https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
aws
  • l

    little-cartoon-10569

    03/07/2023, 10:04 PM
    Is ap-southeast-4 (Melbourne) available via Pulumi? We've created a provider with
    region: "ap-southeast-4" as Region
    , but as soon as it's used in a resource, we're getting:
    error: unable to validate AWS credentials.
        Details: no valid credential sources for  found.
        
        Please see
        for more information about providing credentials.
        
        Error: failed to refresh cached credentials, operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: 36223ba0-c4c9-4a7c-b795-59636, api error InvalidClientTokenId: The security token included in the request is invalid
    (Note the missing interpolated values in for found and _Please see _)
    m
    • 2
    • 35
  • e

    echoing-butcher-64641

    03/08/2023, 10:24 AM
    Hello Is there any way to change the
    metadataOptions
    for my EKS workers without recreating the launch template in the function
    eks.createManagedNodeGroup
    ??
    m
    • 2
    • 4
  • s

    sparse-caravan-37954

    03/08/2023, 1:59 PM
    Hello! Is there a way to create an EC2 instance and automatically pull and run an image from ECR? I tried by passing commands to
    user_data
    , but it doesn't seem to work.
    # Create an EC2 instance
    instance = aws.ec2.Instance(
        config.INSTANCE_NAME,
        instance_type=config.INSTANCE_TYPE,
        ami=config.AMI,
        key_name=config.KEY_NAME,
        vpc_security_group_ids=[security_group.id],
        user_data=f"""#!/bin/bash
                yum update -y
                amazon-linux-extras install docker
                service docker start
                usermod -a -G docker ec2-user
                chkconfig docker on
                docker login --username AWS --password $(aws ecr get-login-password --region {config.AWS_REGION})
                docker pull {image.image_uri}
                docker run -d -p 80:80 {image.image_uri} > /hello.txt"""
    )
    If I ssh into the instance and run those commands, I get an error with
    docker login --username AWS --password $(aws ecr get-login-password --region {config.AWS_REGION})
    namely
    Unable to locate credentials. You can configure credentials by running "aws configure".
    How make it working?
    b
    • 2
    • 10
  • a

    astonishing-dentist-11149

    03/08/2023, 7:19 PM
    Hey all, this seems like really bad code here, and it makes me believe I am doing something really wrong. I am coming to typescript from python so there are some serious gaps in understanding. I assume that I need to do something with apply. Right now this is the only way I have figured out how to get my code to work, but I hate the idea of using an as, because you are never guaranteed to get that structure from the other end. It feels generally like a bad practice. The point here is to feed in secrets that are created from my infra stack, as we follow the microstack model.
    l
    • 2
    • 16
  • a

    astonishing-exabyte-93491

    03/08/2023, 7:46 PM
    Hi everybody, I need to upgrade eks control and data plane versions, and I wanted to know which is the best strategy to prevent downtime. I’m using the
    aws.eks.Cluster
    and
    aws.eks.NodeGroup
    resource providers. I’ve done this in the past on GCP, so the strategy was pretty straight-forward: 1. Provide a new NodePool with
    autoscalling
    enabled. 2. Cordon, then drain nodes using
    kubectl
    . 3. Decommission the nodepool with an old kubernetes version, which equates here to remove the resource from the pulumi stack. Again, my goal is to prevent worker nodes from being unreachable while upgrading to a more recent version. I’m operating under the following assumptions: 1. control plane upgrades do not compromise data plane workloads in any way, with the exception that the api server will not be reachable for a few minutes. 2. There can not be more than two minor versions delta between master and worker nodes. Your insight will be very much appreciated. Many thanks,
  • r

    rough-jordan-15935

    03/09/2023, 2:55 AM
    hi, im trying to create a Lambda function with 5gb memory. i get a validation error on the memory configuration. but the lambda creates with 2gb memory. is 5gb memory not supported in pulumi ? configuration : ValidationException: status code: 400
    b
    • 2
    • 4
  • e

