https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • w

    white-balloon-205

    12/17/2019, 6:37 PM
    set the channel description: Using AWS with Pulumi
  • e

    elegant-dress-88912

    12/19/2019, 6:27 AM
    hey, got a problem here. After updating parameters passed to
    eks.createManagedNodeGroup()
    pulumi wants to replace resource and fails with error "ResourceInUseException: NodeGroup already exists with name ...". I guess correct way for this should be generating unique node group name during deploy/replacement, but currently https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/eks/#createManagedNodeGroup requires
    nodeGroupName
    to be specified
  • e

    elegant-dress-88912

    12/19/2019, 6:29 AM
    I am thinking to use randomString from
    @pulumi/random
    as suffix, but not sure how can I make pulumi to regenerate it each time managednodegroup wants new resource
    w
    • 2
    • 6
  • b

    breezy-butcher-78604

    12/20/2019, 8:09 AM
    So when using cloudformation templates, there’s special variable I can use to refer to the account id and/or the template is being deployed into. does a similar thing exist in pulumi? For example I’m creating a
    aws.iam.RolePolicy
    and I want to refer to resources in the same AWS account that Pulumi won’t be aware of. for example, i want to do something like this
    const taskPolicy = new aws.iam.RolePolicy("flow-log-service-policy", {
        role: taskRole.id,
        policy: {
            Version: "2012-10-17",
            Statement: [
                {
                    Effect: "Allow",
                    Action: [
                        "logs:CreateLogStream",
                        "logs:PutLogEvents"
                    ],
                    Resource: `arn:aws:logs:${pulumi.getAwsRegion}:${pulumi.getAwsAccountId}:log-group:my-log-group:*`
                }
            ]
        }
    });
    • 1
    • 1
  • b

    bright-orange-69401

    12/22/2019, 1:35 AM
    Has anyone successfully managed to integrate AWS Amplify framework with Pulumi ? Theoretically speaking, Amplify supports multiple infrastructure-as-code providers (CloudFormation being the default): https://aws-amplify.github.io/docs/cli-toolchain/usage#--providers Is it even in the Pulumi roadmap to eventually support AWS Amplify ?
    f
    b
    • 3
    • 4
  • m

    miniature-microphone-92266

    12/23/2019, 4:13 PM
    Hey can someone help me with awsx, trying to create an SecurityGroupRule using another security group as location
    SecurityGroupRule.ingress("http", 
                              appsg, 
                              lbsg,
                              new awsx.ec2.TcpPorts(80));
    I'm getting "Type 'SecurityGroup' has no properties in common with type 'SecurityGroupRuleLocation'."
    g
    • 2
    • 3
  • f

    flat-insurance-25294

    12/23/2019, 11:31 PM
    Does anyone know how to work with multiple managed hosts on Route53? I have one already with our domain, and I want to create a new one for different stacks but working with the same domain. The alternative is referencing existing Route53 resource on AWS and just work against that one using
    getZone()
  • b

    bumpy-restaurant-1466

    12/26/2019, 1:40 AM
    I’m creating an
    awsx.ec2.Vpc
    with 4 different subnet groups (private, public, db, redis). In order for them to show in the console as sensible name you can include
    tags: { Name: "db" }
    for each subnet, however unfortunately that results in a subnet group’s subnets having the same name regardless of what az they are in. Instead I’d like to have their names follow the format
    example-name-az
    or
    example-name-number
    , eg
    example-db-us-west-2
    or
    example-db-2
    . How can I achieve this without needing to specify each az subnet one at a time?
    f
    g
    • 3
    • 2
  • o

    orange-australia-91292

    12/27/2019, 7:06 PM
    maybe https://github.com/terraform-providers/terraform-provider-aws/issues/9434 ?
    h
    • 2
    • 1
  • h

    handsome-truck-95168

    12/27/2019, 7:50 PM
    AWS had a CloudFront API issue today, which happened to strike while I was deploying. My deploy created a CloudFront distribution, but their API reported an error ("error: error creating CloudFront Distribution: DistributionAlreadyExists: The caller reference that you are using to create a distribution is associated with another distribution.").
    • 1
    • 7
  • f

    flat-insurance-25294

    12/28/2019, 11:06 PM
    Does Pulumi allow upgrading RDS/Aurora instance types? I am a bit worried about doing that and deleting data.
  • f

