hi, I was planning to try using Go for component resource, but I haven't found any good tutorial? it seems on this page https://www.pulumi.com/docs/iac/using-pulumi/extending-pulumi/build-a-component/ go examples are not available.

Hi guys, sorry is this was asked before 🙏 At work we have stacks files, each of them handles cluster provisioning and k8s resources as well as some grafana dashboards. We have approximately 150 stacks. I would like to build on top of

pulumi automation api

a way to

make changes to the files and later CI to run refresh a previews in the MR

, but all the examples I saw for

pulumi automation api

interacts directly with the backend (our backend lives in a bucket BTW!) is there any examples or doc to avoid using the state backend and only verify and makes stack files changes? Thanks!

I am currently evaluating Pulumi using my work email address with the free version of Pulumi. Once I am happy that it meets our requirements, we will purchase the Team version. When we do this, will any stacks that I have deployed during the free version be available to all team members?

Would'nt it be great if we could use Plumi to deploy inrastructure using drag and drop canvas. I am working on building a platform for the same.

Does the Pulumi Kubernetes Operator support stacks in any namespace, or only in the namespace the operator is deployed in? The non-code documentation is sparse in this regard.

Hey everybody, we are migrating our Terraform provider from SDK v2 to the Plugin Framework, our Pulumi provider is using the SDK v2 bridge, what are the necessary steps we need to take so our Pulumi provider is compatible with the Plugin Framework? Here is our Pulumi provider repo: https://github.com/pulumiverse/pulumi-cpln

Are there any plans to support OpenShift Kubernetes?

I posted a short video about building an internal developer platform:

Hey - so y'all released Pulumi 3.180.0; but there is no release in GitHub. We are using asdf plugin to install Pulumi from GitHub. https://www.pulumi.com/docs/iac/download-install/versions/ https://github.com/pulumi/pulumi/releases/tag/v3.178.0 Can someone invoke this build/release on GitHub?

Hi! I'm experiencing 50 minutes pulumi up on 22000 kafka:Acl resources creation. And after initial creation 25 min pulumi preview. Already tried to trace and log, but at some point (around 5 min) logs and traces stop coming. Using local file system and PULUMI_SKIP_CHECKPOINTS=true. Is this a normal time for this amount of resources? If not, how do I optimise this?

I am trying to setup a private API Gateway, I am getting this error when building a DomainName

BadRequestException: /endpointConfiguration/types/0 Invalid request input

the code

domain_name_resource = aws.apigateway.DomainName(f"api-{stage}-domain",
                domain_name=custom_domain_name,
                regional_certificate_arn=certificate.arn,
                endpoint_configuration=aws.apigateway.DomainNameEndpointConfigurationArgs(
                    types="PRIVATE",
                ),
                opts=pulumi.ResourceOptions(parent=self)
            )

it works when types is set to "REGIONAL", but then the DomanNameAccessAssociation fails

domain_name_access = aws.apigateway.DomainNameAccessAssociation(f"api-{stage}-domain-name-access-association",
                domain_name_arn=domain_name_resource.arn,
                access_association_source_type="VPCE",
                access_association_source=vpc_endpoint_id,
            )

with the following error

BadRequestException: Invalid private custom domain name arn.

When using pulumi.Import, against a existing resource, I get a diff

"[secret]" => [secret]

which results in warning:

inputs to import do not match the existing resource: [config["password"]]; importing this resource will fail

If i provide the config["password"] with pulumi.String instead of a secret, theres no diff, and no import-warning. Is this a misstake in the provider? In that case what should I change in the provider

Hello All, When I create a CDN rule for Azure Native in C# for Cache Expiration for 'Name' property I get an error: Status=400 Code="BadRequest" Message="Rule action 'CacheExpiration, CacheKeyQueryString, OriginGroupOverride' are not supported in '2023-05-01' API What is the correct value for 'Name' property in Pulumi.AzureNative.Cdn.Inputs.DeliveryRuleCacheExpirationActionArgs?

is there any guide on how to collaborate and build the pulumi operator?

