https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • b

    best-train-86003

    07/19/2021, 1:47 PM
    Hello Everyone - I am trying to understand how should I write the runtime code of AWS lambda in Pulumi. I have a code which consists of several user-defined modules in typescript. However, when I try to deploy the lambda using pulumi, the whole deployment process is stuck in the preview phase. I did read the documentation regarding function serialization in https://www.pulumi.com/docs/intro/concepts/function-serialization/ however I didn't quite understand what I should or should not do when approaching the task of writing a lambda code. What modules can I import? Should they only come from folder node_modules? Can these modules import other user-defined modules themselves? Can I write the code in TypeScript entirely (i.e. using enums, classes, interfaces etc.) ?   Can one of you guys shed a bit more light on how to do this task?   Thank you all!
    m
    • 2
    • 8
  • b

    bumpy-translator-35180

    07/20/2021, 7:40 AM
    Hi, i'm trying to launch a docker on fargate with a custom start command, but I cant find how in the documentation. Is it possible ? or should I build an image that start the way I want with no custom command ?
    b
    • 2
    • 2
  • p

    purple-orange-91853

    07/20/2021, 9:27 PM
    I'm trying to get our Redis deployment files updated and when I run pulumi up I am getting this error back. I have tried to export my state for the stack and remove the
    "snapshotArns": [],
    and reimport the state. I am not sure what is causing this to break as it has worked before.
    aws:elasticache:Cluster (redis-temp):                                                                        
        error: unmarshaling urn:pulumi:temp::aws-us-east-1-redis::aws:elasticache/cluster:Cluster::redis-temp's instance state: could not read field snapshot_arns: '' expected type 'string', got unconvertible type '[]interface {}', value: '[]'
    l
    • 2
    • 26
  • c

    colossal-ice-49128

    07/21/2021, 12:25 AM
    I’m trying to add an additional user to an aurora serverless cluster . I’m thinking this requires a lifecycle hook that isn’t implemented yet. If there’s a way to do this in Pulumi let me know otherwise we’ll script it later.
    b
    • 2
    • 8
  • a

    astonishing-dinner-89046

    07/21/2021, 4:13 AM
    Howdy. I’m trying to retrieve the default security group using
    aws.ec2.get_security_group
    . I’m able to export the default vpc id and default SG id but it’s throwing an error. Any ideas?
    # Retrieve the Default VPC
    defaultvpc = aws.ec2.get_vpc(
        default=True
        )
    
    # Retrieve the Default Security Group
    default_sg = aws.ec2.get_security_group(name='default')
    
    Diagnostics:
        ValueError: unexpected input of type GetSecurityGroupResult
        error: an unhandled error occurred: Program exited with non-zero exit code: 1
     
    Outputs:
      + default_sg          : "sg-9ac15fe8"
      + vpc_id              : "vpc-595e9c4g"
    and if I run pulumi up again w/o changing anything, it’s a different error.
    RuntimeError: Event loop is closed
        exception calling callback for <Future at 0x10ffc1e20 state=finished returned RegisterResourceResponse>
        Traceback (most recent call last):
          File "/Library/Developer/CommandLineTools/Library/Frameworks/Python3.framework/Versions/3.8/lib/python3.8/concurrent/futures/_base.py", line 328, in _invoke_callbacks
            callback(self)
          File "/Library/Developer/CommandLineTools/Library/Frameworks/Python3.framework/Versions/3.8/lib/python3.8/asyncio/futures.py", line 374, in _call_set_state
            dest_loop.call_soon_threadsafe(_set_state, destination, source)
          File "/Library/Developer/CommandLineTools/Library/Frameworks/Python3.framework/Versions/3.8/lib/python3.8/asyncio/base_events.py", line 764, in call_soon_threadsafe
            self._check_closed()
          File "/Library/Developer/CommandLineTools/Library/Frameworks/Python3.framework/Versions/3.8/lib/python3.8/asyncio/base_events.py", line 508, in _check_closed
            raise RuntimeError('Event loop is closed')
        RuntimeError: Event loop is closed
    
