https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • w

    worried-city-86458

    09/23/2020, 12:31 AM
    I'm trying to use aws eks managed nodes launch templates from dotnet/c# but hitting an issue with `MetadataOptions`:
    // node launch template; <https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html>
    var nodeLaunchTemplate = new LaunchTemplate($"{prefix}-node-lt",
        new LaunchTemplateArgs
        {
            InstanceType = config.InstanceType,
            KeyName = config.KeyName,
            MetadataOptions = new LaunchTemplateMetadataOptionsArgs { HttpPutResponseHopLimit = 2 },
            Tags = config.EnvTags.Merge("Name", $"{prefix}-node"),
            UpdateDefaultVersion = true,
            VpcSecurityGroupIds =
            {
                // <https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html#launch-template-security-groups>
                cluster.VpcConfig.Apply(config => config.ClusterSecurityGroupId!),
                securityGroupStack.Apply(stack => stack.Outputs["InternalAccessSG"])
            }
        });
    returns an error:
    aws:ec2:LaunchTemplate (alpha-eks-node-lt):
        error: 1 error occurred:
            * InvalidParameterValue: A value of '' is not valid for http-endpoint. Valid values are 'enabled' or 'disabled'.
    If I remove
    MetadataOptions
    it succeeds.
  • w

    worried-city-86458

    09/23/2020, 12:34 AM
    According to LaunchTemplateMetadataOptions,
    HttpEndpoint
    should default to enabled. It's nullable in c#, so I expected it to use the default under the hood if unspecified. If I explicitly specify it then it works. Am I missing something or should this not be nullable?
  • w

    worried-city-86458

    09/23/2020, 12:41 AM
    Corresponding docs for Terraform Metadata Options
  • b

    bitter-dentist-28132

    09/23/2020, 3:28 PM
    i'm having some issues deleting buckets with versioning turned on, anyone know why this might be the case? pulumi doesn't seem to delete any of the content, i have to delete it all manually before running
    pulumi destroy
    , otherwise it just hangs forever.
    b
    c
    • 3
    • 12
  • e

    eager-appointment-42460

    09/23/2020, 6:16 PM
    Hi All, I'm doing some work with the Aurora MySQL global database and I'm having a problem with the engine version. Does anyone know if there is a reference list of the versions that are supported. If I use no version it comes up under MySQL 5.6. I've tried a few of the 5.7 versions that work in the AWS console and I get a failure back.
    b
    f
    • 3
    • 8
  • w

    worried-city-86458

    09/24/2020, 12:02 AM
    I'm looking into using dotnet/c# to create a self-managed windows node group for aws eks, using https://github.com/pulumi/pulumi-eks for guidance. Is it still the case that the nodes can only be bootstrapped and synchronized via cloud formation? https://github.com/pulumi/pulumi-eks/blob/master/nodejs/eks/nodegroup.ts#L562
  • w

    worried-city-86458

    09/24/2020, 12:04 AM
    Also, how can I port the "dynamic resource" used for randomizing the cf stack name? https://github.com/pulumi/pulumi-eks/blob/master/nodejs/eks/transform.ts#L21 (Assuming it's actually required to randomize the cf stack name)
  • h

    handsome-army-82617

    09/24/2020, 12:15 AM
    Hey everyone. How are people handling cloudfront invalidation?
  • l

    little-cartoon-10569

    09/24/2020, 3:09 AM
    I have moved my SQL Server RDS instance from one project to another. That has involved various stack import/change/export iterations, to get the name and identifier values from the old stack to be used successfully in the new stack, so that Pulumi doesn't try to delete my database. (It's pretty laborious stuff, and I can't use "alias" because the code is in a ComponentResource that is shared between multiple stacks, so there are multiple "aliases" involved). The process has worked for lots of other resources, and seems to have worked for this DB. But somehow I've got myself into a situation where any updates detected by Pulumi cause this exception:
    panic: fatal: An assertion has failed: Expected diff to not require deletion or replacement during Update of urn😛ulumi:core:😒hared-resources:😛ams:aws:ManagedDb$aws:rds/instance:Instance::mydb
    • 1
    • 3
  • p

    proud-pizza-80589

    09/26/2020, 5:50 AM
    I’m having some trouble with providers. I do not want to use the aws user logged in on my computer, but pass a secret and access key from code. I figured this would work
    const provider = new aws.Provider('aws', {region: 'eu-west-3',secretKey: 'm/XXX/xxxxx',accessKey: 'XXXXX' });
    const cluster = new eks.Cluster('my-cluster',{...},{ provider });
    but it deploys using the user on my computer. What am I missing?
    g
    • 2
    • 4
  • p

