@stocky-petabyte-29883 have you tried dependsOn or parent?

Yeah

Hey all, my team is new to IaC in general and we were wondering how you deal with permissions in AWS. Do you all just have a single ‘god’ role for pulumi to deploy resources with or do you create stricter roles and assign them differently per CI pipeline (e.g. my pipeline that just deploys a Lambda function only has access to lambda)? The latter seems like it might be difficult to manage once you have quite a few projects all deploying to AWS with roles that are getting more permissive as projects grow.

how do you setup metrics-server in eks?

can anyone help me with this problem please?

Warning  FailedBuildModel  7m11s  ingress  Failed build model due to AccessDenied: User: arn:aws:sts::256032450122:assumed-role/primary-eks-eks-cluster-instanceRole-role-4a78aea/i-0f132b11c4bc816c1 is not authorized to perform: elasticloadbalancing:DescribeLoadBalancers because no identity-based policy allows the elasticloadbalancing:DescribeLoadBalancers action

is there a way to deploy a regional api gateway (instead of edge-optimized) when using AWS Xwalk? or do I need to drop “awsx” and go back to “aws” to do this?

for the AWS route 53 - does it make sense to use PULUMI(otherwise also) for the public hosted zone provisioning? and if that is achievable via PULUMI?

is anyone doing multi-region deployments, using a function that takes a Provider as input and generates resources using the given provider? How do you give every resource a unique name, and pass it the provider to use, without having to edit each created Resource in the stack by hand (eg to add a name suffix, and pass in

{ provider }

as the third arg)

Hi, Quickly wanted to check if we could get an ETA on https://github.com/pulumi/pulumi-eks/issues/658. We are blocked on this feature for a couple of Kubernetes cluster autoscaler functionalities crucial for us. AFAIK, there are no upstream blockers - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group_tag?

Hey all, my team is new to IaC in general and we were wondering how you deal with with leveraging Pulumi and protecting passwords/Secrets in AWS before deploying the Code

This message was deleted.

Hello, I am trying to create a CNAME record in Route 53 using Pulumi with the

Value/Route traffic to

field populated with the DNS name of an ALB that is auto-created by an

aws-load-balancer-controller

upon detecting the ingress of my application. This breaks down into 2 questions: 1. Is there a way to get the DNS name of the ALB when its created? I know of

aws.alb.getLoadBalancer

but that requires the name and ARN of the ALB, so I would need a way to get those. 2. How do I put the DNS name of the ALB into the CNAME record? Looking at the Pulumi docs here https://www.pulumi.com/registry/packages/aws/api-docs/route53/record/ it doesn't seem as though there is a

Value

field to populate (though I could be wrong) and the

records

field used in the example doesn't actually have any explanation. Thank you!

Hello - what is the difference between Pulumi Crosswalk for AWS VPC (https://www.pulumi.com/docs/guides/crosswalk/aws/vpc/) and the Pulumi AWS Quickstart for VPC (https://www.pulumi.com/blog/aws-quickstart-registry/)? Do they serve different purposes, is one more up-to-date or more recommended for use?

this example doesnt even work

Hey i have this code

public_subnets = dis_stack.get_output("public_subnets")

subnets_list = public_subnets.apply(lambda id: id)

but it returns an output object, how can i do that i get a list ?

hey there! looking for a bit of help as I'm stuck - I was playing with adding a placement constraint to an ECS Fargate task and found out it was not supported, so I removed the placement constraint and am trying to

pulumi up

but I still get the

InvalidParameterException: Placement constraints are not supported with FARGATE launch type.

even though the placement constraint is no longer present in my pulumi infrastructure code. Anyone get stuck like this before? any tips on how to fix the deployment?

My

aws:cloudfront:Distribution

is failing because of following error:

error creating CloudFront Distribution: InvalidArgument: The parameter Origin DomainName does not refer to a valid S3 bucket. status code: 400, request id: 59...eb1

I assume that this originates to following parts of the arguments:

origins: [
        {
            originId: contentBucket.arn,
            domainName: contentBucket.websiteEndpoint,
            s3OriginConfig: {
                originAccessIdentity: originAccessIdentity.cloudfrontAccessIdentityPath,
            },
        },
    ],

Especially

contentBucket.websiteEndpoint

. I assume this is the problem. Pulumi outputs this as

<http://myDomain.app.s3-website.eu-central-1.amazonaws.com/>

which works fine so I don't quite know what the problem is. Can anybody help?

does anyone know what this route53 error is?