    Outputs:
      + default_sg          : "sg-9ac15fe8"
      + vpc_id              : "vpc-595e9c4g"
    c
    b
    • 3
    • 3
  • b

    brainy-dawn-85792

    07/21/2021, 12:52 PM
    Hi folks, is there a way to add a label in aws/eks to the default namespace in golang?
  • a

    ambitious-afternoon-55254

    07/21/2021, 3:52 PM
    I’m trying to create an EC2 Spot instance and I’m running into 2 problems. 1. The tags are assigned to the spot request, but not the instance itself. How can I create a spot instance that is tagged?
    tags_all
    doesn’t seem to do anything in my tests. 2. When I delete the resource (remove the code from pulumi and
    pulumi up
    ) — the spot request is cancelled, but the underlying EC2 instance continues to run. How do I get pulumi to shut down the EC2 instance as well?
    import pulumi           
    import pulumi_aws as aws
    
    test_instance = aws.ec2.SpotInstanceRequest(
        "test_spot_instance",
        ami="ami-09e67e426f25ce0d7",
        spot_price='0.55',
        spot_type='one-time',
        subnet_id='subnet-302a5579',
        associate_public_ip_address=True,
        ebs_optimized=True,
        ebs_block_devices=[ebs],
        iam_instance_profile="ecsInstanceRole",
        instance_type="m5.xlarge",
        key_name="test-keypair",
        source_dest_check=True,
        tags={
            "Name": "TestSpot",
        },
        tags_all={
            "Name": "TestSpotAll",
            "tags_all": "yes",
        },
    )
    b
    g
    • 3
    • 4
  • e

    echoing-zebra-28421

    07/21/2021, 6:03 PM
    I have this example. It's one route with a method type post
    new aws.apigatewayv2.Route(
         test-route,
        {
          apiId: apigw.id,
          routeKey: "POST /api/pets",
          target: pulumi.interpolate`integrations/${integration.id}`,
        },
        { provider },
      );
    But, I need to create a route to pass a parameter to the endpoint
    new aws.apigatewayv2.Route(
         test-route,
        {
          apiId: apigw.id,
          routeKey: "GET /api/pets/3",
          target: pulumi.interpolate`integrations/${integration.id}`,
        },
        { provider },
      );
    How do I create the route that receives a parameter in the url of 
    /api/pets/$id
    ? Could it be something like that? 
    routeKey: "GET /api/pets/{id}",
    c
    • 2
    • 2
  • b

    busy-journalist-6936

    07/21/2021, 11:43 PM
    Typescript EKS IaC & CI/CD pipeline in progress. I think that I want to take the kubeconfig output and push that to an s3 bucket that I've added to my index.ts Willing to hear alternative suggestions for where/how to output that kubeconfig. Presuming I continue with this course of action, are there examples of this kind of thing? Taking a resulting output and saving it to file on an s3 that I can learn from?
    b
    s
    • 3
    • 16
  • t

    tall-beard-99429

    07/22/2021, 2:03 PM
    Hi, how do I format a tag on a NodeGroup for EKS? I believe I need to put
    <http://kubernetes.io/cluster/|kubernetes.io/cluster/><name>
    as a tag, but I can't see any example of how to do that with the Key -> Value pair
    b
    s
    • 3
    • 4
  • b

    broad-hairdresser-1495

    07/22/2021, 3:00 PM
    Hi, This looks like a bug. Getting
    ConflictsWith: "network_interface"
    when creating instance with
    source_dest_check=
    aws.ec2.Instance("romlaz_frog_1",
                      instance_type="t2.micro",
                      availability_zone="eu-west-1a",
                      root_block_device=root_block_device_,
                      ami=instance["ami"], tags=instance.get("tags", None), key_name=instance["key_name"],
                      network_interfaces=[{"device_index": 0,
                               "network_interface_id": "eni-0f74fbfd28bc...."}],
                      source_dest_check=True, # <<< same issue when False is used
                      )
    >pulumi up
    Previewing update (simple):
         Type                 Name                Plan     Info
         pulumi:pulumi:Stack  aws_project-simple
         └─ aws:ec2:Instance  romlaz_frog_1                1 error
    
