https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • b

    bland-byte-34481

    08/25/2021, 11:14 PM
    Hello! I was hoping someone could help me come up with a solution for moving Docker images around (in ECR)... i'd like to do the following: 1. Pull a docker image from a source (we'll call this repository A) 2. Push the image from repository A to repository B I've been trying to do this with the following steps without success: 1. Fetch repository A metadata with aws.ecr.getRepository 2. Fetch repository A creds with aws.ecr.getCredentials 3. Create a new docker.RemoteImage (using the image I want and a custom provider with the credentials from (2)) 4. I then create a new repository (repository B) using new aws.ecr.Repository 5. I then get the credentials for that repository and create a new docker.RegistryImage and pass the creds from (4) in authConfigs I run into an issue at (5) because I have no Dockerfile to pass to the build context. I try to use the output from the docker.RemoteImage which is supposed to pull the remote image to my local filesystem but can't locate that file. Any guidance is appreciated, thanks!
    b
    f
    • 3
    • 6
  • t

    thousands-area-40147

    08/26/2021, 4:42 PM
    Hej everyone! Using Typescript, how would I go about using pulumi-specific types in Lambda functions? Naively importing them in the same way you would with custom defined types results in the
    Cannot find module '@pulumi/pulumi/runtime/index.js'
    error, I guess because
    @pulumi/...
    packages are not included in the Lambda. Any way around this?
    l
    w
    • 3
    • 7
  • q

    quiet-architect-91246

    08/27/2021, 6:42 AM
    Is there a way to programmatically hand in a provider of a mks cluster when creating a Kafka Topic in AWS rather then using
    pulumi config set kafka:bootstrapServers
    ? Im a little confused since there is very little resources or examples to read regarding kafka.
  • a

    alert-lock-34522

    08/27/2021, 8:15 PM
    Are there plans to add native functionality to the VpcEndpoint for subnet association. IE I have 3 subnets but according to the docs I can only do a 1 to 1 per association unless I was to write a loop around the play vs being able to natively read a list to iterate over?
    VPC Endpoint Subnet Association (an association between a VPC endpoint and a single subnet_id
    👀 1
    • 1
    • 1
  • a

    average-school-38756

    08/27/2021, 11:16 PM
    how can i use the name of a resource i'm defining in one of its properties? for example, if i create a Firehose stream with logging in the console, AWS uses the name of the stream in the log group name. but how can i do that in Pulumi?
    stream = aws.kinesis.FirehoseDeliveryStream(
        'my-stream",
        destination="s3",
        s3_configuration=aws.kinesis.FirehoseDeliveryStreamS3ConfigurationArgs(
            role_arn=my_role.arn, 
            bucket_arn=data_lake.arn, 
            cloudwatch_logging_options=aws.kinesis.FirehoseDeliveryStreamS3ConfigurationCloudwatchLoggingOptionsArgs(
                enabled=True,
                log_group_name=f'aws/kinesisfirehose/{stream.name}',  # FIXME: undefined at this point
                log_stream_name='S3Delivery'
            )
        ),
    )
    l
    g
    • 3
    • 5
  • b

    brash-quill-35776

    08/30/2021, 4:22 AM
    Hi, does pulumi supports AWS in China?
    g
    b
    • 3
    • 11
  • r

    ripe-shampoo-80285

    08/30/2021, 11:58 PM
    What is the best practice for organizing stacks for multiple regions? Some resources are region specific, some are region agnostic. What is the best practice to organize code in such cases? Any advices will be appreciated.
    s
    m
    • 3
    • 4
  • s

    sparse-state-34229

    09/01/2021, 4:32 PM
    this may be a bit of an antipattern but has anyone looked into a way to have pulumi not adjust the size of an auto scaling group if its configured size is less than the actual size?
    s
    • 2
    • 2
  • d

    damp-memory-66729

    09/01/2021, 5:55 PM
    Hello, I would like to migrate DNS records and CloudFront distributions managed with Pulumi project from one account to another inside the same organization. Looks like those resources should be first deleted in the source account and created again in the destination as the same domain name should not be used for more than one DNS record/CloudFront distribution. How can Pulumi assist with the migration and to ensure the minimum downtime of the websites? Thank you. CC @wonderful-dog-9045
    b
    • 2
    • 2
  • s

