fast-river-57630
11/01/2021, 9:42 PMfast-river-57630
11/01/2021, 9:44 PMdamp-school-17708
11/02/2021, 4:17 PMnice-father-44210
11/02/2021, 6:09 PMpulumi import
for a aws:ec2/routeTableAssociation
Any advice? Log below:
❯ pulumi import aws:ec2/routeTableAssociation:RouteTableAssociation private-us-west-2a subnet-xxx/rtb-xxx -d
Previewing import (xxx/xxx)
View Live: <https://app.pulumi.com/xxx>
Type Name Plan Info
pulumi:pulumi:Stack my-project 1 error; 10 debugs
= └─ aws:ec2:RouteTableAssociation private-us-west-2a import 3 errors
Diagnostics:
pulumi:pulumi:Stack (my-project):
debug: Attempting to use session-derived credentials
debug: Successfully derived credentials from session
debug: AWS Auth provider used: "SSOProvider"
debug: Truncating attribute path of 0 diagnostics for TypeSet
debug: Attempting to use session-derived credentials
debug: Successfully derived credentials from session
debug: AWS Auth provider used: "SSOProvider"
debug: Trying to get account information via iam:GetUser
debug: Trying to get account information via sts:GetCallerIdentity
debug: Importing route table association, target: subnet-xxx, route table: rtb-xxx
error: preview failed
aws:ec2:RouteTableAssociation (private-us-west-2a):
error: aws:ec2/routeTableAssociation:RouteTableAssociation resource 'private-us-west-2a' has a problem: Invalid combination of arguments: "gateway_id": one of `gateway_id,subnet_id` must be specified. Examine values at 'RouteTableAssociation.GatewayId'.
error: aws:ec2/routeTableAssociation:RouteTableAssociation resource 'private-us-west-2a' has a problem: Invalid combination of arguments: "subnet_id": one of `gateway_id,subnet_id` must be specified. Examine values at 'RouteTableAssociation.SubnetId'.
error: Preview failed: one or more inputs failed to validate
microscopic-animal-41955
11/02/2021, 9:31 PMclever-painter-96148
11/03/2021, 1:06 PMaws sso login --profile
then I can reuse those credentials by passing the same profile to AWS CLI commands.
Unless I did some mistake, we cannot use those profiles with Pulumi. Did someone achieve it?full-artist-27215
11/03/2021, 1:27 PMAWS_PROFILE
set in your environment?fast-river-57630
11/03/2021, 1:28 PMrapid-raincoat-36492
11/03/2021, 5:58 PMmillions-umbrella-34765
11/04/2021, 4:38 PMmillions-umbrella-34765
11/04/2021, 5:20 PMconst bucket = new aws_native.s3.Bucket("<http://dev-assets.mydomain.com|dev-assets.mydomain.com>", {
bucketName: "<http://dev-assets.mydomain.com|dev-assets.mydomain.com>",
blockPublicAcls: true
});
echoing-actor-55539
11/04/2021, 10:22 PMhigh-holiday-63390
11/05/2021, 10:35 AMorange-belgium-53818
11/05/2021, 12:04 PMflat-appointment-12338
11/05/2021, 4:38 PM@pulumi/aws
to 4.26.0
today and this seemingly broke `aws.mq.Broker`:
Missing required argument: The argument "broker_name" is required, but no definition was found.. Examine values at 'Broker.BrokerName'.
Invalid or unknown key. Examine values at 'Broker.BrokerName'.
fancy-eve-82724
11/05/2021, 4:39 PMaws.ec2.VpcDhcpOptionsAssociation()
is not having any effect? Pulumi deploys the resource and I can see the DHCP Options present in the AWS console, but looking at my VPC, it is not associated with the DHCP Option Setbulky-policeman-29913
11/05/2021, 5:06 PMbulky-policeman-29913
11/05/2021, 5:07 PMconst lambdaRole = new aws_native.iam.Role(`${resourcePrefix}-myrole`, {
assumeRolePolicyDocument: {
version: '2012-10-17',
statement: [{
effect: 'Allow',
principal: {
service: '<http://lambda.amazonaws.com|lambda.amazonaws.com>'
},
action: [
'sts:AssumeRole'
]
}]
},
path: '/'
});
bulky-policeman-29913
11/05/2021, 5:07 PMbulky-policeman-29913
11/05/2021, 5:11 PMconst automationExecutionRole = new aws_native.iam.Role("automationExecutionRole", {
assumeRolePolicyDocument: {
version: "2012-10-17",
statement: [{
effect: "Allow",
principal: {
service: "<http://ssm.amazonaws.com|ssm.amazonaws.com>",
},
action: ["sts:AssumeRole"],
}],
},
path: "/",
managedPolicyArns: [`arn:${awsPartition}:iam::aws:policy/AmazonEC2FullAccess`],
});
sparse-state-34229
11/07/2021, 12:21 AMaws-sdk-go
where when running Pulumi in a container on an EC2 instance, it’s unable to use the instance profile attached to the instance. this is the error I get:
Exception: invoke of aws:index/getCallerIdentity:getCallerIdentity failed: invocation of aws:index/getCallerIdentity:getCallerIdentity returned an error: 1 error occurred:
* error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.
Please see <https://registry.terraform.io/providers/hashicorp/aws>
for more information about providing credentials.
Error: NoCredentialProviders: no valid providers in chain
caused by: EnvAccessKeyNotFound: failed to find credentials in the environment.
SharedCredsLoad: failed to load profile, .
