https://pulumi.com logo
Join Slack
Channels
Powered by Linen
aws
  • f

    fresh-carpet-17788

    08/03/2022, 10:13 AM
    Hey guys! Is it possible to call lambda functions and use their response during a stack build phase?
  • b

    big-potato-91793

    08/03/2022, 3:28 PM
    Hey all, 👋 , I’m using the aws provider 
    5.10
    and pulumi 
    3.35.3
    with those value 
    skipCredentialsValidation: false,
 skipGetEc2Platforms: false,
 skipMetadataApiCheck: false,
    with EC2 Instance Metadata (iam role on the instance) It was working before I upgrade all version. Anything wrong?
    l
    • 2
    • 4
  • b

    broad-toddler-72261

    08/03/2022, 6:49 PM
    Has anyone else run into the issue where you attempt to upgrade pulumi from 1.x to 3.x, only to find there are a number of breaking changes, so in turn you revert back to 1.x, now faced with the problem where you can no longer get a StackReference to that stack?
    m
    r
    • 3
    • 10
  • v

    victorious-dusk-75271

    08/03/2022, 8:32 PM
    dear AWS experts, how do you setup RDS (mysql) for multi region?
    m
    • 2
    • 1
  • b

    breezy-laptop-42679

    08/04/2022, 2:05 PM
    Hello I need guidance over creating s3 public access block the code mentioned in official documentation creates a new bucket and policy however I need to do it for a already created one please check the code below 
    [6:11 PM] /*
   *   s3 public access block
   */
const bucketNameList = ["prod-nueve-media-9184fce"]
const bucketIdList: pulumi.Output<string>[] = []

bucketNameList.forEach(bucketName => {
  // Create an AWS resource (S3 Bucket) 
  const bucket = new aws.s3.Bucket(bucketName, {});
  bucketIdList.push(bucket.id)
});

for (let index = 0; index < bucketIdList.length; index++) {
  new aws.s3.BucketPublicAccessBlock(`${bucketNameList[index]}-publicAccessBlock`, {
    bucket: bucketIdList[index],
    blockPublicAcls: true,
    blockPublicPolicy: true,
  });
}
    l
    • 2
    • 4
  • a

    aloof-dress-1001

    08/04/2022, 4:43 PM
    Hey guys, Im deploying an EKS cluster with pulumi_aws, and i want to connect my cluster to kubectl as soon as its deployed, how do i output the kubeconfig to my local machine inside the code and not by a command later on?
    s
    p
    • 3
    • 4
  • k

    kind-hamburger-15227

    08/04/2022, 6:45 PM
    How can I set aws:skipCredentialsValidation for automation API? I am trying to run example https://github.com/pulumi/automation-api-examples/tree/main/python/pulumi_over_http and it's failing with terraform related aws error: 
    Diagnostics:
  aws:s3:Bucket (s3-website-bucket):
    error: 1 error occurred:
    	* error configuring Terraform AWS Provider: AWS account ID not previously found and failed retrieving via all available methods. See <https://www.terraform.io/docs/providers/aws/index.html#skip_requesting_account_id> for workaround and implications. Errors: 2 errors occurred:
    I tried adding stack.set_config("aws😒kipCredentialsValidation:", auto.ConfigValue("true")) into main.py but it failed to parse config parameter. Any suggestions?
    l
    • 2
    • 25
  • p

    polite-napkin-90098

    08/04/2022, 7:04 PM
    I'm finding that repeated pulumi up and pulumi refresh is constantly editing and destroying rules in my AWS security groups, and then restoring them on the next cycle of refresh and up. From looking at the first refresh it seems like it is finding say 5 rules in the security group which match what the code generates but they are out of order. e.g. in the code 1,2,3,4,5 and then in aws 1,2,4,3,5 and then pulumi thinks it needs to update rules 3 and 4 essentially morphing each into the other. I think this update fails somehow (aws sg can be fussy about having rules added which match rules which already exist) and the result is that one rule is morphed into the other and the other is broken. The another round of refresh and update will fix it. As far as I know the order in which the AWS api returns the security group rules is based on their name which is sg- and a random hex string, as I can't know this before the sg are created I can't order the statements in my code to match the order in which they will appear in the api. Especially when you consider deploying the same code to multiple stacks. Is this a common issue? Can I solve it easily? Do I need to look at using AWS-Native over the AWS-Classic?
    l
    • 2
    • 13
  • s

