UNPKG

@pulumi/fastly

Version:

A Pulumi package for creating and managing fastly cloud resources.. Based on terraform-provider-fastly: version v4

pulumi.io

pulumi/pulumi-fastly

140 lines (139 loc) 6.79 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
import * as pulumi from "@pulumi/pulumi"; /** * This resource represents a successful validation of a Fastly TLS Subscription in concert with other resources. * * Most commonly, this resource is used together with a resource for a DNS record and `fastly.TlsSubscription` to request a DNS validated certificate, deploy the required validation records and wait for validation to complete. * * > **Warning:** This resource implements a part of the validation workflow. It does not represent a real-world entity in Fastly, therefore changing or deleting this resource on its own has no immediate effect. * * ## Example Usage * * DNS Validation with AWS Route53: * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * import * as fastly from "@pulumi/fastly"; * import * as std from "@pulumi/std"; * * // NOTE: Creating a hosted zone will automatically create SOA/NS records. * const production = new aws.index.Route53Zone("production", {name: "example.com"}); * const example = new aws.index.Route53domainsRegisteredDomain("example", { * nameServer: Object.entries(production.nameServers).map(([k, v]) => ({key: k, value: v})).map(entry => ({ * name: entry.value, * })), * domainName: "example.com", * }); * const subdomains = [ * "a.example.com", * "b.example.com", * ]; * const exampleServiceVcl = new fastly.ServiceVcl("example", { * domains: subdomains.map((v, k) => ({key: k, value: v})).map(entry => ({ * name: entry.value, * })), * name: "example-service", * backends: [{ * address: "127.0.0.1", * name: "localhost", * }], * forceDestroy: true, * }); * const exampleTlsSubscription = new fastly.TlsSubscription("example", { * domains: exampleServiceVcl.domains.apply(domains => .map(domain => (domain.name))), * certificateAuthority: "lets-encrypt", * }); * const domainValidation: aws.index.Route53Record[] = []; * exampleTlsSubscription.domains.apply(domains => { * for (const range of Object.entries(domains.reduce((__obj, domain) => ({ ...__obj, [domain]: exampleTlsSubscription.managedDnsChallenges.apply(managedDnsChallenges => managedDnsChallenges.filter(obj => obj.recordName == `_acme-challenge.${domain}`).map(obj => (obj)))[0] }))).map(([k, v]) => ({key: k, value: v}))) { * domainValidation.push(new aws.index.Route53Record(`domain_validation-${range.key}`, { * name: range.value.recordName, * type: range.value.recordType, * zoneId: production.zoneId, * allowOverwrite: true, * records: [range.value.recordValue], * ttl: 60, * }, { * dependsOn: [exampleTlsSubscription], * })); * } * }); * // This is a resource that other resources can depend on if they require the certificate to be issued. * // NOTE: Internally the resource keeps retrying `GetTLSSubscription` until no error is returned (or the configured timeout is reached). * const exampleTlsSubscriptionValidation = new fastly.TlsSubscriptionValidation("example", {subscriptionId: exampleTlsSubscription.id}, { * dependsOn: [domainValidation], * }); * // This data source lists all available configuration objects. * // It uses a `default` attribute to narrow down the list to just one configuration object. * // If the filtered list has a length that is not exactly one element, you'll see an error returned. * // The single TLS configuration is then returned and can be referenced by other resources (see aws_route53_record below). * // * // IMPORTANT: Not all customers will have a 'default' configuration. * // If you have issues filtering with `default = true`, then you may need another attribute. * // Refer to the fastly_tls_configuration documentation for available attributes: * // https://registry.terraform.io/providers/fastly/fastly/latest/docs/data-sources/tls_configuration#optional * const defaultTls = fastly.getTlsConfiguration({ * "default": true, * }); * // Once validation is complete and we've retrieved the TLS configuration data, we can create multiple subdomain records. * const subdomain: aws.index.Route53Record[] = []; * for (const range = {value: 0}; range.value < std.index.toset({ * input: subdomains, * }).result; range.value++) { * subdomain.push(new aws.index.Route53Record(`subdomain-${range.value}`, { * name: range.value, * records: .filter(record => record.recordType == "CNAME").map(record => (record.recordValue)), * ttl: 300, * type: "CNAME", * zoneId: production.zoneId, * })); * } * ``` */ export declare class TlsSubscriptionValidation extends pulumi.CustomResource { /** * Get an existing TlsSubscriptionValidation resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: TlsSubscriptionValidationState, opts?: pulumi.CustomResourceOptions): TlsSubscriptionValidation; /** * Returns true if the given object is an instance of TlsSubscriptionValidation. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is TlsSubscriptionValidation; /** * The ID of the TLS Subscription that should be validated. */ readonly subscriptionId: pulumi.Output<string>; /** * Create a TlsSubscriptionValidation resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: TlsSubscriptionValidationArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering TlsSubscriptionValidation resources. */ export interface TlsSubscriptionValidationState { /** * The ID of the TLS Subscription that should be validated. */ subscriptionId?: pulumi.Input<string>; } /** * The set of arguments for constructing a TlsSubscriptionValidation resource. */ export interface TlsSubscriptionValidationArgs { /** * The ID of the TLS Subscription that should be validated. */ subscriptionId: pulumi.Input<string>; }