handsome-army-82617
10/27/2020, 11:11 PM2.11.2
. Looks like 2.12.x introduced breaking changes AWS around certificate generation and domain validation.brief-printer-34348
10/27/2020, 11:17 PMskip_destroy=True
on the volume attachment.gentle-account-13294
10/28/2020, 9:08 PM# Route tables
opts.import_ = "rtb-a7a13cce"
route_table_args = [
RouteTableRouteArgs(
cidr_block="0.0.0.0/0",
gateway_id=igw_a2a13ccb.id,
instance_id=inst_805db614.id,
network_interface_id="eni-8e4a7cc2",
egress_only_gateway_id="",
ipv6_cidr_block="",
local_gateway_id="",
nat_gateway_id="",
transit_gateway_id="",
vpc_peering_connection_id="",
)
]
rtb_a7a13cce = aws.ec2.RouteTable(
resource_name="rtb-a7a13cce",
vpc_id=vpc_a5a13ccc.id,
routes=route_table_args,
propagating_vgws=[vgw_0dc6bd0a91af1ae21.id],
opts=opts
)
the "diff" is resulting in :average-kilobyte-47828
10/30/2020, 9:15 AMportMappings: [listener]
, which looks like a bit of magic. It uses listeners default target group. Can I provide a target group directly instead of a listener?gifted-vase-28337
10/30/2020, 5:41 PMarn:aws:iam::{account ID}:saml-provider/AWSSSO_{redacted}_DO_NOT_DELETE
. With that as the role's assume_role policy principal
(with type Federated
), the role assumption fails with
* error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.
Should I be doing this differently?blue-morning-55097
11/02/2020, 8:22 PMblue-morning-55097
11/02/2020, 8:23 PMup
successfully.creamy-traffic-12121
11/03/2020, 2:46 PM$ pulumi up
. The bucket in question does have versioning enabled.sticky-translator-17495
11/03/2020, 7:09 PMproviderAwsGlobal
provider still creates resources in "eu-west-1". The instance metadata service is on a profile that defaults to "eu-west-1", but it's still possible using it to interact with other regions. E.g. if I run AWS_REGION=us-east-1 aws ...
it nicely interacts with another region.
Anyone encountered this and have any ideas how to tackle it? Does pulumi support setting region when the instance metadata service is relied upon for authentication?
EDIT: I noticed, having a resource outside my ComponentResource it creates it in the correct region. But not the resources within the ComponentResource. I updated the code example for more claritycurved-pencil-86122
11/04/2020, 8:56 AMvictorious-car-86108
11/04/2020, 1:57 PMError describing created certificate: Expected certificate to be issued but was in state PENDING_VALIDATION
. I've downgraded to Pulumi 2.11.2 with no success. A few issues I've stumbled across: Terraform, interface {} is string, not int, deletion of ACM Certificate.mammoth-hair-25087
11/04/2020, 5:46 PMgentle-account-13294
11/05/2020, 12:37 AMimport pulumi
import pulumi_aws as aws
#e.g. for SecurityGroup
aws.ec2.SecurityGroup
# what is the equivalent for Managed Prefix List ??
handsome-dinner-91163
11/05/2020, 12:01 PMred-keyboard-36959
11/05/2020, 3:23 PMerror: Running program '/home/tom/work/aws-typescript' failed with an unhandled exception:
Error: Unable to deserialize resource urn:pulumi:dev::aws-typescript::eks:index:Cluster$aws:iam/instanceProfile:InstanceProfile::helloworld-instanceProfile, no module is registered for iam/instanceProfile.
at deserializeProperty (/home/tom/work/aws-typescript/node_modules/@pulumi/pulumi/runtime/rpc.js:486:31)
at Object.deserializeProperties (/home/tom/work/aws-typescript/node_modules/@pulumi/pulumi/runtime/rpc.js:125:24)
at /home/tom/work/aws-typescript/node_modules/@pulumi/pulumi/runtime/resource.js:436:43
at Generator.next (<anonymous>)
at /home/tom/work/aws-typescript/node_modules/@pulumi/pulumi/runtime/resource.js:21:71
at new Promise (<anonymous>)
at __awaiter (/home/tom/work/aws-typescript/node_modules/@pulumi/pulumi/runtime/resource.js:17:12)
at resolveOutputs (/home/tom/work/aws-typescript/node_modules/@pulumi/pulumi/runtime/resource.js:431:12)
at Object.<anonymous> (/home/tom/work/aws-typescript/node_modules/@pulumi/pulumi/runtime/resource.js:233:19)
at Generator.throw (<anonymous>)
red-keyboard-36959
11/05/2020, 3:25 PMbitter-oil-45383
11/05/2020, 10:42 PM/**
* routes
*/
export const routes: Route[] = [
{
path: '/api/speak',
method: 'POST',
eventHandler: speakApiLambdaFn,
},
];
const aspScanApiEndpoint = new awsx.apigateway.API('myApi' {
stageName: pulumi.getStack(),
routes
});
little-cartoon-10569
11/05/2020, 10:48 PMlittle-cartoon-10569
11/06/2020, 12:53 AMpulumi preview -v 9
is reporting this error:
error: awsec2/instanceInstance resource 'preprod-batch' has a problem: Computed attribute cannot be setNothing else. No idea how to tell which property or what value. It's in code that hasn't changed in days. Any idea if recent changes to Pulumi or the AWS provider might cause previously-valid config to become invalid?
billions-forest-38488
11/06/2020, 10:08 AMebs_volume = ebs.Volume(
resource_name=f"{self.stack_name}-ebs",
availability_zone=preferred_az,
size=self.stack_config['ebs_volume_size'],
encrypted=True,
tags={
'Name': f"{self.stack_name}-ebs-data",
})
policy_params = {
'EBS_ARN': ebs_volume.arn
}
policy = iam.Policy(
resource_name=f'{self.stack_name}-instance-policy',
opts=ResourceOptions(depends_on=[ebs_volume]),
policy=render_jinja2_template('templates/instance_policy.json', policy_params)
)
Policy Doc snippet:
{
"Effect": "Allow",
"Action": [
"ec2:AttachVolume",
"ec2:DetachVolume"
],
"Resource": [
"{{ EBS_ARN }}",
"arn:aws:ec2:*:*:instance/*"
]
},
I currently get malformed policy due to <pulumi.output.Output object at 0x7fb6e7a67880>
Any help would be greatly appreciated! thanks
I don't understand how I can (for example): Create a RDS instance and then create a Route53 record based on the RDS endpoint output...quick-apartment-308
11/06/2020, 8:59 PMError: Running program '/services/legacy-alert-sync' failed with an unhandled exception:
Error: Unable to deserialize resource urn:pulumi:dev::legacy-alert-sync::aws:iam/role:Role::legacy-alert-sync-dev-legacyAlertSync, no module is registered for iam/role.
Has anyone seen something like this?average-kilobyte-47828
11/07/2020, 1:26 AMbillions-glass-17089
11/08/2020, 1:55 PMaverage-kilobyte-47828
11/08/2020, 5:39 PMaverage-kilobyte-47828
11/08/2020, 5:43 PMaverage-kilobyte-47828
11/08/2020, 5:49 PMaverage-kilobyte-47828
11/08/2020, 5:51 PMaverage-kilobyte-47828
11/08/2020, 5:54 PMhundreds-egg-46465
11/09/2020, 4:08 AMisTaggable
function, are you expected to make it yourself or is it provided in some library, its a bit unclear to me sorry https://www.pulumi.com/blog/automatically-enforcing-aws-resource-tagging-policies/gifted-vase-28337
11/09/2020, 8:21 AM