https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • f

    full-dress-10026

    05/22/2020, 8:25 PM
    I'm curious if anyone has an idea why AWS Trusted Advisor sets their "low EC2 utilization" check to look for:
    the daily CPU utilization was 10% or less and network I/O was 5 MB or less on 4 or more days
    Specifically, why would they have network I/O 5mb or less on 4 or more days? Why not the whole duration they look over (2 weeks)? Why not 2 days? Do instances typically run some sort of small update every 5 days or something?
  • a

    astonishing-gpu-37274

    05/24/2020, 5:06 PM
    message has been deleted
    • 1
    • 3
  • a

    acceptable-stone-35112

    05/25/2020, 5:23 PM
    I get this error after I added a variable to api gateway deployment that forces to redeploy it. Any ideas?
    running panic: fatal: An assertion has failed: Expected diff to not require deletion or replacement during Update of urn:pulumi:dev::my-stack::aws:apigateway/deployment:Deployment::
    g
    • 2
    • 1
  • s

    salmon-ghost-86211

    05/27/2020, 2:42 PM
    I have been unable to use the
    Example Usage
    code at
    <https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/route53/#getZone>
    when the hosted zone name does not exist. I can't even trap it with a try...catch statement (I'm using typescript). Error messages are like
    error: Running program '/home/bbaker/dev/infrastructure/eks/Pulumi' failed with an unhandled exception:
    Error: invocation of aws:route53/getZone:getZone returned an error: invoking aws:route53/getZone:getZone: no matching Route53Zone found
        at /home/bbaker/dev/infrastructure/eks/Pulumi/node_modules/@pulumi/pulumi/runtime/invoke.js:136:33
        at Http2CallStream.<anonymous> (/home/bbaker/dev/infrastructure/eks/Pulumi/node_modules/@grpc/grpc-js/src/client.ts:155:9)
        at Http2CallStream.emit (events.js:322:22)
        at Http2CallStream.EventEmitter.emit (domain.js:482:12)
        at /home/bbaker/dev/infrastructure/eks/Pulumi/node_modules/@grpc/grpc-js/src/call-stream.ts:186:14
        at processTicksAndRejections (internal/process/task_queues.js:79:11)
    How do I check if a hosted zone exists?
    g
    • 2
    • 2
  • d

    delightful-controller-26409

    05/27/2020, 3:41 PM
    Hi there, I'm having difficulty moving some AWS resources from one stack to another. Might anyone have any tips? We have a Typescript stack that sets up resources, chiefly S3 buckets. We've rewritten some of it in Python, and want to make this part (not the whole thing) into a separate stack - without disrupting the existing buckets or their contents. The Python code creates identical resources to the old Typescript code. When I try to run
    Pulumi up
    with the new code on a new stack, I get:
    Error creating S3 bucket: BucketAlreadyOwnedByYou: Your previous request to create the named bucket succeeded and you already own it
    Which makes sense - the bucket does already exist. I don't want to destroy and recreate anything - I just want to have these existing resources be managed by this new code and stack. I'd then like to be able to remove the creation of these resources from the old Typescript code.  Is the answer something to do with
    pulumi stack import
    ?
    c
    • 2
    • 2
  • b

    best-receptionist-98400

    05/27/2020, 6:16 PM
    How would one get the latest of a SpotInstanceRequest? Are there any examples out there? I'm trying to do something like:
    var spotOutput = Pulumi.Aws.Ec2.SpotInstanceRequest.Get(spotRequest.GetResourceName(), spotRequest.Id, null, new CustomResourceOptions
                    {
                        DependsOn = spotRequest
                    });
    But it keeps giving me an error: of
    aws:ec2:SpotInstanceRequest (dev-request-1):
        error: resource 'urn:pulumi:dev::aws-spot::aws:ec2/spotInstanceRequest:SpotInstanceRequest::dev-request-1' registered twice (create and read)
        error: resource 'urn:pulumi:dev::aws-spot::aws:ec2/spotInstanceRequest:SpotInstanceRequest::dev-request-1' registered twice (create and read)
    g
    b
    t
    • 4
    • 26
  • b

