Hi Guys I m trying to rewrite my stack to azure nextgen Have Pulumi Community #azure

Hi Guys! I'm trying to rewrite my stack to azure n...

orange-dog-73995

10/05/2020, 11:31 AM

Hi Guys! I'm trying to rewrite my stack to azure nextgen. Have some questions on proper NSG config: made 2 security rules -

var rule1 = new SecurityRule("rule1", new Pulumi.AzureNextGen.Network.Latest.SecurityRuleArgs

SecurityRuleName = "RDP_3389",

...

});

var rule2 = new SecurityRule("rule2", new Pulumi.AzureNextGen.Network.Latest.SecurityRuleArgs

SecurityRuleName = "Port_6516",

...

});

and trying to make a List of them to use in NSG:

var securityRules = new List<Pulumi.AzureNextGen.Network.Latest.SecurityRuleArgs> { rule1, rule2 };

VSCode says that: Argument 1: cannot convert from 'Pulumi.AzureNextGen.Network.Latest.SecurityRule' to 'Pulumi.AzureNextGen.Network.Latest.SecurityRuleArgs' [Azure.WebServer]csharp(CS1503) What am I doing wrong, please?

tall-librarian-49374

10/05/2020, 11:54 AM

Hi Igor, great to see you here!

SecurityRule

is a resource while

SecurityRuleArgs

is its input type, they aren’t the same thing. When building a list of args, you should pass args objects. E.g. this will compile:

Copy code

var ruleArgs1 = new Pulumi.AzureNextGen.Network.Latest.SecurityRuleArgs
{
    SecurityRuleName = "RDP_3389",
    //...
};
var ruleArgs2 = new Pulumi.AzureNextGen.Network.Latest.SecurityRuleArgs
{
    SecurityRuleName = "Port_6516",
    //...
};
var securityRules = new List<Pulumi.AzureNextGen.Network.Latest.SecurityRuleArgs> { ruleArgs1, ruleArgs2 };

orange-dog-73995

10/05/2020, 12:00 PM

ok, so no need to create rules to get that list for NSG?

tall-librarian-49374

10/05/2020, 12:09 PM

Azure’s Network resource provider is designed somewhat confusingly. You can either set rules inside the property of NSG or define them as separate resources. If you go for the former option, you only need

args

. If you choose the latter, you create several

SecurityRule

resources but do not pass them to NSG.

tall-librarian-49374

10/05/2020, 12:10 PM

Off the top of my head, I do not know the limitations of each approach.

orange-dog-73995

10/05/2020, 12:19 PM

I don't see how those rules will get proper names then 🙂, will try and see

tall-librarian-49374

10/05/2020, 12:22 PM

You can set

Name

in both cases, can’t you?

orange-dog-73995

10/05/2020, 12:23 PM

had to rewrite that piece:

var rule1Args = new Pulumi.AzureNextGen.Network.Latest.Inputs.SecurityRuleArgs

{ Access = "Allow", //Deny, Allow //... }; var rule2Args = new Pulumi.AzureNextGen.Network.Latest.Inputs.SecurityRuleArgs { Access = "Allow", //Deny, Allow //... }; var securityRulesArgs = new List<Pulumi.AzureNextGen.Network.Latest.Inputs.SecurityRuleArgs> { rule1Args, rule2Args }; var nsg = new NetworkSecurityGroup("nsg", new Pulumi.AzureNextGen.Network.Latest.NetworkSecurityGroupArgs { Location = _resourceGroup.Location, ResourceGroupName = _resourceGroup.Name, NetworkSecurityGroupName = "nsg", SecurityRules = securityRulesArgs, });

orange-dog-73995

10/05/2020, 12:24 PM

and when I make Args as Inputs they can't have names

tall-librarian-49374

10/05/2020, 12:26 PM

Copy code

var rule2Args = new Pulumi.AzureNextGen.Network.Latest.Inputs.SecurityRuleArgs
{
    Access = "Allow", //Deny, Allow
    Name = "myrule",
    //...
};

orange-dog-73995

10/05/2020, 12:28 PM

right, now it worked, before VSCode was complaining...

3 Views

Open in Slack

Previous Next