https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • e

    eager-parrot-83525

    10/09/2021, 5:19 PM
    Hey everyone, How do you destroy a stack that has an imported AWS ACM certificate without deleting the certificate?
    g
    c
    • 3
    • 3
  • c

    crooked-pillow-11944

    10/10/2021, 3:34 AM
    Is there a good way to share a tagging convention across component resources? I use the same AWS tags on resources that are built in the same stack.
    f
    m
    • 3
    • 8
  • q

    quaint-electrician-41503

    10/11/2021, 5:20 PM
    Still trying to resolve the issue creating scheduled functions via the pulumi example: https://github.com/pulumi/examples/issues/1098 . Can someone take 5 minutes and try to reproduce on the latest pulumi to help determine if it's an issue with my local install / config or a bug?
    b
    • 2
    • 11
  • d

    dry-autumn-28966

    10/11/2021, 6:54 PM
    Do we have any flag similar to the CDK’s autoDeleteObjects in the aws-native plugin?
    w
    • 2
    • 1
  • m

    millions-furniture-75402

    10/11/2021, 8:44 PM
    I'm declaring CloudWatch Metrics which contain units, the metrics are correct, the unit is set... however when I create a widget with the metric using awsx LineGraphMetricWidget,
    unit
    is not in the returned JSON. If I edit the properties in the dashboard source, I can add
    "unit": "Percent"
    and the dashboard honors this. However, this feature is undocumented: https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html#CloudWatch-Dashboar[…]dering-Object-Format So I'm confused about whose bug/feature this really is.
  • q

    quaint-electrician-41503

    10/12/2021, 9:10 AM
    Can I easily package / execute a static binary along with pulumi's "magic function" serialization? For example can I easily package a static binary to execute from the aws.cloudwatch.EventRuleEventHandler block? https://www.pulumi.com/blog/scheduling-serverless/ . Should I package the static binary with a Lambda layer? Do I need to instead create a vanilla Lambda function to use along with the Lambda layer?
  • a

    able-planet-19148

    10/12/2021, 2:30 PM
    What’s the best way to switch credentials between dev/production accounts for the different env based stacks on the same project? Also, I use aws sso cli for logging into console.
    m
    • 2
    • 2
  • m

    millions-furniture-75402

    10/12/2021, 2:50 PM
    fromDockerBuild
    appears to hang if I pass a
    aws.ecr.Repository
    instead of a
    string
    for the first argument:
    const containerRepository = new aws.ecr.Repository(`${appName}-image`, {
      imageScanningConfiguration: {
        scanOnPush: true,
      },
      imageTagMutability: "MUTABLE",
    });
    
    new awsx.ecs.FargateService(
      `${appName}-service`, {
        ...
        image: awsx.ecs.Image.fromDockerBuild(containerRepository, buildArgs);
        ...
    }, { dependsOn: containerRepository });
    Any idea what I'm doing wrong?
    • 1
    • 2
  • g

    green-musician-49057

    10/12/2021, 5:15 PM
    Is there a way to setup a rolling window of manual Aurora RDS snapshots? We use the built-in daily snapshots, but in addition to that, we also want to retain snapshots taken during the last ~10 deployments
    c
    l
    • 3
    • 4
  • q

    quaint-electrician-41503

    10/12/2021, 11:00 PM
    Looking at pulumi's magic functions and spawn as referenced in https://aws.amazon.com/blogs/compute/running-executables-in-aws-lambda/ and getting
    Diagnostics:
      pulumi:pulumi:Stack (quickstart-dev):
        error: Error serializing '(event) => __awaiter(void 0, void 0, .
        
        '(event) => __awaiter(void 0, void 0, ...': index.ts(20,19): cap
          'spawn', a function defined at
            function 'spawnWithSignal': child_process.js(900,24): which 
              'validateAbortSignal', a function defined at
                '(signal, name) => { if (signal !== u ...': which captur
                  'ERR_INVALID_ARG_TYPE', a function defined at
                    function 'NodeError': which referenced
                      function 'getMessage': which captured
                        variable 'messages' which indirectly referenced
                          function 'get': which could not be serialized 
                            it was a native code function.
        
