mammoth-art-6111
02/04/2022, 6:01 PMpulumi up
mammoth-art-6111
02/04/2022, 6:48 PMpulumi up -r
, seems like it notices there's a code change, but doesn't actually updatemammoth-art-6111
02/04/2022, 6:48 PMaws:lambda:Function github-release-webhook [diff: ~code]
mammoth-art-6111
02/04/2022, 7:07 PMmammoth-art-6111
02/04/2022, 7:28 PMmammoth-art-6111
02/04/2022, 8:04 PMmammoth-art-6111
02/04/2022, 8:04 PMtypescript
better-activity-84090
02/07/2022, 8:20 AMpulumi up
doesn’t update the resource ?polite-pillow-78450
02/07/2022, 11:01 PMcall_as
property with the resource, and many subsequent operations fail because the StackSet is not able to be described when call_as
is not DELEGATED_ADMIN in this scenario.
Has anyone else encountered this?sparse-apartment-71989
02/08/2022, 4:09 PMIn this case, you will need to set the AWS_PROFILE environment variable to the name of the profile to use.
However, later in the docs, an alternative method is offered:
After creating your project, run pulumi config set aws:profile <profilename>
If these differ, which takes precedence, the env var or the config setting? In general will this order of precedence always be true for configuration in Pulumi?ripe-shampoo-80285
02/09/2022, 3:16 AMripe-shampoo-80285
02/09/2022, 3:28 AMnumerous-spoon-56858
02/09/2022, 10:26 AMThe value supplied for parameter 'distributions[0]' is not valid.
any idea why?prehistoric-beach-79855
02/09/2022, 8:19 PMacceptable-oil-81004
02/10/2022, 3:47 AMvictorious-fountain-7689
02/10/2022, 5:27 AMmaintenanceWindowStartTime
in aws.mq.Broker
.
After doing a pulumi up
with the updated value, the AWS Console still shows the old value. Doing a pulumi refresh
afterwards will restore the stack to the old value.
The weird thing is that changing it from the AWS Console works. I did that that to manually sync Pulumi code and the MQ broker. Is this a known issue?
I see in the Terraform Docs (https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker#maintenance_window_start_time) that updating is not supported. Could this be related to this?clever-dog-35937
02/11/2022, 6:32 PMclever-dog-35937
02/11/2022, 6:32 PMpurple-megabyte-83002
02/11/2022, 6:42 PMlittle-soccer-5693
02/11/2022, 7:29 PMDiagnostics:
aws:acm:Certificate (Bopmatic-wwwcert):
error: 1 error occurred:
* error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.
Please see <https://registry.terraform.io/providers/hashicorp/aws>
for more information about providing credentials.
Error: NoCredentialProviders: no valid providers in chain
caused by: EnvAccessKeyNotFound: failed to find credentials in the environment.
SharedCredsLoad: failed to load profile, .
EC2RoleRequestError: no EC2 instance role found
caused by: RequestCanceled: EC2 IMDS access disabled via AWS_EC2_METADATA_DISABLED env var
I have aws😒kipMetadataApiCheck: "false" in my Pulumi.dev.yaml and when i create a non-default provider I have:
aws.NewProvider(ctx, "us-east-1-provider", &aws.ProviderArgs{
Region: pulumi.String("us-east-1"),
SkipMetadataApiCheck: pulumi.Bool(false),
})
any idea what else i need to do to fix this?curved-pharmacist-41509
02/12/2022, 11:29 AM@pulumi/aws
for nodejs to use v3 of the aws-sdk?worried-xylophone-86184
02/12/2022, 7:53 PMpulumi-eks
with a NodeGroup. Whenever I am trying to launch it throws this error:
Exception: Setting nodeGroupOptions, and any set of singular node group option(s) on the cluster, is mutually exclusive. Choose a single approach.
I looked at a few threads in this channel to figure out what the issue would possibly be and reached this code snippet where the check happens: link.