    steep-eve-53618

    09/01/2021, 6:30 PM
    If my Pulumi plan wants to replace a NodeGroup in an EKS cluster, will it automatically handle the cordoning of old nodes and moving pods over to the new NodeGroup for me?
    b
    b
    • 3
    • 4
  • c

    creamy-knife-93354

    09/01/2021, 9:14 PM
    When trying to apply a change to my stack, I'm running into this issue:
    * error creating Route Table (rtb-041aa78738eeae220) Association: Resource.AlreadyAssociated: the specified association for route table rtb-041aa78738eeae220 conflicts with an existing association
    What is the best way to proceed? Seems it's not properly cleaning up the previous resources before applying the new ones
    l
    • 2
    • 3
  • q

    quaint-portugal-34880

    09/02/2021, 6:04 PM
    Hi, I tried to use the awsx.apigateway and we have several routes that we would like to use the same authorizer for, but the I can't find out how to use the same authorizer for several routes, is that possible? And if it's then how?
  • e

    echoing-dinner-49603

    09/02/2021, 9:32 PM
    What's the general approach for creating a service discovery service using an SRV record type for the
    DnsConfig
    ? It appears that
    type
    is expected to be
    HTTP
    ,
    HTTPS
    , or
    TCP
    , but the code example shows using type
    A
    , and AWS's docs mention the possibility to use
    SRV
    .
    l
    • 2
    • 9
  • w

    worried-city-86458

    09/03/2021, 4:13 AM
    Not sure why I'm getting an error trying to create a couple of security group rules. Something like:
    new SecurityGroupRule($"{awsEksPrefix}-1",
        new SecurityGroupRuleArgs
        {
            Type = "ingress",
            Protocol = "tcp",
            FromPort = 0,
            ToPort = 65535,
            SourceSecurityGroupId = internalSgId,
            SecurityGroupId = clusterSgId
        },
        new CustomResourceOptions { Provider = awsProvider });
    
    new SecurityGroupRule($"{awsEksPrefix}-2",
        new SecurityGroupRuleArgs
        {
            Type = "ingress",
            Protocol = "tcp",
            FromPort = 0,
            ToPort = 65535,
            SourceSecurityGroupId = internetSgId,
            SecurityGroupId = clusterSgId
        },
        new CustomResourceOptions { Provider = awsProvider });
    Fails with error:
    Duplicate resource URN 'urn:pulumi:alpha::aws-eks::aws:ec2/securityGroupRule:SecurityGroupRule::alpha-aws-eks-2'; try giving it a unique name
    But I am specifying unique names!?
    b
    b
    • 3
    • 15
  • d

    damp-school-17708

    09/03/2021, 8:13 AM
    broadcasting this here as we had issues yesterday with datadog using aws-for-fluent https://github.com/aws/aws-for-fluent-bit/issues/233 if for some reason you are using a log router with the latest image, switch to stable
    'log-router': {
              image: 'amazon/aws-for-fluent-bit:latest',
    
            'log-router': {
              image: 'amazon/aws-for-fluent-bit:stable',
  • g

    gray-belgium-81846

    09/03/2021, 6:42 PM
    I’m using pulumi to manage a
    aws.wafv2.WebAcl
    resource. I have some
    rules
    defined like:
    {
            name: "web-test",
            overrideAction: {
              count: {},
            },
            priority: 1,
            statement: {
              managedRuleGroupStatement: {
                excludedRules: [],
                name: "AWSManagedRulesCommonRuleSet",
                vendorName: "AWS",
              },
            },
            visibilityConfig: {
              cloudwatchMetricsEnabled: true,
              metricName: "web-test-metrics",
              sampledRequestsEnabled: true,
            },
          }
    The resource is created w/o any trouble and seems to work. However, whenever I run
    pulumi preview
    or
    pulumi up
    it thinks the rules are changing, even though I haven’t made changes. Any ideas on how to fix that?
    • 1
    • 2
  • q

