https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
azure
  • k

    kind-address-14510

    07/07/2020, 11:10 PM
    Do subnet names have to be unique ? I am getting error below.
    Diagnostics:
      azure:network:Subnet (GatewaySubnet):
        error: Duplicate resource URN 'urn:pulumi:test::vnet-a360-new::azure:network/subnet:Subnet::GatewaySubnet'; try giving it a unique name
    c
    • 2
    • 2
  • k

    kind-address-14510

    07/08/2020, 3:14 PM
    I have subscriptionId in config , how do I use it in program ? tried config.get('subscriptionId') or just azure:subscriptionId , not working
    config:
    azure:environment: public
    azure:location: EastUS
    azure:subscriptionId: xxx
    t
    • 2
    • 3
  • n

    numerous-processor-60508

    07/09/2020, 8:38 AM
    I'm trying to refactor my code so that my networks are moved from their current project / stack into a new project specifically for networking, as it's going to be referenced more often. I've tried adding an alias, but it keeps saying it wants to create new resources? Anyone got any ideas?
    c
    t
    • 3
    • 12
  • p

    purple-van-45588

    07/09/2020, 10:56 AM
    Hi All, when applying tags in a network security group pulumi changes the case os the tags! A bug naybe?
  • p

    purple-van-45588

    07/09/2020, 10:56 AM
    netsg = network.NetworkSecurityGroup("nsg_tags_test",
    name = "nsg_tags_test",
    resource_group_name = "netdcrg1",
    location = "westeurope",
    tags = {'boundary': 'tbd', 'business_unit': 'dev', 'environment': 'dev', 'expiration_date': "2128-01-01", 'miscellaneous': 'NA', 'owner': 'all-infra', 'platform': 'infrastructure', 'security_context': 'standard', 'service_name': 'netdc'})
  • p

    purple-van-45588

    07/09/2020, 10:56 AM
    an the result :
  • p

    purple-van-45588

    07/09/2020, 10:57 AM
  • t

    tall-librarian-49374

    07/09/2020, 11:10 AM
    I don’t see any changes in your preview… Are the names or the values changed?
  • p

    purple-van-45588

    07/09/2020, 11:13 AM
    The names: service_name -> serviceName , expiration_date -> expirationDate !
  • t

    tall-librarian-49374

    07/09/2020, 11:15 AM
    Ah, weird! It sounds like a bug indeed.
  • k

    kind-address-14510

    07/09/2020, 12:26 PM
    How do I troubleshoot pulumi creating resources correctly but then timeouts waiting for completion ? I introduced timeout , but it was waiting forever before.
    error: Error waiting for completion of AzureRM Virtual Network Gateway
  • k

    kind-address-14510

    07/09/2020, 12:33 PM
    I can see #551 opened for pulumi azure but closed with alleged fix in v.3.5.1 I do use pulumi-azure 3.11.0 , I guess it is higher
  • b

    better-rainbow-14549

    07/09/2020, 12:36 PM
    azuread:index:ServicePrincipalPassword (test-dev-eu-test1):
        error: deleting urn:pulumi:advanced-networking-test::advanced-networking-test::AzureAdApplication$azuread:index/servicePrincipalPassword:ServicePrincipalPassword::test-dev-eu-test1: Error parsing Application Password ID: Credential ID should be in the format {objectId}/{keyType}/{keyId} - but got "9481f24e-30da-4a54-a0cd-66a5a9d6d069/1ff9e85f-1909-9f9c-b451-73c0dca779da"
    wut, never seen that before
  • n

    nice-football-42636

    07/09/2020, 3:20 PM
    Hello guys! I've encountered a very weird behaviour in one of our deployments. The issue is with creating new
    Sql Database
    as copy from existing one. I use
    C# sdk
    and i use following code:
    var sqlDatabase = new Database(
                    $"{conf.StackResourcesPrefix}-db",
                    new DatabaseArgs
                    {
                        Name = $"{conf.StackResourcesPrefix}-db",
                        ResourceGroupName = resourceGroup.GetResourceName(),
                        CreateMode = "Copy",
                        ServerName = sqlServer.Name,
                        SourceDatabaseId = <FULL_ID_OF_THE_SOURCE_DB>
                    }
                );
    I've checked many times, that everything is correct (mainly the
    sourceDatabaseId
    ). When i deploy the infrastructure with pulumi, the database is not copied, but it creates new one (pulumi does not fail, does not log warning that something went wrong) without any data from the existing one I'm trying to copy. everything with authorization and stuff should be ok, our solution with azure templates & powershell scripts works correctly as expected and as far as i know, pulumi should do behind the scenes almost the same stuff as the powershell scripts do (calling the Azure API). Isn't this a bug? How is it possible, that pulumi fails to create the desired resource by the configuration, but says everything is okay and doesn't show any warnings / errors? Could somebody help me please with what could get wrong?
  • g

    great-flag-86735

    07/09/2020, 4:07 PM
    Good morning! I am attempting to set a dns name on a Aks nginx ingress controller. However it fails to stick. I can edit it directly within Azure portal. Here’s my pulumi exerpt where I tried a couple different config. Anyone know the issue?
    const nginx = new k8s.helm.v2.Chart(nginxName, {
    		chart: "bitnami/nginx-ingress-controller",
    		values: {
    			annotations: {
    				// "<http://service.beta.kubernetes.io/azure-dns-label-name|service.beta.kubernetes.io/azure-dns-label-name>": k8sDnsName,
    			},				
    			controller: {
    				publishService: {enabled: true},
    				service: {
    					annotations: {
    						"<http://service.beta.kubernetes.io/azure-dns-label-name|service.beta.kubernetes.io/azure-dns-label-name>": k8sDnsName,
    					},				
    				}
    			}
    		},
    	},
    	{providers: {kubernetes: cluster.provider}},
    );
  • w

