https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • i

    incalculable-portugal-13011

    09/07/2020, 5:35 PM
    AFAICT, pulumi has no API for actually returning the hostname assigned by service discovery. would love to be pointed in the direction of that if so. I’d love to avoid having to query this in application, and I’m fairly certain I would still be exposed to the same race condition issue querying service discovery on startup
  • h

    hundreds-receptionist-31352

    09/08/2020, 12:35 PM
    Hi , I'm trying to create a vpc and subnets in specific AZ, I'm using de awsx.ec2.vpc library, I would like to know if there is some way to choose the AZ, I have tried it but it didn't work: const vpc = new awsx.ec2.Vpc("cloud-pulumi", { cidrBlock: vpcCidr, subnets: [ { type: "public" , name: "public" , location: { availabilityZone: "us-east-1a,us-east-1b", } }, { type: "private" , name: "application" ,location: { availabilityZone: "us-east-1a,us-east-1b", } } ], });
    c
    b
    • 3
    • 6
  • q

    quiet-leather-94755

    09/08/2020, 3:35 PM
    Humm, is there a way to update a security group rather than replace it when modifying ingress / egress rules? I've got a group that I imported, and I want to modify it, but it's not acceptable to have some in-between state where the EC2 instances don't have any security group applied. The instances are unfortunately not in Pulumi's control, and probably shouldn't be either (as they are created by a lambda deployed via a CF template by a vendor).
    g
    • 2
    • 2
  • s

    sparse-gold-89283

    09/08/2020, 10:19 PM
    https://github.com/pulumi/pulumi-eks/issues/277 Is there a method for disabling auto-naming for eks clusters? "name" override doesn't work and I don't see any other options in the docs
    g
    • 2
    • 1
  • f

    few-painting-77267

    09/09/2020, 10:42 AM
    What is the best way to manage multiple accounts with Pulumi? On GCP, each resource has a
    project
    property to specify which project it belongs to
    a
    • 2
    • 3
  • k

    kind-mechanic-53546

    09/10/2020, 4:57 AM
    Hey channel, if anyone is looking for a job in the infrastructure space, AWS specifically, please let me know Preferably located in Melbourne, Australia but would consider remote as well johnbaro@yarrasoft.com, stay safe 🙂
    👀 1
    k
    • 2
    • 2
  • c

    chilly-hairdresser-56259

    09/10/2020, 3:51 PM
    Does anyone know, as I am currently unable to find it yet, if Pulumi Supports RDS Proxy?
    b
    • 2
    • 2
  • s

    sparse-intern-71089

    09/10/2020, 9:22 PM
    This message was deleted.
    l
    • 2
    • 1
  • h

    high-greece-86639

    09/14/2020, 9:58 PM
    Anyone familiar with https://dce.readthedocs.io/en/latest/index.html. ? Curious for any thoughts on it.
  • h

    high-greece-86639

    09/14/2020, 9:58 PM
    Seems like a nice way to develop Pulumi projects
  • l

    little-cartoon-10569

    09/15/2020, 4:52 AM
    Has the ec2 Subnet resource changed recently? My preview is telling me that all my subnets are about to get a ipv6CidrBlock, though I didn't change anything in that area...
    c
    • 2
    • 4
  • h

    hundreds-musician-51496

    09/15/2020, 3:54 PM
    Has anyone figured out a workaround for deleting Lambda@Edge functions along with the associated CloudFront distribution? I get this error:
    Lambda was unable to delete <arn> because it is a replicated function. Please see our documentation for Deleting Lambda@Edge Functions and Replicas.
    I can always delete it after waiting awhile, but thats hard in a CI script.
  • f

    faint-motherboard-95438

    09/15/2020, 4:44 PM
    Hi, It’s impossible to
    getSubnetIds
    in the same run of the
    Vpc
    creation:
    Error: invocation of aws:ec2/getSubnetIds:getSubnetIds returned an error: invoking aws:ec2/getSubnetIds:getSubnetIds: no matching subnet found for vpc with id REDACTED
            at /pulumi/projects/node_modules/@pulumi/pulumi/runtime/invoke.js:136:33
            at Http2CallStream.<anonymous> (/pulumi/projects/node_modules/@grpc/grpc-js/src/client.ts:155:9)
            at Http2CallStream.emit (events.js:327:22)
            at Http2CallStream.EventEmitter.emit (domain.js:485:12)
            at /pulumi/projects/node_modules/@grpc/grpc-js/src/call-stream.ts:186:14
            at processTicksAndRejections (internal/process/task_queues.js:79:11)
    We’re using
    pulumi.all([vpc.id]).apply(([vpcId]) => aws.ec2.getSubnetIds({…}))
    but still it fails. Running a
    pulumi update
    again fix the problem by itself, but we obviously don’t want to have to do that. We are using
    awsx.ec2.Vpc
    to create the VPC and define some custom subnets.
    b
    • 2
    • 4
  • m

