/cdn/endpoint.py +++ b/sdk/python/pulumi_azure/cdn/endpoint.py @@ -651,6 +651,10 @@ def __init__(__self__, tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, __props__=None): """ + A CDN Endpoint is the entity within a CDN Profile containing configuration information regarding caching behaviours and origins. The CDN Endpoint is exposed using the URL format `.azureedge.net`. + + !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + ## Example Usage ```python @@ -710,6 +714,10 @@ def __init__(__self__, args: EndpointArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + A CDN Endpoint is the entity within a CDN Profile containing configuration information regarding caching behaviours and origins. The CDN Endpoint is exposed using the URL format `.azureedge.net`. + + !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + ## Example Usage ```python diff --git a/sdk/python/pulumi_azure/cdn/frontdoor_origin.py b/sdk/python/pulumi_azure/cdn/frontdoor_origin.py index 19e0323b79..080feeb89f 100644 --- a/sdk/python/pulumi_azure/cdn/frontdoor_origin.py +++ b/sdk/python/pulumi_azure/cdn/frontdoor_origin.py @@ -465,6 +465,148 @@ def __init__(__self__, weight: Optional[pulumi.Input[int]] = None, __props__=None): """ + Manages a Front Door (standard/premium) Origin. + + !>**IMPORTANT:** If you are attempting to implement an Origin that uses its own Private Link Service with a Load Balancer the Profile resource in your configuration file **must** have a `depends_on` meta-argument which references the `privatedns.LinkService`, see `Example Usage With Private Link Service` below. + + ## Example Usage + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_frontdoor_profile = azure.cdn.FrontdoorProfile("exampleFrontdoorProfile", + resource_group_name=example_resource_group.name, + sku_name="Premium_AzureFrontDoor") + example_frontdoor_origin_group = azure.cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", + cdn_frontdoor_profile_id=example_frontdoor_profile.id, + load_balancing=azure.cdn.FrontdoorOriginGroupLoadBalancingArgs()) + example_frontdoor_origin = azure.cdn.FrontdoorOrigin("exampleFrontdoorOrigin", + cdn_frontdoor_origin_group_id=example_frontdoor_origin_group.id, + enabled=True, + certificate_name_check_enabled=False, + host_name="contoso.com", + http_port=80, + https_port=443, + origin_host_header="www.contoso.com", + priority=1, + weight=1) + ``` + ### With Private Link + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_account = azure.storage.Account("exampleAccount", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + account_tier="Premium", + account_replication_type="LRS", + allow_nested_items_to_be_public=False, + network_rules=azure.storage.AccountNetworkRulesArgs( + default_action="Deny", + ), + tags={ + "environment": "Example", + }) + example_frontdoor_profile = azure.cdn.FrontdoorProfile("exampleFrontdoorProfile", + resource_group_name=example_resource_group.name, + sku_name="Premium_AzureFrontDoor") + example_frontdoor_origin_group = azure.cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", + cdn_frontdoor_profile_id=example_frontdoor_profile.id, + load_balancing=azure.cdn.FrontdoorOriginGroupLoadBalancingArgs()) + example_frontdoor_origin = azure.cdn.FrontdoorOrigin("exampleFrontdoorOrigin", + cdn_frontdoor_origin_group_id=example_frontdoor_origin_group.id, + enabled=True, + certificate_name_check_enabled=True, + host_name=example_account.primary_blob_host, + origin_host_header=example_account.primary_blob_host, + priority=1, + weight=500, + private_link=azure.cdn.FrontdoorOriginPrivateLinkArgs( + request_message="Request access for Private Link Origin CDN Frontdoor", + target_type="blob", + location=example_account.location, + private_link_target_id=example_account.id, + )) + ``` + ### With Private Link Service + + ```python + import pulumi + import pulumi_azure as azure + + current = azure.core.get_client_config() + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + address_spaces=["10.5.0.0/16"]) + example_subnet = azure.network.Subnet("exampleSubnet", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.5.1.0/24"], + private_link_service_network_policies_enabled=False) + example_public_ip = azure.network.PublicIp("examplePublicIp", + sku="Standard", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + allocation_method="Static") + example_load_balancer = azure.lb.LoadBalancer("exampleLoadBalancer", + sku="Standard", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + frontend_ip_configurations=[azure.lb.LoadBalancerFrontendIpConfigurationArgs( + name=example_public_ip.name, + public_ip_address_id=example_public_ip.id, + )]) + example_link_service = azure.privatedns.LinkService("exampleLinkService", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + visibility_subscription_ids=[current.subscription_id], + load_balancer_frontend_ip_configuration_ids=[example_load_balancer.frontend_ip_configurations[0].id], + nat_ip_configurations=[azure.privatedns.LinkServiceNatIpConfigurationArgs( + name="primary", + private_ip_address="10.5.1.17", + private_ip_address_version="IPv4", + subnet_id=example_subnet.id, + primary=True, + )]) + example_frontdoor_profile = azure.cdn.FrontdoorProfile("exampleFrontdoorProfile", + resource_group_name=example_resource_group.name, + sku_name="Premium_AzureFrontDoor", + opts=pulumi.ResourceOptions(depends_on=[example_link_service])) + example_frontdoor_origin_group = azure.cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", + cdn_frontdoor_profile_id=example_frontdoor_profile.id, + load_balancing=azure.cdn.FrontdoorOriginGroupLoadBalancingArgs( + additional_latency_in_milliseconds=0, + sample_size=16, + successful_samples_required=3, + )) + example_frontdoor_origin = azure.cdn.FrontdoorOrigin("exampleFrontdoorOrigin", + cdn_frontdoor_origin_group_id=example_frontdoor_origin_group.id, + enabled=True, + host_name="example.com", + origin_host_header="example.com", + priority=1, + weight=1000, + certificate_name_check_enabled=False, + private_link=azure.cdn.FrontdoorOriginPrivateLinkArgs( + request_message="Request access for Private Link Origin CDN Frontdoor", + location=example_resource_group.location, + private_link_target_id=example_link_service.id, + )) + ``` + ## Example HCL Configurations + + * Private Link Origin with Storage Account Blob + * Private Link Origin with Storage Account Static Web Site + * Private Link Origin with Linux Web Application + * Private Link Origin with Internal Load Balancer + ## Import Front Door Origins can be imported using the `resource id`, e.g. @@ -502,6 +644,148 @@ def __init__(__self__, args: FrontdoorOriginArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages a Front Door (standard/premium) Origin. + + !>**IMPORTANT:** If you are attempting to implement an Origin that uses its own Private Link Service with a Load Balancer the Profile resource in your configuration file **must** have a `depends_on` meta-argument which references the `privatedns.LinkService`, see `Example Usage With Private Link Service` below. + + ## Example Usage + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_frontdoor_profile = azure.cdn.FrontdoorProfile("exampleFrontdoorProfile", + resource_group_name=example_resource_group.name, + sku_name="Premium_AzureFrontDoor") + example_frontdoor_origin_group = azure.cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", + cdn_frontdoor_profile_id=example_frontdoor_profile.id, + load_balancing=azure.cdn.FrontdoorOriginGroupLoadBalancingArgs()) + example_frontdoor_origin = azure.cdn.FrontdoorOrigin("exampleFrontdoorOrigin", + cdn_frontdoor_origin_group_id=example_frontdoor_origin_group.id, + enabled=True, + certificate_name_check_enabled=False, + host_name="contoso.com", + http_port=80, + https_port=443, + origin_host_header="www.contoso.com", + priority=1, + weight=1) + ``` + ### With Private Link + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_account = azure.storage.Account("exampleAccount", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + account_tier="Premium", + account_replication_type="LRS", + allow_nested_items_to_be_public=False, + network_rules=azure.storage.AccountNetworkRulesArgs( + default_action="Deny", + ), + tags={ + "environment": "Example", + }) + example_frontdoor_profile = azure.cdn.FrontdoorProfile("exampleFrontdoorProfile", + resource_group_name=example_resource_group.name, + sku_name="Premium_AzureFrontDoor") + example_frontdoor_origin_group = azure.cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", + cdn_frontdoor_profile_id=example_frontdoor_profile.id, + load_balancing=azure.cdn.FrontdoorOriginGroupLoadBalancingArgs()) + example_frontdoor_origin = azure.cdn.FrontdoorOrigin("exampleFrontdoorOrigin", + cdn_frontdoor_origin_group_id=example_frontdoor_origin_group.id, + enabled=True, + certificate_name_check_enabled=True, + host_name=example_account.primary_blob_host, + origin_host_header=example_account.primary_blob_host, + priority=1, + weight=500, + private_link=azure.cdn.FrontdoorOriginPrivateLinkArgs( + request_message="Request access for Private Link Origin CDN Frontdoor", + target_type="blob", + location=example_account.location, + private_link_target_id=example_account.id, + )) + ``` + ### With Private Link Service + + ```python + import pulumi + import pulumi_azure as azure + + current = azure.core.get_client_config() + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + address_spaces=["10.5.0.0/16"]) + example_subnet = azure.network.Subnet("exampleSubnet", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.5.1.0/24"], + private_link_service_network_policies_enabled=False) + example_public_ip = azure.network.PublicIp("examplePublicIp", + sku="Standard", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + allocation_method="Static") + example_load_balancer = azure.lb.LoadBalancer("exampleLoadBalancer", + sku="Standard", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + frontend_ip_configurations=[azure.lb.LoadBalancerFrontendIpConfigurationArgs( + name=example_public_ip.name, + public_ip_address_id=example_public_ip.id, + )]) + example_link_service = azure.privatedns.LinkService("exampleLinkService", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + visibility_subscription_ids=[current.subscription_id], + load_balancer_frontend_ip_configuration_ids=[example_load_balancer.frontend_ip_configurations[0].id], + nat_ip_configurations=[azure.privatedns.LinkServiceNatIpConfigurationArgs( + name="primary", + private_ip_address="10.5.1.17", + private_ip_address_version="IPv4", + subnet_id=example_subnet.id, + primary=True, + )]) + example_frontdoor_profile = azure.cdn.FrontdoorProfile("exampleFrontdoorProfile", + resource_group_name=example_resource_group.name, + sku_name="Premium_AzureFrontDoor", + opts=pulumi.ResourceOptions(depends_on=[example_link_service])) + example_frontdoor_origin_group = azure.cdn.FrontdoorOriginGroup("exampleFrontdoorOriginGroup", + cdn_frontdoor_profile_id=example_frontdoor_profile.id, + load_balancing=azure.cdn.FrontdoorOriginGroupLoadBalancingArgs( + additional_latency_in_milliseconds=0, + sample_size=16, + successful_samples_required=3, + )) + example_frontdoor_origin = azure.cdn.FrontdoorOrigin("exampleFrontdoorOrigin", + cdn_frontdoor_origin_group_id=example_frontdoor_origin_group.id, + enabled=True, + host_name="example.com", + origin_host_header="example.com", + priority=1, + weight=1000, + certificate_name_check_enabled=False, + private_link=azure.cdn.FrontdoorOriginPrivateLinkArgs( + request_message="Request access for Private Link Origin CDN Frontdoor", + location=example_resource_group.location, + private_link_target_id=example_link_service.id, + )) + ``` + ## Example HCL Configurations + + * Private Link Origin with Storage Account Blob + * Private Link Origin with Storage Account Static Web Site + * Private Link Origin with Linux Web Application + * Private Link Origin with Internal Load Balancer + ## Import Front Door Origins can be imported using the `resource id`, e.g. diff --git a/sdk/python/pulumi_azure/cdn/profile.py b/sdk/python/pulumi_azure/cdn/profile.py index 2768250874..fb5fe67229 100644 --- a/sdk/python/pulumi_azure/cdn/profile.py +++ b/sdk/python/pulumi_azure/cdn/profile.py @@ -197,6 +197,10 @@ def __init__(__self__, tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, __props__=None): """ + Manages a CDN Profile to create a collection of CDN Endpoints. + + !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + ## Example Usage ```python @@ -237,6 +241,10 @@ def __init__(__self__, args: ProfileArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages a CDN Profile to create a collection of CDN Endpoints. + + !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + ## Example Usage ```python diff --git a/sdk/python/pulumi_azure/compute/_inputs.py b/sdk/python/pulumi_azure/compute/_inputs.py index bf1c675e7d..4be8a824b2 100644 --- a/sdk/python/pulumi_azure/compute/_inputs.py +++ b/sdk/python/pulumi_azure/compute/_inputs.py @@ -4494,6 +4494,9 @@ def __init__(__self__, *, :param pulumi.Input[str] patch_assessment_mode: Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. > **NOTE:** If the `patch_assessment_mode` is set to `AutomaticByPlatform` then the `provision_vm_agent` field must be set to `true`. + :param pulumi.Input[str] patch_mode: Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + + > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. :param pulumi.Input[bool] provision_vm_agent: Should the Azure VM Agent be provisioned on each Virtual Machine in the Scale Set? Defaults to `true`. Changing this value forces a new resource to be created. :param pulumi.Input[Sequence[pulumi.Input['OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationSecretArgs']]] secrets: One or more `secret` blocks as defined below. """ @@ -4594,6 +4597,11 @@ def patch_assessment_mode(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="patchMode") def patch_mode(self) -> Optional[pulumi.Input[str]]: + """ + Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + + > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + """ return pulumi.get(self, "patch_mode") @patch_mode.setter @@ -4752,6 +4760,9 @@ def __init__(__self__, *, :param pulumi.Input[str] admin_username: The username of the local administrator on each Virtual Machine Scale Set instance. Changing this forces a new resource to be created. :param pulumi.Input[str] computer_name_prefix: The prefix which should be used for the name of the Virtual Machines in this Scale Set. If unspecified this defaults to the value for the `name` field. If the value of the `name` field is not a valid `computer_name_prefix`, then you must specify `computer_name_prefix`. Changing this forces a new resource to be created. :param pulumi.Input[bool] enable_automatic_updates: Are automatic updates enabled for this Virtual Machine? Defaults to `true`. + :param pulumi.Input[bool] hotpatching_enabled: Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. :param pulumi.Input[str] patch_assessment_mode: Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. > **NOTE:** If the `patch_assessment_mode` is set to `AutomaticByPlatform` then the `provision_vm_agent` field must be set to `true`. @@ -4835,6 +4846,11 @@ def enable_automatic_updates(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="hotpatchingEnabled") def hotpatching_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + """ return pulumi.get(self, "hotpatching_enabled") @hotpatching_enabled.setter diff --git a/sdk/python/pulumi_azure/compute/image.py b/sdk/python/pulumi_azure/compute/image.py index 3b8d0605d6..35fcf6e897 100644 --- a/sdk/python/pulumi_azure/compute/image.py +++ b/sdk/python/pulumi_azure/compute/image.py @@ -348,6 +348,24 @@ def __init__(__self__, zone_resilient: Optional[pulumi.Input[bool]] = None, __props__=None): """ + Manages a custom virtual machine image that can be used to create virtual machines. + + ## Example Usage + + > **Note:** For a more complete example, see the `examples/image` directory within the GitHub Repository. + + ```python + import pulumi + import pulumi_azure as azure + + example_virtual_machine = azure.compute.get_virtual_machine(name="examplevm", + resource_group_name="example-resources") + example_image = azure.compute.Image("exampleImage", + location=example_virtual_machine.location, + resource_group_name=example_virtual_machine.name, + source_virtual_machine_id=example_virtual_machine.id) + ``` + ## Import Images can be imported using the `resource id`, e.g. @@ -379,6 +397,24 @@ def __init__(__self__, args: ImageArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages a custom virtual machine image that can be used to create virtual machines. + + ## Example Usage + + > **Note:** For a more complete example, see the `examples/image` directory within the GitHub Repository. + + ```python + import pulumi + import pulumi_azure as azure + + example_virtual_machine = azure.compute.get_virtual_machine(name="examplevm", + resource_group_name="example-resources") + example_image = azure.compute.Image("exampleImage", + location=example_virtual_machine.location, + resource_group_name=example_virtual_machine.name, + source_virtual_machine_id=example_virtual_machine.id) + ``` + ## Import Images can be imported using the `resource id`, e.g. diff --git a/sdk/python/pulumi_azure/compute/outputs.py b/sdk/python/pulumi_azure/compute/outputs.py index 7ce25fd77c..b3bce262fc 100644 --- a/sdk/python/pulumi_azure/compute/outputs.py +++ b/sdk/python/pulumi_azure/compute/outputs.py @@ -4589,6 +4589,9 @@ def __init__(__self__, *, :param str patch_assessment_mode: Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. > **NOTE:** If the `patch_assessment_mode` is set to `AutomaticByPlatform` then the `provision_vm_agent` field must be set to `true`. + :param str patch_mode: Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + + > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. :param bool provision_vm_agent: Should the Azure VM Agent be provisioned on each Virtual Machine in the Scale Set? Defaults to `true`. Changing this value forces a new resource to be created. :param Sequence['OrchestratedVirtualMachineScaleSetOsProfileLinuxConfigurationSecretArgs'] secrets: One or more `secret` blocks as defined below. """ @@ -4665,6 +4668,11 @@ def patch_assessment_mode(self) -> Optional[str]: @property @pulumi.getter(name="patchMode") def patch_mode(self) -> Optional[str]: + """ + Specifies the mode of in-guest patching of this Windows Virtual Machine. Possible values are `ImageDefault` or `AutomaticByPlatform`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). + + > **NOTE:** If `patch_mode` is set to `AutomaticByPlatform` the `provision_vm_agent` must be set to `true` and the `extension` must contain at least one application health extension. An example of how to correctly configure a Virtual Machine Scale Set to provision a Linux Virtual Machine with Automatic VM Guest Patching enabled can be found in the `./examples/orchestrated-vm-scale-set/automatic-vm-guest-patching` directory within the GitHub Repository. + """ return pulumi.get(self, "patch_mode") @property @@ -4858,6 +4866,9 @@ def __init__(__self__, *, :param str admin_username: The username of the local administrator on each Virtual Machine Scale Set instance. Changing this forces a new resource to be created. :param str computer_name_prefix: The prefix which should be used for the name of the Virtual Machines in this Scale Set. If unspecified this defaults to the value for the `name` field. If the value of the `name` field is not a valid `computer_name_prefix`, then you must specify `computer_name_prefix`. Changing this forces a new resource to be created. :param bool enable_automatic_updates: Are automatic updates enabled for this Virtual Machine? Defaults to `true`. + :param bool hotpatching_enabled: Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. :param str patch_assessment_mode: Specifies the mode of VM Guest Patching for the virtual machines that are associated to the Virtual Machine Scale Set. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. > **NOTE:** If the `patch_assessment_mode` is set to `AutomaticByPlatform` then the `provision_vm_agent` field must be set to `true`. @@ -4925,6 +4936,11 @@ def enable_automatic_updates(self) -> Optional[bool]: @property @pulumi.getter(name="hotpatchingEnabled") def hotpatching_enabled(self) -> Optional[bool]: + """ + Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, the VM's `sku_name` is set to a Azure generation 2 directory within the GitHub Repository. + """ return pulumi.get(self, "hotpatching_enabled") @property diff --git a/sdk/python/pulumi_azure/compute/windows_virtual_machine.py b/sdk/python/pulumi_azure/compute/windows_virtual_machine.py index 2748c3606b..e6fc4773d3 100644 --- a/sdk/python/pulumi_azure/compute/windows_virtual_machine.py +++ b/sdk/python/pulumi_azure/compute/windows_virtual_machine.py @@ -96,6 +96,9 @@ def __init__(__self__, *, > **NOTE:** This can only be configured when `priority` is set to `Spot`. :param pulumi.Input[str] extensions_time_budget: Specifies the duration allocated for all extensions to start. The time duration should be between 15 minutes and 120 minutes (inclusive) and should be specified in ISO 8601 format. Defaults to `PT1H30M`. :param pulumi.Input[Sequence[pulumi.Input['WindowsVirtualMachineGalleryApplicationArgs']]] gallery_applications: One or more `gallery_application` blocks as defined below. + :param pulumi.Input[bool] hotpatching_enabled: Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. :param pulumi.Input['WindowsVirtualMachineIdentityArgs'] identity: An `identity` block as defined below. :param pulumi.Input[str] license_type: Specifies the type of on-premise license (also known as [Azure Hybrid Use Benefit](https://docs.microsoft.com/windows-server/get-started/azure-hybrid-benefit)) which should be used for this Virtual Machine. Possible values are `None`, `Windows_Client` and `Windows_Server`. :param pulumi.Input[str] location: The Azure location where the Windows Virtual Machine should exist. Changing this forces a new resource to be created. @@ -516,6 +519,11 @@ def gallery_applications(self, value: Optional[pulumi.Input[Sequence[pulumi.Inpu @property @pulumi.getter(name="hotpatchingEnabled") def hotpatching_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + """ return pulumi.get(self, "hotpatching_enabled") @hotpatching_enabled.setter @@ -923,6 +931,9 @@ def __init__(__self__, *, > **NOTE:** This can only be configured when `priority` is set to `Spot`. :param pulumi.Input[str] extensions_time_budget: Specifies the duration allocated for all extensions to start. The time duration should be between 15 minutes and 120 minutes (inclusive) and should be specified in ISO 8601 format. Defaults to `PT1H30M`. :param pulumi.Input[Sequence[pulumi.Input['WindowsVirtualMachineGalleryApplicationArgs']]] gallery_applications: One or more `gallery_application` blocks as defined below. + :param pulumi.Input[bool] hotpatching_enabled: Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. :param pulumi.Input['WindowsVirtualMachineIdentityArgs'] identity: An `identity` block as defined below. :param pulumi.Input[str] license_type: Specifies the type of on-premise license (also known as [Azure Hybrid Use Benefit](https://docs.microsoft.com/windows-server/get-started/azure-hybrid-benefit)) which should be used for this Virtual Machine. Possible values are `None`, `Windows_Client` and `Windows_Server`. :param pulumi.Input[str] location: The Azure location where the Windows Virtual Machine should exist. Changing this forces a new resource to be created. @@ -1320,6 +1331,11 @@ def gallery_applications(self, value: Optional[pulumi.Input[Sequence[pulumi.Inpu @property @pulumi.getter(name="hotpatchingEnabled") def hotpatching_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + """ return pulumi.get(self, "hotpatching_enabled") @hotpatching_enabled.setter @@ -1900,6 +1916,9 @@ def __init__(__self__, > **NOTE:** This can only be configured when `priority` is set to `Spot`. :param pulumi.Input[str] extensions_time_budget: Specifies the duration allocated for all extensions to start. The time duration should be between 15 minutes and 120 minutes (inclusive) and should be specified in ISO 8601 format. Defaults to `PT1H30M`. :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WindowsVirtualMachineGalleryApplicationArgs']]]] gallery_applications: One or more `gallery_application` blocks as defined below. + :param pulumi.Input[bool] hotpatching_enabled: Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. :param pulumi.Input[pulumi.InputType['WindowsVirtualMachineIdentityArgs']] identity: An `identity` block as defined below. :param pulumi.Input[str] license_type: Specifies the type of on-premise license (also known as [Azure Hybrid Use Benefit](https://docs.microsoft.com/windows-server/get-started/azure-hybrid-benefit)) which should be used for this Virtual Machine. Possible values are `None`, `Windows_Client` and `Windows_Server`. :param pulumi.Input[str] location: The Azure location where the Windows Virtual Machine should exist. Changing this forces a new resource to be created. @@ -2256,6 +2275,9 @@ def get(resource_name: str, > **NOTE:** This can only be configured when `priority` is set to `Spot`. :param pulumi.Input[str] extensions_time_budget: Specifies the duration allocated for all extensions to start. The time duration should be between 15 minutes and 120 minutes (inclusive) and should be specified in ISO 8601 format. Defaults to `PT1H30M`. :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['WindowsVirtualMachineGalleryApplicationArgs']]]] gallery_applications: One or more `gallery_application` blocks as defined below. + :param pulumi.Input[bool] hotpatching_enabled: Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. :param pulumi.Input[pulumi.InputType['WindowsVirtualMachineIdentityArgs']] identity: An `identity` block as defined below. :param pulumi.Input[str] license_type: Specifies the type of on-premise license (also known as [Azure Hybrid Use Benefit](https://docs.microsoft.com/windows-server/get-started/azure-hybrid-benefit)) which should be used for this Virtual Machine. Possible values are `None`, `Windows_Client` and `Windows_Server`. :param pulumi.Input[str] location: The Azure location where the Windows Virtual Machine should exist. Changing this forces a new resource to be created. @@ -2528,6 +2550,11 @@ def gallery_applications(self) -> pulumi.Output[Optional[Sequence['outputs.Windo @property @pulumi.getter(name="hotpatchingEnabled") def hotpatching_enabled(self) -> pulumi.Output[Optional[bool]]: + """ + Should the VM be patched without requiring a reboot? Possible values are `true` or `false`. Defaults to `false`. For more information about hot patching please see the [product documentation](https://docs.microsoft.com/azure/automanage/automanage-hotpatch). + + > **NOTE:** Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a Azure generation 2 directory within the GitHub Repository. + """ return pulumi.get(self, "hotpatching_enabled") @property diff --git a/sdk/python/pulumi_azure/databricks/workspace_customer_managed_key.py b/sdk/python/pulumi_azure/databricks/workspace_customer_managed_key.py index f9b4ddd958..53789d0e92 100644 --- a/sdk/python/pulumi_azure/databricks/workspace_customer_managed_key.py +++ b/sdk/python/pulumi_azure/databricks/workspace_customer_managed_key.py @@ -110,6 +110,89 @@ def __init__(__self__, workspace_id: Optional[pulumi.Input[str]] = None, __props__=None): """ + Manages a Customer Managed Key for a Databricks Workspace root DBFS + + !>**IMPORTANT:** This resource has been deprecated and will be removed from the 4.0 Azure provider. Please use the `databricks.WorkspaceRootDbfsCustomerManagedKey` resource instead. + + ## Example Usage + + ```python + import pulumi + import pulumi_azure as azure + + current = azure.core.get_client_config() + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_workspace = azure.databricks.Workspace("exampleWorkspace", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + sku="premium", + customer_managed_key_enabled=True, + tags={ + "Environment": "Production", + }) + example_key_vault = azure.keyvault.KeyVault("exampleKeyVault", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + tenant_id=current.tenant_id, + sku_name="premium", + purge_protection_enabled=True, + soft_delete_retention_days=7) + terraform = azure.keyvault.AccessPolicy("terraform", + key_vault_id=example_key_vault.id, + tenant_id=example_key_vault.tenant_id, + object_id=current.object_id, + key_permissions=[ + "Create", + "Delete", + "Get", + "Purge", + "Recover", + "Update", + "List", + "Decrypt", + "Sign", + "GetRotationPolicy", + ]) + example_key = azure.keyvault.Key("exampleKey", + key_vault_id=example_key_vault.id, + key_type="RSA", + key_size=2048, + key_opts=[ + "decrypt", + "encrypt", + "sign", + "unwrapKey", + "verify", + "wrapKey", + ], + opts=pulumi.ResourceOptions(depends_on=[terraform])) + databricks = azure.keyvault.AccessPolicy("databricks", + key_vault_id=example_key_vault.id, + tenant_id=example_workspace.storage_account_identities[0].tenant_id, + object_id=example_workspace.storage_account_identities[0].principal_id, + key_permissions=[ + "Create", + "Delete", + "Get", + "Purge", + "Recover", + "Update", + "List", + "Decrypt", + "Sign", + ], + opts=pulumi.ResourceOptions(depends_on=[example_workspace])) + example_workspace_root_dbfs_customer_managed_key = azure.databricks.WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", + workspace_id=example_workspace.id, + key_vault_key_id=example_key.id, + opts=pulumi.ResourceOptions(depends_on=[databricks])) + ``` + ## Example HCL Configurations + + * Databricks Workspace with Root Databricks File System Customer Managed Keys + * Databricks Workspace with Customer Managed Keys for Managed Services + * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys + ## Import Databricks Workspace Customer Managed Key can be imported using the `resource id`, e.g. @@ -130,6 +213,89 @@ def __init__(__self__, args: WorkspaceCustomerManagedKeyArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages a Customer Managed Key for a Databricks Workspace root DBFS + + !