https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • f

    flat-insurance-25294

    03/13/2021, 2:29 PM
    @broad-dog-22463 Dude, you’re getting trolled.
    b
    • 2
    • 7
  • b

    broad-dog-22463

    03/13/2021, 2:32 PM
    ??
  • f

    flat-insurance-25294

    03/13/2021, 2:33 PM
    Sorry, that was no way to start a conversation, I apologize.
  • w

    wooden-room-54680

    03/15/2021, 5:49 PM
    I want to store configuration files in an EBS volume, the configuration files content is generated at build time from pulumi. What's the best way to copy to configuration file to the EBS volume? Any sample I can look at?
    l
    • 2
    • 3
  • m

    millions-furniture-75402

    03/15/2021, 7:09 PM
    I’m using
    aws.s3.Bucket.get()
    and receiving a strange error that seems to indicate it’s somehow related to stack references (which I’m not using in this project:
    registered twice (read and read)
    I’ve tried getting my Bucket 3 different ways:
    aws.s3.Bucket.get(bucketName, bucketName, { name: bucketName });
    aws.s3.Bucket.get(bucketName, bucketName);
    aws.s3.Bucket.get(bucketName);
    Furthermore, it breaks the update, and tells me to import an exported stack. Now I have some buckets with 2-3 extra
    -[a-z0-9]{7}
    suffixes
    w
    l
    • 3
    • 19
  • l

    lemon-machine-35564

    03/15/2021, 7:42 PM
    Anyone ever run into this when making an Event Source Mapping?
    Unsupported 'maximumBatchingWindowInSeconds' parameter for given event source
    • 1
    • 1
  • p

    powerful-art-3002

    03/16/2021, 9:03 AM
    Hello, I have a question how to register servicediscovery instance ?
    • 1
    • 2
  • p

    polite-student-92901

    03/16/2021, 4:57 PM
    Hi, just want to know if there is a good example for deploy stack on every pull-request using Github Actions. Thanks for sharing it!
    p
    • 2
    • 2
  • r

    rhythmic-nail-73192

    03/16/2021, 5:57 PM
    Hi everyone, Austin here from Panther Labs. We have over 13,000 lines of CloudFormation and I'm very excited to try to replace it with Pulumi! However, all of our deployment/automation infrastructure relies on CloudFormation, and it's not feasible to change that right now (we don't control some of the accounts). Has anyone managed to run Pulumi from within CloudFormation, e.g. as a CFN custom resource? I'm picturing the following migration strategy: 1. Add a custom resource (Python Lambda function) to our CFN stacks which runs Pulumi, storing the statefile in S3 in each account 2. Slowly migrate resources from CFN to Pulumi, deleting them from CFN as we go along 3. Eventually, the CFN stack becomes just a thin wrapper around Pulumi 4. When we're ready, we can remove CFN entirely, move the statefile to the Pulumi web service, and our deployment automation invokes pulumi directly
    b
    m
    • 3
    • 10
  • q

    quaint-electrician-41503

    03/16/2021, 7:57 PM
    Think I've run into issues starting with delete before create for vpc related resources created by crosswalk. I manually edited the stack after deleting suggested resources. However, I might have exacerbated the problem by removing too many resources before destroying my stack. Is there a way to sidestep the failure and delete the other resources that it can find? I don't see any suggestion here regarding a stack export.
    Resources:
        - 22 to delete
    
    Do you want to perform this destroy? yes
    Destroying (dev):
         Type                        Name               Status                  Info
         pulumi:pulumi:Stack         pulumi-vpc-ts-dev  **failed**              1 error
     -   └─ aws:ec2:InternetGateway  clientVpc1         **deleting failed**     1 error
     
    Diagnostics:
      aws:ec2:InternetGateway (clientVpc1):
        error: deleting urn:pulumi:dev::pulumi-vpc-ts::awsx:x:ec2:Vpc$awsx:x:ec2:InternetGateway$aws:ec2/internetGateway:InternetGateway::clientVpc1: 1 error occurred:
            * Error waiting for internet gateway (igw-07bf9c311ca705fe8) to detach: couldn't find resource (31 retries)
     
      pulumi:pulumi:Stack (pulumi-vpc-ts-dev):
        error: update failed
    w
    c
    • 3
    • 3
  • d

    damp-school-17708

    03/17/2021, 10:47 AM
    Hi, I keep getting
    update     [diff: ~viewerCertificate]
    even if I didn't make any change to my cloudfront configuration, is there any way to avoid this? there's nothing fancy over there, it's just a cloudfront domain without route53, pointing to an s3 bucket
    viewerCertificate: {
       cloudfrontDefaultCertificate: true,
       sslSupportMethod: 'sni-only',
    },
  • c