    stocky-petabyte-29883

    08/04/2022, 8:46 PM
    Hey Trying to create a new subnet to an existing vpc, using either 
    new awsx.ec2.Subnet
    or 
    new aws.ec2.Subnet
    . How do we set the subnet name and set the subnet as private or public?
    s
    • 2
    • 1
  • h

    helpful-account-44059

    08/05/2022, 7:56 AM
    the opensearch domain ebsoption's volume type missing type of "gp3"
    d
    • 2
    • 4
  • l

    limited-motorcycle-11738

    08/05/2022, 10:45 AM
    Hi All! Perhaps a n00b question but I couldn't see anythign in the docs. I've successfully created an EKS cluster and added some k8s stuff onto it. One thing I added creatd an elb (correctly, as expected). Now I would like to get the elb using https://www.pulumi.com/registry/packages/aws/api-docs/elb/getloadbalancer/ so that I can alias it to a Route53 record. However I don't know its name or how to list all elbs. Any suggestions?
  • s

    stocky-petabyte-29883

    08/05/2022, 2:21 PM
    Hi I am using remote command to execute a sql script, but the environment variables I set for the remote command isn't available in the remote server. How to use it? 
    new remote.Command("mysql-setup-execute", {
                    connection,
                    create: pulumi.interpolate`chmod 777 ./mysql-setup.sh; ./mysql-setup.sh`,
                    delete: "rm mysql-setup.sh",
                    environment: {
                        MASTER_USER: masterUsername,
                        MASTER_PASSWORD: masterPassword!,
                        DB_USERNAME: dbUsername,
                        DB_PASSWORD: dbUserPassword,
                        DB_NAME: dbName,
                        DB_HOST: dbHost
                    }
                }, { dependsOn: remoteFile });
    Shell script 
    #!/bin/bash

sudo yum -y install mariadb
mysql -u ${MASTER_USER} -p${MASTER_PASSWORD} -h${DB_HOST}<<MYSQL_SCRIPT

CREATE USER ${DB_USERNAME}@% IDENTIFIED BY '${DB_PASSWORD}';
GRANT ALL PRIVILEGES ON ${DB_NAME}.* TO '${USERNAME}'@'%';
FLUSH PRIVILEGES;
MYSQL_SCRIPT
    What am I missing?
  • b

    brainy-furniture-43093

    08/05/2022, 4:23 PM
    Hi All, I have been trying to deploy my lambda on the new provided.al2 runtime for Go. I package my code using 
    GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags "-s -w" -tags lambda.norpc -o build/bootstrap
    And then I zip it using Pulumi's 
    NewAssetArchive
    Code: pulumi.NewAssetArchive(map[string]interface{}{
			"bootstrap": pulumi.NewFileAsset("../onboarding/cmd/onboarding/build/bootstrap"),
			"Makefile":  pulumi.NewFileAsset("../onboarding/cmd/onboarding/build/Makefile"),
		}),
    And my Makefile contains 
    build-Onboarding:
	cp ./bootstrap $(ARTIFACTS_DIR)/.
    But for some reason it's like my Makefile doesn't execute then the bootstrap file stays in some root folder. Any ideas here? Thank you
    • 1
    • 1
  • b

    brainy-furniture-43093

    08/05/2022, 4:25 PM
  • f

    famous-magician-5742

    08/05/2022, 5:09 PM
    We are planning on using Pulumi (python) in an AWS Lambda function with a custom Lambda image so that we can install the Pulumi CLI on it and run it completely locally. We are looking at using an s3 bucket to store the Pulumi state. Does Pulumi (
    pulumi login
    ) support using the Lambda execution IAM role to authenticate 'seamlessly' to the s3 bucket where the state is stored?
    👀 1
  • v

    victorious-dusk-75271

    08/05/2022, 8:11 PM
    is there any multi region vpc example?
    s
    • 2
    • 14
  • v

    victorious-dusk-75271

    08/05/2022, 8:17 PM
    should i create separate VPC for EKS and (RDS, elasticCache and ElasticSearch)?
  • v

