https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • b

    broad-dog-22463

    10/08/2020, 2:29 PM
    @here we are investigating a P1 issue were Pulumi config is not being read - this is prominent in pulumi-aws v3.6.0 and pulumi-azure v3.24.0 If this is affecting you, you can downgrade the version while we fix this up
  • b

    broad-dog-22463

    10/08/2020, 6:57 PM
    This issue has been resolved and pulumi-aws v3.6.1 has been released
  • n

    nice-policeman-63970

    10/08/2020, 9:46 PM
    Hi, i'm new to pulumi and also mostly new to AWS. I'm trying to deploy a service in fargate using the awsx package. Unlike the basic examples of this in the docs, I want to expose the service via HTTPS on a custom domain. I have almost figured it out, but I'm running into a weird issue I can't figure out with security rules and health checks. My basic setup is this: • a
    awsx.ecs.FargateService
    , with a container listening on port 8080 • a
    <http://awsx.lb|awsx.lb>.ApplicationTargetGroup
    for port 8080 HTTP with the right healthcheck configured. This is connected to the container/service via
    portMappings
    • a
    <http://awsx.lb|awsx.lb>.ApplicationListener
    for port 443 HTTPS, connected to the targetGroup • ... a bunch of route53/ACM stuff that seems to be working by now The problem is that the health checks that the Target Group performs are failing with this setup, but succeeding with a listener on port 8080 HTTP (using the same
    targetGroup
    !) I have narrowed the problem down to the
    awsx:x:ec2:IngressSecurityGroupRule
    (+egress) named
    listener-id-external-0-ingress
    awsx creates. This only includes port 443. If I add port 8080 via the console, everything works. I would have expected that this rule is only applied to the external load balancer, not to the container, but maybe not? What can I do to fix this, without fully rewriting from awsx to aws components? (happy to post typescript snippets as well if they are helpful)
    b
    q
    • 3
    • 6
  • s

    sparse-state-34229

    10/09/2020, 12:56 AM
    Anyone know how I can disable the
    last_updated_by_user
    tag?
    • 1
    • 1
  • a

    adamant-translator-31969

    10/09/2020, 1:55 PM
    Hi! I want to test a project with mocha but, i have this error  
    ERROR: Error: Cannot find module 'ts-node/register'
    Require stack:
    b
    • 2
    • 5
  • r

    rhythmic-napkin-82334

    10/10/2020, 6:59 PM
    Hey all, we run prefect on AWS EKS for orchestration. (How) Can I change a
    config.toml
    using pulumi for the k8s agent?
  • d

    dazzling-sundown-39670

    10/11/2020, 10:11 PM
    So I have an efs store with a creation key, then I have 1 PersistentVolume and 1 PersistentVolumeClaim with both
    persistentVolumeReclaimPolicy: 'Retain',
    . How come the data is lost when I do
    pulumi destroy; pulumi up
    ? Is this due to the random names?
    • 1
    • 1
  • w

    worried-queen-62794

    10/11/2020, 10:26 PM
    When a resource depends on an EC2 resource I'm guessing it only waits for it to be created and not be in the
    Running
    state? If so how can I make it wait?
    l
    b
    • 3
    • 9
  • w

    wonderful-window-14544

    10/12/2020, 1:16 PM
    Hello, trying to import AWS lighsail StaticIp to pulumi as existting resouce (imported a few things before and it works) but something is not ok. Pulumi cannot import that IP. Looks like AWS API request requirements is not fullfilled. Here is pulumi code:
    const staticIp = new aws.lightsail.StaticIp(
      "my-static-ip",
      {
        name: "my-static-ip"
      },
      {
        import: "my-static-ip",
      }
    );
    and here is output from pulumi:
    {
          RespMetadata: {
            StatusCode: 400,
            RequestID: "foo-baar"
          },
          Code_: "MissingParams",
          Message_: "These parameters are required: staticIpName"
        }
    Is it some way how to import that IP?
  • q

    quaint-electrician-41503

    10/13/2020, 4:24 AM
    I'm trying to use https://www.pulumi.com/docs/reference/pkg/aws/iam/rolepolicyattachment/ and I only have a library the exports a role arn vs a role. Any ideas how I can do this or do I have to go back to the library provider and ask them to export the role?
    l
    • 2
    • 13
  • f

    future-megabyte-14556

    10/13/2020, 10:03 AM
    Is it possible to configure EKS NodeGroup to use elastic IPs ? I need my Nodes to run on reserved IP addresses. Using TypeScript btw.
  • d

    dazzling-sundown-39670

    10/13/2020, 12:18 PM
    How come I get this error (
    error creating RDS DB Instance: InvalidParameterCombination: RDS does not support creating a DB instance with the following combination: DBInstanceClass=db.m5.xlarge, Engine=aurora, EngineVersion=5.6.mysql_aurora.1.22.2, LicenseModel=general-public-license
    ) using Pulumi but can create the same combination via the aws console?
  • b

