https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • t

    tall-beard-99429

    12/02/2021, 12:55 PM
    The solution here: https://github.com/hashicorp/terraform/issues/532 is to use
    create_before_destroy
    as a flag in the configuration section
  • b

    billions-hospital-77217

    12/02/2021, 8:06 PM
    When I run
    pulumi up
    I'm getting issues with getting this error:
    error: failed to discover plugin requirements: 'dotnet build -nologo .' exited with non-zero exit code: 1
    Here's my verbose log... EDIT: Nvm I figured out I was doing weird stuff with my dependencies.
    out.txt
  • s

    steep-window-60101

    12/02/2021, 8:18 PM
    hey, i asked this question in general channel without feedback. Since it is related to AWS terraform statefile parsing with pulumi. I reposted it here for more feedbacks. Thanks!
    l
    • 2
    • 5
  • a

    ambitious-salesmen-39356

    12/05/2021, 1:16 AM
    Is there a way to improve the usefulness of outputs from
    pulumi preview --diff
    with regard to IAM policies? It's basically unreadable in default form =\
    g
    • 2
    • 1
  • a

    ambitious-salesmen-39356

    12/05/2021, 2:54 AM
    This is the result just adding one additional service to an allow clause in a single statement =\
    Untitled.txt
    👍 2
  • d

    damp-school-17708

    12/06/2021, 10:14 AM
    Hello, I wanted to try graviton on Fargate, we build our docker images with buildAndPushImage, is there a flag I can't find in the docs to build them in arm64 format ( I assume that's what I need to do at least) on top of launching the tasks with the right flags. thanks
  • t

    thankful-father-68341

    12/06/2021, 12:46 PM
    Hi Team - I have a quick question - Is there a way I can access Pulumi state (to get the exact ARNs/Configuration) from my application code? for example when I create a DynamoDB it creates a unique ARN, I need that ARN in my application code - What is hte best practice
    r
    • 2
    • 1
  • p

    purple-application-23904

    12/06/2021, 9:18 PM
    Anyone have experience with AWS websockets? I'm trying to follow their demo but using Pulumi and I'm running into an issue: Single character "payload" works fine and gets routed properly to my Lambda; however, multi-character payloads return a 500 error and don't appear to make it to my lambda function. I'm not sure if I'm not translating it properly from serverless template.yaml or not. I'll thread a few images and snippets to help demonstrate / explain.
    • 1
    • 4
  • q

    quaint-portugal-34880

    12/07/2021, 6:15 AM
    Hi, I would like to create a vpc with awsx.ec2.Vpc but I would like to create my own subnet's to be able to share RouteTables between some of them. How can I do that?
    l
    • 2
    • 5
  • b

    billowy-army-68599

    12/07/2021, 4:01 PM
    FYI: us-east-1 is having a bit of a day
    💥 9
    😬 6
  • w

    wonderful-twilight-70958

    12/08/2021, 1:12 PM
    Wondering if any folks have ideas about how to achieve the patching / modification of the aws-vpc-cni component when installing EKS. I'm trying to specify a service account / annotation so that it uses IRSA (as per best practise). When specifying
    useDefaultVpcCni: false
    it still gets installed 😕 Which, OK fine. But then I also can't 'import' it inline and annotate it without manual intervention (once to import without the annotation, then add the annotation, then run
    up
    again).
  • b

    boundless-telephone-75738

    12/08/2021, 1:55 PM
    I'm trying to upgrade the vpc-cni addon to >= 1.9.0 so I can use the Prefix networking mentioned here https://aws.amazon.com/blogs/containers/amazon-vpc-cni-increases-pods-per-node-limits/ - It seems like eks - 1.21 has 1.10.1 as the default version, but I still end up with 1.7.5 (
    aws eks describe-addon-versions --addon-name vpc-cni --kubernetes-version 1.21
    ) at least outputs v1.10.1, Default: true. Any hints for how to achive this?
  • d

    dry-teacher-74595

    12/08/2021, 6:10 PM
    one of my roles managed by pulumi is missing a policy, the other roles created by the same code are all fine.
  • d

    dry-teacher-74595

    12/08/2021, 6:10 PM
    the policy exists in the pulumi state also, but doesnt exist on aws anymore for some reason.
  • d

    dry-teacher-74595

    12/08/2021, 6:11 PM
    whats the most recommended way to fix it?
  • d

    dry-teacher-74595

    12/08/2021, 6:16 PM
    actually the policy exist on aws console, just the role-policy attachment is not there
    r
    • 2
    • 1
  • w

    wonderful-twilight-70958

    12/08/2021, 9:59 PM
    Does Pulumi support AWS managed grafana? don't see it in the API docs or in GH (not even a support / roadmap issue for it?)
    b
    • 2
    • 3
  • l