    victorious-dusk-75271

    08/05/2022, 8:17 PM
    in each region
  • s

    square-ability-48831

    08/05/2022, 10:28 PM
    Anybody else encounter the "This is almost certainly a bug in the 
    aws
    provider" when trying to import Subnets? I'm trying to import some default vpc subnets into pulumi control and get this after a 
    pulumi import...
    command 
    pulumi import aws:ec2/subnet:Subnet defaultVpcSubnet2d subnet-BLAHBLAHBLAHBLAH
    warning: One or more imported inputs failed to validate. This is almost certainly a bug in the `aws` provider. The import will still proceed, but you will need to edit the generated code after copying it into your program.
    warning: aws:ec2/subnet:Subnet resource 'defaultVpcSubnet2d' has a problem: Conflicting configuration arguments: "availability_zone": conflicts with availability_zone_id. Examine values at 'Subnet.AvailabilityZone'.
    warning: aws:ec2/subnet:Subnet resource 'defaultVpcSubnet2d' has a problem: Conflicting configuration arguments: "availability_zone_id": conflicts with availability_zone. Examine values at 'Subnet.AvailabilityZoneId'.
    • 1
    • 4
  • c

    careful-oil-55681

    08/05/2022, 11:09 PM
    any folks out there in Pulumi-land building AWS infra using shared VPC? We are just reading up on it and we are concerned with the inability to query tags on the VPC objects from the sharing account and we were wondering how people are handling it.
  • v

    victorious-dusk-75271

    08/06/2022, 12:57 AM
    aws:ec2:VpcPeeringConnection (eks-vpc-peer-to-rds-vpc):
    error: 1 error occurred:
        * updating urn:pulumi:dev::allrites-infrastructure::custom:resource:vpc$aws:ec2/vpcPeeringConnection:VpcPeeringConnection::eks-vpc-peer-to-rds-vpc: 1 error occurred:
        * error reading EC2 VPC Peering Connection (pcx-093563ee7db421f17): failed
    any idea what causing this error?
  • v

    victorious-dusk-75271

    08/06/2022, 2:49 AM
    Diagnostics:
  aws:ec2:Vpc (rds-vpc-vpc):
    error: deleting urn:pulumi:dev::allrites-infrastructure::aws:ec2/vpc:Vpc::rds-vpc-vpc: 1 error occurred:
        * error deleting EC2 VPC (vpc-076d9d57f5bfecac7): DependencyViolation: The vpc 'vpc-076d9d57f5bfecac7' has dependencies and cannot be deleted.
        status code: 400, request id: 8f586580-0c6f-4134-8606-e2c3aaa0c19f

  pulumi:pulumi:Stack (allrites-infrastructure-dev):
    error: update failed
    how do i solve this problem?
    s
    • 2
    • 26
  • v

    victorious-dusk-75271

    08/06/2022, 2:49 AM
    -   ├─ aws:ec2:Vpc                             rds-vpc-vpc                        delete     completing deletion fro
  • v

    victorious-dusk-75271

    08/06/2022, 8:45 AM
    every time i run up a duplicate vpc, route, and whole lot of networking stuff being created
  • v

    victorious-dusk-75271

    08/06/2022, 8:45 AM
    😞
  • v

    victorious-dusk-75271

    08/06/2022, 9:01 AM
    aws:ec2:VpcPeeringConnection (us-data-vpc-peer-to-primary-data-vpc):
    error: 1 error occurred:
        * updating urn:pulumi:dev::allrites-infrastructure::custom:resource:vpc$aws:ec2/vpcPeeringConnection:VpcPeeringConnection::us-data-vpc-peer-to-primary-data-vpc: 1 error occurred:
        * Unable to modify EC2 VPC Peering Connection Options. EC2 VPC Peering Connection (pcx-074aa1572a7fa6704) is not active (current status: pending-acceptance). Please set the `auto_accept` attribute to `true` or activate the EC2 VPC Peering Connection manually.
    how do i solve this problem?
  • v

    victorious-dusk-75271

    08/06/2022, 9:01 AM
    i am trying to peer cross region vpc
  • q

    quaint-air-36266

    08/08/2022, 9:56 AM
    alex
  • c

    colossal-vr-62639

    08/08/2022, 2:06 PM
    Does anyone here know if Cloud Formation Custom Resources are supported via the AWS Cloud Control API? I'm getting conflicting results
    m
    • 2
    • 2
  • s