    quiet-umbrella-96481

    09/07/2021, 5:43 AM
    I have a lambda function that gets invoked with an event trigger every x minutes. In Pulumi, I was able to set up the lambda function with event rule and event target, but I can’t seem to figure out how I can configure the
    trigger
    . Maybe I’m missing something in the docs… does anyone have any idea that can help me out here?
    l
    • 2
    • 11
  • g

    gray-hamburger-90102

    09/07/2021, 10:41 AM
    Hi, just wondering if there's a nice way to do this https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html with Pulumi? I have used
    createOidcProvider
    on my cluster resource, but unsure how to translate step 5 of this https://aws.amazon.com/premiumsupport/knowledge-center/eks-alb-ingress-controller-fargate/ into Pulumi I have found this guide https://www.pulumi.com/blog/kubernetes-ingress-with-aws-alb-ingress-controller-and-pulumi-crosswalk/ but it is not for a fargate cluster, and I assume I do not have an equivalent role to
    NodeInstanceRole
    in fargate?
    p
    b
    • 3
    • 5
  • s

    sparse-apartment-71989

    09/07/2021, 4:47 PM
    Anyone have a link to a Pulumi example for coding an async Lambda with success and failure destinations? I’d love to use a awsx example, but a more low-level Lambda example would be fine. I literally just want to demonstrate Lambda1 routing to a Success Lambda or Failure Lambda. All they’ll do is console.log().
    b
    • 2
    • 1
  • g

    gentle-judge-65990

    09/08/2021, 9:51 AM
    Hello. I'm trying to import existing EKS cluster to pulumi and getting error below. The cluster was created by terraform. It looks pretty odd that provider tries to set output-only values without my intervention. Any ideas how to bypass the error?
    ➜ pulumi import --debug aws:eks/cluster:Cluster xxx xxx
    Please choose a stack: xxx
    Previewing import (xxx)
    
    View Live: <https://app.pulumi.com/xxx/xxx/previews/xxxxxxx>
    
         Type                 Name              Plan       Info
         pulumi:pulumi:Stack  xxx               1 error; 9 debugs
     =   └─ aws:eks:Cluster   xxxx  import     3 errors
    
    Diagnostics:
      pulumi:pulumi:Stack (xxx):
        debug: AWS Auth provider used: "SharedCredentialsProvider"
        debug: AWS Auth provider used: "SharedCredentialsProvider"
        debug: AWS Auth provider used: "SharedCredentialsProvider"
        debug: Trying to get account information via iam:GetUser
        debug: AWS Auth provider used: "SharedCredentialsProvider"
        debug: Trying to get account information via iam:GetUser
        debug: Truncating attribute path of 0 diagnostics for TypeSet
        debug: Truncating attribute path of 0 diagnostics for TypeSet
        debug: Truncating attribute path of 0 diagnostics for TypeSet
        error: preview failed
    
      aws:eks:Cluster (xxx):
        error: aws:eks/cluster:Cluster resource 'xxx' has a problem: Computed attributes cannot be set: Computed attributes cannot be set, but a value was set for "vpc_config.0.vpc_id".. Examine values at 'Cluster.VpcConfig.VpcId'.
        error: aws:eks/cluster:Cluster resource 'xxx' has a problem: Computed attributes cannot be set: Computed attributes cannot be set, but a value was set for "vpc_config.0.cluster_security_group_id".. Examine values at 'Cluster.VpcConfig.ClusterSecurityGroupId'.
        error: Preview failed: one or more inputs failed to validate
    b
    • 2
    • 2
  • c

    cuddly-smartphone-15267

    09/08/2021, 12:15 PM
    Anybody know if there's a way to query the aws:region that is set in the yaml file? for example if my yaml file looks like:
    config:
      aws:region: ap-southeast-2
      aws:profile: prod
      shared:stackConfig:
        regionCode: au
    is there a way I can do something like (typescript code)
    const config = new Config();
    const awsRegion = config.require("aws:region");
    When i try to execute the above, i get an error:
    error: Missing required configuration variable 'shared:aws:region'
    b
    • 2
    • 3
  • w