    enough-fountain-96877

    03/09/2023, 3:05 PM
    Hello everyone. Something I haven't been able to figure out is when Pulumi creates an SNS Topic Subscription, the value 'MessageBody' of the filterPolicyScope attribute is ignored and the default value of 'MessageAttributes' is used instead. If Pulumi is run a 2nd time without any code changes, Pulumi will detect a difference between the desired state ('MessageBody') and the current state ('MessageAttributes') and update the value to 'MessageBody'. Any ideas why it would do that? Because of this, we have to remember to run Pulumi twice any time we want to create a new SNS Topic Subscription. const createTopicSubscription = ( name: string, endpoint: pulumi.Input<string>, protocol: pulumi.Input<string>, topic: aws.sns.Topic, filterPolicy: pulumi.Input<string>, ) => { const topicSubscription = new aws.sns.TopicSubscription(name, { endpoint: endpoint, protocol: protocol, topic: topic, filterPolicy: filterPolicy, filterPolicyScope: 'MessageBody', }); };
  • b

    boundless-van-74484

    03/09/2023, 7:45 PM
    EDIT: Resolved in thread. Ended up using the
    lifecycleRules
    property within aws.s3.Bucket Hey everyone, I’m trying to create a
    BucketLifecycleConfiguration
    resource for an existing S3 bucket and I’m running into this error when the lifecycle config resource is attempting to create
    aws:s3control:BucketLifecycleConfiguration (lifecycle-config):
        error: 1 error occurred:
        	* error parsing S3 Control Bucket ARN (): unknown format
    Here’s how I am creating the resources:
    const bucket = new aws.s3.Bucket('bucket-name', {
        acl: 'private',
        corsRules: [
          {
            allowedHeaders: ['Content-Type', 'Content-Disposition'],
            allowedMethods: ['PUT', 'GET', 'HEAD'],
            allowedOrigins: [`https://${config.require('webPublicDomain')}`],
            exposeHeaders: [
              'Content-Type',
              'Content-Disposition',
              'x-amz-id-2',
              'x-amz-request-id',
              'x-amz-server-side-encryption',
              'ETag',
            ],
            maxAgeSeconds: 3000,
          },
        ],
        serverSideEncryptionConfiguration: {
          rule: {
            applyServerSideEncryptionByDefault: {
              sseAlgorithm: 'AES256',
            },
          },
        },
        versioning: {
          enabled: true,
        },
      });
    
      new aws.s3.BucketPublicAccessBlock('access-block', {
        bucket: bucket.id,
        ignorePublicAcls: true,
        restrictPublicBuckets: true,
        blockPublicAcls: true,
        blockPublicPolicy: true,
      });
    
      new aws.s3control.BucketLifecycleConfiguration('lifecycle-config', {
        bucket: bucket.arn,
        rules: [
          {
            id: 'my-rule',
            abortIncompleteMultipartUpload: {
              daysAfterInitiation: 2,
            },
          },
        ],
      });
    The only thing I’ve added is the
    aws.s3control.BucketLifecycleConfiguration
    resource. When I run
    pulumi preview --diff
    locally, the correct bucket ARN for the lifecycle config resource is shown and there are no errors. When I run
    pulumi up --yes
    in CI, I get that error. Both local and CI versions are 3.57.1. Any help is appreciated!
    d
    l
    • 3
    • 10
  • m

    most-mouse-38002

    03/10/2023, 8:48 AM
    I find it hard to do a sensible lockdown of GitHub Actions based on repositories using idp, because even though I am using a tool like https://github.com/iann0036/iamlive it means we have to bring up every stack as a admin user in AWS or just keep running the Action over and over again, basically brute forcing it. I don’t want to use
    action:*
    , but I also can’t help every single developer with what ever minor action they need added to their runner (it also pollutes our Pulumi Service history with a bunch of failures). I know I have asked this before, but I would love to get some input from real world experience. Do people actually list out every specific action in each GitHub Action, or do they use wildcards?
    b
    • 2
    • 3
  • p

    polite-umbrella-11196

    03/11/2023, 10:58 PM
    Does it normally take a couple hundred seconds (>400 on last execution) to delete an
    aws:ecs:Service
    ?
    m
    • 2
    • 1
  • f

    fresh-spring-82225

    03/12/2023, 1:10 AM
    Going in circles trying to understand building an arm64 docker image for aws lambda on github actions. It looks like there’s a feature in the works to support multi-arch builds, but is there a workaround in the mean time?
    p
    • 2
    • 6
  • a