Diagnostics:
  pulumi:pulumi:Stack (laravel-application-dev):
    error: Running program '/home/k1ng/projects/allrites-laravel/devops' failed with an unhandled exception:
    /home/k1ng/projects/allrites-laravel/devops/node_modules/@pulumi/aws/s3/routingRules.js:1
    b�  �s�a7�1��9^��p�%б��!<>�`��k�/`cx���sĶ��� W�u�Z�Wٺn�֪Y�O3M��V*"�.�x,���Y_�{������~�H7��F*�gQW|��bu ��2A1�(�c�(ѪI


    SyntaxError: Invalid or unexpected token
        at Object.compileFunction (node:vm:353:18)
        at wrapSafe (node:internal/modules/cjs/loader:1040:15)
        at Module._compile (node:internal/modules/cjs/loader:1076:27)
        at Object.Module._extensions..js (node:internal/modules/cjs/loader:1166:10)
        at Module.load (node:internal/modules/cjs/loader:988:32)
        at Function.Module._load (node:internal/modules/cjs/loader:834:12)
        at Module.require (node:internal/modules/cjs/loader:1012:19)
        at require (node:internal/modules/cjs/helpers:102:18)
        at Object.<anonymous> (/home/k1ng/projects/allrites-laravel/devops/node_modules/@pulumi/s3/index.ts:43:1)
        at Module._compile (node:internal/modules/cjs/loader:1112:14)

Hi, i have a eks cluster constructed by pulumi, recently when i typed pulumi preview or pulumi up, it always failed with below errors: i have updated the aws cli and kubectl

why i am keep getting this error randomly?

pulumi:pulumi:Stack (laravel-application-eu-dev):
    error: Running program '/home/k1ng/projects/allrites-laravel/devops' failed with an unhandled exception:
    /home/k1ng/projects/allrites-laravel/devops/node_modules/@pulumi/aws/s3/routingRules.js:1
    b�  �s�a7�1��9^��p�%б��!<>�`��k�/`cx���sĶ��� W�u�Z�Wٺn�֪Y�O3M��V*"�.�x,���Y_�{������~�H7��F*�gQW|��bu ��2A1�(�c�(ѪIj���E���6b�


    SyntaxError: Invalid or unexpected token
        at Object.compileFunction (node:vm:353:18)
        at wrapSafe (node:internal/modules/cjs/loader:1040:15)
        at Module._compile (node:internal/modules/cjs/loader:1076:27)
        at Object.Module._extensions..js (node:internal/modules/cjs/loader:1166:10)
        at Module.load (node:internal/modules/cjs/loader:988:32)
        at Function.Module._load (node:internal/modules/cjs/loader:834:12)
        at Module.require (node:internal/modules/cjs/loader:1012:19)
        at require (node:internal/modules/cjs/helpers:102:18)
        at Object.<anonymous> (/home/k1ng/projects/allrites-laravel/devops/node_modules/@pulumi/s3/index.ts:43:1)
        at Module._compile (node:internal/modules/cjs/loader:1112:14)

I’m confused about why Pulumi still tries to delete my VPC after i added

retain_on_delete=True

to the ResourceOptions. My understanding was that it would only remove it from the stack and not perform the API call to delete. What part of this flow am i misunderstanding?

I'm looking at building an Aurora Postgres Serverless V2 cluster in a non-default VPC, but I do not see an apparent way to specify which VPC the cluster should be created in—no option in ClusterArgs or ClusterInstanceArgs—is it just missing? Seems like it's choosing the default VPC - but I really don't want this.

error creating RDS cluster: InvalidParameterCombination: The DB instance and EC2 security group are in different VPCs. The DB instance is in vpc-088d910645c61f340 (Default VPC) and the EC2 security group is in vpc-064aba8b2279cfa50 (my custom Data VPC where I want the cluster to reside)

how do I tell pulumi to put this cluster in my dataVPC and not the default VPC?

does anyone know how to get the global RDS cluster write forwarding endpoint? https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-write-forwarding.html

I am trying to create latency based records and AWS getting this error.

* [ERR]: Error building changeset: InvalidChangeBatch: [Tried to create resource record set [name='xxxxxxxx.io.', type='CNAME', set-identifier='latency'] but it already exists]

return new aws.route53.Record('admin', {
        name: 'admin',
        zoneId: zone.then(z => z.zoneId),
        type: 'CNAME',
        setIdentifier: 'latency',
        records: [loadBalancer],
        ttl: 60,
        latencyRoutingPolicies: [{ region: i.region }]
    })

Hi, does now pulumi supports all aws modules with yaml method ?

Anyone had experience that the EKS init by one person, that passed onto the next person, the second person became unauthorized to do things like create iamserviceaccounts, like because the he is not the cluster creator or some sort?

Hey guys, does anyone know what is the best way to expose an eks cluster using pulumi? im installing an app with it's helm chart and i want to expose it to the internet but when using servicetype loadbalancer aws creates a classic lb. i want it all to be done inside the pulumi code. anyone have an idea?

Hi there! I’m having trouble creating a AWS S3 bucket with a name without a suffix created by Pulumi. Here is my code to create a bucket:

import pulumi_aws as aws

bucket = aws.s3.BucketV2(
    "my-bucket-name",
    tags={
        "Client": "my-client-name,
        "Environment": "my-stack-name",
    },
)
b_acl = aws.s3.BucketAclV2("my-bucket-name", bucket=bucket.id, acl="private")

However, the name of the bucket created seems to be “`my-bucket-name-5d70fd9`” instead of “`my-bucket-name"`. I tried adding

resource_name

as a argument to

aws.s3.BucketV2

, like the doc suggests, but in that case I got the error

__init__() got multiple values for argument 'resource_name'

. Any idea?