Hi guys, out of nowhere, and without changing a thing, Pulumi wants to replace my entire Kubernetes cluster:

digitalocean:index:KubernetesCluster (<redacted>):
    error: unable to replace resource "urn:pulumi:main::<redacted>::digitalocean:index/kubernetesCluster:KubernetesCluster::<redacted>"
    as it is currently marked for protection. To unprotect the resource, remove the `protect` flag from the resource in your Pulumi program and run `pulumi up`

I have ran

pulumi refresh

but still no luck. I'm the only developer and I have not modified anything in the Pulumi state or DigitalOcean UI. I would appreciate some guidance on how to fix this, thank you very much 🙏

Hi there, Is there something similar to helms

post-install

and

post-update

hook in pulumi?

Hi, I have create an organization in pulumi. We are only 2 people with 5 secrets, so are still within the ‘free’ plan. However, there is this scary message at the top:

Your Pulumi organization is on an expired trial or a cancelled subscription. Subscribe to use paid Pulumi features and maintain organization access.

I thought I would be able to stay on the free plan until the usage exceeded the limits of the free plan? Am I at risk or losing the organization if I don’t upgrade to a paid plan?

Hi all, Is it possible to migrate an existing EKS cluster to EKS auto?

Hi all, i encountered a strange bug with

pulumi state move

, i documented the issue on github: https://github.com/pulumi/pulumi/issues/20004 My main problem is that it seems that the urn i pass into the move command is trying to find the resource using a malformed urn:

pulumi state move --dest <org_name>/infra-aws/dev --source <org_name>/infrastructure/dev -Q -v 3 --include-parents "urn:pulumi:dev::infrastructure::<org>:stack$<org>:aws$<org>:aws:eks::<org>-dev-eks"
warning: Resource urn:pulumi:dev::infrastructure::<org>:stackwsws:eks::<org>-dev-eks not found in source stack
error: no resources found to move

notice the

stackwsws

, it seems that part of the urn is replaced with

ws

, i had the same issue with another component that had only one parent and it contained

stackws

.

Hey, we have recently upgrade Pulumi (v 3.178.0) and are now experiencing issues with the policy packs, at least that is what i think i narrowed it down to. Running any preview or up with the policy packs flag will result in an output like this:

Diagnostics:
  pulumi:pulumi:Stack (parquet-debug-dev):
    ^C

    Terminate batch job (Y/N)?

The termination signal makes me more than uncomfortable,... 😄 running the deployments without the policy-pack flag does not result in this issue. Anyone else encountering this issue and or having workaround?

start with guest posting?

Hello everyone, I am writing some of my own custom Pulumi providers and noticed that in the documentation the testing portion is a TBD: https://www.pulumi.com/docs/iac/extending-pulumi/pulumi-provider-sdk/#testing Is there an example of a standard way people test or documentation on testing using the Pulumi Provider SDK? I'm quite surprised I can't easily find this or I am just blind

Hello! Anyone having experience with the Pulumi GitHub action? I have it up and running, but encountered multiple times, that if anything goes wrong or a pipeline is aborted while Pulumi is working, all subsequent pipelines will also fail, because the Pulumis state will be locked. I had the idea to add a step that runs the "cancel" command, when a step on the pipeline fails, but I thought that maybe someone has something smarter for this problem. Thank you!

Hi all, looking for some advice on structuring Pulumi projects using YAML. We’re building a tool that generates Pulumi YAML programs for internal infrastructure-as-code use. As the number of resources grows (some very large), we’d like to support multi-file declarations — i.e., define different resource types in separate YAML files for clarity and maintainability. So far I’ve explored: • Merging multiple YAMLs into a single

Pulumi.yaml

before

pulumi up

• A multi-stack approach using

StackReference

for coordination • Generating a Python program dynamically from YAMLs, which offers flexibility but adds complexity Before going too far, I’d love to hear from the Pulumi team or community: → Is there a “native” or recommended way to do multi-file YAML declarations? → Any prior art or patterns you’ve seen for this? Thanks in advance!

Hi, I am a little confused by the pricing page for Pulumi. At the very top it states that the

Team

version is charged at $0.37/resource but we get 200 free resources. This made me think that we would only get charged at $0.37 per resource beyond the 200 free resources limit. However, I happened to have scrolled further down the pricing page today (down to the FAQ section) where it states for the

How are resources billed?

question:

Resources are billed hourly as Pulumi Credits. 1 Pulumi Credit is the price for managing one resource for one hour. The Price per credit for Team and Enterprise is $0.0005 and $0.0015 respectively.

