https://pulumi.com logo
Join Slack
Powered by
# general
  • s
    I am curious what others experiences on here are with migrating over from Terraform. I’ve worked with Pulumi for a while, but don’t know Terraform. I’ve started to learn a little bit to help me understand how to best accomplish a migration to Pulumi. The current setup I am looking at is feasibly manageable (not too big), so I thought as a POC I could just import the base infrastructure and go from there as I learn more how/what Terraform is doing in this particular case. Doing research I found Pulumi has a convert feature though and a Pulumi Terraform bridge. It seems obvious to just use and trust the convert feature but I am now curious…what’s your take on each different approach? Have/how have you done a migration from Terraform to Pulumi? What was your strategy? Any common pitfalls encountered? Gotchas to lookout for? What worked, what didn’t, and what to probably avoid? I think it’s a manageable size to just rip the bandaid and the benefit outweighs dealing with incremental adoption/migration (at least the major bulk and confirming before cutover). Would love to hear any experience and insights. Thank you
    👀 1
    e
    s
    +2
    • 5
    • 11
  • g
    Hello - our PDP has recently started returning an error. I was wondering if someone could take a look please? The error message is:
    Copy code
    Request failed with status code 502 and cannot connect to the PDP, please check your configuration and make sure the PDP is running at <https://cultivo-sidecar.permit.io> and accepting requests.
    • 1
    • 2
  • e
    Hello, I use Pulumi (Python) for deploying infrastructure in OCI and Ansible to configure the instances. Is there any tool that can integrate both?
    e
    l
    • 3
    • 9
  • h
    Preview has randomly started failing with this obscure log:
    Copy code
    Resources:
      ...
      1 errored
  
  
      at Object.createCommandError (/home/user/actions-runner/_work/_actions/pulumi/actions/v6/webpack:/pulumi-github-action/node_modules/@pulumi/pulumi/automation/errors.js:81:1)
      at exec (/home/user/actions-runner/_work/_actions/pulumi/actions/v6/webpack:/pulumi-github-action/node_modules/@pulumi/pulumi/automation/cmd.js:196:1)
      at processTicksAndRejections (node:internal/process/task_queues:95:5)
      at Stack.runPulumiCmd (/home/user/actions-runner/_work/_actions/pulumi/actions/v6/webpack:/pulumi-github-action/node_modules/@pulumi/pulumi/automation/stack.js:1239:1)
      at Stack.preview (/home/user/actions-runner/_work/_actions/pulumi/actions/v6/webpack:/pulumi-github-action/node_modules/@pulumi/pulumi/automation/stack.js:443:1)
    No smoking gun showing where the error originated and the deploy works fine. Anyone else running into this or have any suggestions?
    s
    b
    • 3
    • 4
  • c
    Update: Issue is due to a new bug in Bitbucket pipelines I need help debugging a strange issue where my CI/CD system is now failing because of spurious lock files on the s3 state backing:
    Copy code
    Logged in to df6cb4fba5de as root (s3://....)
pulumi stack select dev
error: the stack is currently locked by 1 lock(s). Either wait for the other process(es) to end or delete the lock file with `pulumi cancel`.
  s3://...: created by root@c232aa577335 (pid 466) at 2025-10-24T06:13:03Z
Searching for test report files in directories named [test-reports, surefire-reports, failsafe-reports, test-results, TestRes
    I even added a 
    pulumi cancel -y
    to the pipeline but it still hits the locking failure:
    Copy code
    make login-$STACK &&
pulumi cancel -y &&
pulumi up -y -f
pulumi login 's3://...'
Logged in to f0ef7c8e5c60 as root (s3://...)
pulumi stack select dev
The currently running update for 'dev' has been canceled!
error: the stack is currently locked by 1 lock(s). Either wait for the other process(es) to end or delete the lock file with `pulumi cancel`.
  s3://...: created by root@e921618df966 (pid 476) at 2025-11-28T04:56:45Z
    This bitbucket pipeline is configured to pull pulumi:latest and started failing on October 24th -- I tried pulling the versions prior to Oct 24th 
    3.203.0
    but am still running into this problem.     That said, I have not found other people with the same problems on Github issues. I do, however, want to debug this further before creating a Github issue; does anyone have advice on how I can debug this problem further?
    e
    • 2
    • 5
  • l
    I made a tiny util for easier/faster stack switching: https://github.com/trondhindenes/pulumi-stack-switcher. I was always a bit annoyed that I had to run "pulumi stack ls" before finding the name of the stack to switch to, so I made this util that allows me to tab-complete. Feel free to use it if you have the same issue!