    stocky-petabyte-29883

    08/09/2022, 8:48 AM
    Hey I am having issues with running pulumi remote command with environment variables, I tried a couple of things such as adding placeholder values in bashrc and setting AcceptEnv in another remote command that runs before the main one, still no joy What am I missing here? 
    const setEnvVarsCommand = new remote.Command("set-env-vars", {connection,
                    create: pulumi.interpolate`echo "export MASTER_USER='"test"'\nexport MASTER_PASSWORD='test'\nexport DB_USERNAME='test'\nexport DB_PASSWORD='test'\nexport DB_NAME='test'\nexport DB_HOST='test'" >> ~/.bashrc && source ~/.bashrc && echo "AcceptEnv MASTER_USER MASTER_PASSWORD DB_USERNAME DB_PASSWORD DB_NAME DB_HOST" | sudo tee -a /etc/ssh/sshd_config && sudo service sshd restart`,
                    delete: `head -n -6 ~/.bashrc > tmp_file && mv tmp_file ~/.bashrc && head -n -1 ~/.bashrc > tmp_sshd && sudo mv tmp_sshd /etc/ssh/sshd_config`
                }, { dependsOn: remoteFile });

 new remote.Command("mysql-setup-execute", {connection,
                    create: pulumi.interpolate`chmod 777 ./mysql-setup.sh; ./mysql-setup.sh`,
                    delete: "rm mysql-setup.sh",
                    environment: {
                        MASTER_USER: masterUsername,
                        MASTER_PASSWORD: masterPassword!,
                        DB_USERNAME: dbUsername,
                        DB_PASSWORD: dbUserPassword,
                        DB_NAME: dbName,
                        DB_HOST: dbHost
                    }
                }, { dependsOn: setEnvVarsCommand });
    I am dumping all the env variables available in the mysql-setup.sh file and the environment variables have the place holder value test. I went with AcceptEnv as people recommended it in the issue https://github.com/pulumi/pulumi-command/issues/48 I am stuck here and need some help
    l
    • 2
    • 2
Title
s

stocky-petabyte-29883

08/09/2022, 8:48 AM
Hey I am having issues with running pulumi remote command with environment variables, I tried a couple of things such as adding placeholder values in bashrc and setting AcceptEnv in another remote command that runs before the main one, still no joy What am I missing here? 
const setEnvVarsCommand = new remote.Command("set-env-vars", {connection,
                    create: pulumi.interpolate`echo "export MASTER_USER='"test"'\nexport MASTER_PASSWORD='test'\nexport DB_USERNAME='test'\nexport DB_PASSWORD='test'\nexport DB_NAME='test'\nexport DB_HOST='test'" >> ~/.bashrc && source ~/.bashrc && echo "AcceptEnv MASTER_USER MASTER_PASSWORD DB_USERNAME DB_PASSWORD DB_NAME DB_HOST" | sudo tee -a /etc/ssh/sshd_config && sudo service sshd restart`,
                    delete: `head -n -6 ~/.bashrc > tmp_file && mv tmp_file ~/.bashrc && head -n -1 ~/.bashrc > tmp_sshd && sudo mv tmp_sshd /etc/ssh/sshd_config`
                }, { dependsOn: remoteFile });

 new remote.Command("mysql-setup-execute", {connection,
                    create: pulumi.interpolate`chmod 777 ./mysql-setup.sh; ./mysql-setup.sh`,
                    delete: "rm mysql-setup.sh",
                    environment: {
                        MASTER_USER: masterUsername,
                        MASTER_PASSWORD: masterPassword!,
                        DB_USERNAME: dbUsername,
                        DB_PASSWORD: dbUserPassword,
                        DB_NAME: dbName,
                        DB_HOST: dbHost
                    }
                }, { dependsOn: setEnvVarsCommand });
I am dumping all the env variables available in the mysql-setup.sh file and the environment variables have the place holder value test. I went with AcceptEnv as people recommended it in the issue https://github.com/pulumi/pulumi-command/issues/48 I am stuck here and need some help
l

little-cartoon-10569

08/09/2022, 8:54 PM
It looks like the environment variables you're expecting to see are set up in .bashrc. Non-interactive bash shells don't run .bashrc. Plus, you don't seem to be running bash (though you might be, I can't see the shebang in mysql-setup.sh). You can familiarize yourself with how remote execs and non-interactive shells work by reading `man bash`; the section titled "Invocation" has all the details.
There are many places to read up on how shebangs work and how to use them effectively over ssh. This page looks like a good place to start: https://linuxhandbook.com/shebang/
View count: 12