    astonishing-exabyte-93491

    03/13/2023, 5:10 PM
    👋 Hi everybody, I’m struggling with SSO authentication when using SSO token provider config. Legacy non-refreshable configuration works fine, but I’m curious to know if there’s a way to configure token provider properly as a default preferred auth. Any docs or ideas on that?
    b
    d
    • 3
    • 15
  • d

    dry-journalist-60579

    03/13/2023, 10:12 PM
    So I’m setting up Pulumi Deployments and have set up an OIDC provider and role in an AWS account that Pulumi deployment executor can assume. Now… any recommendations for set up if different stacks are in different AWS accounts? E.g. we have
    dev
    ,
    staging
    , and
    prod
    stacks each in a separate account. Do I need to set up the OIDC provider and role to assume in every account? Or can I have one and somehow use cross-account role assuming?
    l
    • 2
    • 32
  • f

    famous-jelly-72366

    03/14/2023, 9:42 AM
    Anyone knows if there somewhere is type definitions for ECS TaskDefs? Docs just use
    JSON.toString({...})
    :S (for TypeScript)
    b
    • 2
    • 7
  • m

    most-state-94104

    03/14/2023, 1:24 PM
    I couldn’t see any advice online so I’ve written a blog about implementing Feature flags with Pulumi. It demonstrate how to exploit the Pulumi configuration system and deploy stacks with optional features while maintaining a single source code branch. It references demo repo using a very simple AWS python project. Comments/feedback welcome!
  • a

    able-hospital-16256

    03/14/2023, 3:55 PM
    Hello bros, does anyone have an example of aws glue with s3 with pulumi? 💌
    b
    • 2
    • 5
  • b

    bright-eye-26627

    03/15/2023, 10:22 AM
    Morning! I've just joined this Slack group so not sure if this is the right channel...but here goes. I'm trying to apply a major version upgrade to an RDS instance. I've changed
    engineVersion
    to 14 and tried to run
    pulumi preview
    , but I get this very strange error:
    panic: fatal: An assertion has failed: Expected diff to not require deletion or replacement during Update of <urn redacted>
    This worked in another environment, so I'm not sure what is causing this. Anyone seen this before?
    s
    • 2
    • 1
  • t

    tall-lion-84030

    03/15/2023, 11:03 AM
    Hello everyone ! I’m trying to setup a full ecr-fargate-ecs pipeline with Pulumi. I need to pass some secrets stored in secrets manager to my image. I’ve declared a
    FargateService
    with a
    taskDefinitionArgs
    and gave it a
    taskRole
    and
    executionRole
    with an Role containing the right permissions to retrieve secrets (‘secretsmanager:GetSecretValue’, ‘kms:Decrypt’ and ‘ssm:GetParameters’). But i’m stuck with an error:
    RessourceInitializationError: unable to pull secrets or registry auth: execution resource retrieval failed: unable to retrieve secrets from ssm: service call has been retried 1 times): Invalld ssm parameters
    I was unaware that secrets manager uses ssm store parameter under the hood since i have not set any parameter store. Does anyone has any idea to help me figure this ? Thanks in advance 🙏
    c
    • 2
    • 6
  • b

    bumpy-laptop-30846

    03/15/2023, 2:13 PM
    Hello, I need to configure kubelet on my EKS cluster as indicated here. Does anyone have any experience with this with Pulumi?
    s
    • 2
    • 4
  • q

    quaint-jelly-14306

    03/15/2023, 4:30 PM
    Hi, does anyone has experience on how to create Oracle rds instance using pulumi aws with supplemental logging enable for DMS connectivity? I tried using rds.OptionGroup() but not getting proper option_name to setup option group.
  • s

    straight-yacht-47796

    03/15/2023, 5:14 PM
    Is it possible to create an RDS instance that does not have suffix characters in the DB identifier? I have tried setting the
    name
    attribute but I still keep getting a DB identifier
    nameXXXXXXX
    snippet of code
    const rds = new aws.rds.Instance(dbName, {
            name: dbName,
            engine: 'mysql',
            username: mysqlUser,
            password: mysqlPassword,
    ...});
    b
    • 2
    • 2
  • b

