fancy-shoe-18611
12/22/2022, 8:03 PM"aws:alb/IpAddressType:IpAddressType": {
"type": "string",
"enum": [
{
"name": "Ipv4",
"value": "ipv4"
},
{
"name": "Dualstack",
"value": "dualstack"
}
]
},
at line 8986
"aws:applicationloadbalancing/IpAddressType:IpAddressType": {
"type": "string",
"enum": [
{
"name": "Ipv4",
"value": "ipv4"
},
{
"name": "Dualstack",
"value": "dualstack"
}
]
},
So there is the same data type for two different modules, understandable. The schema for applicationloadbalancing/loadBalancer starts at line 405729 and then describes the property ipAddressType
at line 405789
"ipAddressType": {
"type": "string",
"$ref": "#/types/aws:alb/ipAddressType:IpAddressType",
"description": "The type of IP addresses used by the subnets for your load balancer. The possible values are `ipv4` and `dualstack`\n"
},
Shouldn't the $ref
be #/types/aws:applicationloadbalancing/ipAddressType:IpAddressType
?
(currently doesn't get referenced in the schema at all despite being available)
I understand that this is trivial, but it might be better to be more consistent. Is this something I can make a PR for?
Also, I'm now realizing that I don't understand the difference between alb
and applicationloadbalancing
, can someone help me understand that?white-beach-28459
12/23/2022, 8:59 AMcreamy-toddler-74807
12/23/2022, 9:39 PMerror: unable to validate AWS credentials. Details: Assume Role: role ARN not set
. This code was working fine in 3.35.3. The error appeared when I tried to upgrade to 3.50.2. Any ideas?purple-megabyte-83002
12/26/2022, 11:24 PMicy-flag-15282
12/30/2022, 5:51 AMconnecti
https://tailscale.com/blog/pulumi-connecti/ by @billowy-army-68599.
However, I’m running into some issues. Is there a place that I can look for help or follow the some kind of roadmap on it? I know its a super early project but I can’t get it working at all.thankful-monitor-31162
01/01/2023, 6:08 PMmillions-pharmacist-626
01/02/2023, 5:55 PMpulumi up
, instead of specifying tags manually for each resource?
For example, in my stack I'm creating an EC2 instance, an elastic ip address and a security group.
For those 3 resources, I add a tag such as createdBy: Pulumi
. However, the underlying Network Interface that gets automatically generated isn't directly defined as code, thus it remains tagless.
I was wondering if it's possible to:
1 - specify a set of tags that gets automatically applied to all resources created by pulumi
2 - use the above set to also tag the resources not directly defined as code, but still created during the process (like the network interface mentioned above)icy-controller-6092
01/03/2023, 4:41 AMdefaultArguments
are missing, these two:
‘--datalake-formats’: ‘delta’,
‘--conf’: ‘spark.sql.extensions=io.delta.sql.DeltaSparkSessionExtension --conf spark.sql.catalog.spark_catalog=org.apache.spark.sql.delta.catalog.DeltaCatalog’,
Does anyone know why?able-hospital-16256
01/03/2023, 7:33 PMmodern-school-54566
01/04/2023, 11:51 AMfull-energy-64138
01/04/2023, 1:02 PMfull-energy-64138
01/04/2023, 1:03 PMcool-lawyer-24254
01/05/2023, 7:42 AMcool-lawyer-24254
01/05/2023, 7:42 AM${appName}-dep
, {
metadata: { labels: appLabels },
spec: {
replicas: 2,
selector: { matchLabels: appLabels },
template: {
metadata: { labels: appLabels },
spec: {
containers: [{
name: appName,
image: awsx.ecr.buildAndPushImage("my-custom-nginx-service", "./app").image(),
ports: [{ name: "http", containerPort: 80 }],
}],
}
}
},
}, { provider: cluster.provider });
const service = new k8s.core.v1.Service(${appName}-svc
, {
metadata: { labels: appLabels },
spec: {
type: "LoadBalancer",
ports: [{ port: 80, targetPort: 80 }],
selector: appLabels,
},
}, { provider: cluster.provider });
// Export the cluster's kubeconfig.
export const kubeconfig = cluster.kubeconfig;
// Publish the URL for the load balanced service.
export const appURL = service.status.loadBalancer.ingress[0].hostname;elegant-architect-38580
01/05/2023, 2:07 PMawsx:x:ec2:SecurityGroup:x:ec2:IngressSecurityGroupRule:ec2/securityGroupRule:SecurityGroupRule (<resource name>):
error: Preview failed: provider does not support importing resources; please try updating the 'awsx' plugin
millions-furniture-75402
01/05/2023, 8:09 PMawsx.docker.buildAndPushImage()
is using for docker login
?
