How to use @pulumi/tls - 3 common examples
To help you get started, we’ve selected a few @pulumi/tls examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
pulumi / kubernetes-guides / azure / 03-cluster-configuration / index.ts View on Github 
import * as azure from "@pulumi/azure";
import * as k8s from "@pulumi/kubernetes";
import * as pulumi from "@pulumi/pulumi";
import * as tls from "@pulumi/tls";
import { config } from "./config";
const name = pulumi.getProject();
// Create an SSH public key that will be used by the Kubernetes cluster.
// Note: We create one here to simplify the demo, but a production
// deployment would probably pass an existing key in as a variable.
const sshPublicKey = new tls.PrivateKey(`${name}-sshKey`, {
algorithm: "RSA",
rsaBits: 4096,
}).publicKeyOpenssh;
// Create the AKS cluster.
const cluster = new azure.containerservice.KubernetesCluster(`${name}`, {
resourceGroupName: config.resourceGroupName,
agentPoolProfiles: [{
name: "performant",
count: 3,
vmSize: "Standard_DS4_v2",
osType: "Linux",
osDiskSizeGb: 30,
vnetSubnetId: config.subnetId,
}, {
name: "standard",constructor(name: string,
args: AksClusterArgs,
opts: pulumi.ComponentResourceOptions = {}) {
super("examples:keda:AksCluster", name, args, opts);
const password = new random.RandomPassword("password", {
length: 20,
special: true,
}).result;
const sshPublicKey = new tls.PrivateKey("keda", {
algorithm: "RSA",
rsaBits: 4096,
}).publicKeyOpenssh;
// Create the AD service principal for the K8s cluster.
const adApp = new azuread.Application("aks", undefined, { parent: this });
const adSp = new azuread.ServicePrincipal("aksSp", { applicationId: adApp.applicationId }, { parent: this });
const adSpPassword = new azuread.ServicePrincipalPassword("aksSpPassword", {
servicePrincipalId: adSp.id,
value: password,
endDate: "2099-01-01T00:00:00Z",
}, { parent: this });
// Create a Virtual Network for the cluster
const vnet = new azure.network.VirtualNetwork("keda", {
resourceGroupName: args.resourceGroupName,constructor(name: string,
opts: pulumi.ComponentResourceOptions = {}) {
super("examples:kubernetes-ts-multicloud:AksCluster", name, {}, opts);
// Generate a strong password for the Service Principal.
const password = new random.RandomPassword("password", {
length: 20,
special: true,
}, {parent: this}).result;
// Create an SSH public key that will be used by the Kubernetes cluster.
// Note: We create one here to simplify the demo, but a production deployment would probably pass
// an existing key in as a variable.
const sshPublicKey = new tls.PrivateKey("sshKey", {
algorithm: "RSA",
rsaBits: 4096,
}, {parent: this}).publicKeyOpenssh;
// Create the AD service principal for the K8s cluster.
const adApp = new azuread.Application("aks", undefined, {parent: this});
const adSp = new azuread.ServicePrincipal("aksSp", {
applicationId: adApp.applicationId,
}, {parent: this});
const adSpPassword = new azuread.ServicePrincipalPassword("aksSpPassword", {
servicePrincipalId: adSp.id,
value: password,
endDate: "2099-01-01T00:00:00Z",
}, {parent: this});
const resourceGroup = new azure.core.ResourceGroup("multicloud");@pulumi/tls
A Pulumi package to create TLS resources in Pulumi programs.