    proud-pizza-80589

    09/26/2020, 8:20 PM
    And just in case anyone knows the answer to the following issue: I’m trying to make a simple EKS cluster via pulumi.  My code and package.json: https://gist.github.com/roderik/473ec5c381526e0a668894d7dcef6459 It always error with the following error (cluster itself is deployed)
    pulumi-nodejs:dynamic:Resource (newcluster-vpc-cni):
       error: Command failed: kubectl apply -f /var/folders/93/trfs1ns93nx39y22gbwx6hmr0000gn/T/tmp-13508VziZRSVp56CV.tmp
      error: You must be logged in to the server (the server has asked for the client to provide credentials)
    Full error log and the yaml it tries to deploy and my computers kubeconfig: https://gist.github.com/roderik/1a969b10c4365841ab72e79b51152b9b As far as I can tell, it means my kubeconfig cannot connect to the cluster correctly. I have no aws config file on my computer and have exported AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY (working credentials, we deploy and interact with clusters with these credentials constantly in the CLI and code I’m trying to replace by pulumi. Which I assume is because it did not authenticate correctly using aws-iam-authenticator?
    g
    • 2
    • 2
  • b

    breezy-helmet-47710

    09/28/2020, 8:54 PM
    Hi all, I am brand new to using Pulumi and am trying to make my way through the AWS ECS Fargate tutorial. I am running into an issue and my usual strategy of googling my error is failing me. If anyone is able to help me with this error I would greatly appreciate it:
    error: Error: No 'docker' command available on PATH: Please install to use container 'build' mode.
            at /home/chris/cloud_db/setup/pulumi/node_modules/@pulumi/docker.ts:114:19
            at Generator.throw (<anonymous>)
            at rejected (/home/chris/cloud_db/setup/pulumi/node_modules/@pulumi/docker/docker.js:19:65
    s
    • 2
    • 5
  • p

    proud-pizza-80589

    09/29/2020, 9:47 AM
    I’m really struggling with some of the provider configurations. I have a stack that deploys three k8s clusters, one on aws, one on azure and one on gcp. And, and this is proving hard, i do not want any pulumi config variables and use only environment variables or variables coded in the TS code. Got gcp and azure this is fine, i have the credentials in env files and use in the cluster creation the location field to set the region to e.g. europe-west1-b. But for eks, there is no location field, and as far as i can tell from the docs, it has to be either in the config yaml file, OR use a custom provider. I would have expected the following to work, but since i use a new aws provider, it complains that i also have to do the providerCredentialsOpts `Error: providerCredentialOpts and an AWS provider instance must be set together`:
    const provider = new aws.Provider(`aws`, {
          region: location,
        });
    
        const cluster = new eks.Cluster(
          name,
          {
            skipDefaultNodeGroup: true,
            vpcId: vpc.id,
            publicSubnetIds: vpc.publicSubnetIds,
            privateSubnetIds: vpc.privateSubnetIds,
            instanceRoles: [role],
            name,
          },
          { provider: this.provider }
        );
    But as far as I can tell, it does not listen to the env vars any more so i have to hardcode in the credentials or fetcht hem myself out or process.env.
    s
    c
    • 3
    • 15
  • h

    handsome-actor-1155

    09/29/2020, 11:34 PM
    QQ: I am constantly getting my flow log replaced on every
    pulumi up
    . The resulting diff is:
    ~ logDestination: "arn:aws:logs:us-east-1:ACCTNUMBER:log-group:kstream-vpc-dev" => "arn:aws:logs:us-east-1:ACCTNUMBER:log-group:kstream-vpc-dev:*"
    As you can see, it keeps trying to add the
    :*
    at the end. The AWS console shows that the ARN DOES have the
    :*
    The code I’m using is:
    const flowLog = new aws.ec2.FlowLog("vpc-flow-log-" + pulumi.getStack(), {
        iamRoleArn: config.require("FLOW_LOG_ARN"),
        logDestination: logGroup.arn,
        trafficType: "ALL",
        vpcId: vpc.id,
        tags: {
            Name: "VPC Flow Logs for " + name
        }
    }, {deleteBeforeReplace: true})
    Current package.json dependencies:
    "dependencies": {
        "@pulumi/aws": "^3.5.0",
        "@pulumi/awsx": "^0.22.0",
        "@pulumi/docker": "^2.3.0",
        "@pulumi/pulumi": "^2.10.2"
    }
    Any thoughts on correcting this behavior or preventing Pulumi from trying to replace the flow log every time? p.s. I had to put
    deleteBeforeReplace:true
    so
    pulumi up
    would not fail every time.
  • b

