Hi team, I’m trying to create a DbSystem using Pulumi (OCI provider @ 3.12.0) and I get a 400 CannotParseRequest error when launching LaunchDbSystem. import pulumi import pulumi_oci as oci db_system = oci.database.DbSystem( "example-dbsystem", compartment_id="COMPARTMENT_OCID_REDACTED", availability_domain="AD-1", subnet_id="SUBNET_OCID_REDACTED", shape="VM.Standard.E5.Flex", hostname="example-host", ssh_public_keys=["ssh-rsa AAAA...david@host"], source="NONE", license_model="LICENSE_INCLUDED", database_edition="ENTERPRISE_EDITION", disk_redundancy="HIGH", data_storage_size_in_gb=256, db_home=oci.database.DbHomeArgs( display_name="example-home", db_version="19.29.0.0", database=oci.database.DbHomeDatabaseArgs( db_name="testdb", admin_password="REDACTED", db_unique_name="testdb", db_workload="OLTP" ), ), ) Error: 400-CannotParseRequest: Incorrectly formatted request. Please refer to documentation. Provider: oci@3.12.0 Internal Terraform provider: 7.27.0 I was able to launch the same DB successfully using the OCI Python SDK directly. import oci database_client = oci.database.DatabaseClient(oci.config.from_file()) launch_details = oci.database.models.LaunchDbSystemDetails( availability_domain="AD-1", compartment_id="COMPARTMENT_OCID_REDACTED", cpu_core_count=2, database_edition="ENTERPRISE_EDITION", db_home=oci.database.models.CreateDbHomeDetails( db_version='19.29.0.0', display_name='py sdk example db home', database=oci.database.models.CreateDatabaseDetails( admin_password="REDACTED", db_name='testdb' ) ), display_name='testdb', hostname='pysdk-example-db-host', shape='VM.Standard.E5.Flex', ssh_public_keys=["ssh-rsa AAAA..."], subnet_id="SUBNET_OCID_REDACTED" ) response = database_client.launch_db_system(launch_details) print(response.data) Any advice on which Pulumi fields are missing or commonly malformed for LaunchDbSystem? Thanks!

posting this here as well for more visibility https://pulumi-community.slack.com/archives/C019YSXN04B/p1764831192407739

When will the gcp.datastream.ConnectionProfile support adding a sslConfig property to Postgres similar to MySQL so we can properly configure a secure connection? Our Postgres instances are currently configured to require SSL.

Perhaps this is a bit esoteric, but I'm wondering if there is anyway in Pulumi to have the notion of "create resource A before creating resource C, but once C is created, delete A". My specific use-case is around configuration of a machine, where after bare-metal installation, can be default be written to by anyone (it's a publc IP). Thus my solution is to: 1. Have a Pulumi resource for my cloud provider that creates a firewall to limits it to traffic from our companies internal IP block (A) 2. Have a Pulumi resource that depends on A that does an installation of a fresh OS from an image (B) 3. Have a Pulumi resource that depends on B apply a configuration to the OS (C). This now locks down the resource. 4. Now that C is done, delete the firewall A (since we not have a locked down configuration) I could does this manually by doing

pulumi up

multiple times with different configurations, but it seems nice to be able to do all in one go. 🙂

Anyone noticed this on macOS with Pulumi 3.210.0:

WARNING: All log messages before absl::InitializeLog() is called are written to STDERR
Other threads are currently calling into gRPC, skipping fork() handlers

set the channel topic: Ask any question about Pulumi! This week's community helper: @gorgeous-egg-16927 On rotation: Monday–Friday Tag for anything you’re stuck on! See the FAQ at: https://www.pulumi.com/docs/support/faq/

hi there, anyone have advice on how to get your aws marketplace purchase of pulumi enterprise out of pending state?

Hi, I'm trying the first time terraform-provider package, with a healthchecksio provider, and it tries to update its resources on every

pulumi up

. Not sure if it's a problem with the provider or somewhere between it and pulumi

I asked this in the #C03DPAY96NB channel, but looks a little lacking of activity 😄 “Hello everyone! I’m curious if there’s any intention of moving forward with Kotlin support or not, besides what VirtusLab published.”

Hello, we are planning to explore Pulumi as a proof of concept to see how it could work for us as platform owners supporting our customers. We have been using Crossplane successfully, especially with Compositions and XRDs, which let us expose simplified resource claims to application teams without requiring them to deal with low-level infrastructure. As we start looking at Pulumi, I am trying to understand what the equivalent patterns are, specifically how Pulumi supports: • higher-level abstractions (similar to Crossplane Compositions) • exposing simplified “platform APIs” to customers • guardrails and policy enforcement • separation between platform admin concerns and customer usage • GitOps flows with ArgoCD/Flux • multi-tenant workflows and opinionated provisioning If anyone knows of good docs, architecture guides, or examples showing how Pulumi can be used to build this kind of platform experience, please share. I would like to start experimenting soon. Thanks!

How do I change which email adress gets the email after payment?

I have an interesting usecase / thought experiment - When someone makes a pull request to our codebase, I (think I) want to (for each stack): 1. Preview without refreshing (to see if the code changes would impact an environment, but without taking into account any drift) a. If there would be no changes, stop here - we'd exclude this stack during deployment via the same mechanism 2. Refresh, but to a "temporary" or "ephemeral" "copy" of the stack. Not to the primary copy, because other PR's might need to do step 1 (again, without drift) 3. Preview against the copy, writing the results to a comment on the PR The goal is to be able to write features, disabled via feature flags, and not need to do drift adoption in any stacks. Then, if we are going to deploy something new to some number of stacks, we would only need to do drift adoption in those impacted stacks

Hey! Trying to install the pulumi VSCode extension, but VSCode complains that it “cannot verify the signature”. Is this my problem or did something go wrong ?