    creamy-minister-70065

    03/17/2021, 12:53 PM
    const myVpc = new aws.ec2.Vpc("myVpc", {     cidrBlock: "10.0.0.0/16",     tags: {         Name: "DemoVpc",     }, }); const mySubnet = new aws.ec2.Subnet("mySubnet", {     vpcId: myVpc.id,     cidrBlock: "10.0.0.0/16",     tags: {         Name: "DemoSubnet",     }, }); const fooNetworkInterface = new aws.ec2.NetworkInterface("ExcelNetworkInterface", {     subnetId: mySubnet.id,     privateIps: ["10.0.0.100"],     tags: {         Name: "primary_network_interface",     }, }); const fooInstance = new aws.ec2.Instance("fooInstance", {     ami: "ami-008806d238cf70838",     instanceType: "t2.micro",     networkInterfaces: [{         networkInterfaceId: fooNetworkInterface.id,         deviceIndex: 0,     }],     creditSpecification: {         cpuCredits: "unlimited",     }, });
    g
    • 2
    • 4
  • c

    chilly-magazine-6129

    03/17/2021, 10:49 PM
    How can I get the Image URI of a Docker container I pushed to an ECR? I can't use the awsx package for building and pushing the ECR image for a Lambda (because Localstack doesn't support Lifecycle Policies yet) - so I'm trying to wire everything without awsx (Thanks!)
  • n

    nutritious-shampoo-16116

    03/18/2021, 10:41 AM
    does anybody have problems with DMS replication tasks and logging? It seems that if we enable logging, pulumi will always try to update the task settings because of cloudwatch log group/log stream
    d
    • 2
    • 3
  • c

    curved-pharmacist-41509

    03/18/2021, 12:34 PM
    Anyone know how I can get the AWS account number of the current provider for a ComponentResource
    l
    • 2
    • 1
  • m

    millions-furniture-75402

    03/18/2021, 2:28 PM
    Something like:
    export const { accountId } = pulumi.output(aws.getCallerIdentity());
  • b

    big-potato-91793

    03/18/2021, 8:04 PM
    Is there a way to force pulumi to wait when the autoscaling group is refreshing the instance? Right now the change has been made in aws but the rolling is beeing execute and pulumi already finish
    l
    • 2
    • 1
  • p

    polite-student-92901

    03/18/2021, 9:53 PM
    Hi, is there a way to add tag to the existing resources like subnet? Thanks for the help.
    l
    • 2
    • 12
  • w

    white-secretary-18260

    03/19/2021, 8:23 PM
    Hey, I have an RDS Aurora Postgres Cluster Question (in thread)…
    • 1
    • 1
  • b

    broad-gold-44713

    03/22/2021, 4:38 AM
    I'm stumped and could use some help. I am getting this error on one of my Pulumi projects, but not others
    error: Preview failed: 1 error occurred:
            * error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.
    I followed a recent thread and set a bunch of config variables, but that doesn't help
    aws:profile                    xxxxxx
    aws:region                     us-east-1
    aws:skipCredentialsValidation  false
    aws:skipGetEc2Platforms        false
    aws:skipMetadataApiCheck       false
    aws:skipRegionValidation       false
    I'm using Pulumi 2.23.1. Tried going back a few versions, but that didn't help either. I know the credentials from the aws:profile work because I can use them with awscli.
    b
    • 2
    • 5
  • b

    bitter-toddler-22112

    03/22/2021, 12:09 PM
    Hey guys, I'm trying to create an EKS managed node group with taints. I've added the taints to the nodeGroupOptions argument of the cluster. But when I create a managed node group with eks.createManagedNodeGroup, the taints don't appear on the nodes. Any hints? I'm using typescript. Thanks
    q
    c
    • 3
    • 5
  • w

    white-secretary-18260

    03/22/2021, 1:54 PM
    Reposting in channel, since I got no response… I want to create a cluster with a role that gives it access to s3 for import/export.  When I include the role in the 
    iamRoles
     property I get an error saying:
    DBClusterRoleNotFound: Role ARN arn:aws:iam::xxx:role/xxx-xxx cannot be found for DB Cluster: xxx. Verify your role ARN and try again. You might need to include the feature-name parameter.
    if I use 
    RoleAssociation
     which has feature name I get an error like:
    error associating RDS DB Instance (api-rds-cluster-dev) IAM Role (arn:aws:iam::xxx:role/xxx): DBInstanceNotFound: DBInstance not found: xxx
    What’s a good working example of creating an RDS cluster with a role associated to it?
    l
    s
    b
    • 4
    • 25
  • s

    salmon-ghost-86211

    03/22/2021, 9:58 PM
    Using AWS and Typescript. Is there any way to enumerate a list of IAM users from an existing IAM group? I can use the
    aws.iam.Group.get
    method to get the group, but I'm not sure how to actually access the existing group membership.
    l
    • 2
    • 5
  • a

