steep-lamp-20408
10/24/2022, 8:08 AMtype Mutation @aws_api_key @aws_oidc {
inviteUser(
email: String!
organizationId: ID!
referrerUserId: ID!
): User
}
...and here is my resolver creation Pulumi code, knowing the Appsync API (my_appsync_api
) lambda and its datasource (my_lambda_datasource
) are already created successfully:
import pulumi_aws as aws
my_resolver = aws.appsync.Resolver(
"my-resolver",
api_id=my_appsync.id,
type="Mutation",
field="inviteUser",
data_source=my_lambda_datasource.name,
request_template="""
{
"version": "2017-02-28",
"operation": "Invoke",
"payload": {
"arguments": $utils.toJson($ctx.args)
}
}
""",
response_template="""
## Raise a GraphQL field error in case of a datasource invocation error
#if($ctx.error)
$util.error($ctx.error.message, $ctx.error.type)
#end
$util.toJson($ctx.result)
""",
)
On Pulumi up, I get the error: error creating AppSync Resolver: NotFoundException: No field named inviteUser found on type Mutation
What is/should be field
in the case of direct invocation? Any idea?sticky-country-73582
10/24/2022, 1:46 PMfew-carpenter-12885
10/24/2022, 2:02 PMlogConfiguration
to a awsx.ecs.FargateService
? I'm attempting to add the following block to my fargate service but receiving a rather unhelpful error. Anyone have ideas? The service has no issues before adding the logConfiguration block.
logConfiguration: {
logDriver: 'awslogs',
options: {
'awslogs-group': logGroup.name,
'awslogs-region': awsRegion,
'awslogs-stream-prefixs': logGroup.namePrefix,
},
},
The error:
<ref *1> Error: failed to register new resource service [awsx:ecs:FargateService]: Resource monitor is terminating
at Object.registerResource (/Users/elliot/dev/cloud-platform/node_modules/@pulumi/runtime/resource.ts:292:27)
at new Resource (/Users/elliot/dev/cloud-platform/node_modules/@pulumi/resource.ts:401:13)
at new ComponentResource (/Users/elliot/dev/cloud-platform/node_modules/@pulumi/resource.ts:889:9)
at new FargateService (/Users/elliot/dev/cloud-platform/node_modules/@pulumi/ecs/fargateService.ts:78:9)
at /Users/elliot/dev/cloud-platform/apps/pulumi-tenant-stack/payload-stack.ts:109:23
at Generator.next (<anonymous>)
at fulfilled (/Users/elliot/dev/cloud-platform/apps/pulumi-tenant-stack/payload-stack.ts:5:58)
at processTicksAndRejections (node:internal/process/task_queues:96:5) {
code: 14,
promise: Promise { <rejected> [Circular *1] }
I modeled the code from this section in the examples repo.white-rain-67342
10/24/2022, 9:23 PMInvalidInternetGatewayID.NotFound: The internetGateway ID 'igw-00723087241a0bcd2' does not exist
and when I try and bring it up it says:
* error creating EC2 Subnet: InvalidVpcID.NotFound: The vpc ID 'vpc-01138ddbefce5c6c0' does not exist
status code: 400, request id: 13273317-ace3-4b32-a18b-e4501b40b77a
What is the best way to proceed?little-cartoon-10569
10/25/2022, 12:10 AMpulumi up
as it was created? Is there an option when creating / updating a load balancer to say "don't fail yet, just wait for the certificate to be validated`? I know it can be done by using separate projects, but if AWS did the waiting for me, I'd be happier :)icy-controller-6092
10/25/2022, 1:31 AMaws.kinesisanalyticsv2.Application
resource doesn’t seem to reload the code. at the moment I’m manually bumping a version number in the s3 code key to get it to all properly cycle — does anyone know a better way?boundless-tomato-68419
10/25/2022, 11:32 AMerror: No such resource "urn:pulumi:staging::*::*-parent:ec2/securityGroup:SecurityGroup::sg-ecs-*" exists in the current state
limited-rainbow-51650
10/25/2022, 12:09 PMpulumi-eks
user and you notice an unexpected amount of proposed changes on Kubernetes resources when running preview
or up
, see this issue for the reason and a workaround:
https://github.com/pulumi/pulumi-eks/issues/800boundless-tomato-68419
10/25/2022, 2:49 PMfull-analyst-32960
10/25/2022, 9:28 PMpulumi refresh
but I feel like there’s a better way. Any help would be appreciated.lemon-salesclerk-6224
10/25/2022, 10:32 PMlittle-cartoon-10569
10/26/2022, 1:43 AMcallback
property (typescript), and it uses fs.readFileSync("subdir/file")
. This works so long as subdir/file is relative to the pulumi project.