>**IMPORTANT:** This resource has been deprecated and will be removed from the 4.0 Azure provider. Please use the `databricks.WorkspaceRootDbfsCustomerManagedKey` resource instead. + + ## Example Usage + + ```python + import pulumi + import pulumi_azure as azure + + current = azure.core.get_client_config() + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_workspace = azure.databricks.Workspace("exampleWorkspace", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + sku="premium", + customer_managed_key_enabled=True, + tags={ + "Environment": "Production", + }) + example_key_vault = azure.keyvault.KeyVault("exampleKeyVault", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + tenant_id=current.tenant_id, + sku_name="premium", + purge_protection_enabled=True, + soft_delete_retention_days=7) + terraform = azure.keyvault.AccessPolicy("terraform", + key_vault_id=example_key_vault.id, + tenant_id=example_key_vault.tenant_id, + object_id=current.object_id, + key_permissions=[ + "Create", + "Delete", + "Get", + "Purge", + "Recover", + "Update", + "List", + "Decrypt", + "Sign", + "GetRotationPolicy", + ]) + example_key = azure.keyvault.Key("exampleKey", + key_vault_id=example_key_vault.id, + key_type="RSA", + key_size=2048, + key_opts=[ + "decrypt", + "encrypt", + "sign", + "unwrapKey", + "verify", + "wrapKey", + ], + opts=pulumi.ResourceOptions(depends_on=[terraform])) + databricks = azure.keyvault.AccessPolicy("databricks", + key_vault_id=example_key_vault.id, + tenant_id=example_workspace.storage_account_identities[0].tenant_id, + object_id=example_workspace.storage_account_identities[0].principal_id, + key_permissions=[ + "Create", + "Delete", + "Get", + "Purge", + "Recover", + "Update", + "List", + "Decrypt", + "Sign", + ], + opts=pulumi.ResourceOptions(depends_on=[example_workspace])) + example_workspace_root_dbfs_customer_managed_key = azure.databricks.WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", + workspace_id=example_workspace.id, + key_vault_key_id=example_key.id, + opts=pulumi.ResourceOptions(depends_on=[databricks])) + ``` + ## Example HCL Configurations + + * Databricks Workspace with Root Databricks File System Customer Managed Keys + * Databricks Workspace with Customer Managed Keys for Managed Services + * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys + ## Import Databricks Workspace Customer Managed Key can be imported using the `resource id`, e.g. diff --git a/sdk/python/pulumi_azure/databricks/workspace_root_dbfs_customer_managed_key.py b/sdk/python/pulumi_azure/databricks/workspace_root_dbfs_customer_managed_key.py index b312999979..43e5011fb0 100644 --- a/sdk/python/pulumi_azure/databricks/workspace_root_dbfs_customer_managed_key.py +++ b/sdk/python/pulumi_azure/databricks/workspace_root_dbfs_customer_managed_key.py @@ -98,6 +98,87 @@ def __init__(__self__, workspace_id: Optional[pulumi.Input[str]] = None, __props__=None): """ + Manages a Customer Managed Key for the Databricks Workspaces root Databricks File System(DBFS) + + ## Example Usage + + ```python + import pulumi + import pulumi_azure as azure + + current = azure.core.get_client_config() + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_workspace = azure.databricks.Workspace("exampleWorkspace", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + sku="premium", + customer_managed_key_enabled=True, + tags={ + "Environment": "Production", + }) + example_key_vault = azure.keyvault.KeyVault("exampleKeyVault", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + tenant_id=current.tenant_id, + sku_name="premium", + purge_protection_enabled=True, + soft_delete_retention_days=7) + terraform = azure.keyvault.AccessPolicy("terraform", + key_vault_id=example_key_vault.id, + tenant_id=example_key_vault.tenant_id, + object_id=current.object_id, + key_permissions=[ + "Create", + "Delete", + "Get", + "Purge", + "Recover", + "Update", + "List", + "Decrypt", + "Sign", + "GetRotationPolicy", + ]) + example_key = azure.keyvault.Key("exampleKey", + key_vault_id=example_key_vault.id, + key_type="RSA", + key_size=2048, + key_opts=[ + "decrypt", + "encrypt", + "sign", + "unwrapKey", + "verify", + "wrapKey", + ], + opts=pulumi.ResourceOptions(depends_on=[terraform])) + databricks = azure.keyvault.AccessPolicy("databricks", + key_vault_id=example_key_vault.id, + tenant_id=example_workspace.storage_account_identities[0].tenant_id, + object_id=example_workspace.storage_account_identities[0].principal_id, + key_permissions=[ + "Create", + "Delete", + "Get", + "Purge", + "Recover", + "Update", + "List", + "Decrypt", + "Sign", + ], + opts=pulumi.ResourceOptions(depends_on=[example_workspace])) + example_workspace_root_dbfs_customer_managed_key = azure.databricks.WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", + workspace_id=example_workspace.id, + key_vault_key_id=example_key.id, + opts=pulumi.ResourceOptions(depends_on=[databricks])) + ``` + ## Example HCL Configurations + + * Databricks Workspace with Root Databricks File System Customer Managed Keys + * Databricks Workspace with Customer Managed Keys for Managed Services + * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys + ## Import Databricks Workspace Root DBFS Customer Managed Key can be imported using the `resource id`, e.g. @@ -118,6 +199,87 @@ def __init__(__self__, args: WorkspaceRootDbfsCustomerManagedKeyArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages a Customer Managed Key for the Databricks Workspaces root Databricks File System(DBFS) + + ## Example Usage + + ```python + import pulumi + import pulumi_azure as azure + + current = azure.core.get_client_config() + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_workspace = azure.databricks.Workspace("exampleWorkspace", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + sku="premium", + customer_managed_key_enabled=True, + tags={ + "Environment": "Production", + }) + example_key_vault = azure.keyvault.KeyVault("exampleKeyVault", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + tenant_id=current.tenant_id, + sku_name="premium", + purge_protection_enabled=True, + soft_delete_retention_days=7) + terraform = azure.keyvault.AccessPolicy("terraform", + key_vault_id=example_key_vault.id, + tenant_id=example_key_vault.tenant_id, + object_id=current.object_id, + key_permissions=[ + "Create", + "Delete", + "Get", + "Purge", + "Recover", + "Update", + "List", + "Decrypt", + "Sign", + "GetRotationPolicy", + ]) + example_key = azure.keyvault.Key("exampleKey", + key_vault_id=example_key_vault.id, + key_type="RSA", + key_size=2048, + key_opts=[ + "decrypt", + "encrypt", + "sign", + "unwrapKey", + "verify", + "wrapKey", + ], + opts=pulumi.ResourceOptions(depends_on=[terraform])) + databricks = azure.keyvault.AccessPolicy("databricks", + key_vault_id=example_key_vault.id, + tenant_id=example_workspace.storage_account_identities[0].tenant_id, + object_id=example_workspace.storage_account_identities[0].principal_id, + key_permissions=[ + "Create", + "Delete", + "Get", + "Purge", + "Recover", + "Update", + "List", + "Decrypt", + "Sign", + ], + opts=pulumi.ResourceOptions(depends_on=[example_workspace])) + example_workspace_root_dbfs_customer_managed_key = azure.databricks.WorkspaceRootDbfsCustomerManagedKey("exampleWorkspaceRootDbfsCustomerManagedKey", + workspace_id=example_workspace.id, + key_vault_key_id=example_key.id, + opts=pulumi.ResourceOptions(depends_on=[databricks])) + ``` + ## Example HCL Configurations + + * Databricks Workspace with Root Databricks File System Customer Managed Keys + * Databricks Workspace with Customer Managed Keys for Managed Services + * Databricks Workspace with Private Endpoint, Customer Managed Keys for Managed Services and Root Databricks File System Customer Managed Keys + ## Import Databricks Workspace Root DBFS Customer Managed Key can be imported using the `resource id`, e.g. diff --git a/sdk/python/pulumi_azure/frontdoor/custom_https_configuration.py b/sdk/python/pulumi_azure/frontdoor/custom_https_configuration.py index 9960e31276..b74a7b00d1 100644 --- a/sdk/python/pulumi_azure/frontdoor/custom_https_configuration.py +++ b/sdk/python/pulumi_azure/frontdoor/custom_https_configuration.py @@ -133,6 +133,80 @@ def __init__(__self__, frontend_endpoint_id: Optional[pulumi.Input[str]] = None, __props__=None): """ + !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. + + Manages the Custom HTTPS Configuration for an Azure Front Door (classic) Frontend Endpoint. + + > **NOTE:** Defining custom HTTPS configurations using a separate `frontdoor.CustomHttpsConfiguration` resource allows for parallel creation/update. + + !> **BREAKING CHANGE:** In order to address the ordering issue we have changed the design on how to retrieve existing sub resources such as frontend endpoints. Existing design will be deprecated and will result in an incorrect configuration. Please refer to the updated documentation below for more information. + + !> **BREAKING CHANGE:** The `resource_group_name` field has been removed as of the `v2.58.0` provider release. If the `resource_group_name` field has been defined in your current `frontdoor.CustomHttpsConfiguration` resource configuration file please remove it else you will receive a `An argument named "resource_group_name" is not expected here.` error. If your pre-existing Front Door instance contained inline `custom_https_configuration` blocks there are additional steps that will need to be completed to successfully migrate your Front Door onto the `v2.58.0` provider which can be found in this guide. + + !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + vault = azure.keyvault.get_key_vault(name="example-vault", + resource_group_name="example-vault-rg") + example_frontdoor = azure.frontdoor.Frontdoor("exampleFrontdoor", + resource_group_name=example_resource_group.name, + routing_rules=[azure.frontdoor.FrontdoorRoutingRuleArgs( + name="exampleRoutingRule1", + accepted_protocols=[ + "Http", + "Https", + ], + patterns_to_matches=["/*"], + frontend_endpoints=["exampleFrontendEndpoint1"], + forwarding_configuration=azure.frontdoor.FrontdoorRoutingRuleForwardingConfigurationArgs( + forwarding_protocol="MatchRequest", + backend_pool_name="exampleBackendBing", + ), + )], + backend_pool_load_balancings=[azure.frontdoor.FrontdoorBackendPoolLoadBalancingArgs( + name="exampleLoadBalancingSettings1", + )], + backend_pool_health_probes=[azure.frontdoor.FrontdoorBackendPoolHealthProbeArgs( + name="exampleHealthProbeSetting1", + )], + backend_pools=[azure.frontdoor.FrontdoorBackendPoolArgs( + name="exampleBackendBing", + backends=[azure.frontdoor.FrontdoorBackendPoolBackendArgs( + host_header="www.bing.com", + address="www.bing.com", + http_port=80, + https_port=443, + )], + load_balancing_name="exampleLoadBalancingSettings1", + health_probe_name="exampleHealthProbeSetting1", + )], + frontend_endpoints=[ + azure.frontdoor.FrontdoorFrontendEndpointArgs( + name="exampleFrontendEndpoint1", + host_name="example-FrontDoor.azurefd.net", + ), + azure.frontdoor.FrontdoorFrontendEndpointArgs( + name="exampleFrontendEndpoint2", + host_name="examplefd1.examplefd.net", + ), + ]) + example_custom_https0 = azure.frontdoor.CustomHttpsConfiguration("exampleCustomHttps0", + frontend_endpoint_id=example_frontdoor.frontend_endpoints_map["exampleFrontendEndpoint1"], + custom_https_provisioning_enabled=False) + example_custom_https1 = azure.frontdoor.CustomHttpsConfiguration("exampleCustomHttps1", + frontend_endpoint_id=example_frontdoor.frontend_endpoints_map["exampleFrontendEndpoint2"], + custom_https_provisioning_enabled=True, + custom_https_configuration=azure.frontdoor.CustomHttpsConfigurationCustomHttpsConfigurationArgs( + certificate_source="AzureKeyVault", + azure_key_vault_certificate_secret_name="examplefd1", + azure_key_vault_certificate_vault_id=vault.id, + )) + ``` + ## Import Front Door Custom HTTPS Configurations can be imported using the `resource id` of the Front Door Custom HTTPS Configuration, e.g. @@ -154,6 +228,80 @@ def __init__(__self__, args: CustomHttpsConfigurationArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. + + Manages the Custom HTTPS Configuration for an Azure Front Door (classic) Frontend Endpoint. + + > **NOTE:** Defining custom HTTPS configurations using a separate `frontdoor.CustomHttpsConfiguration` resource allows for parallel creation/update. + + !