    millions-umbrella-34765

    09/15/2020, 6:47 PM
    Is pulumi able to work with AWS profiles that use source_profile and role_arn? We have several AWS accounts so I have credentials for one account and cofigure cross-account access to other accounts. so I have an .aws/config that contains like
    [profile is-signin]
    
    [profile myprofile]
    output=json
    region=us-east-1
    source_profile=is-signin
    role_arn=arn:aws:iam::819835124123:role/Admins
    so I can run aws cli like
    aws s3 ls --profile=myprofile
    and that works fine but when I configure pulumi to with
    myprofile
    it doesn't work.
    h
    a
    • 3
    • 3
  • n

    nice-airport-15607

    09/15/2020, 10:57 PM
    if anyone can help with this error, that would be awesome. This was deploying just fine yesterday, and then all of a sudden today it can’t find it? Idk what I’m missing all of a sudden, but this one is pretty frustrating… just to note I’ve also tried
    pulumi refresh
    and
    pulumi stack export > stack.json
    and then
    pulumi stack import < stack.json
    but nothing seems to be helping 😞
    error: error creating AppSync Resolver: NotFoundException: No field named showScheduledReport found on type Query
    AppSync Resolver:
    export const showScheduledReportResolver = new aws.appsync.Resolver(
    	resourceName(pulumi, 'showScheduledReport-R'),
    	{
    		apiId: publicApi.id,
    		dataSource: readLambdaDataSource.name,
    		field: 'showScheduledReport',
    		requestTemplate: mainLambdaRequest(),
    		responseTemplate: mainLambdaResponse,
    		type: 'Query'
    	}
    )
    GraphQL:
    type Query {
        showScheduledReport(
            Id: Int!
        ): ScheduledReport
    }
    • 1
    • 1
  • c

    clever-byte-21551

    09/16/2020, 8:07 AM
    is it possible to have an aws.provider that uses another aws.provider? I need to have an aws.provider that is the result of two assume roles: assume role X -> X assumes role Y Is there a way to do this? passing pulumi.Provider to another provider doesn’t seems to do anything
    l
    a
    • 3
    • 8
  • c

    crooked-knife-92853

    09/17/2020, 7:56 PM
    Hi everyone, I was just working on importing a cloudfront distribution that uses a cache policy and noticed that Pulumi doesn’t support that yet. I’m wondering, roughly how long does it normally take to implement a new aws feature like this?
    g
    • 2
    • 1
  • a

    abundant-appointment-96790

    09/18/2020, 6:46 PM
    Is it possible to cinfugre autoscaling for ECS service in Pulumi? I can’t find it anywhere in the doc or in the source code. What I’m referring to: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-auto-scaling.html Am I missing something?
    m
    s
    • 3
    • 5
  • s

    silly-address-30441

    09/18/2020, 6:57 PM
    So I deleted something from the AWS console, and then deleted it from the pulumi config (thinking that it could reconcile the state). But now when I run
    pulumi up
    , it seems to be failing because it can't delete the resource that isn't there. What's the best way out of this state?
    n
    a
    f
    • 4
    • 8
  • a

    abundant-appointment-96790

    09/20/2020, 6:36 PM
    I’m trying to create a WAFv2 association for rate limiting and I’m getting a confusing error:
    WAFInvalidParameterException: Error reason: Your statement has multiple values set for a field that requires exactly one value., field: RULE, parameter: Rule
    Here’s my code:
    const exampleWebAcl = new aws.wafv2.WebAcl("exampleWebAcl", {
      scope: "REGIONAL",
      defaultAction: {
        allow: {},
      },
      visibilityConfig: {
        cloudwatchMetricsEnabled: true,
        metricName: `${stackEnv}-waf-metric`,
        sampledRequestsEnabled: true,
      },
      rules: [
        {
          name: "metric-based",
          priority: 0,
          statement: {
            rateBasedStatement: {
              aggregateKeyType: "IP",
              limit: 100,
            }
          },
          visibilityConfig: {
            cloudwatchMetricsEnabled: true,
            metricName: `${stackEnv}-waf-rate`,
            sampledRequestsEnabled: true,
          }
        }
      ]
    });
    const exampleWebAclAssociation = new aws.wafv2.WebAclAssociation("exampleWebAclAssociation", {
      resourceArn: loadBalancer.loadBalancer.arn,
      webAclArn: exampleWebAcl.arn,
    });
    Any idea?
    s
    g
    • 3
    • 4
  • e