But since the CallbackFunction is defined in a component resource in a different subdirectory, it's pretty confusing. I'd like subdir/file to be relative to the directory that the CallbackFunction is defined in.bland-tailor-50336
10/26/2022, 2:49 AMfull-artist-27215
10/26/2022, 8:04 PMpulumi_aws.ec2transitgateway.VpcAttachmentAccepter
. My problem comes when trying to set up route table associations. I would like to have the gateway configured to automatically accept attachments, but route table associations can't be created if the attachment hasn't been accepted yet (the error is IncorrectState: tgw-attach-XXXXXXXXXXXX is in invalid state
). Auto-acceptance still takes some time, though, and I can't seem to find a way to have the route table associations to wait until the attachment has been accepted; the first pulumi up
fails on all the route table associations, but if I wait a minute, I can re-run and they'll all proceed. Is there a way to make this work in Pulumi? Thanks.cuddly-australia-69919
10/26/2022, 11:03 PMawsx.ecr.Image
object but I haven’t been able to get a custom tag. Does anyone know how to achieve custom tags with ECR and pulumi? I’m happy to shift away from awsx
as well if there is a different approach to this.rhythmic-whale-48997
10/27/2022, 7:28 AMattaching
while Pulumi states that it's created and my code then errors out.
Is there a way to check that Gatway is attached and then do the creation of VpnGatewayRoutePropagation
.
Sample code and errors bellow:
Code:
new aws.ec2.VpnGatewayAttachment("vpnAttachment", {
vpcId: vpc.id,
vpnGatewayId: vpnGatewayId,
});
let counter = 0;
vpc.vpc.mainRouteTableId.apply(id => {
new aws.ec2.VpnGatewayRoutePropagation(`rtp0-0`, {
routeTableId: id,
vpnGatewayId: vpnGatewayId,
});
});
Error:
aws:ec2:VpnGatewayRoutePropagation (rtp0-0):
error: 1 error occurred:
* error enabling Route Table (rtb-0758b4e60d9497beb) VPN Gateway (vgw-059b13ce88dec40dd) route propagation: Gateway.NotAttached: resource vgw-059b13ce88dec40dd
status code: 400, request id: d67fdaa0-7ecf-4019-bc97-1c33007dfd51
strong-helmet-83704
10/27/2022, 6:23 PMError: failed to refresh cached credentials, operation error STS: AssumeRole, failed to sign request: failed to retrieve credentials:
raise invoke_error
Exception: invoke of aws:index/getCallerIdentity:getCallerIdentity failed: invocation of aws:index/getCallerIdentity:getCallerIdentity returned an error: 1 error occurred:
* error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.
I know there is a newer aws_native library which may fix this, we’re not using that.