EC2RoleRequestError: no EC2 instance role found
caused by: RequestCanceled: EC2 IMDS access disabled via AWS_EC2_METADATA_DISABLED env var
error: an unhandled error occurred: Program exited with non-zero exit code: 1
• I can curl the IMDSv1 endpoint within the container
• the container does not have any AWS_*
env vars set
• the container does not mount ~/.aws
• there is a valid IAM role attached to the instance that is in use with Terraform runs
anyone know what’s up here?sparse-state-34229
11/07/2021, 2:23 AMsteep-soccer-65561
11/08/2021, 9:47 AMechoing-actor-55539
11/08/2021, 6:54 PMgreat-postman-59271
11/09/2021, 1:51 PMerror: 1 error occurred:
* updating urn:pulumi:dev::ThreeShape.Olympus.Auth.Infrastructure::aws:dynamodb/tableItem:TableItem::IntegrationTestAccessKey: 1 error occurred:
* Error retrieving DynamoDB table item: SerializationException:
status code: 400, request id: 1AE7FL7RD378QAOE1745B5TCDVVV4KQNSO5AEMVJF66Q9ASUAAJG
I have tried the example code here, and that works fine. Have anyone else experienced this?curved-translator-40788
11/09/2021, 6:04 PMgray-hamburger-90102
11/10/2021, 1:47 PMconst vpc = new awsx.ec2.Vpc("eks-vpc", {
cidrBlock: "10.21.0.0/16",
numberOfAvailabilityZones: "all",
});
I believe this makes a public and private subnet per AZ, so in my case that's 3 of each.
I'd like to change my cidr block to be 10.21.0.0/24
- when i do this and run the changes, it seems that it fails because the internet gateway can't be detached from the VPC - which I have narrowed down to the fact that each NAT gateway has a public IP associated to them that should probably be removed first:
Diagnostics:
pulumi:pulumi:Stack (bravissimo-platform-ec2-vpc):
error: update failed
aws:ec2:InternetGateway (eks-vpc):
error: 1 error occurred:
* updating urn:pulumi:vpc::bravissimo-platform-ec2::awsx:x:ec2:Vpc$awsx:x:ec2:InternetGateway$aws:ec2/internetGateway:InternetGateway::eks-vpc: 1 error occurred:
* Error waiting for internet gateway (igw-03ec74c6df2e8bd83) to detach: timeout while waiting for state to become 'detached' (last state: 'detaching', timeout: 15m0s)
Am I missing something here?damp-school-17708
11/10/2021, 3:36 PMimport * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleDomainName = new aws.apigatewayv2.DomainName("exampleDomainName", {
domainName: "<http://http-api.example.com|http-api.example.com>",
domainNameConfiguration: {
certificateArn: aws_acm_certificate.example.arn,
endpointType: "REGIONAL",
securityPolicy: "TLS_1_2",
},
});
const exampleRecord = new aws.route53.Record("exampleRecord", {
name: exampleDomainName.domainName,
type: "A",
zoneId: aws_route53_zone.example.zone_id,
aliases: [{
name: exampleDomainName.domainNameConfiguration.apply(domainNameConfiguration => domainNameConfiguration.targetDomainName),
zoneId: exampleDomainName.domainNameConfiguration.apply(domainNameConfiguration => domainNameConfiguration.hostedZoneId),
evaluateTargetHealth: false,
}],
});
Which I've followed as-is basically.
My route53 record though, seems to point to something different to endpoint I used to call the api with (id-here.execute-api.us-east-1.amazonaws.com works; while this now points to something like different-id-here.execute-api.us-east-1.amazonaws.com) does my api call need to change or am I missing something?
I would expect the route53 to point to the 'working endpoint' nothing elsemillions-umbrella-34765
11/10/2021, 5:12 PMlate-lock-17022
11/11/2021, 11:53 AMlate-lock-17022
11/11/2021, 11:53 AMminiature-king-36473
11/11/2021, 12:06 PMlate-lock-17022
11/11/2021, 12:14 PMminiature-king-36473
11/11/2021, 12:17 PMlate-lock-17022
11/11/2021, 12:18 PMminiature-king-36473
11/11/2021, 12:20 PMlate-lock-17022
11/11/2021, 12:21 PMchipnibbles_com_certificate = aws.acm.Certificate(
"<http://chipnibbles.com|chipnibbles.com>", domain_name="<http://chipnibbles.com|chipnibbles.com>", validation_method="DNS"
)
validation_option = chipnibbles_com_certificate.domain_validation_options[0]
chipnibbles_validation_record = ChipnibblesRecord(
"validation_record",
name=validation_option.resource_record_name,
type=validation_option.resource_record_type,
records=[
validation_option.resource_record_value,
],
)
chipnibbles_cert_validation = aws.acm.CertificateValidation(
"chipnibbles-validation",
certificate_arn=chipnibbles_com_certificate.arn,
validation_record_fqdns=[chipnibbles_validation_record.fqdn],
)
aws:acm:CertificateValidation (chipnibbles-validation):
error: 1 error occurred:
* Error describing created certificate: Expected certificate to be issued but was in state PENDING_VALIDATION
miniature-king-36473
11/11/2021, 12:27 PMlate-lock-17022
11/11/2021, 12:28 PMminiature-king-36473
11/11/2021, 12:28 PMlate-lock-17022
11/11/2021, 12:32 PMminiature-king-36473
11/11/2021, 12:33 PMlate-lock-17022
11/11/2021, 12:38 PM