iSharkFly-Docs/pulumi-hugo-cn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
pulumi-hugo-cn/themes/default/content/docs/pulumi-cloud/esc/reference.md

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

180 lines
5.5 KiB
Markdown
Raw Permalink Normal View History

Add 10/10 content stubs
2023-10-05 10:43:11 -07:00
---
PR fixes and moving CLI
2023-10-09 07:17:56 +00:00
title: Syntax Reference
title_tag: Syntax Reference
using pulumi esc
2023-10-07 07:37:08 +00:00
h1: Pulumi ESC Syntax Reference
Add 10/10 content stubs
2023-10-05 10:43:11 -07:00
meta_desc: Pulumi ESC allows you to compose and manage hierarchical collections of configuration and secrets and consume them in various ways.
using pulumi esc
2023-10-07 07:37:08 +00:00
menu:
refactor to pulumi cloud
2023-10-09 19:40:04 +00:00
pulumicloud:
Update themes/default/content/docs/using-pulumi/esc/reference.md Co-authored-by: Christian Nunciato <c@nunciato.org>
2023-10-08 21:46:07 -07:00
identifier: reference
parent: esc
concepts refactor
2023-10-09 23:27:32 +00:00
weight: 4
Add 10/10 content stubs
2023-10-05 10:43:11 -07:00
---
using pulumi esc
2023-10-07 07:37:08 +00:00
```yaml
# ---------------------------------------------------------------------------------------
# Imports section names the environments to import. Environments are merged in order
# per JSON merge patch.
# ---------------------------------------------------------------------------------------
# imports is an optional top-level key
imports:
- environment-a
- environment-b
# ---------------------------------------------------------------------------------------
# Main configuration -- set configuration values either as static values, or interpolated
# from other sources. Values are merged onto imported environments per JSON merge patch.
# ---------------------------------------------------------------------------------------
# values is a required top-level key
values:
# Values can be objects, arrays, strings, numbers, or booleans
# References to this value will use the path excluding the
# top-level "values" key
# Path is "app"
app:
# Path is "app.setting"
setting: example
# Path is "app.replicas"
replicas: 3
# Path is "app.enabled"
enabled: true
# Path is "app.nested"
nested:
# Path is "app.nested.setting"
setting: nested-example
# Path is "app.items"
# Array elements are "app.items[0]" and "app.items[1]"
items: [ "config-a", "config-b" ]
# Values within the environment and its imports may be referenced
# Path is "app.settingCopy"
settingCopy: ${app.setting}
# ---------------------------------------------------------------------------------------
# Functions -- configuration may be transformed with the following functions
# ---------------------------------------------------------------------------------------
# Scalar values may be marked secret
# Path is "app.password"
password:
fn::secret: YQ!r24kdF7
# Join array elements with the given delimiter
# Path is "app.url"
url:
fn::join: [ ", ", "${app.items}" ]
# Encode the argument as a Base64 string
# Path is "app.passwordB64"
passwordB64:
fn::toBase64: ${app.password}
# Encode the argument as a JSON string
# Path is "app.jsonConfig"
jsonConfig:
fn::toJSON: ${app.nested}
# Encode the argument as a string
# Path is "app.strConfig"
strConfig:
fn::toString: ${app.nested}
# ---------------------------------------------------------------------------------------
# Dynamic configuration from providers -- configuration may be loaded from external
# sources using a variety of providers. This configuration will be loaded when the
# environment is opened.
# ---------------------------------------------------------------------------------------
# AWS Provider examples
aws:
login:
fn::open::aws-login:
oidc:
roleArn: arn:aws:iam::086028354146:role/pulumi-deployments-oidc
sessionName: pulumi-environments-session
secrets:
fn::open::aws-secrets:
region: us-west-1
login: ${aws.login}
get:
api-key:
secretId: api-key
app-secret:
secretId: app-secret
# Azure Provider examples
azure:
login:
fn::open::azure-login:
clientId: aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
tenantId: aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee
subscriptionId: /subscriptions/00000000-0000-0000-0000-000000000000
oidc: true
secrets:
fn::open::azure-secrets:
login: ${azure.login}
vault: example-vault-name
get:
api-key:
name: api-key
app-secret:
name: app-secret
# GCP Provider examples
gcp:
login:
fn::open::gcp-login:
project: 123456789
oidc:
workloadPoolId: pulumi-esc
providerId: pulumi-esc
serviceAccount: pulumi-esc@foo-bar-123456.iam.gserviceaccount.com
secrets:
fn::open::gcp-secrets:
login: ${gcp.login}
access:
api-key:
name: api-key
app-secret:
name: app-secret
# Vault Provider examples
vault:
login:
fn::open::vault-login:
address: https://127.0.0.1:8200/
jwt:
role: example-role
secrets:
fn::open::vault-secrets:
login: ${vault.login}
read:
api-key:
path: api-key
app-secret:
path: app-secret
# ---------------------------------------------------------------------------------------
# Exports -- expose configuration values to particular consumers
# ---------------------------------------------------------------------------------------
# Configuration nested under the "environmentVariables" key is used to export environment
# variables when using `esc open --shell`, `esc run`, or `pulumi up/preview/refresh/destroy`
environmentVariables:
AWS_ACCESS_KEY_ID: ${awsCreds.accessKeyId}
AWS_SECRET_ACCESS_KEY: ${awsCreds.secretAccessKey}
AWS_SESSION_TOKEN: ${awsCreds.sessionToken}
# Configuration nested under the "pulumiConfig" key will be available to Pulumi stacks that
fix to naming/casing conventions
2023-10-10 00:42:53 +00:00
# reference this environment during `pulumi up/preview/refresh/destroy`
using pulumi esc
2023-10-07 07:37:08 +00:00
pulumiConfig:
aws:region: us-west-2
```
Reference in New Issue Copy Permalink