https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • a

    acceptable-stone-35112

    04/17/2020, 2:21 PM
    Is there a neat way to have pulumi delete non-empty buckets during stack update/destroy?
    g
    • 2
    • 3
  • c

    colossal-tent-75408

    04/17/2020, 10:21 PM
    Has anyone used Istio / Envoy with EKS?
  • g

    great-sundown-93190

    04/19/2020, 8:10 PM
    Hi, my Cognito userpool keeps replacing itself. Diff says following properties are different:
    emailConfiguration
    ,
    passwordPolicy
    and
    schemas
    . But they are just static values. Seems like the default values are just missing with what I actually have described. Is that normal behaviour? The order is also reversed now in the diff.
  • g

    great-postman-59271

    04/20/2020, 9:07 AM
    does pulumi work with the Aws Single-sign on? I cant get it to work, but it would make a lot of things easier for organizations that use sso 🙂
  • s

    sparse-state-34229

    04/20/2020, 9:09 AM
    edit: sorry, it’s late - i see you did. can you describe what’s not working?
    g
    q
    • 3
    • 7
  • h

    hundreds-receptionist-31352

    04/20/2020, 5:40 PM
    Hi , is there any way to describe the resources that are created in aws account? , taking into account that is wasn't provisioned with pulumi , just I need to get some ids of NLB for example but it was created manually in the past
    g
    • 2
    • 9
  • q

    quiet-wolf-18467

    04/21/2020, 11:47 AM
    I'm struggling to get my subnets tagged for use with EKS, has anyone got this working for ALBs?
  • q

    quiet-wolf-18467

    04/21/2020, 12:04 PM
    OK. It seems to work when I use
    subnetIds: []
    in
    eks.Cluster
    , but won't work when I use
    publicSubnetIds: []
    and
    privateSubnetIds[]
  • q

    quiet-wolf-18467

    04/21/2020, 12:05 PM
    @white-balloon-205 Are you familiar with the difference between the usage here? The comments in the code aren't clear.
  • q

    quiet-wolf-18467

    04/21/2020, 12:05 PM
    // Form the subnetIds to use on the cluster from either:
        //  - subnetIds
        //  - A combination of privateSubnetIds and/or publicSubnetIds.
        if (args.subnetIds !== undefined) {
            clusterSubnetIds = args.subnetIds;
        } else if (args.publicSubnetIds !== undefined || args.privateSubnetIds !== undefined) {
            clusterSubnetIds = pulumi.all([
                args.publicSubnetIds || [],
                args.privateSubnetIds || [],
            ]).apply(([publicIds, privateIds]) => {
                return [...publicIds, ...privateIds];
            });
        }
  • q

    quiet-wolf-18467

    04/21/2020, 12:05 PM
    This code makes me feel like I can use either, but the tagging doesn't happen with public/private
  • q

    quiet-wolf-18467

    04/21/2020, 12:06 PM
    * Note: The use of `subnetIds`, along with `publicSubnetIds`
         * and/or `privateSubnetIds` is mutually exclusive. The use of
         * `publicSubnetIds` and `privateSubnetIds` is encouraged.
  • q

    quiet-wolf-18467

    04/21/2020, 12:06 PM
    This comment actually encourages what I was trying to use
    w
    b
    • 3
    • 57
  • b

    breezy-butcher-78604

    04/22/2020, 6:29 AM
    Hi, i’m having an issue with a stack where every time i run
    pulumi up
    it appears to want to update a KMS key even though there’s been no changes to that resource. When I view the details of the change, the resource is listed but without any changes. when i apply the change, theres a
    PutKeyPolicy
    action performed (i can see it in cloudtrail) but theres no change. Any ideas? the main reason this is an issue is because our CI/CD tool doesn’t have write permission to KMS keys, only read (by design) so the initial deployment is done elsewhere with the relevant credentials. However that assumes that whenever any other changes go through CI/CD, it doesnt need to update any keys.
    • 1
    • 3
  • g

    gifted-city-99717

    04/27/2020, 1:59 AM
    Hi, I’m trying to load the v2.x.0 branch of pulumi-aws in my go.mod but see
    /Users/user/code/pulumi-influxdb/go.mod:9: require <http://github.com/pulumi/pulumi-aws/sdk/v2/go/aws|github.com/pulumi/pulumi-aws/sdk/v2/go/aws>: version "v2.1.0" invalid: unknown revision sdk/v2/go/aws/v2.1.0
    anyone have any suggestions?
    w
    • 2
    • 3
  • a

    alert-processor-41605

    05/02/2020, 10:58 PM
    Is there a way to pass in an existing
    <http://aws.lb|aws.lb>.LoadBalancer
    to a new
    <http://awsx.lb|awsx.lb>.ApplicationLoadBalancer
    ? I am using the typescript package currently. I want to take advantage of the features of aws crosswalk, but it's import that I can use an imported resource of an ALB that already exists in my amazon account. For all the other crosswalk resources, I have used the pattern of creating a non crosswalk resource using the
    import
    option and then passing that in as the argument to create the crosswalk resource. Am I missing something here with the load balancer? As far as I can tell, it will always create a new load balancer and there is no way to pass in an existing one.
    • 1
    • 1
  • h