For billing purposes, a partial resource hour used is billed as a full hour and we count any resource that's declared in a Pulumi program. This includes provider resources (e.g., an Amazon S3 bucket), component resources which are groupings of resources (e.g., an Amazon EKS cluster), and stacks which contain resources (e.g., dev, test, prod stacks).

You consume one Pulumi Credit to manage each resource for an hour. For example, one stack containing one S3 bucket and one EC2 instance is three resources that are counted in your bill.

Could someone please explain exactly how this works?

Hello , I am trying to install the terraform module "oracle-terraform-modules/oke/oci" (https://registry.terraform.io/modules/oracle-terraform-modules/oke/oci/latest) on pulumi using pulumi package add terraform-module oracle-terraform-modules/oke/oci oke ( the command should work with the vcn module ) but I get the error

error: 
Error: Missing required provider configuration

  on pulumi.tf.json line 3, in module:
   3:     "mymod": {

The child module requires an additional configuration for provider
oracle/oci, with the local name "oci.home".

Refer to the module's documentation to understand the intended purpose of
this additional provider configuration, and then add an entry for oci.home in
the "providers" meta-argument in the module block to choose which provider
configuration the module should use for that purpose.

error: failed to get schema: parameterize: rpc error: code = Unknown desc = error while inferring module schema for 'oracle-terraform-modules/oke/oci' version 5.3.1: resolve module sources: init failure (Terraform CLI): error running init (Terraform CLI): exit status 1

I looked at the doc and there is a section about Terraform providers but in my case I am not able to install it at all https://www.pulumi.com/docs/iac/extending-pulumi/use-terraform-module/#configuring-terraform-providers Any help or hint would be appreciated , thanks !

Is there a way to force a resource to be replaced if the properties of a resource that it indirectly links to updates? For example, in AWS I have an elasticache replication group. One of its properties is subnetGroupName. If I change the name of the group, then sure, it triggers a replace. But if I remove one of the subnets in that group - well the name doesn't change, and so I can't trigger a replacement of the cache based on that change (which is necessary, because you can't remove a subnet from an in-use group, so the entire EC replication group needs to be replaced). Another example is - if I change the inline userdata for an EC2 instance, I can trigger a replace. But if that userdata is pulling in info from the parameter store, and I change that info, I want to trigger the instance to be replaced. So...kind of a combination of

replaceOnChanges

and

dependsOn

? Like, replace this thing when this other thing changes.

Dear all, I hope you are doing well. I am thrilled to extend a personal invitation to you for "The Edge Forum: Engineering, Product, AI." This private, invite-only roundtable is tailored for senior leaders and CXOs to discuss and navigate the evolving landscape of technology. At this event, you will have the opportunity to participate in meaningful discussions on how AI is influencing engineering decisions, the role of data in product strategy, and how organizational structures are adapting to build faster and smarter. It's a fantastic chance to connect with like-minded professionals and leave with practical insights. Event Details: Date: Saturday, 2 August Time: 10:00 - 14:00 Location: WeWork Roshni Tech Hub, Marathahalli, Bangalore Your presence would greatly enrich the dialogue, and I am eager to have you join us. Warm regards, Vishwas N This is the Link to RSVP: https://lu.ma/9nnmiqxn

Is the Pulumi compiler option for the yaml runtime supposed to get variables or some environment passed into it so it can render yaml with variable interpolation?

Hello there! I'm bumping in a problem similar to the one of this thread, for the upgrade of Cloudflare provider from v5 to v6. In particular with

AccessApplication

, after the bump of the library I tried to both keep the same resource type (which is depreacted in v6) and to switch to the

ZeroTrustAccessApplication

equivalent but I always have troubles with the state in preview, with the following error (basically

cors_headers

was a list before and now is a single typed object).

error: [pf/tfbridge] Error calling EncodePropertyMap: objectEncoder failed on property "cors_headers": Expected an Object PropertyValue, found [] ("{[{map[allowAllHeaders:{false} allowAllMethods:{false} allowAllOrigins:{false} allowCredentials:{true} allowedHeaders:{[]} allowedMethods:{[{GET} {OPTIONS} {POST}]} allowedOrigins:{[{bolla-public.prima.it}]} maxAge:{10}]}]}")

Any clue if there's an easy way to solve this, even modifying the state manually? Not sure if it's better open an issue or write here, feel free to redirect me 🙂