    Diagnostics:
      aws:ec2:Instance (romlaz_frog_1):
        error: aws:ec2/instance:Instance resource 'romlaz_frog_1' has a problem: ConflictsWith: "network_interface": conflicts with source_dest_check. Examine values at 'Instance.NetworkInterfaces'.
    
    
    warning: A new version of Pulumi is available. To upgrade from version '3.7.0' to '3.7.1'
    Note that this works fine when not using
    source_dest_check=
    , and that default is True for that setting.
    b
    • 2
    • 8
  • b

    broad-hairdresser-1495

    07/23/2021, 11:26 AM
    Hi, found bug in aws ec2 pulumi when having
    aws:
    in tag as key This is not possible to create/change/import in pulumi:
    >pulumi up
    Previewing update (simple):
         Type                 Name                Plan       Info
         pulumi:pulumi:Stack  aws_project-simple             15 messages
     ~   └─ aws:ec2:Instance  romlaz_frog_1       update     [diff: ~tags]
    
    
    Do you want to perform this update? details
      pulumi:pulumi:Stack: (same)
        [urn=urn:pulumi:simple::aws_project::pulumi:pulumi:Stack::aws_project-simple]
        ~ aws:ec2/instance:Instance: (update)
            [id=i-052b6a60438596375]
            [urn=urn:pulumi:simple::aws_project::aws:ec2/instance:Instance::romlaz_frog_1]
            [provider=urn:pulumi:simple::aws_project::pulumi:providers:aws::default_4_6_0::561a80d6-caf9-44d9-95a7-df4210902d44]
          ~ tags: {
              + aws:a_bug: "not creating or importing when tag Key starts with 'aws:'"
            }
    
    Do you want to perform this update? yes
    Updating (simple):
         Type                 Name                Status                  Info
         pulumi:pulumi:Stack  aws_project-simple  **failed**              1 error
     ~   └─ aws:ec2:Instance  romlaz_frog_1       **updating failed**     [diff: ~tags]; 1 error
    
    Diagnostics:
      aws:ec2:Instance (romlaz_frog_1):
        error: 1 error occurred:
            * updating urn:pulumi:simple::aws_project::aws:ec2/instance:Instance::romlaz_frog_1: 1 error occurred:
            * error updating tags: error tagging resource (i-052b6a60438596375): InvalidParameterValue: Value ( '' ) for parameter Tag key is invalid. Tag key cannot be null or empty.
            status code: 400, request id: d7950a12-e85f-4bfa-bb88-ad5c6766c9a5
    
      pulumi:pulumi:Stack (aws_project-simple):
        error: update failed
    g
    • 2
    • 5
  • g

    great-sunset-355

    07/27/2021, 3:47 AM
    Is there a better way to auto-tag than maintaining the list of taggable resources? I'm mostly curious about multi-provider combinations, say AWS and Azure https://github.com/joeduffy/aws-tags-example/blob/master/autotag-py/taggable.py At the moment I add propagate the default tags from the config object and then add those to each resource explicitly. I've considered provider tags but this issue https://github.com/hashicorp/terraform-provider-aws/issues/19204 makes it unusable
    l
    p
    • 3
    • 9
  • g

    green-intern-27665

    07/27/2021, 8:57 AM
    Hi!!! I have one question about DynamoDb tables. I’m creating a dynamoDB table and passing this TTL configuration:
    ttl=aws.dynamodb.TableTtlArgs(
                attribute_name="TimeToExist",
                enabled=False,
            ))
    I can create the tablet without any issue but if I redeploy my stack I get and error informing that
    ttl
    is already defined. Any idea about how can I execute this statement just the first time that I create the table and not the rest of the times that I update the stack?
    l
    • 2
    • 4
  • b

