millions-furniture-75402
02/24/2021, 8:20 PMaws --profile grey-sandbox-deployment ec2 describe-instances
will work, but aws:profile
in Pulumi.sandbox.yaml
will not work, complaining about missing AWS accesskey and secretaccesskeys.
pulumi preview
...
Error: invocation of aws:index/getCallerIdentity:getCallerIdentity returned an error: unable to discover AWS AccessKeyID and/or SecretAccessKey - see <https://pulumi.io/install/aws.html> for details on configuration
We see that assumeRole is supported by the provider https://www.pulumi.com/docs/reference/pkg/aws/provider/#providerassumerole — but there is no mfa_serial
not that we want to pass that to the AWS Provider…
It would be preferred if the AWS Provider understood the AWS config the same way as the aws cli.creamy-autumn-77774
02/25/2021, 12:06 AMpulumi refresh
and a pulumi up
to reattach those policies.fierce-television-51712
02/25/2021, 5:42 PMcreationRoleProvider
option on the eks.Cluster
resource?lively-ice-73493
02/26/2021, 9:27 PMchilly-magazine-6129
02/27/2021, 11:07 PMsquare-ability-48831
02/28/2021, 6:46 PMpulumi up
with no real idea what the holdup is - what can i do to determine why this is hanging for 30 minutes or more? attached output and also with --logtostderr
file. nothing is being created in aws.enough-leather-70274
03/01/2021, 6:54 AMaverage-nest-71706
03/01/2021, 1:00 PMimport pulumi
import pulumi_aws as aws
size = 't2.micro'
ami = aws.get_ami(most_recent="true",
owners=["amazon"],
filters=[{"name":"name", "values":["amzn-ami-hvm-*"]}]
)
group = aws.ec2.SecurityGroup('webserver-secgrp',
description="Enable HTTP access",
ingress=[
{ 'protocol': 'tcp', 'from_port': 22, 'to_port': 22, 'cidr_blocks': ['0.0.0.0/0'] },
{ 'protocol': 'tcp', 'from_port': 80, 'to_port': 80, 'cidr_blocks': ['0.0.0.0/0'] }
]
)
user_data = """
#!/bin/bash
echo "Hello, World!" > index.html
nohup python -m SimpleHTTPServer 80 &
"""
server = aws.ec2.Instance('webserver-www',
instance_type=size,
vpc_security_group_ids = [group.id],
user_data=user_data,
ami=ami.id
)
pulumi.export('publicIp', server.public_ip)
pulumi.export('publicHostName', server.public_dns)
My question is how am I going to add that on the code above? I've been trying different code but still not successful in adding the existing keypair.creamy-minister-70065
03/01/2021, 5:10 PMenough-leather-70274
03/01/2021, 10:47 PMcreamy-minister-70065
03/02/2021, 12:24 PMcreamy-minister-70065
03/02/2021, 12:24 PMdamp-school-17708
03/02/2021, 4:27 PMadamant-dress-73325
03/02/2021, 11:04 PMrich-leather-25702
03/03/2021, 12:22 PMconst contentBucket = new aws.s3.Bucket('s3bucket',
{
bucket: 'bucket-1',
acl: 'public-read',
});
const s3Policy = new aws.iam.Policy('s3-test-policy', {
policy: JSON.stringify({
Version: '2012-10-17',
Statement: [{
Action: [
's3:ListBucket',
's3:GetObject ',
],
Effect: 'Allow',
Resource: contentBucket.arn
}]
})
});
Which returns
aws:iam:Policy (s3-test-policy):
error: 1 error occurred:
* Error creating IAM policy shu-tower-frontend-dev-s3-policy-4518918: MalformedPolicyDocument: Partition "
1" is not valid for resource "arn:
1: o.apply(v => v.toJSON())
2: o.apply(v => JSON.stringify(v))
I’ve read the Inputs and Outputs page, but nothing I do seems to reveal the ARN of the resource (even though I can see in the Pulumi console that it was successfully created.adamant-translator-31969
03/03/2021, 1:11 PMfuture-nightfall-79300
03/03/2021, 1:56 PMpulumi refresh --skip-preview --logtostderr -v=9 2> pulumi_out.log --tracing=file:./up.trace
) being:
I0303 15:51:37.212112 4505 snapshot.go:437] SnapshotManager: refreshSnapshotMutation.End(..., true)
rhythmic-ambulance-86976
03/03/2021, 4:38 PMrbs_fargate_group = aws.eks.FargateProfile("rbs-infrastructure-fargate-profile", cluster_name=eks_cluster.id,
I get
TypeError: Missing required property 'cluster_name'
any ideas why? and I've tried using eks_cluster.name, but then I get
error: aws:eks/fargateProfile:FargateProfile resource 'rbs-infrastructure-fargate-profile' has a problem: Required attribute is not set
millions-furniture-75402
03/03/2021, 7:05 PMchilly-hairdresser-56259
03/03/2021, 8:57 PMbroad-hairdresser-1495
03/04/2021, 12:51 AMpulumi up
first time to create AWS ec2 instance with increased root disk
and then run again same script with pulumi up
