Gathering detailed insights and metrics for @pulumi/azure-native
Gathering detailed insights and metrics for @pulumi/azure-native
Installations
npm install @pulumi/azure-nativeDeveloper
pulumi
Developer Guide
BETA
Module System
Unable to determine the module system for this package.
Min. Node Version
Typescript Support
Yes
Node Version
20.18.0
NPM Version
10.8.2
Statistics
129 Stars
1,935 Commits
35 Forks
21 Watching
186 Branches
106 Contributors
Updated on 25 Nov 2024
Languages
Python (51.22%)
C# (29.1%)
TypeScript (19.6%)
Go (0.08%)
Total Downloads
Cumulative downloads
Total Downloads
2,639,488
Last day
-35.1%
3,106
Compared to previous day
Last week
-4.9%
24,480
Compared to previous week
Last month
-1.3%
105,249
Compared to previous month
Last year
47.9%
1,248,473
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
2
Versions
Native Azure Pulumi Provider
The Azure Native provider for Pulumi lets you use Azure resources in your cloud programs. This provider uses the Azure Resource Manager REST API directly and therefore provides full access to the ARM API.
The Azure Native provider is the recommended provider for projects targeting Azure.
To use this package, install the Pulumi CLI.
Installing
This package is available in many languages in the standard packaging formats.
Node.js (JavaScript/TypeScript)
To use from JavaScript or TypeScript in Node.js, install using either npm:
npm install @pulumi/azure-native
or yarn:
yarn add @pulumi/azure-native
Python
To use from Python, install using pip:
pip install pulumi_azure_native
Go
To use from Go, use go get to grab the latest version of the library
go get github.com/pulumi/pulumi-azure-native/sdk
.NET
To use from .NET, install using dotnet add package:
dotnet add package Pulumi.AzureNative
Concepts
The @pulumi/azure-native package provides a strongly-typed means to build cloud applications that create
and interact closely with Azure resources. Resources are exposed for the entire Azure surface area,
including (but not limited to) 'compute', 'keyvault', 'network', 'storage', and more.
The Azure Native provider works directly with the Azure Resource Manager (ARM) platform instead of depending on a handwritten layer as with the classic provider. This approach ensures higher quality and higher fidelity with the Azure platform.
Configuring credentials
To learn how to configure credentials refer to the Azure configuration options.
Other Configuration
In addition to the configuration options in the official documentation linked above, the following environment variables can be used to tweak lower-level behavior of the provider:
PULUMI_FORCE_NEW_FROM_SUBTYPES: if, after a change in your program, the provider does not replace a resource that should be replaced because it cannot be updated, setting this variable totruemight allow the provider to infer the correct behavior. For more details please see PR #2970. We're planning to make this behavior the default in the future.
Building
See contributing for details on how to build and contribute to this provider.
Reference
For further information, visit Azure Native in the Pulumi Registry or for detailed API reference documentation, visit Azure Native API Docs in the Pulumi Registry.
No vulnerabilities found.
Reason
all changesets reviewed
Reason
30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/pulumi/.github/SECURITY.md:1
- Info: Found linked content: github.com/pulumi/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/pulumi/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/pulumi/.github/SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
no binaries found in the repo
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact v2.73.1 not signed: https://api.github.com/repos/pulumi/pulumi-azure-native/releases/186610832
- Warn: release artifact v2.73.0 not signed: https://api.github.com/repos/pulumi/pulumi-azure-native/releases/186425244
- Warn: release artifact v2.72.0 not signed: https://api.github.com/repos/pulumi/pulumi-azure-native/releases/185221172
- Warn: release artifact v2.71.0 not signed: https://api.github.com/repos/pulumi/pulumi-azure-native/releases/184416459
- Warn: release artifact v2.70.0 not signed: https://api.github.com/repos/pulumi/pulumi-azure-native/releases/184145530
- Warn: release artifact v2.73.1 does not have provenance: https://api.github.com/repos/pulumi/pulumi-azure-native/releases/186610832
- Warn: release artifact v2.73.0 does not have provenance: https://api.github.com/repos/pulumi/pulumi-azure-native/releases/186425244
- Warn: release artifact v2.72.0 does not have provenance: https://api.github.com/repos/pulumi/pulumi-azure-native/releases/185221172
- Warn: release artifact v2.71.0 does not have provenance: https://api.github.com/repos/pulumi/pulumi-azure-native/releases/184416459
- Warn: release artifact v2.70.0 does not have provenance: https://api.github.com/repos/pulumi/pulumi-azure-native/releases/184145530
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/acceptance-test.yml:1
- Warn: no topLevel permission defined: .github/workflows/actionlint.yml:1
- Warn: no topLevel permission defined: .github/workflows/autorest-scheduled.yml:1
- Warn: no topLevel permission defined: .github/workflows/build-test.yml:1
- Warn: no topLevel permission defined: .github/workflows/command-dispatch.yml:1
- Warn: no topLevel permission defined: .github/workflows/master.yml:1
- Warn: no topLevel permission defined: .github/workflows/nightly-sdk-generation.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/pull-request-community-autoresponder.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/version.yml:1
- Warn: no topLevel permission defined: .github/workflows/weekly-pulumi-update.yml:1
- Info: no jobLevel write permissions found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/acceptance-test.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/acceptance-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/actionlint.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/actionlint.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/actionlint.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/actionlint.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:206: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:270: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:308: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-test.yml:336: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:347: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:373: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-test.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-test.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-test.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-test.yml:172: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-test.yml:181: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/build-test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/command-dispatch.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/command-dispatch.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/command-dispatch.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/command-dispatch.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly-sdk-generation.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/nightly-sdk-generation.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:213: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:254: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:268: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:289: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:297: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:309: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:317: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:339: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:373: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pull-request-community-autoresponder.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/pull-request-community-autoresponder.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/version.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/version.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weekly-pulumi-update.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/weekly-pulumi-update.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/weekly-pulumi-update.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/pulumi/pulumi-azure-native/weekly-pulumi-update.yml/master?enable=pin
- Warn: containerImage not pinned by hash: examples/cs-appservice-docker/node-app/Dockerfile:1: pin your Docker image by updating node:8.9.3-alpine to node:8.9.3-alpine@sha256:40201c973cf40708f06205b22067f952dd46a29cecb7a74b873ce303ad0d11a5
- Warn: npmCommand not pinned by hash: examples/cs-appservice-docker/node-app/Dockerfile:5
- Warn: pipCommand not pinned by hash: .github/workflows/publish.yml:159
- Warn: goCommand not pinned by hash: .github/workflows/weekly-pulumi-update.yml:36
- Warn: goCommand not pinned by hash: .github/workflows/weekly-pulumi-update.yml:37
- Warn: goCommand not pinned by hash: .github/workflows/weekly-pulumi-update.yml:41
- Info: 0 out of 27 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 26 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 containerImage dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
- Info: 0 out of 1 pipCommand dependencies pinned
- Info: 0 out of 3 goCommand dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
5.9
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More