Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
aws
- s
stocky-petabyte-29883
08/20/2022, 2:32 PMHi I created an aws aurora cluster inside a vpc, I have a script that I am running using pulumi remote command, which is running a sql script against the previously created instance. The remote command depends on a different resource, which inturn depends on the aurora cluster. However the script are still getting executed before the clusters in the instance are fully provisioned and I get an error back that the host is unknown, how can I prevent this?1 reply · 2 participantsv - v
victorious-dusk-75271
08/20/2022, 2:34 PM@stocky-petabyte-29883 have you tried dependsOn or parent? - s
stocky-petabyte-29883
08/20/2022, 2:35 PMYeah - b
big-house-59728
08/20/2022, 6:35 PMHey all, my team is new to IaC in general and we were wondering how you deal with permissions in AWS. Do you all just have a single ‘god’ role for pulumi to deploy resources with or do you create stricter roles and assign them differently per CI pipeline (e.g. my pipeline that just deploys a Lambda function only has access to lambda)? The latter seems like it might be difficult to manage once you have quite a few projects all deploying to AWS with roles that are getting more permissive as projects grow.1 reply · 2 participantsf - v
victorious-dusk-75271
08/21/2022, 2:49 PMhow do you setup metrics-server in eks? - v
victorious-dusk-75271
08/21/2022, 4:49 PMcan anyone help me with this problem please?Warning FailedBuildModel 7m11s ingress Failed build model due to AccessDenied: User: arn:aws:sts::256032450122:assumed-role/primary-eks-eks-cluster-instanceRole-role-4a78aea/i-0f132b11c4bc816c1 is not authorized to perform: elasticloadbalancing:DescribeLoadBalancers because no identity-based policy allows the elasticloadbalancing:DescribeLoadBalancers action5 replies · 2 participantss - i
icy-controller-6092
08/22/2022, 1:39 AMis there a way to deploy a regional api gateway (instead of edge-optimized) when using AWS Xwalk? or do I need to drop “awsx” and go back to “aws” to do this?1 reply · 2 participantsg - a
alert-plumber-27645
08/22/2022, 6:10 PMfor the AWS route 53 - does it make sense to use PULUMI(otherwise also) for the public hosted zone provisioning? and if that is achievable via PULUMI?2 replies · 2 participantsb - i
icy-controller-6092
08/22/2022, 7:00 PMis anyone doing multi-region deployments, using a function that takes a Provider as input and generates resources using the given provider? How do you give every resource a unique name, and pass it the provider to use, without having to edit each created Resource in the stack by hand (eg to add a name suffix, and pass in
as the third arg){ provider }5 replies · 2 participantsg - r
rough-jewelry-85094
08/23/2022, 3:07 PMHi, Quickly wanted to check if we could get an ETA on https://github.com/pulumi/pulumi-eks/issues/658. We are blocked on this feature for a couple of Kubernetes cluster autoscaler functionalities crucial for us. AFAIK, there are no upstream blockers - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group_tag? - r
rapid-portugal-24105
08/23/2022, 5:38 PMHey all, my team is new to IaC in general and we were wondering how you deal with with leveraging Pulumi and protecting passwords/Secrets in AWS before deploying the Code9 replies · 3 participantssv - s
sparse-intern-71089
08/23/2022, 7:55 PMThis message was deleted.5 replies · 2 participantsb - a
adamant-terabyte-3965
08/23/2022, 8:02 PMHello, I am trying to create a CNAME record in Route 53 using Pulumi with the
field populated with the DNS name of an ALB that is auto-created by anValue/Route traffic to
upon detecting the ingress of my application. This breaks down into 2 questions: 1. Is there a way to get the DNS name of the ALB when its created? I know ofaws-load-balancer-controller
but that requires the name and ARN of the ALB, so I would need a way to get those. 2. How do I put the DNS name of the ALB into the CNAME record? Looking at the Pulumi docs here https://www.pulumi.com/registry/packages/aws/api-docs/route53/record/ it doesn't seem as though there is aaws.alb.getLoadBalancer
field to populate (though I could be wrong) and theValue
field used in the example doesn't actually have any explanation. Thank you!records11 replies · 2 participantss - g
gentle-zoo-32137
08/24/2022, 11:47 AMHello - what is the difference between Pulumi Crosswalk for AWS VPC (https://www.pulumi.com/docs/guides/crosswalk/aws/vpc/) and the Pulumi AWS Quickstart for VPC (https://www.pulumi.com/blog/aws-quickstart-registry/)? Do they serve different purposes, is one more up-to-date or more recommended for use?1 reply · 2 participantss - v
victorious-dusk-75271
08/25/2022, 7:12 AM - v
victorious-dusk-75271
08/25/2022, 7:12 AMthis example doesnt even work - e
elegant-smartphone-60282
08/25/2022, 12:07 PMHey i have this code