    bored-branch-92019

    03/16/2023, 4:16 PM
    Hi, I am new to pulumi and IAC in general so let me know if this is not the rirght place to ask this question. I am currently trying to setup our companies initial infrastructure which I would like to use ECS + fargate services to keep the management of docker containers pretty low touch. I am currently envisioning a ECS cluster that will run three different example services. - two of which will be accessible to the public internet which also have access to services within the VPC. - web server - api server - One which is not but has access to other services within the VPC (ex: RDS) - background workers First given that I am new to IAC and pulumi I have been trying to follow the example here with Pulumi Crosswalk and changed it a bit (see thread for code). The idea that I was going for with these tweaks was to use a public image
    nginx:latest
    (for example) + add a ALB as well just to make sure that this works and I can reach it at a public IP. However I am running into the following issue and not really sure what the issue is
    error: Error: invocation of aws:ec2/getVpc:getVpc returned an error: invoking aws:ec2/getVpc:getVpc: 1 error occurred:
          * no matching EC2 VPC found
    
    
            at Object.callback (/snapshot/awsx/node_modules/@pulumi/pulumi/runtime/invoke.js:148:33)
            at Object.onReceiveStatus (/snapshot/awsx/node_modules/@grpc/grpc-js/src/client.ts:338:26)
            at Object.onReceiveStatus (/snapshot/awsx/node_modules/@grpc/grpc-js/src/client-interceptors.ts:426:34)
            at Object.onReceiveStatus (/snapshot/awsx/node_modules/@grpc/grpc-js/src/client-interceptors.ts:389:48)
            at /snapshot/awsx/node_modules/@grpc/grpc-js/src/call-stream.ts:276:24
            at processTicksAndRejections (node:internal/process/task_queues:78:11)
        error: Error: failed to register new resource pulumi-service [awsx:ecs:FargateService]: 2 UNKNOWN: invocation of aws:ec2/getVpc:getVpc returned an error: invoking aws:ec2/getVpc:getVpc: 1 error occurred:
          * no matching EC2 VPC found
    b
    • 2
    • 6
  • b

    brief-gold-99163

    03/16/2023, 5:15 PM
    Hi all! I have a problem when try to make a
    pulumi up -r
    on a stack with:
    export const directory = new aws.directoryservice.Directory(
      'credijusto',
      {
        edition: 'Standard',
        name: '<http://ds.credijusto.info|ds.credijusto.info>',
        password: '',
        size: 'Small',
        type: 'MicrosoftAD',
        vpcSettings: {
          subnetIds: ['subnet-0d8a88b0bcacb298c', 'subnet-0a10d5aad6b1ada7c'],
          vpcId: vpc.id,
        },
        tags: config.tags,
      },
      {
        protect: true,
      },
    );
    I receive:
    Diagnostics:
      aws:directoryservice:Directory (credijusto):
        error: aws:directoryservice/directory:Directory resource 'credijusto' has a problem: Missing required argument: The argument "password" is required, but no definition was found.. Examine values at 'Directory.Password'.
    So, at first I have realised that the password in the new version of the aws npm library can't be empty. So, I put the password that Admin user has on the AD. But Pulumi try to recreate the resource, and I don't want to. I think that there is a bug, because if I put 'password' on ignoreChanges Pulumi said that password is mandatory. So at this time, i think that I have no solution.
  • b

    brief-gold-99163

    03/16/2023, 5:16 PM
    How can I modify the stack file with the encrypted password to avoid Pulumi tries to recreate the resource?
    • 1
    • 1
  • c

    careful-family-14644

    03/17/2023, 8:09 PM
    I have a situation that I'm not able to figure out at this moment. When creating an S3 bucket with Pulumi, our Cloud alarms get triggered because the S3 bucket is created with a "private" acl and then the BucketPublicAccessBlock is then applied after the fact. The issue is that for a few seconds, the bucket is technically "public" in the eyes of the alarm and automated intervention occurs. Is there a way to avoid to potentially avoid this situation?
    g
    c
    • 3
    • 5
  • c

