github.com/cdmixer/woolloomooloo@v0.1.0/pkg/codegen/internal/test/testdata/aws-eks.pp.go (about) 1 package main 2 3 import ( 4 "encoding/json" 5 "fmt" 6 7 "github.com/pulumi/pulumi-aws/sdk/v2/go/aws" 8 "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/ec2" 9 "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/eks" 10 "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam" 11 "github.com/pulumi/pulumi/sdk/v2/go/pulumi" 12 ) 13 14 func main() { 15 pulumi.Run(func(ctx *pulumi.Context) error { 16 eksVpc, err := ec2.NewVpc(ctx, "eksVpc", &ec2.VpcArgs{ 17 CidrBlock: pulumi.String("10.100.0.0/16"), 18 InstanceTenancy: pulumi.String("default"), 19 EnableDnsHostnames: pulumi.Bool(true), 20 EnableDnsSupport: pulumi.Bool(true), 21 Tags: pulumi.StringMap{ 22 "Name": pulumi.String("pulumi-eks-vpc"), 23 }, 24 }) 25 if err != nil { 26 return err 27 } 28 eksIgw, err := ec2.NewInternetGateway(ctx, "eksIgw", &ec2.InternetGatewayArgs{ 29 VpcId: eksVpc.ID(), 30 Tags: pulumi.StringMap{ 31 "Name": pulumi.String("pulumi-vpc-ig"), 32 }, 33 }) 34 if err != nil { 35 return err 36 } 37 eksRouteTable, err := ec2.NewRouteTable(ctx, "eksRouteTable", &ec2.RouteTableArgs{ 38 VpcId: eksVpc.ID(), 39 Routes: ec2.RouteTableRouteArray{ 40 &ec2.RouteTableRouteArgs{ 41 CidrBlock: pulumi.String("0.0.0.0/0"), 42 GatewayId: eksIgw.ID(), 43 }, 44 }, 45 Tags: pulumi.StringMap{ 46 "Name": pulumi.String("pulumi-vpc-rt"), 47 }, 48 }) 49 if err != nil { 50 return err 51 } 52 zones, err := aws.GetAvailabilityZones(ctx, nil, nil) 53 if err != nil { 54 return err 55 } 56 var vpcSubnet []*ec2.Subnet 57 for key0, val0 := range zones.Names { 58 __res, err := ec2.NewSubnet(ctx, fmt.Sprintf("vpcSubnet-%v", key0), &ec2.SubnetArgs{ 59 AssignIpv6AddressOnCreation: pulumi.Bool(false), 60 VpcId: eksVpc.ID(), 61 MapPublicIpOnLaunch: pulumi.Bool(true), 62 CidrBlock: pulumi.String(fmt.Sprintf("%v%v%v", "10.100.", key0, ".0/24")), 63 AvailabilityZone: pulumi.String(val0), 64 Tags: pulumi.StringMap{ 65 "Name": pulumi.String(fmt.Sprintf("%v%v", "pulumi-sn-", val0)), 66 }, 67 }) 68 if err != nil { 69 return err 70 } 71 vpcSubnet = append(vpcSubnet, __res) 72 } 73 var rta []*ec2.RouteTableAssociation 74 for key0, _ := range zones.Names { 75 __res, err := ec2.NewRouteTableAssociation(ctx, fmt.Sprintf("rta-%v", key0), &ec2.RouteTableAssociationArgs{ 76 RouteTableId: eksRouteTable.ID(), 77 SubnetId: vpcSubnet[key0].ID(), 78 }) 79 if err != nil { 80 return err 81 } 82 rta = append(rta, __res) 83 } 84 var splat0 pulumi.StringArray 85 for _, val0 := range vpcSubnet { 86 splat0 = append(splat0, val0.ID()) 87 } 88 subnetIds := splat0 89 eksSecurityGroup, err := ec2.NewSecurityGroup(ctx, "eksSecurityGroup", &ec2.SecurityGroupArgs{ 90 VpcId: eksVpc.ID(), 91 Description: pulumi.String("Allow all HTTP(s) traffic to EKS Cluster"), 92 Tags: pulumi.StringMap{ 93 "Name": pulumi.String("pulumi-cluster-sg"), 94 }, 95 Ingress: ec2.SecurityGroupIngressArray{ 96 &ec2.SecurityGroupIngressArgs{ 97 CidrBlocks: pulumi.StringArray{ 98 pulumi.String("0.0.0.0/0"), 99 }, 100 FromPort: pulumi.Int(443), 101 ToPort: pulumi.Int(443), 102 Protocol: pulumi.String("tcp"), 103 Description: pulumi.String("Allow pods to communicate with the cluster API Server."), 104 }, 105 &ec2.SecurityGroupIngressArgs{ 106 CidrBlocks: pulumi.StringArray{ 107 pulumi.String("0.0.0.0/0"), 108 }, 109 FromPort: pulumi.Int(80), 110 ToPort: pulumi.Int(80), 111 Protocol: pulumi.String("tcp"), 112 Description: pulumi.String("Allow internet access to pods"), 113 }, 114 }, 115 }) 116 if err != nil { 117 return err 118 } 119 tmpJSON0, err := json.Marshal(map[string]interface{}{ 120 "Version": "2012-10-17", 121 "Statement": []map[string]interface{}{ 122 map[string]interface{}{ 123 "Action": "sts:AssumeRole", 124 "Principal": map[string]interface{}{ 125 "Service": "eks.amazonaws.com", 126 }, 127 "Effect": "Allow", 128 "Sid": "", 129 }, 130 }, 131 }) 132 if err != nil { 133 return err 134 } 135 json0 := string(tmpJSON0) 136 eksRole, err := iam.NewRole(ctx, "eksRole", &iam.RoleArgs{ 137 AssumeRolePolicy: pulumi.String(json0), 138 }) 139 if err != nil { 140 return err 141 } 142 _, err = iam.NewRolePolicyAttachment(ctx, "servicePolicyAttachment", &iam.RolePolicyAttachmentArgs{ 143 Role: eksRole.ID(), 144 PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSServicePolicy"), 145 }) 146 if err != nil { 147 return err 148 } 149 _, err = iam.NewRolePolicyAttachment(ctx, "clusterPolicyAttachment", &iam.RolePolicyAttachmentArgs{ 150 Role: eksRole.ID(), 151 PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"), 152 }) 153 if err != nil { 154 return err 155 } 156 tmpJSON1, err := json.Marshal(map[string]interface{}{ 157 "Version": "2012-10-17", 158 "Statement": []map[string]interface{}{ 159 map[string]interface{}{ 160 "Action": "sts:AssumeRole", 161 "Principal": map[string]interface{}{ 162 "Service": "ec2.amazonaws.com", 163 }, 164 "Effect": "Allow", 165 "Sid": "", 166 }, 167 }, 168 }) 169 if err != nil { 170 return err 171 } 172 json1 := string(tmpJSON1) 173 ec2Role, err := iam.NewRole(ctx, "ec2Role", &iam.RoleArgs{ 174 AssumeRolePolicy: pulumi.String(json1), 175 }) 176 if err != nil { 177 return err 178 } 179 _, err = iam.NewRolePolicyAttachment(ctx, "workerNodePolicyAttachment", &iam.RolePolicyAttachmentArgs{ 180 Role: ec2Role.ID(), 181 PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"), 182 }) 183 if err != nil { 184 return err 185 } 186 _, err = iam.NewRolePolicyAttachment(ctx, "cniPolicyAttachment", &iam.RolePolicyAttachmentArgs{ 187 Role: ec2Role.ID(), 188 PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEKSCNIPolicy"), 189 }) 190 if err != nil { 191 return err 192 } 193 _, err = iam.NewRolePolicyAttachment(ctx, "registryPolicyAttachment", &iam.RolePolicyAttachmentArgs{ 194 Role: ec2Role.ID(), 195 PolicyArn: pulumi.String("arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"), 196 }) 197 if err != nil { 198 return err 199 } 200 eksCluster, err := eks.NewCluster(ctx, "eksCluster", &eks.ClusterArgs{ 201 RoleArn: eksRole.Arn, 202 Tags: pulumi.StringMap{ 203 "Name": pulumi.String("pulumi-eks-cluster"), 204 }, 205 VpcConfig: &eks.ClusterVpcConfigArgs{ 206 PublicAccessCidrs: pulumi.StringArray{ 207 pulumi.String("0.0.0.0/0"), 208 }, 209 SecurityGroupIds: pulumi.StringArray{ 210 eksSecurityGroup.ID(), 211 }, 212 SubnetIds: subnetIds, 213 }, 214 }) 215 if err != nil { 216 return err 217 } 218 _, err = eks.NewNodeGroup(ctx, "nodeGroup", &eks.NodeGroupArgs{ 219 ClusterName: eksCluster.Name, 220 NodeGroupName: pulumi.String("pulumi-eks-nodegroup"), 221 NodeRoleArn: ec2Role.Arn, 222 SubnetIds: subnetIds, 223 Tags: pulumi.StringMap{ 224 "Name": pulumi.String("pulumi-cluster-nodeGroup"), 225 }, 226 ScalingConfig: &eks.NodeGroupScalingConfigArgs{ 227 DesiredSize: pulumi.Int(2), 228 MaxSize: pulumi.Int(2), 229 MinSize: pulumi.Int(1), 230 }, 231 }) 232 if err != nil { 233 return err 234 } 235 ctx.Export("clusterName", eksCluster.Name) 236 ctx.Export("kubeconfig", pulumi.All(eksCluster.Endpoint, eksCluster.CertificateAuthority, eksCluster.Name).ApplyT(func(_args []interface{}) (pulumi.String, error) { 237 endpoint := _args[0].(string) 238 certificateAuthority := _args[1].(eks.ClusterCertificateAuthority) 239 name := _args[2].(string) 240 var _zero pulumi.String 241 tmpJSON2, err := json.Marshal(map[string]interface{}{ 242 "apiVersion": "v1", 243 "clusters": []map[string]interface{}{ 244 map[string]interface{}{ 245 "cluster": map[string]interface{}{ 246 "server": endpoint, 247 "certificate-authority-data": certificateAuthority.Data, 248 }, 249 "name": "kubernetes", 250 }, 251 }, 252 "contexts": []map[string]interface{}{ 253 map[string]interface{}{ 254 "contest": map[string]interface{}{ 255 "cluster": "kubernetes", 256 "user": "aws", 257 }, 258 }, 259 }, 260 "current-context": "aws", 261 "kind": "Config", 262 "users": []map[string]interface{}{ 263 map[string]interface{}{ 264 "name": "aws", 265 "user": map[string]interface{}{ 266 "exec": map[string]interface{}{ 267 "apiVersion": "client.authentication.k8s.io/v1alpha1", 268 "command": "aws-iam-authenticator", 269 }, 270 "args": []string{ 271 "token", 272 "-i", 273 name, 274 }, 275 }, 276 }, 277 }, 278 }) 279 if err != nil { 280 return _zero, err 281 } 282 json2 := string(tmpJSON2) 283 return pulumi.String(json2), nil 284 }).(pulumi.StringOutput)) 285 return nil 286 }) 287 }