, pulumi thinks there are changes needed in that instance (this happens only when deploying with increased root disk)
>pulumi up
Previewing update (aws2_rest_s)
Type Name Plan Info
+ pulumi:pulumi:Stack aws2_rest-aws2_rest_s create 3 messages
+ ├─ aws:ec2:NetworkInterface aws2-eu1tst-rhtestsuppdb001-eth0 create
+ └─ aws:ec2:Instance aws2-eu1tst-test1 create
>pulumi up
Previewing update (aws2_rest_s)
Type Name Plan Info
pulumi:pulumi:Stack aws2_rest-aws2_rest_s 3 messages
+- └─ aws:ec2:Instance aws2-eu1tst-test1 replace [diff: ~ebsBlockDevices] <<<this should not be a diff
Do you want to perform this update? details
pulumi:pulumi:Stack: (same)
[urn=urn:pulumi:aws2_rest_s::aws2_rest::pulumi:pulumi:Stack::aws2_rest-aws2_rest_s]
++aws:ec2/instance:Instance: (create-replacement)
[id=i-003ff8680bbece029]
[urn=urn:pulumi:aws2_rest_s::aws2_rest::aws:ec2/instance:Instance::aws2-eu1tst-test1]
[provider=urn:pulumi:aws2_rest_s::aws2_rest::pulumi:providers:aws::default_3_31_0::41672f54-4965-4cdb-81b5-cced77d0ff83]
~ ebsBlockDevices: [
~ [0]: {
+ deleteOnTermination: true
+ deviceName : "/dev/sda1"
+ volumeSize : 60
}
]
+-aws:ec2/instance:Instance: (replace)
[id=i-003ff8680bbece029]
[urn=urn:pulumi:aws2_rest_s::aws2_rest::aws:ec2/instance:Instance::aws2-eu1tst-test1]
[provider=urn:pulumi:aws2_rest_s::aws2_rest::pulumi:providers:aws::default_3_31_0::41672f54-4965-4cdb-81b5-cced77d0ff83]
~ ebsBlockDevices: [
~ [0]: {
+ deleteOnTermination: true
+ deviceName : "/dev/sda1"
+ volumeSize : 60
}
]
--aws:ec2/instance:Instance: (delete-replaced)
[id=i-003ff8680bbece029]
[urn=urn:pulumi:aws2_rest_s::aws2_rest::aws:ec2/instance:Instance::aws2-eu1tst-test1]
[provider=urn:pulumi:aws2_rest_s::aws2_rest::pulumi:providers:aws::default_3_31_0::41672f54-4965-4cdb-81b5-cced77d0ff83]
is there some workaround this issue? or is it a bug?acceptable-stone-35112
03/04/2021, 12:50 PMcolossal-plastic-46140
03/04/2021, 2:32 PMacoustic-room-2113
03/04/2021, 11:16 PMpulumi import aws:ec2/routeTableAssociation:RouteTableAssociation platform-public-0.prod subnet-0123/rtb-4567
Previewing import (network.prod):
Type Name Plan Info
pulumi:pulumi:Stack network-network.prod 1 error
= └─ aws:ec2:RouteTableAssociation platform-public-0.prod import 3 errors
Diagnostics:
pulumi:pulumi:Stack (network-network.prod):
error: preview failed
aws:ec2:RouteTableAssociation (platform-public-0.prod):
error: aws:ec2/routeTableAssociation:RouteTableAssociation resource 'platform-public-0.prod' has a problem: ExactlyOne: "subnet_id": one of `gateway_id,subnet_id` must be specified
error: aws:ec2/routeTableAssociation:RouteTableAssociation resource 'platform-public-0.prod' has a problem: ExactlyOne: "gateway_id": one of `gateway_id,subnet_id` must be specified
error: Preview failed: one or more inputs failed to validate
breezy-apartment-46543
03/05/2021, 12:58 PMpurple-jelly-68780
03/05/2021, 3:03 PMmillions-furniture-75402
03/05/2021, 4:44 PM{
"widgets": [
{
"type": "alarm",
"x": 0,
"y": 0,
"width": 24,
"height": 3,
"properties": {
"title": "",
"alarms": [
"arn:aws:cloudwatch:us-east-2:0123456789:alarm:SystemBackupDuration-a2737a4",
]
}
}
]
}
best-lifeguard-91445
03/05/2021, 7:59 PMadamant-dress-73325
03/06/2021, 12:21 AMflat-address-97791
03/06/2021, 11:30 AM# Create the cloudwatch event that triggers the lambda
cloudwatchEventRule = cloudwatch.EventRule(
resource_name="exportDashboardLambdaTrigger",
schedule_expression=schedule_expression, # 0 10 * * 1 10.00 AM on Monday
)
cloudwatchTarget = cloudwatch.EventTarget(
"cloudwatchEventTargetLambda",
rule=cloudwatchEventRule.id,
arn=exportDashboardLambda.arn,
input="{}"
)
And the following lambda
# Create lambda function
lambdaDownloadExport = lambda_.Function(
resource_name="exportDashboardLambda",
image_uri=f".../exportdashboard:latest-{branch}",
role=role.arn,
package_type="Image",
timeout=500,
tags={
"environment": "prod",
"creator": "pulumi",
"project": "exportdashboard",
},
)
I also defined a role to execute the lambda and gave cloudwatch permission to trigger the lambda. When I inspect the resource on AWS, I see the following (see attached img)
The trigger has been created, and I can assign it manually to the function, but I'm missing how I can 'bind' the trigger to the lambda function. Any input appreciated.
Thanks in advance!
Jasper.