worried-city-86458
09/23/2020, 12:31 AM// node launch template; <https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html>
var nodeLaunchTemplate = new LaunchTemplate($"{prefix}-node-lt",
new LaunchTemplateArgs
{
InstanceType = config.InstanceType,
KeyName = config.KeyName,
MetadataOptions = new LaunchTemplateMetadataOptionsArgs { HttpPutResponseHopLimit = 2 },
Tags = config.EnvTags.Merge("Name", $"{prefix}-node"),
UpdateDefaultVersion = true,
VpcSecurityGroupIds =
{
// <https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html#launch-template-security-groups>
cluster.VpcConfig.Apply(config => config.ClusterSecurityGroupId!),
securityGroupStack.Apply(stack => stack.Outputs["InternalAccessSG"])
}
});
returns an error:
aws:ec2:LaunchTemplate (alpha-eks-node-lt):
error: 1 error occurred:
* InvalidParameterValue: A value of '' is not valid for http-endpoint. Valid values are 'enabled' or 'disabled'.
If I remove MetadataOptions
it succeeds.worried-city-86458
09/23/2020, 12:34 AMHttpEndpoint
should default to enabled.
It's nullable in c#, so I expected it to use the default under the hood if unspecified. If I explicitly specify it then it works.
Am I missing something or should this not be nullable?worried-city-86458
09/23/2020, 12:41 AMbitter-dentist-28132
09/23/2020, 3:28 PMpulumi destroy
, otherwise it just hangs forever.eager-appointment-42460
09/23/2020, 6:16 PMworried-city-86458
09/24/2020, 12:02 AMworried-city-86458
09/24/2020, 12:04 AMhandsome-army-82617
09/24/2020, 12:15 AMlittle-cartoon-10569
09/24/2020, 3:09 AMpanic: fatal: An assertion has failed: Expected diff to not require deletion or replacement during Update of urn😛ulumi:core:😒hared-resources:😛ams:aws:ManagedDb$aws:rds/instance:Instance::mydb
proud-pizza-80589
09/26/2020, 5:50 AMconst provider = new aws.Provider('aws', {region: 'eu-west-3',secretKey: 'm/XXX/xxxxx',accessKey: 'XXXXX' });
const cluster = new eks.Cluster('my-cluster',{...},{ provider });
but it deploys using the user on my computer. What am I missing?proud-pizza-80589
09/26/2020, 8:20 PMpulumi-nodejs:dynamic:Resource (newcluster-vpc-cni):
   error: Command failed: kubectl apply -f /var/folders/93/trfs1ns93nx39y22gbwx6hmr0000gn/T/tmp-13508VziZRSVp56CV.tmp
  error: You must be logged in to the server (the server has asked for the client to provide credentials)
Full error log and the yaml it tries to deploy and my computers kubeconfig:Â https://gist.github.com/roderik/1a969b10c4365841ab72e79b51152b9b
As far as I can tell, it means my kubeconfig cannot connect to the cluster correctly.
I have no aws config file on my computer and have exported AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY (working credentials, we deploy and interact with clusters with these credentials constantly in the CLI and code I’m trying to replace by pulumi.
Which I assume is because it did not authenticate correctly using aws-iam-authenticator?breezy-helmet-47710
09/28/2020, 8:54 PMerror: Error: No 'docker' command available on PATH: Please install to use container 'build' mode.
at /home/chris/cloud_db/setup/pulumi/node_modules/@pulumi/docker.ts:114:19
at Generator.throw (<anonymous>)
at rejected (/home/chris/cloud_db/setup/pulumi/node_modules/@pulumi/docker/docker.js:19:65
proud-pizza-80589
09/29/2020, 9:47 AMconst provider = new aws.Provider(`aws`, {
region: location,
});
const cluster = new eks.Cluster(
name,
{
skipDefaultNodeGroup: true,
vpcId: vpc.id,
publicSubnetIds: vpc.publicSubnetIds,
privateSubnetIds: vpc.privateSubnetIds,
instanceRoles: [role],
name,
},
{ provider: this.provider }
);
But as far as I can tell, it does not listen to the env vars any more so i have to hardcode in the credentials or fetcht hem myself out or process.env.handsome-actor-1155
09/29/2020, 11:34 PMpulumi up
. The resulting diff is:
~ logDestination: "arn:aws:logs:us-east-1:ACCTNUMBER:log-group:kstream-vpc-dev" => "arn:aws:logs:us-east-1:ACCTNUMBER:log-group:kstream-vpc-dev:*"
As you can see, it keeps trying to add the :*
at the end. The AWS console shows that the ARN DOES have the :*
The code I’m using is:
const flowLog = new aws.ec2.FlowLog("vpc-flow-log-" + pulumi.getStack(), {
iamRoleArn: config.require("FLOW_LOG_ARN"),
logDestination: logGroup.arn,
trafficType: "ALL",
vpcId: vpc.id,
tags: {
Name: "VPC Flow Logs for " + name
}
}, {deleteBeforeReplace: true})
Current package.json dependencies:
"dependencies": {
"@pulumi/aws": "^3.5.0",
"@pulumi/awsx": "^0.22.0",
"@pulumi/docker": "^2.3.0",
"@pulumi/pulumi": "^2.10.2"
}
Any thoughts on correcting this behavior or preventing Pulumi from trying to replace the flow log every time?