    best-receptionist-98400

    05/27/2020, 6:18 PM
    Note: I'm running this later in the stack where I initially create the spotInstanceRequest.
  • d

    dazzling-sundown-39670

    05/27/2020, 8:45 PM
    I've created a Role that I want for my
    external-dns
    pods but I'm not sure how I can allow it. Currently I'm getting this error:
    AccessDenied: User: arn:aws:sts::503405380068:assumed-role/k8s-pulumi-instanceRole-role-683d5cc/i-0a89701e04130e505 is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::503405380068:role/update-route53-4397bfb
    I guess I need to attach it to my cluster somehow? I've tried serviceRole and instanceRole but the diff shows too many affected resources
    • 1
    • 5
  • d

    dazzling-sundown-39670

    05/27/2020, 9:04 PM
    I've also looked at this: https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/eks/#ServiceRole but there doesn't seem to be an exported member called
    serviceRole
    in
    @pulumi/eks
    • 1
    • 2
  • g

    glamorous-printer-14057

    05/28/2020, 2:46 AM
    hey all, I think I might be hitting some version of this https://github.com/pulumi/pulumi-aws/issues/814 -
    pulumi up
    is now stuck hanging for me, and I’m not quite sure what changed. is there some way to get out of this state?
    g
    • 2
    • 5
  • l

    little-cartoon-10569

    05/28/2020, 5:06 AM
    Is there any example code / configuration using an S3 backend and/or the AWS SDK at the same time as Pulumi? I'm getting
    error: error listing stacks: could not list bucket: blob (code=Unknown): MissingRegion: could not find region configuration
    and don't know how to start diagnosing.
    b
    • 2
    • 3
  • w

    wonderful-dog-9045

    05/28/2020, 6:17 PM
    how do i find the import id of existing ebs volume ? https://www.pulumi.com/blog/adopting-existing-cloud-resources-into-pulumi/ is very vague about this.
    f
    • 2
    • 4
  • l

    little-cartoon-10569

    05/28/2020, 9:52 PM
    Looks like there's no Pulumi way to find DirectoryService directories. I can get one using aws.directoryservice.getDirectory, but it requires the directory id which I don't have. I'm going to look it up using the AWS SDK. Is there an intention to implement this in Pulumi?
  • d

    dazzling-sundown-39670

    05/30/2020, 11:27 PM
    Anyone setup external-dns and would like to share some pointers? Can't get my nodes to assume the role
    s
    w
    • 3
    • 3
  • i

    icy-napkin-56528

    06/01/2020, 9:40 AM
    I'm running into issues with EKS and nginx ingress, creating the k8s ingress service I get the hostname of the ELB back thats created, however I need to create route 53 alias entries but I cant just get them as pulumi will fail on startup as it doesnt exist
  • i

    icy-napkin-56528

    06/01/2020, 9:43 AM
    ie is there a way of being able to load resources indirectly created by pulumi in a way that wont break the first time its run
  • s

    sparse-state-34229

    06/01/2020, 4:50 PM
    resource options dependencies should resolve that, I think
  • v

    victorious-country-25661

    06/01/2020, 10:19 PM
    Hi everyone. I'm running into the following issue: missing required configuration key "aws:region": The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc. Set a value using the command
    pulumi config set aws:region <value>
    .
    I've configured the aws:region through pulumi config set aws:region value but I'm still blocked by this error.
  • s