    bright-scientist-61638

    07/27/2021, 11:24 AM
    I'm trying to create an EC2 instance that has an extra data volume attached. I have used
    Instance
    ,
    Volume
    and
    VolumeAttachment
    to do this. I'm now trying to figure out how to init the volume and mount it within the instance. I'm doing this via instance user data. However, when I make changes to
    userData
    and re-run
    pulumi up
    I get this error
    * Error attaching volume (vol-0170f920a526fb90d) to instance (i-003ab040459a35189), message: "vol-0170f920a526fb90d is already attached to an instance", code: "VolumeInUse"
    I think this isn't working because the volume is still attached to the old instance. Can pulumi handle detaching the volume?
    l
    • 2
    • 2
  • t

    tall-beard-99429

    07/29/2021, 9:19 AM
    Hey, does anyone have an example of
    ClusterCreationRoleProvider
    and how to use it to assume-role?
    b
    g
    • 3
    • 8
  • r

    ripe-shampoo-80285

    07/30/2021, 4:38 PM
    I have a need to provision resources in multiple aws accounts. How do we do this in pulumi? Any examples?
    b
    t
    • 3
    • 6
  • f

    future-diamond-31373

    07/30/2021, 7:11 PM
    I have a single pulumi project with multiple lambda services nested in subdirectories that leverage
    lambda.CallbackFunction
    magic functions. My issue is that every lambda ends up including the entire project’s
    node_modules
    directory. I traced the behavior to codePaths.ts and found that read-package-tree searches for the
    package.json
    in the project root (where the yaml files live). It seems that the api gives us the option to define the packages we want excluded via
    CodePathOptions
    , but the default behavior is to include every package. Is there an elegant way to only include specified package on a per lambda basis, or perhaps to tell the callback function which
    package.json
    to use without creating multiple pulumi projects? I know one option is to use manual function resources but I like the closure serialization and dev friendliness of magic functions. I dabbled with the idea adding a
    package.json
    directory path as a parameter into the api so that
    readPackageTree
    could use a dynamic path rather than hardcoding it to the root Just wanted to gauge if the community has encountered similar problems and / or how other people handle lambda packaging. If this is an issue that more teams run into, I’d be happy to put up a PR.
  • a

    adamant-dress-73325

    07/30/2021, 8:23 PM
    @faint-table-42725 Is it possible to get a release of awsx? So that we can use this feature, https://github.com/pulumi/pulumi-awsx/pull/676
    f
    • 2
    • 1
  • p

    proud-pizza-80589

    08/01/2021, 11:37 AM
    It is currently impossible to use EKS clusters, some api versioning issue: https://github.com/pulumi/pulumi-eks/issues/600
    • 1
    • 1
  • g

    great-sunset-355

    08/02/2021, 12:35 PM
    Does anyone know if deleting ACM validation R53 record invalidates the certificate? I have a component resource that creates a ACM certificate and validates it in R53. The problem is if I create another certificate with the same domain name in another region it generates the same CNAME -> https://github.com/hashicorp/terraform-provider-aws/issues/7918 One of the options suggested was to use
    allow_overwrite=True
    with
    r53.Record()
    Assume:
    <http://cert.domain.com|cert.domain.com>
    - is the name 1) create the certificate in region
    eu-west-1
    for
    <http://cert.domain.com|cert.domain.com>
    , this generates validation CNAME:
    <http://1234.aws.validate.com|1234.aws.validate.com>
    , creates CNAME in r53 2) create the certificate in region
    us-east-1
    for
    <http://cert.domain.com|cert.domain.com>
    , this generates validation CNAME:
    <http://1234.aws.validate.com|1234.aws.validate.com>
    , overwrites CNAME in r53 3) delete the certificate from step 2) - removes CNAME from r53 however cert in step 1) may still require this CNAME to be preset or does the CertificateValidation takes care of recreation?
    b
    • 2
    • 9
  • c