    big-account-56668

    09/30/2020, 1:24 PM
    Using Go I'm trying to create a new Lambda function and I've specified the required handler, role and runtime but I keep getting
    aws:lambda:Function (my-lambda):
        error: Preview failed: required configuration keys were missing
    After adding a name (that I'm assuming maps to the required function_name) still no dice. Next trying to add a local archive using the code field still nothing. I've looked at AWS docs, Pulumi docs, pkg.go.dev docs, Terraform docs and source but have been unable to figure it out. What am I missing?
    b
    b
    p
    • 4
    • 5
  • c

    clever-byte-21551

    09/30/2020, 2:29 PM
    If during a refresh there’s a sudden permissions issue when running pulumi it considers the objects as deleted and updates the state accodingly
  • h

    hundreds-musician-51496

    09/30/2020, 4:07 PM
    If I have multiple AWS profiles in my ~\.aws\config, how do I select one when running
    pulumi up
    ?
    b
    • 2
    • 2
  • t

    thankful-baker-35507

    10/03/2020, 12:27 PM
    Hi folks, I'm trying to deploy AWS Lambda function within a VPC. I use Python, but when I call
    pulumi_aws.lambda_.FunctionVpcConfigArgs
    as per the documentation, I get an error
    AttributeError: module 'pulumi_aws.lambda_' has no attribute 'FunctionVpcConfigArgs'
    . Has anyone managed to deploy AWS Lambda function within a VPC before?
    • 1
    • 2
  • k

    kind-school-28825

    10/03/2020, 5:07 PM
    How to get the public IP address for an ALB that is in front of ECS services?
    s
    c
    • 3
    • 3
  • h

    handsome-dinner-91163

    10/04/2020, 4:42 PM
    I believe I found a bug in the aws.cognito.IdentityProvider provider but it's hard for me to understand how to fix it. In short - providerDetails shouldn't serialize client_id as clientId (same goes for client_secret). Any points as to how to fix and test this locally? Been trying to set up my env for testing a custom version of pulumi-aws for a few hours now, would appreciate some help
  • b

    busy-umbrella-36067

    10/05/2020, 4:17 PM
    Within a
    componentResource
    , is it possible to
    ignoreChanges
    on one of the children? I want to ignore changes on the task definition for an
    awsx.ecs.FargateService
    I have a feeling I will need to use transformations for this.
    l
    • 2
    • 5
  • a

    abundant-appointment-96790

    10/06/2020, 12:35 AM
    QQ: does pulumi support docker compose with ECS?
  • b

    bitter-toddler-22112

    10/06/2020, 8:25 AM
    Hi guys, asked this already in general, but maybe here is a better chance to get an answer :) When creating an eks node group with spot instances, will it be possible to give multiple instance types (like with KOPS the mixedInstancesPolicy)? In the docs the value is named "instanceTypes" (plural), but the description says it will only accept a single value.
    b
    • 2
    • 1
  • s

    silly-train-98536

    10/06/2020, 8:10 PM
    Hi, I received an email for this workshop: https://pulumi.awsworkshop.io/10_prerequisites.html. Is this a live event or a self phased tutorial?
    c
    • 2
    • 3
  • q

    quaint-portugal-34880

    10/06/2020, 10:45 PM
    I have issues with creating an EKS cluster, I get this error
    aws:cloudformation:Stack (process-cluster-nodes):
    error: 1 error occurred:
    * creating urn:pulumi:eks-process-cluster-cdev::eks-process-cluster::eks:index:Cluster$aws:cloudformation/stack:Stack::process-cluster-nodes: 1 error occurred:
    * ROLLBACK_COMPLETE: ["The following resource(s) failed to create: [NodeGroup]. . Rollback requested by user." "The requested configuration is currently not supported. Please check the documentation for supported configurations. Launching EC2 instance failed."]
    error: update failed
    error: Running program '/process-cluster/pulumi' failed with an unhandled exception:
    TypeError: Cannot use 'in' operator to search for 'NodeGroup' in undefined
    Any idea what is wrong?
    l
    • 2
    • 5
  • c