    sparse-state-34229

    06/01/2020, 10:21 PM
    and
    pulumi config get aws:region
    ?
  • v

    victorious-country-25661

    06/01/2020, 10:22 PM
    Returning the region I've configured
  • s

    sparse-state-34229

    06/01/2020, 10:22 PM
    head -3 <your stack.yaml>
  • s

    sparse-state-34229

    06/01/2020, 10:22 PM
    third line should be that key?
  • v

    victorious-country-25661

    06/01/2020, 10:23 PM
    Yup, is set as well
  • s

    sparse-state-34229

    06/01/2020, 10:23 PM
    can you gist the full command and output?
    v
    g
    • 3
    • 8
  • d

    dazzling-sundown-39670

    06/02/2020, 7:06 AM
    Is adding user/db to a aurora cluster possible?
    g
    • 2
    • 5
  • c

    calm-greece-42329

    06/04/2020, 12:06 AM
    if i provision a fargate profile for eks, i need to have a tag on the subnets that the group uses. the problem i am trying to solve is that those subnets already exist and i do not want to import them as managed resources in pulumi, i just want to ensure my tag is added. is there some way to only manage the tags on a resource?
    l
    b
    • 3
    • 5
  • a

    acceptable-stone-35112

    06/05/2020, 10:14 AM
    I would expect CallbackFunction policies to accept Input<string>[] rather than string[] to avoid extra wrapping around freshly created policies
    f
    • 2
    • 1
  • h

    hundreds-musician-51496

    06/06/2020, 5:56 PM
    Why would pulumi appear to upload a file to S3 (as part of updating a stack), and the file is 4MB on disk, but the S3 object has 0 bytes?
    w
    • 2
    • 17
  • p

    plain-park-4925

    06/08/2020, 2:41 AM
    Hi everyone. I'm very new to Pulumi. I've been banging my head at this for about a day and a half already. Hoping anyone might have some insight and can help. Any help will be greatly appreciated. I'm just wanting to demo out using Pulumi to create an S3 bucket against my LocalStack AWS environment.. I've created an IAM user with an access key/secret key then associated those creds with a new AWS CLI profile. I set the default Pulumi profile to use to be that newly created one. I can't figure out how to properly overwrite the AWS S3 endpoint to be
    <http://localhost:4566>
    so that it hits my LocalStack environment. I think I might have kind of got it to work but now I receive this error..
    pulumi up
    Enter your passphrase to protect config/secrets: 
    Re-enter your passphrase to confirm: 
    Previewing update (pulumi-localstack-test):
         Type                     Name                                        Plan       Info
     +   pulumi:pulumi:Stack      s3bucket-localstack-pulumi-localstack-test  create     
     +   ├─ pulumi:providers:aws  provider                                    create     
     +   ├─ aws:s3:Bucket         jon-pulumi-localstack-bucket           create     
         └─ aws:s3:BucketObject   index.html                                             1 error
     
    Diagnostics:
      aws:s3:BucketObject (index.html):
        error: could not validate provider configuration: 1 error occurred:
        	* : invalid or unknown key: endpoint_url
    • 1
    • 1
  • c