I want to restrict the configurations to the NodeGroup as I have to create multiple NodeGroups for our usecase. Can anyone guide me as to what am I missing here? Adding code in thread.little-soccer-5693
02/13/2022, 6:21 PMworried-xylophone-86184
02/14/2022, 5:08 AMnice-father-44210
02/14/2022, 4:43 PMaws.route53.ResolverEndpoint
, if I pass a subnet_id
into the ResolverEndpointIpAddressArgs
constructor, is there a way for me to obtain an Output
that represents the IP address that AWS assigned to the endpoint? Thanks in advance.gentle-piano-19726
02/14/2022, 8:49 PMcool-glass-63014
02/15/2022, 9:18 AMthousands-area-40147
02/15/2022, 2:17 PMbored-barista-23480
02/15/2022, 3:09 PMpulumi destroy
never works, it always hangs on the Ingress resource. Manually deleting the finalizer set on the Ingress by the LBC while destroy
is ongoing works. But even when I explicitly make the Ingress depend on the Helm chart of the LBC the LBC pods get destroyed before the Ingress, and most important: before the finalizer was removed from the Ingress by the LBC. So the destroy-operation always needs manual intervention. Does anyone have an idea what causes this behavior or even how to solve it?boundless-telephone-75738
02/17/2022, 4:34 PMexport const cluster = new eks.Cluster(clusterName, {
storageClasses: {
'gp2-encrypted': { type: 'gp2', encrypted: true },
},
instanceRoles: [stdNodegroupIamRole, spotNodegroupIamRole],
name: clusterName,
vpcId: vpcId,
privateSubnetIds: privateSubnetIds,
publicSubnetIds: publicSubnetIds,
userMappings: createUserMapping(),
useDefaultVpcCni: true,
createOidcProvider: true,
nodeAssociatePublicIpAddress: false,
encryptionConfigKeyArn: keyAlias.then((k) => k.targetKeyArn),
vpcCniOptions: {
enablePrefixDelegation: true,
},
clusterTags: {
Pulumi: 'true',
},
skipDefaultNodeGroup: true,
clusterSecurityGroupTags: { ClusterSecurityGroupTag: 'true' },
nodeSecurityGroupTags: { NodeSecurityGroupTag: 'true' },
endpointPublicAccess: true,
endpointPrivateAccess: true,
});
cluster.createNodeGroup('standard-ng', {
nodeAssociatePublicIpAddress: false,
minSize: 1,
maxSize: 6,
desiredCapacity: 2,
instanceType: standardInstance,
bootstrapExtraArgs:
"--use-max-pods false --kubelet-extra-args '--max-pods=110'",
instanceProfile: new aws.iam.InstanceProfile('ng-standard', {
role: stdNodegroupIamRole.name,
}),
nodeSubnetIds: privateSubnetIds,
labels: {
ondemand: 'true',
},
});
boundless-telephone-75738
02/17/2022, 4:34 PMexport const cluster = new eks.Cluster(clusterName, {
storageClasses: {
'gp2-encrypted': { type: 'gp2', encrypted: true },
},
instanceRoles: [stdNodegroupIamRole, spotNodegroupIamRole],
name: clusterName,
vpcId: vpcId,
privateSubnetIds: privateSubnetIds,
publicSubnetIds: publicSubnetIds,
userMappings: createUserMapping(),
useDefaultVpcCni: true,
createOidcProvider: true,
nodeAssociatePublicIpAddress: false,
encryptionConfigKeyArn: keyAlias.then((k) => k.targetKeyArn),
vpcCniOptions: {
enablePrefixDelegation: true,
},
clusterTags: {
Pulumi: 'true',
},
skipDefaultNodeGroup: true,
clusterSecurityGroupTags: { ClusterSecurityGroupTag: 'true' },
nodeSecurityGroupTags: { NodeSecurityGroupTag: 'true' },
endpointPublicAccess: true,
endpointPrivateAccess: true,
});
cluster.createNodeGroup('standard-ng', {
nodeAssociatePublicIpAddress: false,
minSize: 1,
maxSize: 6,
desiredCapacity: 2,
instanceType: standardInstance,
bootstrapExtraArgs:
"--use-max-pods false --kubelet-extra-args '--max-pods=110'",
instanceProfile: new aws.iam.InstanceProfile('ng-standard', {
role: stdNodegroupIamRole.name,
}),
nodeSubnetIds: privateSubnetIds,
labels: {
ondemand: 'true',
},
});
worried-xylophone-86184
04/09/2022, 4:57 PMeks_cluster = eks.Cluster(
cluster_name,
name=cluster_name,
public_subnet_ids=list(public_subnets.values()),
private_subnet_ids=list(private_subnets.values()),
tags={"Name": cluster_name, "Stack": stack_name},
vpc_id=vpc_id,
version="1.21",
instance_role=eks_ec2_role,
skip_default_node_group=True,
)
node_group = eks.ManagedNodeGroup(
node_group_name,
cluster=eks_cluster.core,
capacity_type="SPOT",
instance_types=["t3a.medium"],
node_group_name=node_group_name,
node_role=eks_ec2_role,
tags={"Name": cluster_name, "Stack": stack_name},
subnet_ids=list(private_subnets.values()),
scaling_config=pulumi_aws.eks.NodeGroupScalingConfigArgs(
desired_size=1,
min_size=1,
max_size=3,
),
)
boundless-telephone-75738
04/19/2022, 9:06 AM