    crooked-sunset-90921

    03/20/2023, 1:38 AM
    I'm reading the AWSx docs here, which have cluster creation: https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/awsx/classic/ecs/#clusters Has something changed as Cluster does not exist as part of ecs? Or is that intending to use awsx-classic?
    awsx.ecs.Cluster
    • 1
    • 1
  • g

    green-whale-1001

    03/20/2023, 2:46 PM
    I've been working with the pulumi awsx package to set up a VPC and encountered an issue where only the VPC was set with IPv6 cidr block, but not the subnet. I've set the "assignGeneratedIpv6CidrBlock" parameter to true in the awsx.ec2.Vpc config. Is it not possible for the subnet to automatically assigned ipv6 cidr? If the subnet cannot be automatically assigned an IPv6 CIDR, how can I update it?
  • s

    straight-arm-50771

    03/20/2023, 2:54 PM
    Can anyone share the correct config for a Lambda whose code is hosted in S3? Getting
    code: Cannot assign type 'string' to type 'archive'
    from below:
    service:
      type: aws:lambda:Function
      properties:
        role: ${lambda-role.arn}
        code: s3_bucket
        memorySize: 512
        runtime: "go1.x"
        s3Bucket: mybucket
        s3Key: service.zip
        timeout: 15
        environment:
          variables:
            foo: bar
    Edit- solved. Documentation is misleading.
    code
    should not be used for type
    s3_bucket
  • r

    rough-jewelry-40643

    03/21/2023, 12:25 PM
    Hi all, I'm struggling to find documentation for creating & configuring "Scheduled tasks" for an ECS cluster. Can someone point me to it?
  • e

    elegant-activity-51782

    03/21/2023, 1:08 PM
    Hey folks. I am trying to update an AWSx VPC to have one public Subnet, one private subnet then a final subnet in each VPC that will be responsible for attaching to TGWs. has anyone done this before?
    s
    m
    • 3
    • 37
Powered by Linen
Title
e

elegant-activity-51782

03/21/2023, 1:08 PM
Hey folks. I am trying to update an AWSx VPC to have one public Subnet, one private subnet then a final subnet in each VPC that will be responsible for attaching to TGWs. has anyone done this before?
s

stocky-restaurant-98004

03/21/2023, 2:55 PM
Yes! Well, sorta. Pretty close. Check it out: https://github.com/pulumi/workshops/tree/main/aws-advanced-networking
I also authored the initial version of the VPC component FWIW. Most major modifications of the subnets aren't really possible because the CIDR block calculation gets really difficult. It's an unfortunate limitation.
e

elegant-activity-51782

03/21/2023, 2:57 PM
Isolated Subnets for TGW attachments work?
s

stocky-restaurant-98004

03/21/2023, 2:57 PM
Also worth noting just in case you weren't aware: You should split your VPCs across at least 3 AZs in a production-ready architecture.
e

elegant-activity-51782

03/21/2023, 2:57 PM
Yes totally aware of that one 😛
s

stocky-restaurant-98004

03/21/2023, 2:57 PM
Yes. They're "isolated" in the sense that they do not have a route to a NAT Gateway.
But there's nothing that says they can't have a route to a TGW if you add it. (There's also nothing that says you can't add a route to an isolated subnet to a NAT Gateway after the fact - they're only created "isolated".)
Specifically, you'll want to check this file out: https://github.com/pulumi/workshops/blob/main/aws-advanced-networking/spoke.py
e

elegant-activity-51782

03/21/2023, 3:00 PM
And then once I have the TGW attachment attached to isolated VPC Subnets I’d just need to add the Private subnets to the TGW routes?
s

stocky-restaurant-98004

03/21/2023, 3:00 PM
You're also probably aware, but if you want to save money, since you have the TGW, you can route egress traffic through a hub VPC and you don't need to have NAT Gateways on each spoke. (That's what we do in the codebase I linked.)
Add routes to the private subnets so that 0.0.0.0/0 goes to the TGW (assuming that you're implementing centralized egress like I described above).
e

elegant-activity-51782

03/21/2023, 3:01 PM
I am totally in a POC stage and am not a “networking” guy at all so this is why I am doing bunch of fun disccovery stuff
s

stocky-restaurant-98004

03/21/2023, 3:02 PM
What traffic is going through the TGW?
Like, traffic to other VPCs, traffic to the internet, or both?
e