        Function code:
          function get() { [native code] }
    • 1
    • 7
  • g

    great-sunset-355

    10/13/2021, 10:54 AM
    Pulumi still suggesting the change on RDS ParameterGroup. My engine is PostgreSQL from
    "applyMethod": "pending-reboot"
    to `"applyMethod": "immediate" The affected parameter is
    timezone
    which I create like this:
    {"name": "timezone", "value": "UTC"},
    And according to docs the default
    applyMethod
    value is set to
    immediate
    . So the questions are: 1) What did set
    applyMethod
    to
    pending-reboot
    ? 2) Why does pulumi try to change the value every time? (I'd say it may be coming from the provider) 3) And where can I find which parameters require reboot?
  • a

    able-planet-19148

    10/13/2021, 1:00 PM
    I am creating a EC2ImageBuilder. We set UserData on image recipe using additional instance configuration. While AWS CDK supports it, Terraform and Pulumi are missing the
    additionalInstanceConfiguration
    property on aws.imagebuilder.ImageRecipe. See: https://www.pulumi.com/docs/reference/pkg/aws/imagebuilder/imagerecipe/
    g
    l
    • 3
    • 6
  • d

    damp-school-17708

    10/13/2021, 1:28 PM
    Hello - is this https://aws.amazon.com/blogs/mobile/appsync-lambda-auth/ already supported by pulumi? thanks
    g
    • 2
    • 2
  • w

    worried-city-86458

    10/13/2021, 6:28 PM
    What's the coverage like for the aws native provider compared to the tf based provider? Good enough to switch?
    r
    l
    l
    • 4
    • 9
  • d

    damp-school-17708

    10/14/2021, 12:03 PM
    Hi, we had massive issues with this https://github.com/DataDog/datadog-lambda-js/issues/237 this morning it's now solved with a workaround, however if you read the thread there are mentions with CDK and AWS team changing the way we interact with lambdas. I do wonder then if it can be an issue also with pulumi and if pulumi for lambdas uses native already. Thanks we are on these versions
    @pulumi/aws ^4.22.1 → ^4.24.1
    @pulumi/pulumi ^3.13.2 → ^3.14.0
    Same for us, we had Node 14.x and the layer
    49
    . I switched to
    64
    just to make sure it wasn't the layer version, but it quickly became evident that the version didn't matter. Since there was no code change on our side before and after the errors started showing up, we believe it's infra related. The layer is still there, and you can't modify it AFAIK so this must be AWS. We opened a ticket with AWS. I think they're are doing some changes to Lambda and this might be related
    You are receiving this message because we identified that your account created or updated or invoked Lambda functions on or after July 1, 2021.
    
    AWS Lambda is extending the capability to track the current state of a function through its lifecycle to all functions [1]. With this change, you may need to update your CLI and/or SDK-based automation workflows around creating and updating functions by adding a check that the function became active before performing additional actions that operate on the function.
    
    Previously, states have been used in two primary use-cases. Firstly, to move the blocking setup of VPC resources out of the path of function invocation. Secondly, to allow the Lambda service to optimize new or updated container images for container-image based functions, also before invocation. By moving this additional work out of the path of the invocation, customers see lower latency and better consistency in their function performance.
    Infrastructure as code and deployment automation tools such as AWS CloudFormation, AWS Serverless Application Model (SAM), AWS Cloud Development Kit (CDK), Serverless Framework,Hashicorp Terraform, AWS Chalice and Cloud Custodian already support states.
    
    If you are using these tools and are already on the latest Software Development Kit (SDK), you do not need to take any action, and can stop reading now. If you are using an earlier SDK version, please update to the latest one.
    
    We are rolling out this change over multi-phase periods to allow you to update existing tooling for deploying and managing Lambda functions. You can delay this change for your functions until December 5, 2021. Starting December 6, 2021, the delay mechanism expires and all customers see the Lambda states lifecycle applied during function create or update. Read this blog post [2] to learn about this change, timelines for different phases and a reference example on how to check your function state.
    and then the support also said
    Furthermore,  Lambda team performed rollback to fix this issue but this may take some time to fully propagate. However, I am actively monitoring internal ticket and I will keep you updated on this case.
  • f

    freezing-van-87649

    10/14/2021, 1:40 PM
    Anyone have any tips/tricks for mocking API calls in tests (python, specifically)? I’m using iam.get_policy_document a couple places in code I’m trying to test and writing a manual mock for it feels wrong
    g
    l
    • 3
    • 23
  • b

    brave-nightfall-19158

    10/15/2021, 3:14 PM
    Hey y'all. I'm just wondering if it is possible to create resources in other accounts than the one all resources are created for the current stack? In my case, I have an account which manages general infrastructure (in this case, DNS) which is separate to the main dev account. When I spin up a new service, I want it to register a new record set in route 53. Is this possible?
    c
    • 2
    • 3
  • l

    limited-rainbow-51650

    10/17/2021, 4:04 PM
    Does the new
    aws-native
    provider have support for AWS CodeCommit and CodePipeline? At first glance, I couldn't find the corresponding module for these services in the docs. https://www.pulumi.com/docs/reference/pkg/aws-native/
    b
    c
    • 3
    • 7
  • p