but it returns an output object, how can i do that i get a list ?public_subnets = dis_stack.get_output("public_subnets") subnets_list = public_subnets.apply(lambda id: id)3 replies · 3 participantssl - m
microscopic-intern-16525
08/25/2022, 2:14 PMhey there! looking for a bit of help as I'm stuck - I was playing with adding a placement constraint to an ECS Fargate task and found out it was not supported, so I removed the placement constraint and am trying to
but I still get thepulumi up
even though the placement constraint is no longer present in my pulumi infrastructure code. Anyone get stuck like this before? any tips on how to fix the deployment?InvalidParameterException: Placement constraints are not supported with FARGATE launch type. - b
bitter-france-47214
08/25/2022, 5:34 PMMy
is failing because of following error:aws:cloudfront:Distribution
I assume that this originates to following parts of the arguments:error creating CloudFront Distribution: InvalidArgument: The parameter Origin DomainName does not refer to a valid S3 bucket. status code: 400, request id: 59...eb1
Especiallyorigins: [ { originId: contentBucket.arn, domainName: contentBucket.websiteEndpoint, s3OriginConfig: { originAccessIdentity: originAccessIdentity.cloudfrontAccessIdentityPath, }, }, ],
. I assume this is the problem. Pulumi outputs this ascontentBucket.websiteEndpoint
which works fine so I don't quite know what the problem is. Can anybody help?<http://myDomain.app.s3-website.eu-central-1.amazonaws.com/>2 replies · 2 participantss - v
victorious-dusk-75271
08/25/2022, 7:52 PMdoes anyone know what this route53 error is?Diagnostics: pulumi:pulumi:Stack (laravel-application-dev): error: Running program '/home/k1ng/projects/allrites-laravel/devops' failed with an unhandled exception: /home/k1ng/projects/allrites-laravel/devops/node_modules/@pulumi/aws/s3/routingRules.js:1 b� �s�a7�1��9^��p�%б��!<>�`��k�/`cx���sĶ��� W�u�Z�Wٺn�֪Y�O3M��V*"�.�x,���Y_�{������~�H7��F*�gQW|��bu ��2A1�(�c�(ѪI SyntaxError: Invalid or unexpected token at Object.compileFunction (node:vm:353:18) at wrapSafe (node:internal/modules/cjs/loader:1040:15) at Module._compile (node:internal/modules/cjs/loader:1076:27) at Object.Module._extensions..js (node:internal/modules/cjs/loader:1166:10) at Module.load (node:internal/modules/cjs/loader:988:32) at Function.Module._load (node:internal/modules/cjs/loader:834:12) at Module.require (node:internal/modules/cjs/loader:1012:19) at require (node:internal/modules/cjs/helpers:102:18) at Object.<anonymous> (/home/k1ng/projects/allrites-laravel/devops/node_modules/@pulumi/s3/index.ts:43:1) at Module._compile (node:internal/modules/cjs/loader:1112:14)2 replies · 1 participant - h
helpful-account-44059
08/26/2022, 5:28 AMHi, i have a eks cluster constructed by pulumi, recently when i typed pulumi preview or pulumi up, it always failed with below errors: i have updated the aws cli and kubectl8 replies · 3 participantsss - h
helpful-account-44059
08/26/2022, 5:29 AM - v
victorious-dusk-75271
08/26/2022, 2:09 PMwhy i am keep getting this error randomly?pulumi:pulumi:Stack (laravel-application-eu-dev): error: Running program '/home/k1ng/projects/allrites-laravel/devops' failed with an unhandled exception: /home/k1ng/projects/allrites-laravel/devops/node_modules/@pulumi/aws/s3/routingRules.js:1 b� �s�a7�1��9^��p�%б��!<>�`��k�/`cx���sĶ��� W�u�Z�Wٺn�֪Y�O3M��V*"�.�x,���Y_�{������~�H7��F*�gQW|��bu ��2A1�(�c�(ѪIj���E���6b� SyntaxError: Invalid or unexpected token at Object.compileFunction (node:vm:353:18) at wrapSafe (node:internal/modules/cjs/loader:1040:15) at Module._compile (node:internal/modules/cjs/loader:1076:27) at Object.Module._extensions..js (node:internal/modules/cjs/loader:1166:10) at Module.load (node:internal/modules/cjs/loader:988:32) at Function.Module._load (node:internal/modules/cjs/loader:834:12) at Module.require (node:internal/modules/cjs/loader:1012:19) at require (node:internal/modules/cjs/helpers:102:18) at Object.<anonymous> (/home/k1ng/projects/allrites-laravel/devops/node_modules/@pulumi/s3/index.ts:43:1) at Module._compile (node:internal/modules/cjs/loader:1112:14)1 reply · 1 participant - s
strong-helmet-83704
08/26/2022, 5:18 PMI’m confused about why Pulumi still tries to delete my VPC after i added
to the ResourceOptions. My understanding was that it would only remove it from the stack and not perform the API call to delete. What part of this flow am i misunderstanding?retain_on_delete=True7 replies · 2 participantss - s
square-ability-48831
08/26/2022, 7:01 PMI'm looking at building an Aurora Postgres Serverless V2 cluster in a non-default VPC, but I do not see an apparent way to specify which VPC the cluster should be created in—no option in ClusterArgs or ClusterInstanceArgs—is it just missing? Seems like it's choosing the default VPC - but I really don't want this.