> **BREAKING CHANGE:** In order to address the ordering issue we have changed the design on how to retrieve existing sub resources such as frontend endpoints. Existing design will be deprecated and will result in an incorrect configuration. Please refer to the updated documentation below for more information. + + !> **BREAKING CHANGE:** The `resource_group_name` field has been removed as of the `v2.58.0` provider release. If the `resource_group_name` field has been defined in your current `frontdoor.CustomHttpsConfiguration` resource configuration file please remove it else you will receive a `An argument named "resource_group_name" is not expected here.` error. If your pre-existing Front Door instance contained inline `custom_https_configuration` blocks there are additional steps that will need to be completed to successfully migrate your Front Door onto the `v2.58.0` provider which can be found in this guide. + + !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + vault = azure.keyvault.get_key_vault(name="example-vault", + resource_group_name="example-vault-rg") + example_frontdoor = azure.frontdoor.Frontdoor("exampleFrontdoor", + resource_group_name=example_resource_group.name, + routing_rules=[azure.frontdoor.FrontdoorRoutingRuleArgs( + name="exampleRoutingRule1", + accepted_protocols=[ + "Http", + "Https", + ], + patterns_to_matches=["/*"], + frontend_endpoints=["exampleFrontendEndpoint1"], + forwarding_configuration=azure.frontdoor.FrontdoorRoutingRuleForwardingConfigurationArgs( + forwarding_protocol="MatchRequest", + backend_pool_name="exampleBackendBing", + ), + )], + backend_pool_load_balancings=[azure.frontdoor.FrontdoorBackendPoolLoadBalancingArgs( + name="exampleLoadBalancingSettings1", + )], + backend_pool_health_probes=[azure.frontdoor.FrontdoorBackendPoolHealthProbeArgs( + name="exampleHealthProbeSetting1", + )], + backend_pools=[azure.frontdoor.FrontdoorBackendPoolArgs( + name="exampleBackendBing", + backends=[azure.frontdoor.FrontdoorBackendPoolBackendArgs( + host_header="www.bing.com", + address="www.bing.com", + http_port=80, + https_port=443, + )], + load_balancing_name="exampleLoadBalancingSettings1", + health_probe_name="exampleHealthProbeSetting1", + )], + frontend_endpoints=[ + azure.frontdoor.FrontdoorFrontendEndpointArgs( + name="exampleFrontendEndpoint1", + host_name="example-FrontDoor.azurefd.net", + ), + azure.frontdoor.FrontdoorFrontendEndpointArgs( + name="exampleFrontendEndpoint2", + host_name="examplefd1.examplefd.net", + ), + ]) + example_custom_https0 = azure.frontdoor.CustomHttpsConfiguration("exampleCustomHttps0", + frontend_endpoint_id=example_frontdoor.frontend_endpoints_map["exampleFrontendEndpoint1"], + custom_https_provisioning_enabled=False) + example_custom_https1 = azure.frontdoor.CustomHttpsConfiguration("exampleCustomHttps1", + frontend_endpoint_id=example_frontdoor.frontend_endpoints_map["exampleFrontendEndpoint2"], + custom_https_provisioning_enabled=True, + custom_https_configuration=azure.frontdoor.CustomHttpsConfigurationCustomHttpsConfigurationArgs( + certificate_source="AzureKeyVault", + azure_key_vault_certificate_secret_name="examplefd1", + azure_key_vault_certificate_vault_id=vault.id, + )) + ``` + ## Import Front Door Custom HTTPS Configurations can be imported using the `resource id` of the Front Door Custom HTTPS Configuration, e.g. diff --git a/sdk/python/pulumi_azure/frontdoor/firewall_policy.py b/sdk/python/pulumi_azure/frontdoor/firewall_policy.py index 4c5f29c7f2..4676f1d739 100644 --- a/sdk/python/pulumi_azure/frontdoor/firewall_policy.py +++ b/sdk/python/pulumi_azure/frontdoor/firewall_policy.py @@ -397,6 +397,12 @@ def __init__(__self__, tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, __props__=None): """ + !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. + + Manages an Azure Front Door (classic) Web Application Firewall Policy instance. + + !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + ## Example Usage ```python @@ -531,6 +537,12 @@ def __init__(__self__, args: FirewallPolicyArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + !> **IMPORTANT** This deploys an Azure Front Door (classic) resource which has been deprecated and will receive security updates only. Please migrate your existing Azure Front Door (classic) deployments to the new Azure Front Door (standard/premium) resources. For your convenience, the service team has exposed a `Front Door Classic` to `Front Door Standard/Premium` [migration tool](https://learn.microsoft.com/azure/frontdoor/tier-migration) to allow you to migrate your existing `Front Door Classic` instances to the new `Front Door Standard/Premium` product tiers. + + Manages an Azure Front Door (classic) Web Application Firewall Policy instance. + + !> **Be Aware:** Azure is rolling out a breaking change on Friday 9th April 2021 which may cause issues with the CDN/FrontDoor resources. More information is available in this GitHub issue as the necessary changes are identified. + ## Example Usage ```python diff --git a/sdk/python/pulumi_azure/mssql/database_extended_auditing_policy.py b/sdk/python/pulumi_azure/mssql/database_extended_auditing_policy.py index c01f3525f1..425953aa6d 100644 --- a/sdk/python/pulumi_azure/mssql/database_extended_auditing_policy.py +++ b/sdk/python/pulumi_azure/mssql/database_extended_auditing_policy.py @@ -27,6 +27,10 @@ def __init__(__self__, *, :param pulumi.Input[bool] enabled: Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. ->**NOTE:** If `enabled` is `true`, `storage_endpoint` or `log_monitoring_enabled` are required. + :param pulumi.Input[bool] log_monitoring_enabled: Enable audit events to Azure Monitor? Defaults to `true`. + + > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. :param pulumi.Input[int] retention_in_days: The number of days to retain logs for in the storage account. Defaults to `0`. :param pulumi.Input[str] storage_account_access_key: The access key to use for the auditing storage account. :param pulumi.Input[bool] storage_account_access_key_is_secondary: Is `storage_account_access_key` value the storage's secondary key? @@ -75,6 +79,12 @@ def enabled(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="logMonitoringEnabled") def log_monitoring_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Enable audit events to Azure Monitor? Defaults to `true`. + + > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + """ return pulumi.get(self, "log_monitoring_enabled") @log_monitoring_enabled.setter @@ -146,6 +156,10 @@ def __init__(__self__, *, :param pulumi.Input[bool] enabled: Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. ->**NOTE:** If `enabled` is `true`, `storage_endpoint` or `log_monitoring_enabled` are required. + :param pulumi.Input[bool] log_monitoring_enabled: Enable audit events to Azure Monitor? Defaults to `true`. + + > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. :param pulumi.Input[int] retention_in_days: The number of days to retain logs for in the storage account. Defaults to `0`. :param pulumi.Input[str] storage_account_access_key: The access key to use for the auditing storage account. :param pulumi.Input[bool] storage_account_access_key_is_secondary: Is `storage_account_access_key` value the storage's secondary key? @@ -195,6 +209,12 @@ def enabled(self, value: Optional[pulumi.Input[bool]]): @property @pulumi.getter(name="logMonitoringEnabled") def log_monitoring_enabled(self) -> Optional[pulumi.Input[bool]]: + """ + Enable audit events to Azure Monitor? Defaults to `true`. + + > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + """ return pulumi.get(self, "log_monitoring_enabled") @log_monitoring_enabled.setter @@ -307,6 +327,10 @@ def __init__(__self__, :param pulumi.Input[bool] enabled: Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. ->**NOTE:** If `enabled` is `true`, `storage_endpoint` or `log_monitoring_enabled` are required. + :param pulumi.Input[bool] log_monitoring_enabled: Enable audit events to Azure Monitor? Defaults to `true`. + + > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. :param pulumi.Input[int] retention_in_days: The number of days to retain logs for in the storage account. Defaults to `0`. :param pulumi.Input[str] storage_account_access_key: The access key to use for the auditing storage account. :param pulumi.Input[bool] storage_account_access_key_is_secondary: Is `storage_account_access_key` value the storage's secondary key? @@ -426,6 +450,10 @@ def get(resource_name: str, :param pulumi.Input[bool] enabled: Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`. ->**NOTE:** If `enabled` is `true`, `storage_endpoint` or `log_monitoring_enabled` are required. + :param pulumi.Input[bool] log_monitoring_enabled: Enable audit events to Azure Monitor? Defaults to `true`. + + > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. :param pulumi.Input[int] retention_in_days: The number of days to retain logs for in the storage account. Defaults to `0`. :param pulumi.Input[str] storage_account_access_key: The access key to use for the auditing storage account. :param pulumi.Input[bool] storage_account_access_key_is_secondary: Is `storage_account_access_key` value the storage's secondary key? @@ -465,6 +493,12 @@ def enabled(self) -> pulumi.Output[Optional[bool]]: @property @pulumi.getter(name="logMonitoringEnabled") def log_monitoring_enabled(self) -> pulumi.Output[Optional[bool]]: + """ + Enable audit events to Azure Monitor? Defaults to `true`. + + > **NOTE:** To enable sending audit events to Log Analytics, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_log_analytics` directory within the GitHub Repository. To enable sending server audit events to Log Analytics, please enable the master database to send audit events to Log Analytics. + To enable audit events to Eventhub, please refer to the example which can be found in the `./examples/sql-azure/sql_auditing_eventhub` directory