1. Redirecting HTTP to HTTPS on Azure CDN Endpoint

    TypeScript

    Redirecting HTTP traffic to HTTPS is a common requirement for web applications to ensure secure communication. In the Azure CDN, you can achieve this redirection using the CDN endpoint's rules engine feature, which allows you to define custom rules for handling incoming requests.

    Below is a Pulumi program written in TypeScript that creates an Azure CDN Profile and an Endpoint with a custom rule to redirect HTTP to HTTPS. This program uses the azure-native provider because it is the latest and provides direct access to all Azure services.

    I'll explain each part of the program:

    1. CDN Profile: This resource represents a CDN profile which serves as a container for CDN endpoints.
    2. CDN Endpoint: Represents a single endpoint with a set of rules and configurations. A CDN endpoint is a specific location to which your content is distributed and through which it's accessed by users.
    3. Delivery Policy: A policy on the endpoint that contains a set of rules.
    4. HTTPS Redirect Rule: A custom rule to redirect HTTP traffic to HTTPS.

    Before running this program, make sure you have configured your Azure credentials for Pulumi and installed the necessary packages such as @pulumi/azure-native. You may do this by running pulumi login and npm install, respectively.

    Here's the Pulumi program:

    import * as pulumi from "@pulumi/pulumi"; import * as cdn from "@pulumi/azure-native/cdn"; // Create a new CDN profile const profile = new cdn.Profile("myCDNProfile", { resourceGroupName: "myResourceGroup", location: "global", sku: { name: "Standard_Microsoft", }, }); // Create an endpoint for the CDN profile const endpoint = new cdn.Endpoint("myCDNEndpoint", { resourceGroupName: "myResourceGroup", profileName: profile.name, location: "global", isHttpsAllowed: true, isHttpAllowed: true, // Directs the request to HTTPS endpoint if the request protocol is HTTP deliveryPolicy: { rules: [{ order: 1, name: "RedirectHttpToHttps", actions: [ { name: "UrlRedirect", parameters: { odataType: "#Microsoft.Azure.Cdn.Models.DeliveryRuleUrlRedirectActionParameters", redirectType: "Found", protocol: "Https", }, }, ], conditions: [ { name: "RequestScheme", parameters: { odataType: "#Microsoft.Azure.Cdn.Models.DeliveryRuleRequestSchemeConditionParameters", matchValues: ["HTTP"], }, }, ], }], }, }); // Exports the URL of the CDN endpoint export const cdnEndpointUrl = pulumi.interpolate`https://${endpoint.hostName}`;

    In this program, the CDN Profile and Endpoint are created in a resource group called myResourceGroup (you should replace this with the appropriate resource group in your Azure subscription). The endpoint's deliveryPolicy includes one rule called "RedirectHttpToHttps", where HTTP traffic is redirected to use HTTPS using the "Found" redirect type, which corresponds to HTTP status code 302.

    The condition for the rule checks the request scheme to match "HTTP" only, ensuring that HTTPS requests are not affected by this rule.

    Finally, we export the URL of the CDN endpoint, which can be used to access the content delivered by the CDN. This URL will use the HTTPS protocol by default due to the redirection rule.

    Remember to replace placeholder values (like "myResourceGroup") with your actual Azure resource names and locations.

    After setting up this configuration, any HTTP traffic to your CDN endpoint will be automatically redirected to use HTTPS, thus securing your users' connections.