    purple-plumber-90981

    10/18/2021, 5:52 AM
    if i have a pulumi stack “aws-providers” of just one aws provider for each region and I export each region_provider, should i be able to
    providers = pulumi.StackReference('aws-providers')
    and then
    opts=pulumi.ResourceOptions(provider=providers.get_output('provider_aws_us-east-1'))
    ???
    g
    • 2
    • 3
  • f

    flat-appointment-12338

    10/18/2021, 9:07 PM
    I am trying to create and s3 bucket using the aws-native package but its returning an error
    b
    • 2
    • 5
  • e

    early-keyboard-41388

    10/19/2021, 9:19 AM
    Hi, I’m having some issues with the
    StackReference
    (trying to understand it). I’m using S3 as backend (everything in one bucket), ideally a folder for each project (micro services setup: infra, app, services, etc). With this I saw two options: 1. Every pulumi project in same folder -> each stack needs to have project name in it (eg,
    infra.dev
    ), or they will collide (dev, in two different projects, in same folder in S3). 2. Every project in different folders -> stack can be named with just the environment (
    dev
    ,
    stg
    ,
    prod
    ) In case 1, I did
    new StackReference('infra.dev')
    , and it ends with error:
    aws:lambda:Function (lambda_name):
        error: 1 error occurred:
        	* error creating Lambda Function (1): ValidationException:
        	status code: 400, request id: 6dab7a4b-c6cc-4ebc-8a46-cb14060d50f2
    Apparently it gets the stack_reference but it fails to deploy. My assumption is because it’s empty data or failing in some level with those refs. Also tried
    new StackReference('project_name/infra.dev')
    , but got the error:
    error: Preview failed: unknown stack "project_name/infra.dev"
    If I wanted to use the case 2, everything in different folders, how do you reference to the other stack? Any help is more than welcome.
    g
    l
    • 3
    • 7
  • b

    brainy-window-77332

    10/19/2021, 1:34 PM
    Is there a way to update an existing vpc service endpoint (to add to the policy)?
    g
    • 2
    • 2
  • b

    brainy-window-77332

    10/19/2021, 1:35 PM
    I see https://www.pulumi.com/registry/packages/aws/api-docs/ec2/vpcendpointservice/ but seems to only support create and lookup
  • m

    millions-umbrella-34765

    10/19/2021, 9:50 PM
    Looking at setting up GuardDuty for an organization. Any tips on this? Trying to understand if I can run under one script under one AWS profile or if I need to break this up into different scripts.
    l
    • 2
    • 9
  • w

    worried-city-86458

    10/20/2021, 1:56 AM
    Is there any equivalent to DeletionPolicy and UpdateReplacePolicy in
    Pulumi.Aws
    (when not using a CloudFormation resource)? i.e. if I was to port from CF to non-CF using Pulumi, would it be possible to preserve this behaviour?
    g
    • 2
    • 2
  • e

    early-keyboard-41388

    10/20/2021, 11:46 AM
    I’m getting a strange error with
    new
    aws.lambda.LayerVersion
    . The error is this one.
    Error creating lambda layer: ValidationException:
        	status code: 400, request id: 7e256205-6800-460e-ad82-91ba69f1ac8a
    The issue is with the LayerName, options tried: • [FAIL] layerName:
    my-layer-${env}
    • [FAIL] layerName: myVarName -> where
    const myVarName = `my-layer-${env}`.toString() // with or without toString()
    • [OK] layerName: “my-layer” So only valid option is by sending a string in the
    args
    on
    LayerVersion
    . Any idea on what’s going on?
  • e

    early-keyboard-41388

    10/20/2021, 11:57 AM
    Are there any constraints on the naming?
  • p

    powerful-furniture-83753

    10/20/2021, 12:51 PM
    Hey folks! Using a lambda running a docker image, we're having issues that pushing a new image with a
    latest
    tag isn't updating the lambda. How can we force the lambda to refetch the docker image? Or do we have to have well named version tags and that then forces the lambda to update?
    g
    • 2
    • 3
  • m

    millions-umbrella-34765

    10/20/2021, 5:11 PM
    I'm importing an AWS organization into Pulumi and it's showing
    undefined
    for a couple of service principals. Is that a bug?
    l
    • 2
    • 4
  • m

    millions-umbrella-34765

    10/20/2021, 6:30 PM
    I run pulumi import for a Detector and it just gives me generic code. Another bug?
    l
    • 2
    • 1
Powered by Linen
Title
m

millions-umbrella-34765

10/20/2021, 6:30 PM
I run pulumi import for a Detector and it just gives me generic code. Another bug?
l

little-cartoon-10569

10/20/2021, 6:32 PM
Definitely. There needs to be at least a detector ID in there.
View count: 3