within the GitHub Repository. + """ return pulumi.get(self, "log_monitoring_enabled") @property diff --git a/sdk/python/pulumi_azure/mssql/managed_instance_failover_group.py b/sdk/python/pulumi_azure/mssql/managed_instance_failover_group.py index f028b5f439..b6134e2948 100644 --- a/sdk/python/pulumi_azure/mssql/managed_instance_failover_group.py +++ b/sdk/python/pulumi_azure/mssql/managed_instance_failover_group.py @@ -263,6 +263,81 @@ def __init__(__self__, readonly_endpoint_failover_policy_enabled: Optional[pulumi.Input[bool]] = None, __props__=None): """ + Manages an Azure SQL Managed Instance Failover Group. + + ## Example Usage + + > **Note:** For a more complete example, see the `./examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + address_spaces=["10.0.0.0/16"]) + example_subnet = azure.network.Subnet("exampleSubnet", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.0.2.0/24"]) + example_network_security_group = azure.network.NetworkSecurityGroup("exampleNetworkSecurityGroup", + location=example_resource_group.location, + resource_group_name=example_resource_group.name) + example_subnet_network_security_group_association = azure.network.SubnetNetworkSecurityGroupAssociation("exampleSubnetNetworkSecurityGroupAssociation", + subnet_id=example_subnet.id, + network_security_group_id=example_network_security_group.id) + example_route_table = azure.network.RouteTable("exampleRouteTable", + location=example_resource_group.location, + resource_group_name=example_resource_group.name) + example_subnet_route_table_association = azure.network.SubnetRouteTableAssociation("exampleSubnetRouteTableAssociation", + subnet_id=example_subnet.id, + route_table_id=example_route_table.id) + primary = azure.mssql.ManagedInstance("primary", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + administrator_login="mradministrator", + administrator_login_password="thisIsDog11", + license_type="BasePrice", + subnet_id=example_subnet.id, + sku_name="GP_Gen5", + vcores=4, + storage_size_in_gb=32, + tags={ + "environment": "prod", + }, + opts=pulumi.ResourceOptions(depends_on=[ + example_subnet_network_security_group_association, + example_subnet_route_table_association, + ])) + secondary = azure.mssql.ManagedInstance("secondary", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + administrator_login="mradministrator", + administrator_login_password="thisIsDog11", + license_type="BasePrice", + subnet_id=example_subnet.id, + sku_name="GP_Gen5", + vcores=4, + storage_size_in_gb=32, + tags={ + "environment": "prod", + }, + opts=pulumi.ResourceOptions(depends_on=[ + example_subnet_network_security_group_association, + example_subnet_route_table_association, + ])) + example_managed_instance_failover_group = azure.mssql.ManagedInstanceFailoverGroup("exampleManagedInstanceFailoverGroup", + location=primary.location, + managed_instance_id=primary.id, + partner_managed_instance_id=secondary.id, + read_write_endpoint_failover_policy=azure.mssql.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs( + mode="Automatic", + grace_minutes=60, + )) + ``` + ## Import SQL Instance Failover Groups can be imported using the `resource id`, e.g. @@ -287,6 +362,81 @@ def __init__(__self__, args: ManagedInstanceFailoverGroupArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages an Azure SQL Managed Instance Failover Group. + + ## Example Usage + + > **Note:** For a more complete example, see the `./examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + address_spaces=["10.0.0.0/16"]) + example_subnet = azure.network.Subnet("exampleSubnet", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.0.2.0/24"]) + example_network_security_group = azure.network.NetworkSecurityGroup("exampleNetworkSecurityGroup", + location=example_resource_group.location, + resource_group_name=example_resource_group.name) + example_subnet_network_security_group_association = azure.network.SubnetNetworkSecurityGroupAssociation("exampleSubnetNetworkSecurityGroupAssociation", + subnet_id=example_subnet.id, + network_security_group_id=example_network_security_group.id) + example_route_table = azure.network.RouteTable("exampleRouteTable", + location=example_resource_group.location, + resource_group_name=example_resource_group.name) + example_subnet_route_table_association = azure.network.SubnetRouteTableAssociation("exampleSubnetRouteTableAssociation", + subnet_id=example_subnet.id, + route_table_id=example_route_table.id) + primary = azure.mssql.ManagedInstance("primary", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + administrator_login="mradministrator", + administrator_login_password="thisIsDog11", + license_type="BasePrice", + subnet_id=example_subnet.id, + sku_name="GP_Gen5", + vcores=4, + storage_size_in_gb=32, + tags={ + "environment": "prod", + }, + opts=pulumi.ResourceOptions(depends_on=[ + example_subnet_network_security_group_association, + example_subnet_route_table_association, + ])) + secondary = azure.mssql.ManagedInstance("secondary", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + administrator_login="mradministrator", + administrator_login_password="thisIsDog11", + license_type="BasePrice", + subnet_id=example_subnet.id, + sku_name="GP_Gen5", + vcores=4, + storage_size_in_gb=32, + tags={ + "environment": "prod", + }, + opts=pulumi.ResourceOptions(depends_on=[ + example_subnet_network_security_group_association, + example_subnet_route_table_association, + ])) + example_managed_instance_failover_group = azure.mssql.ManagedInstanceFailoverGroup("exampleManagedInstanceFailoverGroup", + location=primary.location, + managed_instance_id=primary.id, + partner_managed_instance_id=secondary.id, + read_write_endpoint_failover_policy=azure.mssql.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs( + mode="Automatic", + grace_minutes=60, + )) + ``` + ## Import SQL Instance Failover Groups can be imported using the `resource id`, e.g. diff --git a/sdk/python/pulumi_azure/netapp/_inputs.py b/sdk/python/pulumi_azure/netapp/_inputs.py index 41f1630489..84f10d05cf 100644 --- a/sdk/python/pulumi_azure/netapp/_inputs.py +++ b/sdk/python/pulumi_azure/netapp/_inputs.py @@ -355,6 +355,11 @@ def __init__(__self__, *, """ :param pulumi.Input[str] remote_volume_location: Location of the primary volume. Changing this forces a new resource to be created. :param pulumi.Input[str] remote_volume_resource_id: Resource ID of the primary volume. + :param pulumi.Input[str] replication_frequency: Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + + A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + + > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. :param pulumi.Input[str] endpoint_type: The endpoint type, default value is `dst` for destination. """ pulumi.set(__self__, "remote_volume_location", remote_volume_location) @@ -390,6 +395,13 @@ def remote_volume_resource_id(self, value: pulumi.Input[str]): @property @pulumi.getter(name="replicationFrequency") def replication_frequency(self) -> pulumi.Input[str]: + """ + Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + + A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + + > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + """ return pulumi.get(self, "replication_frequency") @replication_frequency.setter @@ -413,11 +425,25 @@ def endpoint_type(self, value: Optional[pulumi.Input[str]]): class VolumeDataProtectionSnapshotPolicyArgs: def __init__(__self__, *, snapshot_policy_id: pulumi.Input[str]): + """ + :param pulumi.Input[str] snapshot_policy_id: Resource ID of the snapshot policy to apply to the volume. + + A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + + > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + """ pulumi.set(__self__, "snapshot_policy_id", snapshot_policy_id) @property @pulumi.getter(name="snapshotPolicyId") def snapshot_policy_id(self) -> pulumi.Input[str]: + """ + Resource ID of the snapshot policy to apply to the volume. + + A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + + > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + """ return pulumi.get(self, "snapshot_policy_id") @snapshot_policy_id.setter diff --git a/sdk/python/pulumi_azure/netapp/outputs.py b/sdk/python/pulumi_azure/netapp/outputs.py index 0e6a3a0c7d..27ebb3f80a 100644 --- a/sdk/python/pulumi_azure/netapp/outputs.py +++ b/sdk/python/pulumi_azure/netapp/outputs.py @@ -405,6 +405,11 @@ def __init__(__self__, *, """ :param str remote_volume_location: Location of the primary volume. Changing this forces a new resource to be created. :param str remote_volume_resource_id: Resource ID of the primary volume. + :param str replication_frequency: Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + + A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + + > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. :param str endpoint_type: The endpoint type, default value is `dst` for destination. """ pulumi.set(__self__, "remote_volume_location", remote_volume_location) @@ -432,6 +437,13 @@ def remote_volume_resource_id(self) -> str: @property @pulumi.getter(name="replicationFrequency") def replication_frequency(self) -> str: + """ + Replication frequency, supported values are '10minutes', 'hourly', 'daily', values are case sensitive. + + A full example of the `data_protection_replication` attribute can be found in the `./examples/netapp/volume_crr` directory within the GitHub Repository + + > **NOTE:** `data_protection_replication` can be defined only once per secondary volume, adding a second instance of it is not supported. + """ return pulumi.get(self, "replication_frequency") @property @@ -464,11 +476,25 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, snapshot_policy_id: str): + """ + :param str snapshot_policy_id: Resource ID of the snapshot policy to apply to the volume. + + A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + + > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + """ pulumi.set(__self__, "snapshot_policy_id", snapshot_policy_id) @property @pulumi.getter(name="snapshotPolicyId") def snapshot_policy_id(self) -> str: + """ + Resource ID of the snapshot policy to apply to the volume. + + A full example of the `data_protection_snapshot_policy` attribute usage can be found in the `./examples/netapp/nfsv3_volume_with_snapshot_policy` directory within the GitHub Repository + + > **NOTE:** `data_protection_snapshot_policy` block can be used alone or with data_protection_replication in the primary volume only, if enabling it in the secondary, an error will be thrown. + """ return