    flat-insurance-25294

    12/28/2019, 11:07 PM
    @white-balloon-205 Does pulumi support changing instance types of a RDS/Aurora cluster without deleting anything by just changing the string for the instance class and not redefining a new db cluster?
  • o

    orange-australia-91292

    12/29/2019, 9:26 AM
    How can I
    get()
    a resource that is in another region than the one I’m working in? Example: My region is set to eu-west-1:
    aws:region: eu-west-1
    . I’m trying to
    import pulumi
    from pulumi_aws import s3
    
    s3.Bucket.get("my-bucket", "my-bucket", region="eu-central-1")
    and I get
    Bucket (my-bucket): BucketRegionError: incorrect region, the bucket is not in 'eu-west-1' region at endpoint ''
            status code: 301, request id: , host id:
  • o

    orange-australia-91292

    12/29/2019, 9:27 AM
    It makes no difference whether I’m specifying the
    region
    argument or not, the result is the same. Is this a bug, or am I missing something again?
  • o

    orange-australia-91292

    12/29/2019, 9:29 AM
    From Google it seems to be a limitation of terraform and they have a kind of workaround for it, but I have no idea how to do it in Pulumi
  • f

    flat-insurance-25294

    12/29/2019, 10:15 AM
    @orange-australia-91292 Create a provider for a specific region and use that provider?
  • o

    orange-australia-91292

    12/29/2019, 10:46 AM
    It's possible in Pulumi? I'll Google it
  • f

    flat-insurance-25294

    12/29/2019, 10:57 AM
    @orange-australia-91292 https://www.pulumi.com/docs/intro/cloud-providers/aws/#configuration
  • f

    flat-insurance-25294

    12/29/2019, 10:57 AM
    I rather do that than rely on hidden configs, as it’s much clearer since you just need to read the code.
  • o

    orange-australia-91292

    12/29/2019, 11:09 AM
    thank you, I’ll look into it
  • o

    orange-australia-91292

    12/29/2019, 11:14 AM
    I see the provider can be passed as a resource option. got it
  • f

    flat-insurance-25294

    12/29/2019, 2:24 PM
    @white-balloon-205 Can I generate an access_key and secret for a list of specific and unspecific AWS resources? Say I create a S3Bucket and a cloudfront distrubtion and I want to let my application code have access to those + CloudWatch. Is there a way Pulumi could create the AWS resources and generate access_key and secret (not temporary)?
  • f

    flat-insurance-25294

    12/29/2019, 2:44 PM
    Ah this showed how https://github.com/pulumi/examples/tree/master/aws-ts-assume-role
  • f

    flat-insurance-25294

    12/29/2019, 2:45 PM
    An amazing feature for awsx would be the ability to combine a bunch of Pulumi resources and generate the keys without doing everything else.
  • f

    flat-insurance-25294

    12/29/2019, 2:59 PM
    I guess what I really want is to create a user/tokens with limited access to only everything pulimi creates.
    w
    o
    • 3
    • 10
  • f

    future-yak-43516

    12/29/2019, 5:05 PM
    Hello all, I'm playing around with the ts static website sample and everything seems to work so far but the uploaded files are all empty and I don't really understand why. I'm on a Mac and the source files are of course correct. The rest seems to work when I upload all the file via aws s3 sync or manually but this is not the idea 😕
    w
    o
    • 3
    • 12
  • w

    worried-engineer-33884

    12/30/2019, 8:43 PM
    I have a handful of lambdas whose "code" property is getting updated everytime i
    pulumi up
    — is this new behavior?
    b
    • 2
    • 2
  • w

    worried-engineer-33884

    12/30/2019, 11:03 PM
    Anyone know how to set extra python libs for a glue job?
  • f

    flat-insurance-25294

    01/03/2020, 10:45 AM
    @white-balloon-205 Does Pulimi expose the arn of created resources Like could I get
    arn:aws:dynamodb:us-east-2:123456789012:table/Books
    somehow? When creating a dynamodb for creating a Policy to give access to a group?
    b
    • 2
    • 52
  • f

    flat-insurance-25294

    01/03/2020, 10:47 AM
    We need to spin up a bunch of resources. Then create policies for accessing them to a group consisting of 0 Users (users will be added via the AWS console)
Powered by Linen
Title
f

flat-insurance-25294

01/03/2020, 10:47 AM
We need to spin up a bunch of resources. Then create policies for accessing them to a group consisting of 0 Users (users will be added via the AWS console)
View count: 1