p.s. I had to put deleteBeforeReplace:true
so pulumi up
would not fail every time.big-account-56668
09/30/2020, 1:24 PMaws:lambda:Function (my-lambda):
error: Preview failed: required configuration keys were missing
After adding a name (that I'm assuming maps to the required function_name) still no dice. Next trying to add a local archive using the code field still nothing. I've looked at AWS docs, Pulumi docs, pkg.go.dev docs, Terraform docs and source but have been unable to figure it out. What am I missing?clever-byte-21551
09/30/2020, 2:29 PMhundreds-musician-51496
09/30/2020, 4:07 PMpulumi up
?thankful-baker-35507
10/03/2020, 12:27 PMpulumi_aws.lambda_.FunctionVpcConfigArgs
as per the documentation, I get an error AttributeError: module 'pulumi_aws.lambda_' has no attribute 'FunctionVpcConfigArgs'
. Has anyone managed to deploy AWS Lambda function within a VPC before?kind-school-28825
10/03/2020, 5:07 PMhandsome-dinner-91163
10/04/2020, 4:42 PMbusy-umbrella-36067
10/05/2020, 4:17 PMcomponentResource
, is it possible to ignoreChanges
on one of the children?
I want to ignore changes on the task definition for an awsx.ecs.FargateService
I have a feeling I will need to use transformations for this.abundant-appointment-96790
10/06/2020, 12:35 AMbitter-toddler-22112
10/06/2020, 8:25 AMsilly-train-98536
10/06/2020, 8:10 PMquaint-portugal-34880
10/06/2020, 10:45 PMaws:cloudformation:Stack (process-cluster-nodes):
error: 1 error occurred:
* creating urn:pulumi:eks-process-cluster-cdev::eks-process-cluster::eks:index:Cluster$aws:cloudformation/stack:Stack::process-cluster-nodes: 1 error occurred:
* ROLLBACK_COMPLETE: ["The following resource(s) failed to create: [NodeGroup]. . Rollback requested by user." "The requested configuration is currently not supported. Please check the documentation for supported configurations. Launching EC2 instance failed."]
error: update failed
error: Running program '/process-cluster/pulumi' failed with an unhandled exception:
TypeError: Cannot use 'in' operator to search for 'NodeGroup' in undefined
Any idea what is wrong?clean-breakfast-29827
10/07/2020, 5:19 PMimport * as awsx from '@pulumi/awsx'
import { lambda } from '@pulumi/aws'
import {
APIGatewayProxyEvent,
Callback,
APIGatewayProxyResult,
} from 'aws-lambda'
import { ApolloServer, gql } from 'apollo-server-lambda'
const AwsLambdaContextForPulumiContext = (
pulumiContext: lambda.Context
): AWSLambda.Context => {
const lambdaContext: AWSLambda.Context = {
done() {
throw new Error('done is just a placeholder ')
},
fail() {
throw new Error('fail is just a placeholder ')
},
succeed() {
throw new Error('succeed is just a placeholder ')
},
...pulumiContext,
getRemainingTimeInMillis: () =>
parseInt(pulumiContext.getRemainingTimeInMillis(), 10),
memoryLimitInMB: pulumiContext.memoryLimitInMB,
}
return lambdaContext
}
const endpoint = new awsx.apigateway.API('hello', {
routes: [
{
path: '/',
method: 'ANY',
eventHandler: (
event: APIGatewayProxyEvent,
context: lambda.Context,
callback: CallbackAPIGatewayProxyResult
) => {
const awsContext = AwsLambdaContextForPulumiContext(context)
const typeDefs = gql`
type Query {
hello: String
}
`
const resolvers = {
Query: {
hello: () => 'Hello world!',
},
}
const server = new ApolloServer({
typeDefs,
resolvers,
playground: {
endpoint: '/',
},
})
if (event.httpMethod === 'GET') {
server.createHandler()(
{ ...event, path: event.requestContext.path || event.path },
awsContext,
callback
)
} else {
server.createHandler()(event, awsContext, callback)
}
},
},
],
})
// Export the public URL for the HTTP service
exports.endpoint = endpoint.url
but once I attach neo4j driver to a neo4j sandbox all I get back is a timeout error. Wondering if anyone has tried to do this or something similar and can point me towards a resource to debug what is going on here....quaint-electrician-41503
10/08/2020, 2:45 AMaws.s3.Bucket("rd70-stream-dev" ..)
But my bucket is created as rd70-stream-dev-23095803
. I don't know where I get the additional, unwanted -23095803
. Maybe I'm missing a basic s3 principal, but can't I provide arguments to not create the bucket in this case?billions-forest-38488
10/08/2020, 12:28 PMstorage_encryption
as it's not an Input - however it is specified as an Output - https://www.pulumi.com/docs/reference/pkg/aws/docdb/clusterinstance/#storage_encrypted_python
Am I missing something? Am I suppose to use opts
?ambitious-father-68746
10/08/2020, 1:56 PMpulumi up
is working fine. Unfortunately today I'm getting lots of permission error with pulumi regresh
, which wasn't happening before, as if it's trying to use the main AWS identity without assuming any roles for the other AWS accounts. I'm using the latest versions of Pulumi and pulumi-aws and I didn't update any of the components of my project. Is anyone experiencing the same thing?quick-finland-93793
10/08/2020, 2:14 PMInvalid AWS region:
when deploying stack to AWS. aws:region
is indeed set within the config. Does someone know whats the issue here?quick-finland-93793
10/08/2020, 2:14 PMInvalid AWS region:
when deploying stack to AWS. aws:region
is indeed set within the config. Does someone know whats the issue here?ambitious-father-68746
10/08/2020, 2:15 PMquick-finland-93793
10/09/2020, 7:12 AM