pulumi.get(self, "snapshot_policy_id") diff --git a/sdk/python/pulumi_azure/network/_inputs.py b/sdk/python/pulumi_azure/network/_inputs.py index cff2c9d340..450f031a2a 100644 --- a/sdk/python/pulumi_azure/network/_inputs.py +++ b/sdk/python/pulumi_azure/network/_inputs.py @@ -4705,6 +4705,13 @@ def __init__(__self__, *, """ :param pulumi.Input[str] name: Specifies the name of the IP Configuration. :param pulumi.Input[str] private_ip_address: The private IP address associated with the Firewall. + :param pulumi.Input[str] public_ip_address_id: The ID of the Public IP Address associated with the firewall. + + > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + + > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `network.PublicIp` happens before the update of firewall by default. to destroy of `network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + + > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. :param pulumi.Input[str] subnet_id: Reference to the subnet associated with the IP Configuration. Changing this forces a new resource to be created. > **NOTE** The Subnet used for the Firewall must have the name `AzureFirewallSubnet` and the subnet mask must be at least a `/26`. @@ -4746,6 +4753,15 @@ def private_ip_address(self, value: Optional[pulumi.Input[str]]): @property @pulumi.getter(name="publicIpAddressId") def public_ip_address_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the Public IP Address associated with the firewall. + + > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + + > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `network.PublicIp` happens before the update of firewall by default. to destroy of `network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + + > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + """ return pulumi.get(self, "public_ip_address_id") @public_ip_address_id.setter diff --git a/sdk/python/pulumi_azure/network/network_watcher_flow_log.py b/sdk/python/pulumi_azure/network/network_watcher_flow_log.py index 43c5fbd320..179f1c8573 100644 --- a/sdk/python/pulumi_azure/network/network_watcher_flow_log.py +++ b/sdk/python/pulumi_azure/network/network_watcher_flow_log.py @@ -393,6 +393,10 @@ def __init__(__self__, version: Optional[pulumi.Input[int]] = None, __props__=None): """ + Manages a Network Watcher Flow Log. + + > **Note** The `network.NetworkWatcherFlowLog` creates a new storage lifecyle management rule that overwrites existing rules. Please make sure to use a `storage_account` with no existing management rules, until the issue is fixed. + ## Example Usage ```python @@ -465,6 +469,10 @@ def __init__(__self__, args: NetworkWatcherFlowLogArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages a Network Watcher Flow Log. + + > **Note** The `network.NetworkWatcherFlowLog` creates a new storage lifecyle management rule that overwrites existing rules. Please make sure to use a `storage_account` with no existing management rules, until the issue is fixed. + ## Example Usage ```python diff --git a/sdk/python/pulumi_azure/network/outputs.py b/sdk/python/pulumi_azure/network/outputs.py index 3a6ef8f71a..371a5a4165 100644 --- a/sdk/python/pulumi_azure/network/outputs.py +++ b/sdk/python/pulumi_azure/network/outputs.py @@ -4720,6 +4720,13 @@ def __init__(__self__, *, """ :param str name: Specifies the name of the IP Configuration. :param str private_ip_address: The private IP address associated with the Firewall. + :param str public_ip_address_id: The ID of the Public IP Address associated with the firewall. + + > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + + > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `network.PublicIp` happens before the update of firewall by default. to destroy of `network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + + > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. :param str subnet_id: Reference to the subnet associated with the IP Configuration. Changing this forces a new resource to be created. > **NOTE** The Subnet used for the Firewall must have the name `AzureFirewallSubnet` and the subnet mask must be at least a `/26`. @@ -4753,6 +4760,15 @@ def private_ip_address(self) -> Optional[str]: @property @pulumi.getter(name="publicIpAddressId") def public_ip_address_id(self) -> Optional[str]: + """ + The ID of the Public IP Address associated with the firewall. + + > **NOTE** A public ip address is required unless a `management_ip_configuration` block is specified. + + > **NOTE** When multiple `ip_configuration` blocks with `public_ip_address_id` are configured, `pulumi up` will raise an error when one or some of these `ip_configuration` blocks are removed. because the `public_ip_address_id` is still used by the `firewall` resource until the `firewall` resource is updated. and the destruction of `network.PublicIp` happens before the update of firewall by default. to destroy of `network.PublicIp` will cause the error. The workaround is to set `create_before_destroy=true` to the `network.PublicIp` resource `lifecycle` block. See more detail: destroying.md#create-before-destroy + + > **NOTE** The Public IP must have a `Static` allocation and `Standard` SKU. + """ return pulumi.get(self, "public_ip_address_id") @property diff --git a/sdk/python/pulumi_azure/privatelink/endpoint.py b/sdk/python/pulumi_azure/privatelink/endpoint.py index 281c8811b8..14f93d97c0 100644 --- a/sdk/python/pulumi_azure/privatelink/endpoint.py +++ b/sdk/python/pulumi_azure/privatelink/endpoint.py @@ -378,6 +378,138 @@ def __init__(__self__, tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, __props__=None): """ + Manages a Private Endpoint. + + Azure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Private Endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. The service could be an Azure service such as Azure Storage, SQL, etc. or your own Private Link Service. + + ## Example Usage + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork", + address_spaces=["10.0.0.0/16"], + location=example_resource_group.location, + resource_group_name=example_resource_group.name) + service = azure.network.Subnet("service", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.0.1.0/24"], + enforce_private_link_service_network_policies=True) + endpoint = azure.network.Subnet("endpoint", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.0.2.0/24"], + enforce_private_link_endpoint_network_policies=True) + example_public_ip = azure.network.PublicIp("examplePublicIp", + sku="Standard", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + allocation_method="Static") + example_load_balancer = azure.lb.LoadBalancer("exampleLoadBalancer", + sku="Standard", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + frontend_ip_configurations=[azure.lb.LoadBalancerFrontendIpConfigurationArgs( + name=example_public_ip.name, + public_ip_address_id=example_public_ip.id, + )]) + example_link_service = azure.privatedns.LinkService("exampleLinkService", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + nat_ip_configurations=[azure.privatedns.LinkServiceNatIpConfigurationArgs( + name=example_public_ip.name, + primary=True, + subnet_id=service.id, + )], + load_balancer_frontend_ip_configuration_ids=[example_load_balancer.frontend_ip_configurations[0].id]) + example_endpoint = azure.privatelink.Endpoint("exampleEndpoint", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + subnet_id=endpoint.id, + private_service_connection=azure.privatelink.EndpointPrivateServiceConnectionArgs( + name="example-privateserviceconnection", + private_connection_resource_id=example_link_service.id, + is_manual_connection=False, + )) + ``` + + Using a Private Link Service Alias with existing resources: + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.get_resource_group(name="example-resources") + vnet = azure.network.get_virtual_network(name="example-network", + resource_group_name=example_resource_group.name) + subnet = azure.network.get_subnet(name="default", + virtual_network_name=vnet.name, + resource_group_name=example_resource_group.name) + example_endpoint = azure.privatelink.Endpoint("exampleEndpoint", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + subnet_id=subnet.id, + private_service_connection=azure.privatelink.EndpointPrivateServiceConnectionArgs( + name="example-privateserviceconnection", + private_connection_resource_alias="example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice", + is_manual_connection=True, + request_message="PL", + )) + ``` + + Using a Private Endpoint pointing to an *owned* Azure service, with proper DNS configuration: + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_account = azure.storage.Account("exampleAccount", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + account_tier="Standard", + account_replication_type="LRS") + example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork", + address_spaces=["10.0.0.0/16"], + location=example_resource_group.location, + resource_group_name=example_resource_group.name) + example_subnet = azure.network.Subnet("exampleSubnet", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.0.2.0/24"]) + example_zone = azure.privatedns.Zone("exampleZone", resource_group_name=example_resource_group.name) + example_endpoint = azure.privatelink.Endpoint("exampleEndpoint", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + subnet_id=example_subnet.id, + private_service_connection=azure.privatelink.EndpointPrivateServiceConnectionArgs( + name="example-privateserviceconnection", + private_connection_resource_id=example_account.id, + subresource_names=["blob"], + is_manual_connection=False, + ), + private_dns_zone_group=azure.privatelink.EndpointPrivateDnsZoneGroupArgs( + name="example-dns-zone-group", + private_dns_zone_ids=[example_zone.id], + )) + example_zone_virtual_network_link = azure.privatedns.ZoneVirtualNetworkLink("exampleZoneVirtualNetworkLink", + resource_group_name=example_resource_group.name, + private_dns_zone_name=example_zone.name, + virtual_network_id=example_virtual_network.id) + ``` + ## Example HCL Configurations + + * How to conneca `Private Endpoint` to a Application Gateway + * How to connect a `Private Endpoint` to a Cosmos MongoDB + * How to connect a `Private Endpoint` to a Cosmos PostgreSQL + * How to connect a `Private Endpoint` to a PostgreSQL Server + * How to connect a `Private Endpoint` to a Private Link Service + * How to connect a `Private Endpoint` to a Private DNS Group + * How to connect a `Private Endpoint` to a Databricks Workspace + ## Import