how do I tell pulumi to put this cluster in my dataVPC and not the default VPC?error creating RDS cluster: InvalidParameterCombination: The DB instance and EC2 security group are in different VPCs. The DB instance is in vpc-088d910645c61f340 (Default VPC) and the EC2 security group is in vpc-064aba8b2279cfa50 (my custom Data VPC where I want the cluster to reside)9 replies · 2 participantsv - v
victorious-dusk-75271
08/26/2022, 7:58 PMdoes anyone know how to get the global RDS cluster write forwarding endpoint? https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-write-forwarding.html2 replies · 2 participantss - v
victorious-dusk-75271
08/27/2022, 1:26 AMI am trying to create latency based records and AWS getting this error.* [ERR]: Error building changeset: InvalidChangeBatch: [Tried to create resource record set [name='xxxxxxxx.io.', type='CNAME', set-identifier='latency'] but it already exists]return new aws.route53.Record('admin', { name: 'admin', zoneId: zone.then(z => z.zoneId), type: 'CNAME', setIdentifier: 'latency', records: [loadBalancer], ttl: 60, latencyRoutingPolicies: [{ region: i.region }] })3 replies · 2 participantsf - g
great-library-25724
08/28/2022, 10:05 PMHi, does now pulumi supports all aws modules with yaml method ?1 reply · 2 participantse - a
agreeable-scooter-87411
08/29/2022, 8:36 AMAnyone had experience that the EKS init by one person, that passed onto the next person, the second person became unauthorized to do things like create iamserviceaccounts, like because the he is not the cluster creator or some sort?1 reply · 2 participantsq - a
aloof-dress-1001
08/29/2022, 10:36 AMHey guys, does anyone know what is the best way to expose an eks cluster using pulumi? im installing an app with it's helm chart and i want to expose it to the internet but when using servicetype loadbalancer aws creates a classic lb. i want it all to be done inside the pulumi code. anyone have an idea?4 replies · 3 participantsss
Title
a
aloof-dress-1001
08/29/2022, 10:36 AMHey guys, does anyone know what is the best way to expose an eks cluster using pulumi? im installing an app with it's helm chart and i want to expose it to the internet but when using servicetype loadbalancer aws creates a classic lb. i want it all to be done inside the pulumi code. anyone have an idea?
s
salmon-account-74572
08/29/2022, 12:27 PMSo you don’t want the Kubernetes-managed LB? It’s possible to manually (outside of Kubernetes) create an LB and then connect that to Kubernetes, but generally you’re better off letting Kubernetes manage it.
a
aloof-dress-1001
08/29/2022, 12:31 PMHey Scott, Thanks for the response! Im quite new to the entire k8s side of things, so how do i connect an external lb to my eks cluster? Or how do i expose my services with pulumi kubernetes?
By managed k8s you mean using a LoadBalancer Service type?
s
salmon-account-74572
08/29/2022, 1:31 PMWhen I say “Kubernetes-managed LB,” I’m talking about an LB created and managed on behalf of a Service of type LoadBalancer. When you create the Service, an LB is created automatically and all the necessary plumbing is done; when you delete the Service, the LB is destroyed automatically.
While it’s possible to do this yourself (create the LB, add the listener(s), add the targets, etc.) it is much easier (and more idiomatic) to let Kubernetes handle it as part of the Service lifecycle.
You can use Pulumi’s Kubernetes provider (along with the EKS provider) to automatically create the Service, although it’s entirely possible that the Helm chart already does that; I don’t have enough details about your Helm chart to know for certain.
s
stocky-restaurant-98004
08/29/2022, 2:03 PMSame principle also applies to DNS records - let K8s manage them.
View count: 1