• l

    little-cartoon-10569

    8 months ago
    I'm working on a project that uses (as far as I can tell) only the default AWS provider, configured in the default manner. When I use env vars AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_SESSION_TOKEN, things work. But when I unset those vars and use only AWS_PROFILE (correctly set it), Pulumi complains with
    Error: invocation of aws:index/getRegion:getRegion returned an error: unable to discover AWS AccessKeyID and/or SecretAccessKey - see <https://pulumi.io/install/aws.html> for details on configuration
    l
    b
    8 replies
    Copy to Clipboard
  • n

    nice-pharmacist-5320

    8 months ago
    Hello everyone, I have run into a weird issue. I am creating a EKS cluster which works fine, but on destroy pulumi tries to delete the security groups created for the node groups which fails because there is a network interface attached to it. I am guessing this network interface is attached by AWS/EKS when I bring up a loadbalancer and hence pulumi does not know about it which cause the destroy to fail. I have to manually go and delete the network interface, so the the destroy can proceed with deleting the security group and everything after that. Does anyone know about this?
    n
    b
    6 replies
    Copy to Clipboard
  • g

    green-daybreak-91402

    8 months ago
    Hello! Question about Pulumi and AWS Parameter Store values. Can one create a param store resource with Pulumi and only have it create it if it does not exist, but we manually set its values? So no subsequent deploy affects the value we manually set.
    g
    1 replies
    Copy to Clipboard
  • m

    magnificent-lifeguard-15082

    8 months ago
    Given I have a known cidr space (/18) and know how that is partitioned across subnets (using awsx logic), how can I use getIPV4Address(value) to create some private fixed addresses in my network? Unsure what
    value: number
    is here.
    m
    l
    4 replies
    Copy to Clipboard
  • g

    green-daybreak-91402

    8 months ago
    Question about awsx/ec2/vpc. There are 3 subnet types: public, private, isolated. If I use isolated, can I still setup the instances inside this subnet to be reachable via a bastion and custom egress/ingress rules?
    g
    l
    2 replies
    Copy to Clipboard
  • w

    wide-finland-25364

    8 months ago
    I installed AWS Load Balancer Controller via Helm chart. Since initial installation, whenever I do
    pulumi up
    , the certs in
    Secrets kube-system/aws-load-balancer-tls
    get replaced. I even tried "keepTLSSecret: true," but no-go. I see that
    kubernetes:<http://admissionregistration.k8s.io/v1:MutatingWebhookConfiguration|admissionregistration.k8s.io/v1:MutatingWebhookConfiguration>
    and
    kubernetes:<http://admissionregistration.k8s.io/v1:ValidatingWebhookConfiguration|admissionregistration.k8s.io/v1:ValidatingWebhookConfiguration>
    gets updated too. Is there a way to mitigate this? This is the code
    // Install AWS Load Balancer Controller via Helm chart
    const awslbcontroller = new k8s.helm.v3.Chart("aws-load-balancer-controller", {
      chart: "aws-load-balancer-controller",
      version: "1.3.3",
      namespace: "kube-system",
      fetchOpts:{
          repo: "<https://aws.github.io/eks-charts>",
      },
      values: {
        clusterName: clusterName,
        keepTLSSecret: true,
      }
    }, {provider: cluster.provider});
    w
    w
    3 replies
    Copy to Clipboard
  • b

    brainy-window-77332

    8 months ago
    I'm struggling to find how to get pulumi python to list AWS resources, specifically I want to list R53 hosted zones associated with a specific vpc?
    b
    f
    2 replies
    Copy to Clipboard
  • s

    stale-king-21470

    8 months ago
    Sorry to bring this up again but I can't resolve this issue, if someone has an idea: https://pulumi-community.slack.com/archives/CRH5ENVDX/p1642354916102400
    s
    l
    4 replies
    Copy to Clipboard
  • h

    high-grass-3103

    8 months ago
    I'm trying to create a bastion host:EC2 instance with two subnets - one public and one private. My public subnet is:
    export const infra_public = new awsn.ec2.Subnet('infra_public', {
        tags: nativeTags({ ...tags, Name: `infra_pub` }),
        cidrBlock: '10.0.0.16/28',
        vpcId,
        availabilityZone,
        mapPublicIpOnLaunch: true,
    });
    But when I launch an instance:
    const nic0 = new aws.ec2.NetworkInterface('nic0', {
        subnetId: infra_public.id,
        tags,
        securityGroups: [sg_ssh.id],
    });
    
    const nic1 = new aws.ec2.NetworkInterface('nic1', {
        subnetId: infra_private.id,
        tags,
        securityGroups: [sg_priv.id],
    });
    
    
    const bastion_node = new aws.ec2.Instance('bastion', {
        keyName,
        tags: { ...tags, Name: `${pulumi.getStack()}-bastion` },
        instanceType: aws.ec2.InstanceType.T4g_Nano,
        ami: ami.id,
        networkInterfaces: [
            {
                deviceIndex: 0,
                networkInterfaceId: nic0.id,
            }, {
                deviceIndex: 1,
                networkInterfaceId: nic1.id,
            }
        ],
        creditSpecification: { cpuCredits: 'standard' },
        monitoring: true,
        availabilityZone,
    });
    the AWS console reports NO public IPv4 address. Am I missing something?
    h
    l
    6 replies
    Copy to Clipboard
  • f

    future-window-78560

    8 months ago
    To solve this issue I am trying to create alb controller, followed this https://github.com/jaxxstorm/pulumi-awsloadbalancercontroller but the installation is giving the following error
    f
    m
    +1
    4 replies
    Copy to Clipboard