    cold-coat-35200

    06/08/2020, 5:50 AM
    Hi, We have a ComponentResource, which creates loadbalancer, target group, auto scaling group etc The auto scaling creation code looks like this:
    const autoScalingGroup = new aws.autoscaling.Group(
          `${name}-autoScalingGroup`,
          {
            desiredCapacity: args.minSize,
            launchConfiguration: nodeLaunchConfiguration,
            minSize: args.minSize,
            maxSize: args.maxSize,
            vpcZoneIdentifiers: args.subnetIds,
            tags: tags,
            targetGroupArns: args.targetGroupArns,
            loadBalancers: args.classicLoadBalancerNames,
          },
          { parent: this, ignoreChanges: ['desiredCapacity'] }
        )
    args.targetGroupArns
    defined as
    readonly targetGroupArns?: pulumi.Input<pulumi.Input<string>[]>
    Same as on the original pulumi aws resource. Called this way:
    const transcoderAzWorkerNodes = new eks.WorkerNodeGroup(`${stack}-transcoder-wg-1.14`, {
        amiID: workerConfig.amiID,
        subnetIds: vpcDliverOutput.vpc.publicIpSubnetIds,
        clusterName: cluster.name,
        clusterEndPoint: cluster.endpoint,
        clusterCertificateAuthority: cluster.certificateAuthority,
        clusterInstanceRole: cluster.sharedWorkerInstanceRole,
        minSize: workerConfig.transcoder.minSize,
        maxSize: workerConfig.transcoder.maxSize,
        instanceType: workerConfig.transcoder.instanceType,
        nodeSecurityGroupID: vpcDliverOutput.securityGroup.worker.rtmpTranscoder.id,
        nodeRootVolumeSize: 25,
        nodePublicKeyName: workerSSHKey.keyName,
        kubeletExtraArgs: '--node-labels <http://dliver.com/stack=transcoder|dliver.com/stack=transcoder>',
        targetGroupArns: [groupRtmp.targetGroupArn]
      })
    The problem is that when we deleted
    targetGroupArns: [groupRtmp.targetGroupArn]
    from the calling code, pulumi does not update the resource, did not show any updates. If we change to this
    targetGroupArns: []
    instead of deleting, then works as expected. Is this a normal behavior? I assume not, pulumi should recognize the change in both cases.
    g
    • 2
    • 3
Powered by Linen
Title
c

cold-coat-35200

06/08/2020, 5:50 AM
Hi, We have a ComponentResource, which creates loadbalancer, target group, auto scaling group etc The auto scaling creation code looks like this:
const autoScalingGroup = new aws.autoscaling.Group(
      `${name}-autoScalingGroup`,
      {
        desiredCapacity: args.minSize,
        launchConfiguration: nodeLaunchConfiguration,
        minSize: args.minSize,
        maxSize: args.maxSize,
        vpcZoneIdentifiers: args.subnetIds,
        tags: tags,
        targetGroupArns: args.targetGroupArns,
        loadBalancers: args.classicLoadBalancerNames,
      },
      { parent: this, ignoreChanges: ['desiredCapacity'] }
    )
args.targetGroupArns
defined as
readonly targetGroupArns?: pulumi.Input<pulumi.Input<string>[]>
Same as on the original pulumi aws resource. Called this way:
const transcoderAzWorkerNodes = new eks.WorkerNodeGroup(`${stack}-transcoder-wg-1.14`, {
    amiID: workerConfig.amiID,
    subnetIds: vpcDliverOutput.vpc.publicIpSubnetIds,
    clusterName: cluster.name,
    clusterEndPoint: cluster.endpoint,
    clusterCertificateAuthority: cluster.certificateAuthority,
    clusterInstanceRole: cluster.sharedWorkerInstanceRole,
    minSize: workerConfig.transcoder.minSize,
    maxSize: workerConfig.transcoder.maxSize,
    instanceType: workerConfig.transcoder.instanceType,
    nodeSecurityGroupID: vpcDliverOutput.securityGroup.worker.rtmpTranscoder.id,
    nodeRootVolumeSize: 25,
    nodePublicKeyName: workerSSHKey.keyName,
    kubeletExtraArgs: '--node-labels <http://dliver.com/stack=transcoder|dliver.com/stack=transcoder>',
    targetGroupArns: [groupRtmp.targetGroupArn]
  })
The problem is that when we deleted
targetGroupArns: [groupRtmp.targetGroupArn]
from the calling code, pulumi does not update the resource, did not show any updates. If we change to this
targetGroupArns: []
instead of deleting, then works as expected. Is this a normal behavior? I assume not, pulumi should recognize the change in both cases.
Any confirmation about this issue?
g

gentle-diamond-70147

06/09/2020, 4:39 PM
I believe Pulumi should behave the same in both cases. Can you open an issue at https://github.com/pulumi/pulumi-aws/issues with your code that reproduces this?
c

cold-coat-35200

06/10/2020, 5:42 AM
I already opened one: https://github.com/pulumi/pulumi-aws/issues/996
View count: 1