    broad-church-78931

    10/13/2020, 5:23 PM
    Hi, if defining with Pulumi so that the Secrets Manager to rotate RDS secrets would the lambda functions need to be defined manually,,? Asking because from the AWS console defining the rotation seems to be automated in that parts...
    g
    • 2
    • 5
  • h

    happy-pencil-64085

    10/13/2020, 8:09 PM
    Is there a best practice for calling the AWS SDK from my pulumi program? Currently writing in C# and most of my infrastructure is defined in the constructors for my different stacks. Essentially, I need to create a table in Athena and there is no way to do it through the current Pulumi (terraform) API
    l
    w
    • 3
    • 7
  • q

    quaint-electrician-41503

    10/13/2020, 9:55 PM
    How can we detach a policy from an aws role instance? https://docs.aws.amazon.com/cli/latest/reference/iam/detach-role-policy.html
    w
    • 2
    • 4
  • q

    quaint-electrician-41503

    10/14/2020, 5:25 AM
    I've been using
    iam.RolePolicyAttachment
    since yesterday to attach to an
    iam.Policy
    to a role. https://pulumi-community.slack.com/archives/CRH5ENVDX/p1602563075111100 . It seemed to work. Today I am again trying to use the same
    iam.RolePolicyAttachment
    . I see pulumi tell me the role attachment is created. But I look into the AWS console and look at the role or the policy itself and it's not attached. I am able to attach an aws manage policy today but not the custom policy I added yesterday. What should I be looking for as the breaking change? Why does pulumi tell me the attachment is created but I don't see it attached?
    g
    c
    • 3
    • 21
  • a

    ambitious-father-68746

    10/14/2020, 2:02 PM
    Hi, when I run any
    pulumi
    command I'm getting:
    error: failed to load checkpoint: blob (key ".pulumi/stacks/prod.json") (code=Unknown): MissingRegion: could not find region configuration
    q
    • 2
    • 2
  • a

    ambitious-father-68746

    10/14/2020, 2:03 PM
    $ cat Pulumi.prod.yaml
    ...
    config:
      aws:region: eu-west-1
    ...
  • a

    ambitious-father-68746

    10/14/2020, 2:03 PM
    Is this not used for the initial connection AWS? I'm using S3 to store state and KMS to store the secret key.
  • b

    broad-dog-22463

    10/14/2020, 2:13 PM
    @ambitious-father-68746 what version of Pulumi aws are you using?
  • a

    ambitious-father-68746

    10/14/2020, 2:14 PM
    The latest, 3.7.0, but it was happening on the previous one as well
  • b

    broad-dog-22463

    10/14/2020, 2:14 PM
    Mmmhhhh
  • b

    broad-dog-22463

    10/14/2020, 2:14 PM
    Can you open an issue with some details and I can look into it immediately?
  • a

    ambitious-father-68746

    10/14/2020, 2:14 PM
    Thank you, I will
  • b

    billowy-army-68599

    10/14/2020, 2:42 PM
    i believe this is a known issue, we don't actually read the backend config from the stack config, so you need to set
    AWS_REGION
    . I can't find the issue detailing it now, but @white-balloon-205 may know more
    ☝️ 1
    b
    b
    +2
    • 5
    • 6
  • w

    worried-queen-62794

    10/14/2020, 8:34 PM
    This morning I am unable to update. I seem to be encountering https://github.com/pulumi/pulumi-aws/issues/814. I don't get why it would be using an expired token, I am manually calling
    aws sts get-session-token
    (because I use MFA) and setting the
    AWS_ACCESS_KEY_ID
    ,
    AWS_SECRET_ACCESS_KEY
    ,
    AWS_SESSION_TOKEN
    myself. They are definitely not expired. Any idea why this would be happening?
    l
    b
    • 3
    • 18
  • b

    billowy-ocean-41790

    10/14/2020, 9:49 PM
    Hi! I'm trying to use AWS SecretsManager with an ECS service I'm provisioning. In the few places that receive a secret ARN, the pulumi typescript expects a
    string
    rather than an
    Output<string>
    . We'd expect it to accept
    string | Output<string>
    , so that we can dynamically assign it from a
    new aws.secretsmanager.Secret
    .
    b
    g
    • 3
    • 11
  • b

    billowy-ocean-41790

    10/14/2020, 9:50 PM
    Right now this is in the
    secrets
    valueFrom
    of our ECS container definition.
  • b

    billowy-ocean-41790

    10/14/2020, 9:50 PM
    Is there a technical constraint or reason for it to be like this?
  • d

    dazzling-sundown-39670

    10/14/2020, 11:36 PM
    https://github.com/kubernetes/autoscaler/tree/master/charts/cluster-autoscaler-chart#aws---iam how would I do this part in Pulumi?
Powered by Linen
Title
d

dazzling-sundown-39670

10/14/2020, 11:36 PM
https://github.com/kubernetes/autoscaler/tree/master/charts/cluster-autoscaler-chart#aws---iam how would I do this part in Pulumi?
View count: 1