    lemon-salesclerk-6224

    12/09/2021, 2:36 AM
    Hey folks - I was using pulumi to deploy some lambdas and api gateways but ran into an issue where the
    stack.up()
    output is now empty. Before i'd get the gateway url when deploying gateway + 2 lambdas. Now when deploying gateway + 4 lambdas i get an empty
    Outputs: {}
    Any ideas?
    l
    • 2
    • 9
  • m

    magnificent-battery-62880

    12/09/2021, 4:24 PM
    hello, I'm trying to create a new EKS cluster with pulumi, this is my code
    eks = Cluster(
        'eks-locust',
        vpc_id=vpc.id,
        public_subnet_ids=[subnet.id for subnet in dmz_subnets],
        private_subnet_ids=[subnet.id for subnet in private_subnets],
        cluster_security_group=sg,
        kubernetes_service_ip_address_range='192.168.0.0/16',
        vpc_cni_options=VpcCniOptionsArgs(cni_custom_network_cfg=True),
        node_group_options=ClusterNodeGroupOptionsArgs(
            min_size=2,
            max_size=150,
            node_associate_public_ip_address=False,
            node_security_group=sg),
        provider_credential_opts=KubeconfigOptionsArgs(
            profile_name='671822246166_Admin'),
        tags=common_tags
    )
    but I keep getting the error
    Setting nodeGroupOptions, and any set of singular node group option(s) on the cluster, is mutually exclusive. Choose a single approach.
    I read through the source and can't figure out what's conflicting with
    node_group_options
    , anyone got any ideas what I'm doing wrong? https://github.com/pulumi/pulumi-eks/blob/master/nodejs/eks/cluster.ts#L361-L375
    w
    n
    w
    • 4
    • 4
  • w

    wide-jackal-86020

    12/09/2021, 11:19 PM
    Hi, I got an error when deploying API Gateway
    Type                          Name                        Status                  Info                                                                                                                                                                                     
         pulumi:pulumi:Stack           control_api-staging  **failed**              1 error                                                                                                                                                                                  
     -   └─ aws:apigateway:Deployment  control_api          **deleting failed**     1 error                                                                                                                                                                                  
                                                                                                                                                                                                                                                                                    
    Diagnostics:                                                                                                                                                                                                                                                                    
      aws:apigateway:Deployment (control_api):                                                                                                                                                                                                                               
        error: deleting urn:pulumi:staging::control_api::aws:apigateway:x:API$aws:apigateway/deployment:Deployment::control_api: 1 error occurred:                                                                                                                    
            * error deleting API Gateway Deployment (5ad3rk): BadRequestException: Active stages pointing to this deployment must be moved or deleted                                                                                                                               
                                                                                                                                                                                                                                                                                    
      pulumi:pulumi:Stack (control_api-staging):                                                                                                                                                                                                                             
        error: update failed
    Has anyone experienced this and knows how to fix it?
    h
    • 2
    • 1
  • r

    rapid-keyboard-69273

    12/10/2021, 5:07 PM
    Heelo, I created successfully a VPC using const vpc = new awsx.ec2.Vpc.....how I can retrieve the default securitygroup Id..?...thanks
    g
    • 2
    • 5
  • s

    salmon-fish-42319

    12/10/2021, 5:51 PM
    is there an example in the wild of using a resource's .arn output inside of an iam policy? I want to authorize the specific resource by arn rather than Resources: [ "*" ], but everything I try has failed in one way or another (eg getPolicyDocument expects a string rather than an Output<string>)
    • 1
    • 2
  • m

    mammoth-airline-91759

    12/10/2021, 11:02 PM
    I created a VPC like this:
    new awsx.ec2.Vpc("vpc-dev-1", {
            cidrBlock: "10.0.0.0/16",
            instanceTenancy: "default",
            numberOfAvailabilityZones: 3,
            numberOfNatGateways: 2,
    });
    I now realize I need some tags on each public and private subnet. Is there a way to easily go back and add those tags to each subnet without destroying and re-creating the entire stack?
    w
    b
    • 3
    • 5
  • n

    nutritious-tent-64795

    12/14/2021, 1:17 AM
    Hi - is anyone else seeing issues standing up an EKS cluster via Pulumi/Python? We have code which has worked for months that is suddenly sporadically throwing this error:
    details = "Setting nodeGroupOptions, and any set of singular node group option(s) on the cluster, is mutually exclusive. Choose a single approach."
    We hit a number of failures on Friday, it began working again this weekend, and is now not working again. Our code in question is here: • https://github.com/nginxinc/kic-reference-architectures/blob/master/pulumi/aws/eks/__main__.py#L61-L65 • https://github.com/nginxinc/kic-reference-architectures/blob/master/pulumi/aws/eks/__main__.py#L73-L83 There is nothing being set outside of the node options that should cause this error (based on the logic in https://github.com/pulumi/pulumi-eks/blob/master/nodejs/eks/cluster.ts#L361-L375). The output looks like this: • https://gist.github.com/qdzlug/931c07928dca1c3ad6097d89227edc16 This issue started following the issues with AWS, but I don’t know if it’s related. This is under Pulumi v3.19.0 and all current versions of the pulumi python modules.
    b
    w
    • 3
    • 6
  • m