    clean-breakfast-29827

    10/07/2020, 5:19 PM
    Heya, not sure where to ask this question, so I'll just start here. trying to setup an API stack with Pulumi, awsx gateway, Apollo graph server and neo4j... I can get through the apollo server with some typeDefs and resolvers
    import * as awsx from '@pulumi/awsx'
    import { lambda } from '@pulumi/aws'
    import {
      APIGatewayProxyEvent,
      Callback,
      APIGatewayProxyResult,
    } from 'aws-lambda'
    
    import { ApolloServer, gql } from 'apollo-server-lambda'
    
    const AwsLambdaContextForPulumiContext = (
      pulumiContext: lambda.Context
    ): AWSLambda.Context => {
      const lambdaContext: AWSLambda.Context = {
        done() {
          throw new Error('done is just a placeholder ')
        },
        fail() {
          throw new Error('fail is just a placeholder ')
        },
        succeed() {
          throw new Error('succeed is just a placeholder ')
        },
        ...pulumiContext,
        getRemainingTimeInMillis: () =>
          parseInt(pulumiContext.getRemainingTimeInMillis(), 10),
        memoryLimitInMB: pulumiContext.memoryLimitInMB,
      }
      return lambdaContext
    }
    
    const endpoint = new awsx.apigateway.API('hello', {
      routes: [
        {
          path: '/',
          method: 'ANY',
          eventHandler: (
            event: APIGatewayProxyEvent,
            context: lambda.Context,
            callback: CallbackAPIGatewayProxyResult
          ) => {
            const awsContext = AwsLambdaContextForPulumiContext(context)
    
            const typeDefs = gql`
              type Query {
                hello: String
              }
            `
    
            const resolvers = {
              Query: {
                hello: () => 'Hello world!',
              },
            }
            const server = new ApolloServer({
              typeDefs,
              resolvers,
              playground: {
                endpoint: '/',
              },
            })
    
            if (event.httpMethod === 'GET') {
              server.createHandler()(
                { ...event, path: event.requestContext.path || event.path },
                awsContext,
                callback
              )
            } else {
              server.createHandler()(event, awsContext, callback)
            }
          },
        },
      ],
    })
    
    // Export the public URL for the HTTP service
    exports.endpoint = endpoint.url
    but once I attach neo4j driver to a neo4j sandbox all I get back is a timeout error. Wondering if anyone has tried to do this or something similar and can point me towards a resource to debug what is going on here....
  • q

    quaint-electrician-41503

    10/08/2020, 2:45 AM
    Am I missing something? I go to create a bucket with
    aws.s3.Bucket("rd70-stream-dev" ..)
    But my bucket is created as
    rd70-stream-dev-23095803
    . I don't know where I get the additional, unwanted
    -23095803
    . Maybe I'm missing a basic s3 principal, but can't I provide arguments to not create the bucket in this case?
    l
    s
    +2
    • 5
    • 22
  • b

    billions-forest-38488

    10/08/2020, 12:28 PM
    Hi, I'm using the the AWS Pulumi module with Python - I'm trying to create a DocumentDB cluster instance, however, I cannot see how to turn on
    storage_encryption
    as it's not an Input - however it is specified as an Output - https://www.pulumi.com/docs/reference/pkg/aws/docdb/clusterinstance/#storage_encrypted_python Am I missing something? Am I suppose to use
    opts
    ?
    a
    • 2
    • 3
  • a

    ambitious-father-68746

    10/08/2020, 1:56 PM
    I'm getting a very weird behaviour. I have many AWS accounts and in Pulumi I create multiple providers, one for each.
    pulumi up
    is working fine. Unfortunately today I'm getting lots of permission error with
    pulumi regresh
    , which wasn't happening before, as if it's trying to use the main AWS identity without assuming any roles for the other AWS accounts. I'm using the latest versions of Pulumi and pulumi-aws and I didn't update any of the components of my project. Is anyone experiencing the same thing?
    b
    • 2
    • 9
  • q

    quick-finland-93793

    10/08/2020, 2:14 PM
    Since today I'm getting
    Invalid AWS region:
    when deploying stack to AWS.
    aws:region
    is indeed set within the config. Does someone know whats the issue here?
    a
    • 2
    • 2
Powered by Linen
Title
q

quick-finland-93793

10/08/2020, 2:14 PM
Since today I'm getting
Invalid AWS region:
when deploying stack to AWS.
aws:region
is indeed set within the config. Does someone know whats the issue here?
a

ambitious-father-68746

10/08/2020, 2:15 PM
Maybe https://github.com/pulumi/pulumi-aws/issues/1158
q

quick-finland-93793

10/09/2020, 7:12 AM
Thank your for the hint
View count: 1