    cuddly-nail-19784

    08/03/2021, 6:05 AM
    Hi all, has anyone encountered this issue that when pulumi up, it automatically install the resource plugin but try to find another version of it And I believe it’s similar to this https://github.com/pulumi/pulumi/issues/5641#issuecomment-735867087
    s
    l
    • 3
    • 7
  • g

    great-sunset-355

    08/03/2021, 11:37 AM
    How can I get default provider object so I can use it as a parameter in a function? how can I do this?
    if provider.region != "wanted region":
       raise ValueError("provider has bad region")
    I cannot write a statement above because it's an Output again and there is no way I know to test output for conditions
    c
    r
    • 3
    • 7
  • w

    white-secretary-18260

    08/04/2021, 4:03 PM
    How does one update the version of the
    plugin for aws provider
    we are stuck on
    3.32.0
    and there is not apple/arm version of that plug-in. We’d like to update to
    3.38.1
    and we did so in the package.json file, but we are still getting:
    error: could not load plugin for aws provider 'urn:pulumi:master::alphamap::pulumi:providers:aws::default_3_32_0': no resource plugin 'aws-v3.32.0' found in the workspace or on your $PATH, install the plugin using `pulumi plugin install resource aws v3.32.0`
    s
    b
    • 3
    • 10
  • f

    full-artist-27215

    08/04/2021, 8:12 PM
    If you've got an EC2 instance and a NetworkInterface, is there a way to tell Pulumi to transfer that interface to the new instance when it's being replaced?
    l
    • 2
    • 2
  • m

    many-salesmen-89069

    08/06/2021, 9:56 AM
    Hi, I'm using
    awsx.ec2.Vpc
    and need to modify the routing tables for VPC peering. I'm wondering what's the best way to go about this? I can't seem to find a routing table option in the
    awsx.ec2.Vpc
    arguments
    l
    • 2
    • 2
  • b

    bitter-rain-31542

    08/06/2021, 1:54 PM
    Hi! I want to access the value from an existing secret in AWS SecretsManager but I don’t want Pulumi to manage it, is that possible?
    b
    g
    • 3
    • 2
  • a

    adamant-dress-73325

    08/06/2021, 8:09 PM
    Hey All, consider +1'ing this issue to allow configuration of the circuit breaker min failures https://github.com/aws/containers-roadmap/issues/1247 which will help prevent pulumi from timing out at 15min during failing service deployments.
    b
    • 2
    • 1
  • g

    great-sunset-355

    08/09/2021, 10:59 AM
    Is it possible to convert or use this module https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws/latest in pulumi? If so, how would one go about that? Thank you
    c
    • 2
    • 2
  • f

    future-morning-53976

    08/09/2021, 1:23 PM
    Hi all! It seems the setting for AWS API-Gateway (aws.cloudwatch.apigateway) Cloudwatch logging is missing in Pulumi - could that be the case? There is only the possibility to specify the custom access logging and the x-ray logging, but no option to enable general Cloudwatch logging (see image)?
    g
    • 2
    • 2
Powered by Linen
Title
f

future-morning-53976

08/09/2021, 1:23 PM
Hi all! It seems the setting for AWS API-Gateway (aws.cloudwatch.apigateway) Cloudwatch logging is missing in Pulumi - could that be the case? There is only the possibility to specify the custom access logging and the x-ray logging, but no option to enable general Cloudwatch logging (see image)?
g

great-sunset-355

08/09/2021, 1:39 PM
This could be an issue of missing features in the provider. AWS provider is generated from terraform provider https://github.com/pulumi/pulumi-aws https://github.com/hashicorp/terraform-provider-aws I'd suggest looking into TF provider issues
f

future-morning-53976

08/09/2021, 2:53 PM
Thanks! I'll look that up!
View count: 1