    alert-raincoat-81485

    03/23/2021, 2:04 AM
    Hello folks, I have a pulumi stack where the launch template triggers the Autoscaling group instance refresh updates. When i am changing the ami parameter of the Launch template through Pulumi to trigger the asg instance refresh, it doesn’t detect anything. The asg api for launch template trigger is as
    instance_refresh=aws.autoscaling.GroupInstanceRefreshArgs(
                    strategy="Rolling",
                    preferences=aws.autoscaling.GroupInstanceRefreshPreferencesArgs(
                        instance_warmup=120,
                        min_healthy_percentage=50,
                    ),
                    triggers=["launch_template"],
                ),
    Can someone please help and guide?
  • q

    quick-garden-9190

    03/23/2021, 6:30 PM
    I’m in the process of implementing Managed Node Groups and I’m having trouble getting updates to work the way I’d like. With regard to the scaling config, I’m setting a min of 3 hosts and a max of 100. I’d like the cluster-autoscaler to do it’s thing and be able to scale way down if we don’t need the capcity. This becomes a problem considering
    desiredSize
    is a required value. This size will clobber whatever the cluster-autoscaler has landed on. I’ve tried using
    ignoreChanges: ['scalingConfig.desiredSize']
    but this option seems to be completely ignored. I’ve tried searching through the docs, it seems like this example is missing some key functionality, unless I’m not seeing something obvious.
    g
    • 2
    • 24
  • d

    damp-school-17708

    03/24/2021, 9:56 AM
    Hi there, I am having issue with one of my engineers , we all have M1 Macs and she's the only one with this issue:
    ```Previewing update (tam):
         Type                     Name            Plan       Info
     +   pulumi:pulumi:Stack      link-tam        create     
         └─ pulumi:providers:aws  default_3_31_0             1 error
     
    Diagnostics:
      pulumi:providers:aws (default_3_31_0):
        error: no resource plugin 'aws-v3.31.0' found in the workspace or on your $PATH, install the plugin using `pulumi plugin install resource aws v3.31.0`
    ```
  • d

    damp-school-17708

    03/24/2021, 9:57 AM
    the stack is brand new and she's using the pulumi built for M1 ... No idea why is tying to load that version of the plugin. In other stacks we are on 3.34.1. I solved this for another engineer by changing the version in the json in the state .. but here I am stuck as there's no state yet. Thanks
    b
    l
    • 3
    • 11
  • m

    microscopic-dress-1605

    03/24/2021, 9:25 PM
    FYI, I’ve implemented a typescript package for creating and validating AWS IAM Policy documents. It also parses JSON policy documents and serialises to JSON policy documents. At this stage, it is just the bare minimum that I needed. https://github.com/thinkinglabs/aws-iam-policy
    b
    l
    • 3
    • 10
  • q

    quaint-guitar-13446

    03/25/2021, 12:24 AM
    I've got an application listener which I'm trying to add a rule to which has both host header and path pattern condition blocks. This should be supported, however I'm getting the following error:
    Only one of host_header, http_header, http_request_method, path_pattern, query_string or source_ip can be set in a condition block
  • q

    quaint-guitar-13446

    03/25/2021, 12:24 AM
    This was an issue in Terraform that was resolved Dec 2019 https://github.com/hashicorp/terraform-provider-aws/issues/11323
    l
    • 2
    • 14
Powered by Linen
Title
q

quaint-guitar-13446

03/25/2021, 12:24 AM
This was an issue in Terraform that was resolved Dec 2019 https://github.com/hashicorp/terraform-provider-aws/issues/11323
l

little-cartoon-10569

03/25/2021, 12:39 AM
Is it the same issue? Same error, different issue, maybe? The issue you linked says it was resolved in TF AWS provider 2.43.0. The current version of the Pulumi provider is built from version 3.33.0 of the TF AWS provider...
q

quaint-guitar-13446

03/25/2021, 12:40 AM
You might be right
Though it should be supported
https://aws.amazon.com/blogs/aws/new-host-based-routing-support-for-aws-application-load-balancers/
l

little-cartoon-10569

03/25/2021, 12:40 AM
2.43.0 of the provider was adopted in release 1.17.0 of the Pulumi provider. So long as you're using something newer, you should be ok...
What version of the aws provider are you using? Could it be very old?
Do you have two condition blocks? That seems to be the requirement.
q

quaint-guitar-13446

03/25/2021, 12:43 AM
Shouldn't be. I recently updated
l

little-cartoon-10569

03/25/2021, 12:44 AM
Can you share the relevant code?
q

quaint-guitar-13446

03/25/2021, 12:44 AM
Sure
listener.addListenerRule(
      `listener-rule-${i}-${pulumi.getStack()}`,
      {
        conditions: [
          {
            hostHeader: {
              values: [appHost],
            },
            pathPattern: {
              values: [pathPattern],
            },
          },
        ],
        actions: [
          {
            type: 'forward',
            targetGroupArn: targetGroup.arn,
          },
        ],
      }
    );
You're probably right there. Two separate conditions
l

little-cartoon-10569

03/25/2021, 12:45 AM
Yea, that's one condition.
q

quaint-guitar-13446

03/25/2021, 12:45 AM
My bad. Thank you 🙂
👍 1
View count: 1