    hundreds-receptionist-31352

    05/04/2020, 7:21 PM
    hi , I'm following this example https://github.com/pulumi/examples/tree/master/kubernetes-ts-helm-wordpress , and I can't get wordpress stack running , one of the pods that are failing seems that needs another variables :
    • 1
    • 4
  • a

    acceptable-stone-35112

    05/05/2020, 3:10 PM
    I have a dilemma with deployment of api gateway. I am deploying rest api where methods have integrations to AWS services (dynamodb, lambda, sns, ...), so I can't use new crosswalk api for that. I want to utilize api gateway stages, so dev/qa/staging/prod stacks will deploy to corresponding stages and make new/modified api methods available for immediate testing in specific environment and I do have different method settings per stage for monitoring, logging, etc... The problem is that when I create stage in a stack along with resources and methods, other stacks fail with error, since aws detects that resource already exists, while pulumi tries to create it, but even if I create all resources in advance when I create api gateway (which I don't really like to do), it would fail on methods, since they also exist on resources, as HTTP verb is unique per resource Is there anything recommended in such case? Other ways involve using one stage, add suffixes to all api resources and override settings per method, api gateway per stack, but I need to understand if stages can be used as designed in such scenario
  • a

    abundant-airplane-93796

    05/07/2020, 5:55 PM
    Just started running into errors that look like this:
    preparing urn:pulumi:sandbox::irisvr-infra::aws:s3/bucket:Bucket::prospect-releases's old property state: expected string or JSON map; got <nil>
    g
    • 2
    • 8
  • b

    broad-dog-22463

    05/11/2020, 11:01 AM
    @abundant-airplane-93796 just wanted to update you on this issue, I found the issue and am working on publishing a fix for you!
    :woohoo: 2
  • b

    broad-dog-22463

    05/11/2020, 11:01 AM
    I am testing it right now
  • b

    broad-dog-22463

    05/11/2020, 11:02 AM
    //cc @hallowed-scooter-54575 ☝️
  • b

    broad-dog-22463

    05/11/2020, 12:03 PM
    ▶ pulumi up
    Previewing update (dev):
         Type                 Name        Plan     Info
         pulumi:pulumi:Stack  create-dev
         └─ aws:s3:Bucket     test                 1 error
    
    Diagnostics:
      aws:s3:Bucket (test):
        error: preparing urn:pulumi:dev::create::aws:s3/bucket:Bucket::test's old property state: expected string or JSON map; got <nil>
  • b

    broad-dog-22463

    05/11/2020, 12:03 PM
    before ☝️
  • b

    broad-dog-22463

    05/11/2020, 12:03 PM
    after: 👇
    ~/code/create                                                                                                                                                   ⍉
    ▶ pulumi up
    Previewing update (dev):
         Type                 Name        Plan
         pulumi:pulumi:Stack  create-dev
    
    Resources:
        2 unchanged
    a
    h
    • 3
    • 6
  • b

    best-receptionist-98400

    05/11/2020, 12:19 PM
    Good Morning - I had a question in regards to attaching a new or existing instance to an ELB using Pulumi. In the docs, it seems like you can do this out of the box with
    TargetGroupAttachment
    for ALBs and NLBs. For ELBs though, it says to see the Terraform provider. So does that mean, for this piece I need to use terraform rather than Pulumi? https://www.pulumi.com/docs/reference/pkg/aws/applicationloadbalancing/targetgroupattachment/
    b
    • 2
    • 5
  • i

    incalculable-engineer-92975

    05/13/2020, 5:21 PM
    When creating an EKS cluster, the ClusterOptions only allows a single clusterSecurityGroup. Is this a Terraform limitation or how can I associate multiple security groups?
    b
    b
    • 3
    • 5
  • a

    acceptable-stone-35112

    05/13/2020, 7:23 PM
    Question about AwsGuard policy. With s3BucketLoggingEnabled mandatory all buckets are verified to have access logs. This creates problem with the log buckets themselves, that don't have access log buckets of their own, but rather rely on retention policy (glacier, etc...) or otherwise that would be infinite chain of buckets. To me it seems that this policy needs to support filtering those buckets out, either by dependency or by tag/name predicate.
    g
    • 2
    • 2
  • q

    quaint-jelly-95055

    05/14/2020, 9:37 AM
    When creating a ecs ec2 service, how could we provide sharedMemorySize in linuxParameters? As if now it seems to be missing.
    f
    • 2
    • 2
  • a

    acceptable-stone-35112

    05/14/2020, 9:54 AM
    is it possible to pass arguments to my policy pack when testing locally with preview --policy-pack ?
    f
    • 2
    • 1
Powered by Linen
Title
a

acceptable-stone-35112

05/14/2020, 9:54 AM
is it possible to pass arguments to my policy pack when testing locally with preview --policy-pack ?
f

future-barista-68134

05/14/2020, 12:54 PM
yes, you should be able to use the following:
--policy-pack-config strings   

Path to JSON file containing the config for the policy pack of the corresponding "--policy-pack" flag
👍 1
View count: 1