Hi All, I've published a new component to the pulumi portal. It said it was successfully added but when I go into components in my org port I get an empty list. I also can't find them using the command line. Neo is saying that I need to set up a private NPM registry or some other place to download the component but I don't see that in the docs. What am I missing here?

hi team! Have you considered packaging typescript components with bun as single file executables? the value add - component consumers would not need to install anything besides pulumi.

Hey there! I posted in #C019YSXN04B but wanted to re-post here to attempt to reach a wider audience.

set the channel topic: Ask any question about Pulumi! This week's community helper: @mammoth-restaurant-4670 On rotation: Monday–Friday Tag for anything you’re stuck on! See the FAQ at: https://www.pulumi.com/docs/support/faq/

Are there any guides for migrating from self-hosted Pulumi to Pulumi cloud?

Hello, I'm finally back to working with Pulumi 🎉 pulumipus flying pink cape after a 3-year stint with TFC (poop emoji here) It's good to be back, but I'm also a bit rusty with the CI/CD and Deployment options, I've encountered out dated docs, and I still have several challenges with onboarding my organization; I'll create a thread on this post so I wouldn't flood the channel

Hi i have a question regarding the deployment of pulumi i have been using terraform with atlantis in order to prevent state corruption and also i didnt want any git workflow to have the premissions and roles pulumi has, is there any good alternatives for pulumi ?

Question about dynamic config in Pulumi: We have deployment pipelines which, on merge, build a new version of our app tagged with the commit sha and then deploy it via Pulumi. As such, we don't set

app:version

in our committed config files, the deployment pipeline just uses

pulumi up --config app:version=${COMMIT_SHA}

. This works fine. You can also preview the potential changes in the same way via

pulumi preview

. However, a lot of other commands we might want to run, which would normally be manual for when things have gone wrong rather than driven by CI, both • Require all config variables to be specified. • Don't accept

--config

as a valid CLI parameter. e.g.

$ pulumi destroy
error: validating stack config: Stack 'test-uk1' is missing configuration value 'app:version'

$ pulumi destroy --config app:version=foo
error: unknown flag: --config

So you end up having to set a 'dummy' value in the configuration file temporarily to be able to run those commands. The same seems to be true for

pulumi refresh

, for example. Is there any way around this? Should I raise a ticket about it? It feels like

--config

should be a globally-valid parameter for any pulumi action which requires the config to be present (e.g.

pulumi state export

doesn't actually care that the config is not complete as it's not attempting to run the app at all)

Hello again, I see that the pulumi eks package provides both

ManagedNodeGroup

and

NodeGroupV2

(using python) I want to add an extra security group from a stack reference, but the node groups require the pulumi_aws.ec2.SecurityGroup class, but a stack reference serialize the class as dict, but even when using

aws.ec2.get_security_group_output(id=stack_ref_sg['id'])

or

aws.ec2.get_security_group(id=stack_ref_sg['id'])

as input for

extra_node_security_groups

the program still breaks.. How can I pass a pre-existing security group to the module?

Hey there, I recently submitted an issue and a fix was released into the pulumi go sdk on

v3.212.0

. I'm struggling with the same issue this person had at the begining of the year - where even though the latest release of the SDK has my fix, sdks are generated via

pulumi package add terraform-provider ...

referencing an older version in the

go.mod

file that does not have my fix. This results in needing to communicate additional steps to developers for local development or having ad-hoc steps during CI Thoughts on patching the codegen tool to bump the version of the sdk in the go.mod file to

v3.212.0

?

Hello all, created small PR for Pulumi Kubernetes operator to add a new configuration option to helm deployment. I would appreciate if anybody would find some time to take a look. Thanks in advance!

set the channel topic: Ask any question about Pulumi! This week's community helper: @astonishing-architect-11492 On rotation: Monday–Friday Tag for anything you’re stuck on! See the FAQ at: https://www.pulumi.com/docs/support/faq/

Where can I file a bug report for the Pulumi Cloud web app? Specifically, https://app.pulumi.com/{org}/{project}/{stack}/settings/deploy

Hello, I'm was getting

unable to validate AWS credentials

error during pulumi deployment of a stack with newly added Deployment Settings (python) I was expecting pulumi deployments to use the ESC

environment:

configured in the

pulumi.<stack>.yaml

but while writing this post to ask for help I actually found out my original issue 💪 but I have another 😞 It turns out that having

config.aws:profile

in

pulumi.<stack>.yaml

can interfere with Pulumi Deployments loading of ESC environment, my workflow was to do local infra development, with valid local aws session, and now I started working on getting the stack automated with deployments. thus I was using

aws:profile

to target a specific profile in my

~/.aws/config

, I fixed the error by commenting out this 'local' configuration, and letting pulumi use

environment

with ESC without targeting a profile.. But now I cannot run

pulumi preview

locally to iterate fast on new code before committing to a side-branch, I'm now getting

unable to validate AWS credentials.

locally, how can I use the esc environment and use the dynamic oidc based credentials locally?

Hi! Quick question - is security@pulumi.com still the correct email address for submitting security disclosures? Want to make sure I have the right contact information. Thanks!

Hi, I'm trying connect pulumi to infisical according to the docs. but nothing works... is there some kind of problem or docs out of date?

Need some billing help when possible!