    eager-analyst-8893

    09/20/2020, 6:56 PM
    Hi guys! any help ! I want add custom routes to my subnets. By default vpc creates default routing table with routes to IG (public subnet) and NAT(private subnet). I created additional routing table with my custom routes but I'm got error (Resource.AlreadyAssociated) when I trying associate my routing table with subnet. Also I didn't find any documentation how to add routes to default routing table...
  • l

    little-cartoon-10569

    09/21/2020, 4:49 AM
    How do I manage an
    aws.directoryservice.Directory
    password? If I change the password using Pulumi, it wants to replace the Directory. If I change it outside Pulumi and
    ignoreChanges: ["password"]
    then I get an error that it's missing the password property. Ideally, I want it to not read or write the password, just work around it.
  • l

    little-cartoon-10569

    09/21/2020, 5:17 AM
    Noticed while investigating the Directory stuff: in the SDK and console, Directory is not taggable. But in Pulumi, it is. Any changes to tags cause Pulumi to try to replace your Directory. Deleting AD because a doesn't-really-exist property has changed probably isn't ideal?
    g
    • 2
    • 4
  • c

    colossal-plastic-46140

    09/21/2020, 5:02 PM
    Hi AWS folks. Has anyone run into an issue with ELB SSL Policies not being respected when an ACM cert is in use?
    • 1
    • 2
  • c

    chilly-magazine-6129

    09/21/2020, 5:09 PM
    How can I forward an aws log group of a lambda to a different log group arn? I'm trying to automate log forwarding of a lambda to datadog/new relic and both have that as a step
    • 1
    • 2
  • c

    chilly-hairdresser-56259

    09/21/2020, 5:30 PM
    Does anyone know how Pulumi detects changes in Lambda Code? I am seeing a very weird behavior which I have not figured out yet. When doing
    pulumi preview...
    after the first
    pulumi up
    there are no changes detected when running it locally. However, when I put it in Azure DevOps pipeline, after I compile the code for a dotnet function and use
    FileArchive()
    every new compile causes pulumi to see a
    change
    even though the branch is static and no other commits have occurred. Which my thought process is that Pulumi hashes the folder, since no files have changed the hash should remain the same. Everything should compile exactly the same.
    g
    w
    • 3
    • 6
  • d

    dazzling-sundown-39670

    09/22/2020, 1:05 PM
    Hello I realize this is not really in the scope of Pulumi but I'm thinking someone might know: Do I really need to create a new
    efs
    for every mountpoint? Currently I have 1*efs and then I create a StorageClass/PersistentVolume/PersistentVolumeClaim for every different mountpoint but they still share files.
  • c

    clever-byte-21551

    09/22/2020, 1:06 PM
    I have a funny issue - My provider is initialized with an access key and secret that are only valid for an hour. Because pulumi saves these credentials to the state file if I try after about an hour to use the state and refresh it, it tries to use the expired credentials (even though I have in hand the valid ones) and the refresh operation just hangs in the process. Is there a way to overcome this ? I can’t use a long lived credentials
    • 1
    • 1
  • c

    chilly-magazine-6129

    09/22/2020, 3:31 PM
    What would be reasons for 'pulumi up' to keep updating lambdas because of code changes even though they weren't changed manually?
    c
    n
    • 3
    • 6
  • s

    sparse-intern-71089

    09/22/2020, 10:16 PM
    This message was deleted.
    g
    • 2
    • 1
Powered by Linen
Title
s

sparse-intern-71089

09/22/2020, 10:16 PM
This message was deleted.
g

gentle-diamond-70147

09/22/2020, 10:27 PM
Hi @curved-cartoon-90054, please refrain from cross posting the same question across multiple channels. It makes it difficult for other community members to keep track of the conversation and provide help.
View count: 1