elegant-activity-51782

03/21/2023, 3:03 PM
Probably traffic to other VPCs. Although does the comment you made
since you have the TGW, you can route egress traffic through a hub VPC and you don't need to have NAT Gateways on each spoke. (That's what we do in the codebase I linked.)
also mean I could just do internet traffic through TGW to hub and save money that way?
s

stocky-restaurant-98004

03/21/2023, 3:05 PM
Yes. Exactly. There's 2 reasons why you'd want centralized egress (routing all traffic to the internet through a hub VPC): 1. You don't have to pay for NAT Gateways for each VPC, which get expensive at scale. 2. You can throw a firewall in that hub VPC (also contained in that codebase I linked) and also have centralized inspection (and only 1 set of rules to maintain) because all traffic flows through a single point.
e

elegant-activity-51782

03/21/2023, 3:06 PM
Don’t you end up just eating any savings in the TGW costs for egressing out internet traffic?
s

stocky-restaurant-98004

03/21/2023, 3:07 PM
I don't think so, but I never actually checked the costs...
e

elegant-activity-51782

03/21/2023, 3:08 PM
because according to https://aws.amazon.com/transit-gateway/pricing/ you pay per gb of data transfered through
s

stocky-restaurant-98004

03/21/2023, 3:09 PM
TGW is 2 cents per GB. NAT Gateway is 4.5 cents per hour, plus 4.5 cents per GB, so unless I'm missing something, that's a clear cost savings.
(I am definitely not an expert on cost savings.)
e

elegant-activity-51782

03/21/2023, 3:10 PM
Well I guess you’d go Spoke VPC -> TGW -> Hub VPC -> Public Subnet -> IGW correct?
Therefor ignoring NAT Gateway altogether?
s

stocky-restaurant-98004

03/21/2023, 3:11 PM
Still has to go out a NAT Gateway, I believe.
e

elegant-activity-51782

03/21/2023, 3:12 PM
so then you’d still eat the NAT Gateway costs in Hub VPCC
s

stocky-restaurant-98004

03/21/2023, 3:12 PM
But I think once you hit a couple of spokes, you're saving money. NAT Gateways tend to be expensive enough that people still roll their own. You typically want 1 gateway per AZ, per VPC, so that gets pricey quick. I believe NAT gateways are the biggest cost in running a VPC.
<- Again, no expert. YMMV.
I do know that you want to avoid cross-AZ traffic, so do be careful when you add your routes, no matter what architecture you decide on.
(Avoid cross-AZ traffic because of costs)
e

elegant-activity-51782

03/21/2023, 3:14 PM
Yeah I know for sure we want to go with a Hub-Spoke model. Just not sure in practicality how that actually shakes out
s

stocky-restaurant-98004

03/21/2023, 3:16 PM
How many spokes do you have?
e

elegant-activity-51782

03/21/2023, 3:16 PM
like I said very much in a POC/Discovery phase now. I can imagine we could scale for things my team manages to 10-15+?
s

stocky-restaurant-98004

03/21/2023, 3:17 PM
My intuition (and again, run them numbers - don't take my word for it) is that you'll see significant cost savings with TGW and centralized egress.
I developed that codebase for a workshop I did with some AWS networking SAs. I think they hang out here (and they're also probably in this channel): https://cloud-network-as-code.slack.com There's people in that Slack that will definitely be able to give you a second opinion, but I think you're on the right track with TGW and centralized egress.
Yeah, they here. @miniature-rocket-28706 and @miniature-laptop-27301 should be able to validate that you'll see significant cost savings with TGW and centralized egress for 10 to 15 VPCs (assuming they're not like... going across regions or anything wild).
@elegant-activity-51782 You might also want to check out Tailscale for a VPN solution if you have a need. Their product is really, really nice. Uses UDP and NAT to remove the need for poking holes in firewalls. https://tailscale.com/
m

miniature-laptop-27301

03/22/2023, 7:04 AM
Hi @stocky-restaurant-98004, Yes, me and Andy are in the cloud-network-as-code slack also. Regarding, the centralised egress, there are some caveats like traffic amount that affect the cost but in general that pattern is cheaper.
View count: 1