Private Endpoints can be imported using the `resource id`, e.g. @@ -405,6 +537,138 @@ def __init__(__self__, args: EndpointArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages a Private Endpoint. + + Azure Private Endpoint is a network interface that connects you privately and securely to a service powered by Azure Private Link. Private Endpoint uses a private IP address from your VNet, effectively bringing the service into your VNet. The service could be an Azure service such as Azure Storage, SQL, etc. or your own Private Link Service. + + ## Example Usage + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork", + address_spaces=["10.0.0.0/16"], + location=example_resource_group.location, + resource_group_name=example_resource_group.name) + service = azure.network.Subnet("service", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.0.1.0/24"], + enforce_private_link_service_network_policies=True) + endpoint = azure.network.Subnet("endpoint", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.0.2.0/24"], + enforce_private_link_endpoint_network_policies=True) + example_public_ip = azure.network.PublicIp("examplePublicIp", + sku="Standard", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + allocation_method="Static") + example_load_balancer = azure.lb.LoadBalancer("exampleLoadBalancer", + sku="Standard", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + frontend_ip_configurations=[azure.lb.LoadBalancerFrontendIpConfigurationArgs( + name=example_public_ip.name, + public_ip_address_id=example_public_ip.id, + )]) + example_link_service = azure.privatedns.LinkService("exampleLinkService", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + nat_ip_configurations=[azure.privatedns.LinkServiceNatIpConfigurationArgs( + name=example_public_ip.name, + primary=True, + subnet_id=service.id, + )], + load_balancer_frontend_ip_configuration_ids=[example_load_balancer.frontend_ip_configurations[0].id]) + example_endpoint = azure.privatelink.Endpoint("exampleEndpoint", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + subnet_id=endpoint.id, + private_service_connection=azure.privatelink.EndpointPrivateServiceConnectionArgs( + name="example-privateserviceconnection", + private_connection_resource_id=example_link_service.id, + is_manual_connection=False, + )) + ``` + + Using a Private Link Service Alias with existing resources: + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.get_resource_group(name="example-resources") + vnet = azure.network.get_virtual_network(name="example-network", + resource_group_name=example_resource_group.name) + subnet = azure.network.get_subnet(name="default", + virtual_network_name=vnet.name, + resource_group_name=example_resource_group.name) + example_endpoint = azure.privatelink.Endpoint("exampleEndpoint", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + subnet_id=subnet.id, + private_service_connection=azure.privatelink.EndpointPrivateServiceConnectionArgs( + name="example-privateserviceconnection", + private_connection_resource_alias="example-privatelinkservice.d20286c8-4ea5-11eb-9584-8f53157226c6.centralus.azure.privatelinkservice", + is_manual_connection=True, + request_message="PL", + )) + ``` + + Using a Private Endpoint pointing to an *owned* Azure service, with proper DNS configuration: + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + example_account = azure.storage.Account("exampleAccount", + resource_group_name=example_resource_group.name, + location=example_resource_group.location, + account_tier="Standard", + account_replication_type="LRS") + example_virtual_network = azure.network.VirtualNetwork("exampleVirtualNetwork", + address_spaces=["10.0.0.0/16"], + location=example_resource_group.location, + resource_group_name=example_resource_group.name) + example_subnet = azure.network.Subnet("exampleSubnet", + resource_group_name=example_resource_group.name, + virtual_network_name=example_virtual_network.name, + address_prefixes=["10.0.2.0/24"]) + example_zone = azure.privatedns.Zone("exampleZone", resource_group_name=example_resource_group.name) + example_endpoint = azure.privatelink.Endpoint("exampleEndpoint", + location=example_resource_group.location, + resource_group_name=example_resource_group.name, + subnet_id=example_subnet.id, + private_service_connection=azure.privatelink.EndpointPrivateServiceConnectionArgs( + name="example-privateserviceconnection", + private_connection_resource_id=example_account.id, + subresource_names=["blob"], + is_manual_connection=False, + ), + private_dns_zone_group=azure.privatelink.EndpointPrivateDnsZoneGroupArgs( + name="example-dns-zone-group", + private_dns_zone_ids=[example_zone.id], + )) + example_zone_virtual_network_link = azure.privatedns.ZoneVirtualNetworkLink("exampleZoneVirtualNetworkLink", + resource_group_name=example_resource_group.name, + private_dns_zone_name=example_zone.name, + virtual_network_id=example_virtual_network.id) + ``` + ## Example HCL Configurations + + * How to conneca `Private Endpoint` to a Application Gateway + * How to connect a `Private Endpoint` to a Cosmos MongoDB + * How to connect a `Private Endpoint` to a Cosmos PostgreSQL + * How to connect a `Private Endpoint` to a PostgreSQL Server + * How to connect a `Private Endpoint` to a Private Link Service + * How to connect a `Private Endpoint` to a Private DNS Group + * How to connect a `Private Endpoint` to a Databricks Workspace + ## Import Private Endpoints can be imported using the `resource id`, e.g. diff --git a/sdk/python/pulumi_azure/sql/managed_instance_failover_group.py b/sdk/python/pulumi_azure/sql/managed_instance_failover_group.py index daf73bb039..53417731d3 100644 --- a/sdk/python/pulumi_azure/sql/managed_instance_failover_group.py +++ b/sdk/python/pulumi_azure/sql/managed_instance_failover_group.py @@ -295,6 +295,64 @@ def __init__(__self__, resource_group_name: Optional[pulumi.Input[str]] = None, __props__=None): """ + Manages a SQL Instance Failover Group. + + ## Example Usage + + > **Note:** The `sql.ManagedInstanceFailoverGroup` resource is deprecated in version 3.0 of the AzureRM provider and will be removed in version 4.0. Please use the `mssql.ManagedInstanceFailoverGroup` resource instead. + + > **Note:** For a more complete example, see the the `examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + primary = azure.sql.ManagedInstance("primary", + resource_group_name=azurerm_resource_group["primary"]["name"], + location=azurerm_resource_group["primary"]["location"], + administrator_login="mradministrator", + administrator_login_password="thisIsDog11", + license_type="BasePrice", + subnet_id=azurerm_subnet["primary"]["id"], + sku_name="GP_Gen5", + vcores=4, + storage_size_in_gb=32, + tags={ + "environment": "prod", + }, + opts=pulumi.ResourceOptions(depends_on=[ + azurerm_subnet_network_security_group_association["primary"], + azurerm_subnet_route_table_association["primary"], + ])) + secondary = azure.sql.ManagedInstance("secondary", + resource_group_name=azurerm_resource_group["secondary"]["name"], + location=azurerm_resource_group["secondary"]["location"], + administrator_login="mradministrator", + administrator_login_password="thisIsDog11", + license_type="BasePrice", + subnet_id=azurerm_subnet["secondary"]["id"], + sku_name="GP_Gen5", + vcores=4, + storage_size_in_gb=32, + tags={ + "environment": "prod", + }, + opts=pulumi.ResourceOptions(depends_on=[ + azurerm_subnet_network_security_group_association["secondary"], + azurerm_subnet_route_table_association["secondary"], + ])) + example_managed_instance_failover_group = azure.sql.ManagedInstanceFailoverGroup("exampleManagedInstanceFailoverGroup", + resource_group_name=azurerm_resource_group["primary"]["name"], + location=primary.location, + managed_instance_name=primary.name, + partner_managed_instance_id=secondary.id, + read_write_endpoint_failover_policy=azure.sql.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs( + mode="Automatic", + grace_minutes=60, + )) + ``` + ## Import SQL Instance Failover Groups can be imported using the `resource id`, e.g. @@ -320,6 +378,64 @@ def __init__(__self__, args: ManagedInstanceFailoverGroupArgs, opts: Optional[pulumi.ResourceOptions] = None): """ + Manages a SQL Instance Failover Group. + + ## Example Usage + + > **Note:** The `sql.ManagedInstanceFailoverGroup` resource is deprecated in version 3.0 of the AzureRM provider and will be removed in version 4.0. Please use the `mssql.ManagedInstanceFailoverGroup` resource instead. + + > **Note:** For a more complete example, see the the `examples/sql-azure/managed_instance_failover_group` directory within the GitHub Repository. + + ```python + import pulumi + import pulumi_azure as azure + + example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe") + primary = azure.sql.ManagedInstance("primary", + resource_group_name=azurerm_resource_group["primary"]["name"], + location=azurerm_resource_group["primary"]["location"], + administrator_login="mradministrator", + administrator_login_password="thisIsDog11", + license_type="BasePrice", + subnet_id=azurerm_subnet["primary"]["id"], + sku_name="GP_Gen5", + vcores=4, + storage_size_in_gb=32, + tags={ + "environment": "prod", + }, + opts=pulumi.ResourceOptions(depends_on=[ + azurerm_subnet_network_security_group_association["primary"], + azurerm_subnet_route_table_association["primary"], + ])) + secondary = azure.sql.ManagedInstance("secondary", + resource_group_name=azurerm_resource_group["secondary"]["name"], + location=azurerm_resource_group["secondary"]["location"], + administrator_login="mradministrator", + administrator_login_password="thisIsDog11", + license_type="BasePrice", + subnet_id=azurerm_subnet["secondary"]["id"], + sku_name="GP_Gen5", + vcores=4, + storage_size_in_gb=32, + tags={ + "environment": "prod", + }, + opts=pulumi.ResourceOptions(depends_on=[ + azurerm_subnet_network_security_group_association["secondary"], + azurerm_subnet_route_table_association["secondary"], + ])) + example_managed_instance_failover_group = azure.sql.ManagedInstanceFailoverGroup("exampleManagedInstanceFailoverGroup", + resource_group_name=azurerm_resource_group["primary"]["name"], + location=primary.location, + managed_instance_name=primary.name, + partner_managed_instance_id=secondary.id, + read_write_endpoint_failover_policy=azure.sql.ManagedInstanceFailoverGroupReadWriteEndpointFailoverPolicyArgs( + mode="Automatic", + grace_minutes=60, + )) + ``` + ## Import SQL Instance Failover Groups can be imported using the `resource id`, e.g.