broad-dog-22463
10/08/2020, 2:29 PMbroad-dog-22463
10/08/2020, 6:57 PMnice-policeman-63970
10/08/2020, 9:46 PMawsx.ecs.FargateService
, with a container listening on port 8080
• a <http://awsx.lb|awsx.lb>.ApplicationTargetGroup
for port 8080 HTTP with the right healthcheck configured. This is connected to the container/service via portMappings
• a <http://awsx.lb|awsx.lb>.ApplicationListener
for port 443 HTTPS, connected to the targetGroup
• ... a bunch of route53/ACM stuff that seems to be working by now
The problem is that the health checks that the Target Group performs are failing with this setup, but succeeding with a listener on port 8080 HTTP (using the same targetGroup
!)
I have narrowed the problem down to the awsx:x:ec2:IngressSecurityGroupRule
(+egress) named listener-id-external-0-ingress
awsx creates. This only includes port 443. If I add port 8080 via the console, everything works. I would have expected that this rule is only applied to the external load balancer, not to the container, but maybe not? What can I do to fix this, without fully rewriting from awsx to aws components?
(happy to post typescript snippets as well if they are helpful)sparse-state-34229
10/09/2020, 12:56 AMlast_updated_by_user
tag?adamant-translator-31969
10/09/2020, 1:55 PMERROR: Error: Cannot find module 'ts-node/register'
Require stack:
rhythmic-napkin-82334
10/10/2020, 6:59 PMconfig.toml
using pulumi for the k8s agent?dazzling-sundown-39670
10/11/2020, 10:11 PMpersistentVolumeReclaimPolicy: 'Retain',
. How come the data is lost when I do pulumi destroy; pulumi up
? Is this due to the random names?worried-queen-62794
10/11/2020, 10:26 PMRunning
state? If so how can I make it wait?wonderful-window-14544
10/12/2020, 1:16 PMconst staticIp = new aws.lightsail.StaticIp(
"my-static-ip",
{
name: "my-static-ip"
},
{
import: "my-static-ip",
}
);
and here is output from pulumi:
{
RespMetadata: {
StatusCode: 400,
RequestID: "foo-baar"
},
Code_: "MissingParams",
Message_: "These parameters are required: staticIpName"
}
Is it some way how to import that IP?quaint-electrician-41503
10/13/2020, 4:24 AMfuture-megabyte-14556
10/13/2020, 10:03 AMdazzling-sundown-39670
10/13/2020, 12:18 PMerror creating RDS DB Instance: InvalidParameterCombination: RDS does not support creating a DB instance with the following combination: DBInstanceClass=db.m5.xlarge, Engine=aurora, EngineVersion=5.6.mysql_aurora.1.22.2, LicenseModel=general-public-license
) using Pulumi but can create the same combination via the aws console?broad-church-78931
10/13/2020, 5:23 PMhappy-pencil-64085
10/13/2020, 8:09 PMquaint-electrician-41503
10/13/2020, 9:55 PMquaint-electrician-41503
10/14/2020, 5:25 AMiam.RolePolicyAttachment
since yesterday to attach to an iam.Policy
to a role. https://pulumi-community.slack.com/archives/CRH5ENVDX/p1602563075111100 . It seemed to work. Today I am again trying to use the same iam.RolePolicyAttachment
. I see pulumi tell me the role attachment is created. But I look into the AWS console and look at the role or the policy itself and it's not attached. I am able to attach an aws manage policy today but not the custom policy I added yesterday. What should I be looking for as the breaking change? Why does pulumi tell me the attachment is created but I don't see it attached?ambitious-father-68746
10/14/2020, 2:02 PMpulumi
command I'm getting:
error: failed to load checkpoint: blob (key ".pulumi/stacks/prod.json") (code=Unknown): MissingRegion: could not find region configuration
ambitious-father-68746
10/14/2020, 2:03 PM$ cat Pulumi.prod.yaml
...
config:
aws:region: eu-west-1
...
ambitious-father-68746
10/14/2020, 2:03 PMbroad-dog-22463
10/14/2020, 2:13 PMambitious-father-68746
10/14/2020, 2:14 PMbroad-dog-22463
10/14/2020, 2:14 PMbroad-dog-22463
10/14/2020, 2:14 PMambitious-father-68746
10/14/2020, 2:14 PMbillowy-army-68599
AWS_REGION
. I can't find the issue detailing it now, but @white-balloon-205 may know moreworried-queen-62794
10/14/2020, 8:34 PMaws sts get-session-token
(because I use MFA) and setting the AWS_ACCESS_KEY_ID
, AWS_SECRET_ACCESS_KEY
, AWS_SESSION_TOKEN
myself. They are definitely not expired. Any idea why this would be happening?billowy-ocean-41790
10/14/2020, 9:49 PMstring
rather than an Output<string>
. We'd expect it to accept string | Output<string>
, so that we can dynamically assign it from a new aws.secretsmanager.Secret
.billowy-ocean-41790
10/14/2020, 9:50 PMsecrets
valueFrom
of our ECS container definition.billowy-ocean-41790
10/14/2020, 9:50 PMdazzling-sundown-39670
10/14/2020, 11:36 PM