error: Error response from daemon: Get "<https://localhost.localstack.cloud:4510/v2/>": dialing localhost.localstack.cloud:4510 static system has no HTTPS proxy: resolving host localhost.localstack.cloud: lookup localhost.localstack.cloud: no such host
square-laptop-45713
01/05/2023, 8:09 PMupdate
command
• Pulumi decided to recreate
the aws-auth
ConfigMap in the k8s cluster - this deleted all of the role arn to user mappings and I lost access to the cluster for all users except the role used to create the cluster
• Currently (as I’m sure you’re aware) there is no way to automate the aws-auth
ConfigMap in EKS (per this issue) so it must be manually edited
• from the diff besides the clobbering of the manually added arn role mappings, I saw that metaData.managedFields.0.manager
changed from "pulumi-resource-kubernetes"
=> "pulumi-kubernetes"
• not saying this 👆 is the reason for the recreate
operation but I don’t see anything else atm and this seems related to an upgrade of my dependencies
• I can’t find anything in our IaC that manages that ConfigMap so it’s definitely something internal to Pulumi/Kubernetes that is managing it for usfaint-balloon-33174
01/05/2023, 10:09 PMservice.taskDefinition.executionRole!.name
to get the role name for attaching an IAM policy but now I can only access the ARN.rich-branch-48115
01/08/2023, 1:56 PMpulumi_aws.iam.Role
that it's assume_role_policy uses an output[str]
value in the json.
def _create_iam_role_with_policies(
self,
role_name: str,
policies_arns: list[str],
client_name: str,
is_authenticated: bool,
identity_pool: pulumi_aws.cognito.IdentityPool,
):
role = pulumi_aws.iam.Role(
resource_name=f"{role_name}",
name=role_name,
assume_role_policy=identity_pool.id.apply(
lambda id: f"""{{
"Version": "2012-10-17",
"Statement": [
{{
"Effect": "Allow",
"Principal": {{"Federated": "<http://cognito-identity.amazonaws.com|cognito-identity.amazonaws.com>"}},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {{
"StringEquals": {{
"<http://cognito-identity.amazonaws.com:aud|cognito-identity.amazonaws.com:aud>": "{id}"
}},
"ForAnyValue:StringLike": {{
"<http://cognito-identity.amazonaws.com:amr|cognito-identity.amazonaws.com:amr>": {"authenticated" if is_authenticated else "unauthenticated"}
}}
}}
}}
]
}}"""
),
tags={"client-id": client_name},
opts=pulumi.ResourceOptions(depends_on=[identity_pool]),
)
I'm getting an error for an invalid json, I guess that it relates to the usage of an output[str]
within assume_role_policy
that uses the identity_pool_id. The error I'm getting is: aws:iam/role:Role resource 'my_random_name' has a problem: "assume_role_policy" contains an invalid JSON: invalid character 'a' looking for beginning of value. Examine values at 'Role.AssumeRolePolicy'.
Is there a way to use output[str]
in assume_role_policy
?bland-pharmacist-96854
01/08/2023, 4:37 PMvictorious-night-77457
01/09/2023, 12:49 PMfuture-pharmacist-95482
01/09/2023, 5:33 PMsquare-laptop-45713
01/09/2023, 11:01 PMsquare-laptop-45713
01/09/2023, 11:01 PMsquare-laptop-45713
01/09/2023, 11:02 PMbitter-chef-49076
01/10/2023, 7:07 PMaws:apigateway:Deployment (api):
error: 1 error occurred:
* Error creating API Gateway Deployment: BadRequestException: The REST API doesn't contain any methods
square-laptop-45713
01/10/2023, 7:13 PMbitter-chef-49076
01/11/2023, 1:16 PMexport AWS_PROFILE=<profile_name>
, tried pulumi config set aws:profile <profile_name>
with unset AWS_PROFILE
- no luck at all. Pulumi keeps connecting to the same aws account. It doesn’t event read region
from the profile, which leads to Unable to put integration on 'GET' for resource at path '/': Invalid ARN specified in the request
as the region part of the ARN is undefined
(this was actually hard to debug, had to dig into pulumi source code to figure this out):
arn:aws:apigateway:undefined:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:384316429288:function:f-856d3a1/invocations
PLEAS HELP!!! I’m starting loosing my hope about getting Pulumi on board 😕most-mouse-38002
01/11/2023, 2:35 PMpulumi down
on a stack with a VPC and a ipam pool sets the cidr in a failed-provision state and locks the entire thing. I cannot remove it because Pulumi deleted the VPC but the CIDR refuses to deprovision because of this.faint-balloon-33174
01/12/2023, 9:41 PM