https://pulumi.com logo
Join Slack
Powered by
Good morning, I was looking to do the pulumi equiv...
# azure
l
Good morning, I was looking to do the pulumi equivalent of the az cdn command with min tls 1.2 and a managed cert (https://docs.microsoft.com/en-us/cli/azure/cdn/custom-domain?view=azure-cli-latest) AFDCustomDomain has exactly what i was expecting https://www.pulumi.com/docs/reference/pkg/azure-native/cdn/afdcustomdomain/
Copy code
tlsSettings: {
        certificateType: "ManagedCertificate",
        minimumTlsVersion: "TLS12",
    },
But I dont see that with CustomDomain if i want to avoid FrontDoor? https://www.pulumi.com/docs/reference/pkg/azure-native/cdn/customdomain/ I was thinking of combining CustomDomain with ManagedCertificate https://www.pulumi.com/docs/reference/pkg/azure/appservice/managedcertificate/ but don't know how to get the min tls set as well?
This page and none of it's links mention this UI being a front door feature from what i can tell
t
If you have it configured in the portal, could you export this resource as ARM template and see what’s there?
👀 1
r
Either that, or you can also just perform that az command with --debug, that way you can see the actual JSON payload, and it’s basically the exact same property you would configure with azure-native.
Using 
az
with 
--debug
is a great way to also migrate your scripts to pulumi management with azure-native, without the extra overhead that an ARM templates provides, specially with arm template functions that don’t have an equal in pulumi.
👍 1
l
Copy code
"resources": [
        {
            "type": "Microsoft.Cdn/profiles/endpoints/customdomains",
            "apiVersion": "2020-09-01",
            "name": "[concat(parameters('profiles_test_profile_name'), '/test-endpoint/cdn-my-domain-com')]",
            "dependsOn": [
                "[resourceId('Microsoft.Cdn/profiles/endpoints', parameters('profiles_test_profile_name'), 'test-endpoint')]"
            ],
            "properties": {
                "hostName": "<http://cdn.my-domain.com|cdn.my-domain.com>"
            }
        },
nothing about mintls or managed cert, same from json view in the UI
it's like the bottom half of the UI is being offloaded to front door or something and it's not documented at all
front doors is empty, but front doors standard/premium lists the profile/endpoint/custom domain, so there's maybe some weird overlap going on here?
We're going to just roll with Standard_AzureFrontDoor profile for now and use the AFDCustomDomain
3 Views
Open in Slack
PreviousNext
Powered by