How do we use new regions?full-analyst-32960
10/27/2022, 9:07 PMvpc = aws.ec2.Vpc("vpc",
cidr_block="172.31.0.0/16",
enable_dns_hostnames=True,
enable_dns_support=True,
instance_tenancy="default"
)
Is there a way to programmatically change the “Name” on the AWS web UI?gifted-traffic-76521
10/30/2022, 1:56 PMfew-carpenter-12885
10/31/2022, 6:43 PMunable to validate AWS credentials
errors? I seem to get them from time to time on S3 buckets. Simply retrying the pulumi up
another time tends to get around it. Any possible cause?little-cartoon-10569
11/02/2022, 4:01 AMlittle-cartoon-10569
11/02/2022, 4:03 AM16:55 $ pulumi up
Previewing update (myorg/mystack)
View Live: <https://app.pulumi.com/myorg/myproj/mystack/previews/9b6816dd>
error: unexpected duplicate resource 'mystack::myproj::myorg:myapp:MyUserResource$aws:iam/user:User::myname'
little-soccer-5693
11/02/2022, 8:55 PMfew-carpenter-12885
11/03/2022, 1:32 PMskipCredentialsValidation
to false? I was getting intermittent unable to validate AWS credentials
errors despite using a static key/secret. Setting this value to false prevented that error from happening. Is there any downside to keeping this false permanently?millions-furniture-75402
11/03/2022, 2:26 PMpulumi-aws
classic provider, is there a clean way for me to share credentials to sdk calls that aren't part of a Custom Resource Component?
I can mix an match aws-sdk v3 with the aws-sdk v2 bundled with the provider:
import * as aws from "@pulumi/aws";
import { fromIni } from "@aws-sdk/credential-providers";
fromIni({
profile: aws.config.profile,
})().then(credentials => {
const s3Client = new aws.sdk.S3({
credentials,
region: aws.sdk.config.region,
});
s3Client.listBuckets().promise().then(data => {
console.log(data);
});
});
Neither of these work for my setup that uses SSO:
aws.sdk.config.credentials = new aws.sdk.SharedIniFileCredentials({ profile: aws.config.profile });
aws.sdk.config.credentials = new aws.sdk.SsoCredentials({ profile: aws.config.profile });
Alternatively, I can ignore Pulumi's aws sdk, and go all v3, but then I'm managing 2 versions of the SDK among other issues 💀
import { S3Client, ListBucketsCommand } from "@aws-sdk/client-s3";
import { fromIni } from "@aws-sdk/credential-providers";
const s3Client = new S3Client({
credentials: fromIni({
profile: aws.config.profile,
}),
region: aws.sdk.config.region,
});
s3Client.send(new ListBucketsCommand({})).then((data) => {
console.log(data);
});
millions-furniture-75402
11/04/2022, 3:41 PMenableNetworkAddressUsageMetrics
?
aws:ec2:Vpc (default):
error: 1 error occurred:
* creating urn:pulumi:localstack::content-asset-service::aws:ec2/vpc:Vpc::default: 1 error occurred:
* error reading EC2 VPC (vpc-5344499e) Attribute (enableNetworkAddressUsageMetrics): InvalidParameterValue: Value enable_network_address_usage_metrics is invalid for parameter.
flat-appointment-12338
11/04/2022, 3:50 PMerror: unable to validate AWS credentials
after my ECS task deployments, but they seem to have completed correctly:
awsx:x:ecs:EC2TaskDefinition$aws:ecs/taskDefinition:TaskDefinition (QaWeb)
error: unable to validate AWS credentials. Make sure you have:
• Set your AWS region, e.g. `pulumi config set aws:region us-west-2`
• Configured your AWS credentials as per <https://pulumi.io/install/aws.html>
You can also set these via cli using `aws configure`.
crooked-student-89656
11/04/2022, 6:25 PMelegant-laptop-80400
11/07/2022, 6:34 PMconst policyDoc = sqs.arn.apply(arn => aws.iam.getPolicyDocument({
policyId: "1234",
statements: [{
effect: "Allow",
principals: [{type: "*", identifiers:["*"]}],
mysterious-family-43099
11/07/2022, 7:54 PMawsx
. However, when the service errors, AWS simply keeps trying to deploy the same service and Pulumi hangs indefinitely. How can I get Pulumi to fail on a failed deploy instead of having AWS retry endlessly?