    partypus 2
  • m
    set the channel topic: Ask any question about Pulumi! This week's community helper: @numerous-book-75463 On rotation: Monday–Friday Tag for anything you’re stuck on! See the FAQ at: https://www.pulumi.com/docs/support/faq/
  • f
    I'm having the following assertion failure on Pulumi update:
    Copy code
    panic: fatal: An assertion has failed: 'Check' and 'Diff' must be called before 'Update' (urn:pulumi:jamesm::xxx::pulumi:providers:pulumi-python::default)
    This appears to be on my default Python provider in my pulumi-aws stack. Any suggestions on how to diagnose why this is happening? I have other stacks deployed form the same project that aren't encountering this, so it's a state-related issue with this stack.
    n
    • 2
    • 3
  • f
    If I export my stack, the URN experiencing this issue is of type 
    pulumi:providers:pulumi-python
  • f
  • b
    Hello, since yesterday I cannot load my environment (it is always ending with an 500 error), my organization name is xait-france, I am totally stuck (I tried through the web site and the cli and got the same result). Do someone can help me please ? (If it has something to do with the free tier, please let me know)
    1
    n
    f
    • 3
    • 11
  • f
    I'm looking into using beforeUpdate in a ResourceHookBinding to start an AWS EC2 instance before I run a command on it. However, to start the instance I need the IID, and the IID is an output of an aws.EC2 resource. It looks like the only way I can feed the aws.EC2 resource ID in to the hook as a resolved value is to make it an input of the resource I have attached the hook to. It would be useful if hooks could get access to the outputs of the parent resource, as the resource I'm attaching my hook to is a child of the aws.ec2 resource.
    n
    e
    • 3
    • 13
  • a
    Hey folks! I'm using a docker.Container component and I use labels to trigger restarts in some cases. One thing I noticed is that if I change an existing label, pulumi does see that as a change and triggers container recreation. If I delete an existing labels, the preview function shows no changes. Is this expected behavior? My pulumi version is 
    v3.205.0
    . I'm using pulumi in typescript
    n
    • 2
    • 4
  • t
    how do wildcards work with 
    pulumi refresh -x
    ?
    c
    n
    • 3
    • 5
  • f
    Hello Pulumi team, I'm an early user since 2018 and have always supported Pulumi which is a game changer in the industry since then, but I have a serious issue with your current pricing model (team edition). Using Pulumi today to manage all of our aws infra costs us 2x more than what we pay to aws, which is insane for "just" IaC. And I'm talking only about resources credits here since we don't use anything else (and we won't given this pricing issue). While I'm willing as a business to pay a fair contribution to support your project instead of using the free plan, this is not properly balanced nor sustainable. So, what should we do ?
    🔥 4
    2
    a
    e
    +5
    • 8
    • 24
  • s
    🚀 1
    👍🏻 1
    🔥 1
  • e
    Hi team, I’m trying to create a DbSystem using Pulumi (OCI provider @ 3.12.0) and I get a 400 CannotParseRequest error when launching LaunchDbSystem. import pulumi import pulumi_oci as oci db_system = oci.database.DbSystem( "example-dbsystem", compartment_id="COMPARTMENT_OCID_REDACTED", availability_domain="AD-1", subnet_id="SUBNET_OCID_REDACTED", shape="VM.Standard.E5.Flex", hostname="example-host", ssh_public_keys=["ssh-rsa AAAA...david@host"], source="NONE", license_model="LICENSE_INCLUDED", database_edition="ENTERPRISE_EDITION", disk_redundancy="HIGH", data_storage_size_in_gb=256, db_home=oci.database.DbHomeArgs( display_name="example-home", db_version="19.29.0.0", database=oci.database.DbHomeDatabaseArgs( db_name="testdb", admin_password="REDACTED", db_unique_name="testdb", db_workload="OLTP" ), ), ) Error: 400-CannotParseRequest: Incorrectly formatted request. Please refer to documentation. Provider: oci@3.12.0 Internal Terraform provider: 7.27.0 I was able to launch the same DB successfully using the OCI Python SDK directly. import oci database_client = oci.database.DatabaseClient(oci.config.from_file()) launch_details = oci.database.models.LaunchDbSystemDetails( availability_domain="AD-1", compartment_id="COMPARTMENT_OCID_REDACTED", cpu_core_count=2, database_edition="ENTERPRISE_EDITION", db_home=oci.database.models.CreateDbHomeDetails( db_version='19.29.0.0', display_name='py sdk example db home', database=oci.database.models.CreateDatabaseDetails( admin_password="REDACTED", db_name='testdb' ) ), display_name='testdb', hostname='pysdk-example-db-host', shape='VM.Standard.E5.Flex', ssh_public_keys=["ssh-rsa AAAA..."], subnet_id="SUBNET_OCID_REDACTED" ) response = database_client.launch_db_system(launch_details) print(response.data) Any advice on which Pulumi fields are missing or commonly malformed for LaunchDbSystem? Thanks!