    worried-city-86458

    09/08/2021, 7:18 PM
    Is
    pulumi-awsx
    ever going to be made available as a dotnet nuget package?
    b
    f
    p
    • 4
    • 11
  • t

    tall-beard-99429

    09/09/2021, 10:07 AM
    How do I configure the VPC for an RDS Cluster? It seems to be taking the default, and when I try to assign a vpcSecurityGroupId I get the error that they're in different VPCs
    l
    b
    • 3
    • 7
  • b

    breezy-branch-28232

    09/09/2021, 8:32 PM
    Hello! I’m running into this error while trying to run
    pulumi up
    :
    error: resource complete event returned an error: failed to verify snapshot: resource urn:pulumi:theNameOfMyResource::awsx:x:ecs:FargateTaskDefinition$aws:ecs/taskDefinition:TaskDefinition: refers to missing resource
    This error occured after I’ve runned
    pulumi cancel
    &
    pulumi stack export | pulumi stack import
    . I’ve runned the commands because pulumi was blocked in a pending state.
    s
    p
    • 3
    • 3
  • c

    cuddly-smartphone-15267

    09/10/2021, 3:00 AM
    I'm not sure if this is possible but basically when
    ElasticBeanstalk
    creates an
    Environment
    , one of the outputs is
    autoscalingGroups
    . I'd like to update the auto scaling group(s) to enable metrics collection. This doesn't appear to be possible in the EBS initialisation options so I think i might need to update it afterwards. i tried something like this:
    const autoScalingGroup = Group.get(`autoscaling`, environment.autoscalingGroups[0]);
        autoScalingGroup.enabledMetrics = [`GroupDesiredCapacity`, `GroupInServiceCapacity`, `GroupPendingCapacity`, `GroupMinSize`, `GroupMaxSize`, `GroupInServiceInstances`, `GroupPendingInstances`, `GroupStandbyInstances`, `GroupStandbyCapacity`, `GroupTerminatingCapacity`, `GroupTerminatingInstances`, `GroupTotalCapacity`, `GroupTotalInstances`];
    but the property is readonly
    l
    b
    • 3
    • 8
  • n

    numerous-psychiatrist-20856

    09/10/2021, 7:57 AM
    hello everyone! I’m trying to replace default fargate ecs role, with my own and run into an issue that the role created by default cannot be removed properly
    error: deleting urn:pulumi:dev::ice-online-apollo-pt-imex-adapter::awsx:x:ecs:FargateTaskDefinition$aws:iam/role:Role::role-name: 1 error occurred:
        	* error deleting IAM Role (role-id): DeleteConflict: Cannot delete entity, must detach all policies first.
        	status code: 409, request id: d3b77f2a-176a-4d0c-ae6f-03d773f32371
    looks like it might be a terraform bug, is there any known workaround or do I need to manually remove it?
    b
    • 2
    • 3
  • a

    adorable-rose-78846

    09/10/2021, 3:32 PM
    HI everyone!! I'm very happy to stay here!! A greetings from 🇨🇴
    🙂 1
    👋 2
  • s

    straight-pager-11362

    09/10/2021, 4:35 PM
    @adorable-rose-78846 buenos dias!
    a
    • 2
    • 1
  • l

    limited-dog-75903

    09/11/2021, 12:04 PM
    Hi folks, is there a way to read a file in an EC2 instance after provisioning it? I want to upload this file to a S3 bucket then
    b
    s
    • 3
    • 4
  • c

    cold-policeman-81269

    09/13/2021, 3:49 PM
    Hey guys, is it possible to enable report batch item failures in dynamodb table stream subscriptions (created via table.onEvent)? documentation says something about a
    functionResponseTypes
    arg, but I cannot pass it to
    onEvent
    , it only exists in the result subscription as an Output<string[] | undefined>.
Powered by Linen
Title
c

cold-policeman-81269

09/13/2021, 3:49 PM
Hey guys, is it possible to enable report batch item failures in dynamodb table stream subscriptions (created via table.onEvent)? documentation says something about a
functionResponseTypes
arg, but I cannot pass it to
onEvent
, it only exists in the result subscription as an Output<string[] | undefined>.
View count: 1