    mysterious-whale-31506

    12/14/2021, 7:30 PM
    Hey all, I have a question re: ECSx and AutoScaling with a Capacity Provider. The Capacity Provider has no problem Auto Scaling up to my max when the scaling policy demands it. However, the instances that come online do not receive a service task. They remain idle. So far I've tried adjusting my cluster to give it a
    defaultCapacityProviderStrategies
    with a base of 1 and weight of 100, while adjusting my service definition from a testing
    desiredCount
    of 1 to no
    desiredCount
    entry at all. I'm wondering which resource configuration I should be paying attention to. Any insights that may lead me to water are greatly appreciated!
  • f

    freezing-umbrella-5483

    12/15/2021, 5:02 PM
    What's the status of crosswalk for AWS? I would like to jump into learning it, but I see that the latest release was 3 months ago, so I want to make sure it's not a legacy feature. How high is it on the priority list? Will it be updated for AWS native? Are there any ETAs for Python? In general, if there is a public roadmap available, it'd be very helpful if someone pointed me to it (I couldn't find one). Thanks in advance.
    👀 1
    r
    l
    r
    • 4
    • 9
  • l

    little-cartoon-10569

    12/16/2021, 1:19 AM
    I've just had an update of an ssoadmin:ManagedPolicyAttachment fail with the error doesn't support update. I'm guessing that the correct fix is to add opt replaceOnChanges: ["*"]. For similar resources, Pulumi has always known when a replace was needed; is that supposed to happen here? Should I raise an issue?
    g
    • 2
    • 2
  • g

    great-sunset-355

    12/16/2021, 9:35 AM
    I have
    aws_native.ecs.Service
    and I added
    replaceOnChanges: ["*"]
    and the pulumi have been trying to create a replacement Service for more than 30 minutes and nothing is happening.
  • n

    nutritious-shampoo-16116

    12/17/2021, 11:18 AM
    anybody aware why we get such a behavior (and how we can debug the source)?
    ++aws:ec2/flowLog:FlowLog: (create-replacement)
                    [id=fl-XXX]
                    [urn=urn:pulumi:staging::XXX-vpc::XXX:AWS:Network$aws:ec2/vpc:Vpc$aws:ec2/flowLog:FlowLog::stusea1-XXX-vpc-flowlog]
                    [provider=urn:pulumi:staging::XXX-vpc::pulumi:providers:aws::default_4_26_0::XXX]
                  + iamRoleArn: "arn:aws:iam::XXX:role/stusea1-XXX-vpc-flowlog-role-972cb33"
                +-aws:ec2/flowLog:FlowLog: (replace)
                    [id=fl-XXX]
                    [urn=urn:pulumi:staging::XXX-vpc::XXX:AWS:Network$aws:ec2/vpc:Vpc$aws:ec2/flowLog:FlowLog::stusea1-XXX-vpc-flowlog]
                    [provider=urn:pulumi:staging::XXX-vpc::pulumi:providers:aws::default_4_26_0::XXX]
                  + iamRoleArn: "arn:aws:iam::XXX:role/stusea1-XXX-vpc-flowlog-role-972cb33"
                --aws:ec2/flowLog:FlowLog: (delete-replaced)
                    [id=fl-XXX]
                    [urn=urn:pulumi:staging::XXX-vpc::XXX:AWS:Network$aws:ec2/vpc:Vpc$aws:ec2/flowLog:FlowLog::stusea1-XXX-vpc-flowlog]
                    [provider=urn:pulumi:staging::XXX-vpc::pulumi:providers:aws::default_4_26_0::XXX]
    seems pulumi wants to replace the ARN (which is the same) and this fails cause the resource already exist this happens on every up
    l
    • 2
    • 2
  • n

    nutritious-shampoo-16116

    12/17/2021, 11:46 AM
    ^^^^ for those having the same issue with flowlog, it seems the native provider works correctly, and a quick look at it show they changed a bit the API rewording some args, this is probably why pulumi is passing something which is not registered and it wants to push it again to AWS all the time
Powered by Linen
Title
n

nutritious-shampoo-16116

12/17/2021, 11:46 AM
^^^^ for those having the same issue with flowlog, it seems the native provider works correctly, and a quick look at it show they changed a bit the API rewording some args, this is probably why pulumi is passing something which is not registered and it wants to push it again to AWS all the time
View count: 1