    n
    • 2
    • 1
  • l
  • a
    When will the gcp.datastream.ConnectionProfile support adding a sslConfig property to Postgres similar to MySQL so we can properly configure a secure connection? Our Postgres instances are currently configured to require SSL.
    n
    • 2
    • 2
  • f
    Perhaps this is a bit esoteric, but I'm wondering if there is anyway in Pulumi to have the notion of "create resource A before creating resource C, but once C is created, delete A". My specific use-case is around configuration of a machine, where after bare-metal installation, can be default be written to by anyone (it's a publc IP). Thus my solution is to: 1. Have a Pulumi resource for my cloud provider that creates a firewall to limits it to traffic from our companies internal IP block (A) 2. Have a Pulumi resource that depends on A that does an installation of a fresh OS from an image (B) 3. Have a Pulumi resource that depends on B apply a configuration to the OS (C). This now locks down the resource. 4. Now that C is done, delete the firewall A (since we not have a locked down configuration) I could does this manually by doing 
    pulumi up
    multiple times with different configurations, but it seems nice to be able to do all in one go. 🙂
    1
    a
    l
    s
    • 4
    • 5
  • f
    Anyone noticed this on macOS with Pulumi 3.210.0:
    Copy code
    WARNING: All log messages before absl::InitializeLog() is called are written to STDERR
Other threads are currently calling into gRPC, skipping fork() handlers
    h
    • 2
    • 1
  • m
    set the channel topic: Ask any question about Pulumi! This week's community helper: @gorgeous-egg-16927 On rotation: Monday–Friday Tag for anything you’re stuck on! See the FAQ at: https://www.pulumi.com/docs/support/faq/
  • a
    hi there, anyone have advice on how to get your aws marketplace purchase of pulumi enterprise out of pending state?
  • h
    Hi, I'm trying the first time terraform-provider package, with a healthchecksio provider, and it tries to update its resources on every 
    pulumi up
    . Not sure if it's a problem with the provider or somewhere between it and pulumi
    g
    • 2
    • 9
  • a
    I asked this in the #C03DPAY96NB channel, but looks a little lacking of activity 😄 “Hello everyone! I’m curious if there’s any intention of moving forward with Kotlin support or not, besides what VirtusLab published.”
  • b
    Hello, we are planning to explore Pulumi as a proof of concept to see how it could work for us as platform owners supporting our customers. We have been using Crossplane successfully, especially with Compositions and XRDs, which let us expose simplified resource claims to application teams without requiring them to deal with low-level infrastructure. As we start looking at Pulumi, I am trying to understand what the equivalent patterns are, specifically how Pulumi supports: • higher-level abstractions (similar to Crossplane Compositions) • exposing simplified “platform APIs” to customers • guardrails and policy enforcement • separation between platform admin concerns and customer usage • GitOps flows with ArgoCD/Flux • multi-tenant workflows and opinionated provisioning If anyone knows of good docs, architecture guides, or examples showing how Pulumi can be used to build this kind of platform experience, please share. I would like to start experimenting soon. Thanks!
    s
    w
    • 3
    • 5
  • d
    How do I change which email adress gets the email after payment?
    s
    • 2
    • 1
  • f
    I have an interesting usecase / thought experiment - When someone makes a pull request to our codebase, I (think I) want to (for each stack): 1. Preview without refreshing (to see if the code changes would impact an environment, but without taking into account any drift) a. If there would be no changes, stop here - we'd exclude this stack during deployment via the same mechanism 2. Refresh, but to a "temporary" or "ephemeral" "copy" of the stack. Not to the primary copy, because other PR's might need to do step 1 (again, without drift) 3. Preview against the copy, writing the results to a comment on the PR The goal is to be able to write features, disabled via feature flags, and not need to do drift adoption in any stacks. Then, if we are going to deploy something new to some number of stacks, we would only need to do drift adoption in those impacted stacks
    g
    • 2
    • 4
  • b
    Hey! Trying to install the pulumi VSCode extension, but VSCode complains that it “cannot verify the signature”. Is this my problem or did something go wrong ?
  • a
    Hi All, I've published a new component to the pulumi portal. It said it was successfully added but when I go into components in my org port I get an empty list. I also can't find them using the command line. Neo is saying that I need to set up a private NPM registry or some other place to download the component but I don't see that in the docs. What am I missing here?
    s
    • 2
    • 3