    witty-spring-28765

    07/12/2020, 7:36 PM
    Hello, I am a newbie to pulumi. I am struggling to get pulumi to work with Azure Devops. I have been following https://github.com/pulumi/pulumi-az-pipelines-task and https://github.com/pulumi/pulumi-az-pipelines-task/tree/master/examples/azure . As stated in the example, I am not getting the Pipeline to be added automatically. Please can you help, the documentation seems to be very high level for newbies like me.
    r
    c
    m
    • 4
    • 9
  • b

    better-rainbow-14549

    07/16/2020, 1:57 PM
    Upgrading from 3.7.0 to 3.11.0 pulumi's throwing new errors about how fields can't be specified:
    {
                "urn": "urn:pulumi:deployments-infra-dev-eu::deployments-infra-dev-eu::mpp:Cluster$azure:containerservice/kubernetesCluster:KubernetesCluster::deveu2",
                "message": "error: azure:containerservice/kubernetesCluster:KubernetesCluster resource 'deveu2' has a problem: \"addon_profile.0.http_application_routing.0.http_application_routing_zone_name\": this field cannot be set\n",
                "severity": "error"
            },
            {
                "urn": "urn:pulumi:deployments-infra-dev-eu::deployments-infra-dev-eu::mpp:Cluster$azure:containerservice/kubernetesCluster:KubernetesCluster::deveu2",
                "message": "error: azure:containerservice/kubernetesCluster:KubernetesCluster resource 'deveu2' has a problem: Can not parse \"addon_profile.0.oms_agent.0.log_analytics_workspace_id\" as a resource id: Cannot parse Azure ID: parse \"\": empty url\n",
                "severity": "error"
            },
            {
                "urn": "urn:pulumi:deployments-infra-dev-eu::deployments-infra-dev-eu::mpp:Cluster$azure:containerservice/kubernetesCluster:KubernetesCluster::deveu2",
                "message": "error: azure:containerservice/kubernetesCluster:KubernetesCluster resource 'deveu2' has a problem: \"addon_profile.0.oms_agent.0.oms_agent_identity\": this field cannot be set\n",
                "severity": "error"
            }
    but I never specified those anyway, they've just appeared.
  • b

    better-rainbow-14549

    07/16/2020, 2:53 PM
    i've emptied them from the state file, did refresh and they came back
  • w

    wooden-branch-26004

    07/20/2020, 12:15 PM
    Hello! I want to attach ACR repository to a new AKS cluster. I can do that via 
    cli
     using 
    --attach-acr <acr_name>
     (ex. 
    az aks ... create --attach-acr <acr_name>
     ) . How can I do the same via Pulumi? I haven't found anything related to it in 
    KubernetesCluster
     or 
    KubernetesClusterArgs
     . Thanks!
    b
    • 2
    • 10
  • e

    enough-kite-69616

    07/20/2020, 4:52 PM
    Has anyone used Azure DevOps to run Pulumi to manage PostgreSQL instances? What do I need to do about firewall rules?
    c
    f
    • 3
    • 9
  • r

    ripe-russia-4239

    07/22/2020, 2:41 PM
    Hi there, I'm trying to provision a custom hostname for an Azure Function. When I work through this in the portal, I have to complete a domain verification step to prove ownership of the host name I'm trying to provision: adding a
    TXT
    record to my DNS with a specific GUID. If this step is not completed, the Pulumi
    CustomHostnameBinding
    fails to create, and the Pulumi update as a whole fails:
    Error creating/updating Custom Hostname Binding "<http://www.mywebsite.com|www.mywebsite.com>" (App Service "exampleappservice7422ec00" / Resource Group "exampleresourcegroupa1b4af45"): web.AppsClient#CreateOrUpdateHostNameBinding: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="BadRequest" Message="A TXT record pointing from <http://asuid.www.mywebsite.com|asuid.www.mywebsite.com> to 2f77eba357071f06b1ae4cb900105eeb8236f2697466a15641af4fdd75f2fb49 was not found." Details=[{"Message":"A TXT record pointing from <http://asuid.www.mywebsite.com|asuid.www.mywebsite.com> to 2f77eba357071f06b1ae4cb900105eeb8236f2697466a15641af4fdd75f2fb49 was not found."},{"Code":"BadRequest"},{"ErrorEntity":{"Code":"BadRequest","ExtendedCode":"04006","Message":"A TXT record pointing from <http://asuid.www.mywebsite.com|asuid.www.mywebsite.com> to 2f77eba357071f06b1ae4cb900105eeb8236f2697466a15641af4fdd75f2fb49 was not found.","MessageTemplate":"A TXT record pointing from asuid.{0} to {1} was not found.","Parameters":["<http://www.mywebsite.com|www.mywebsite.com>","2f77eba357071f06b1ae4cb900105eeb8236f2697466a15641af4fdd75f2fb49"]}}]
    I haven't been able to catch this error, nor identify a way (from the docs, poking around the Pulumi libraries with code completion, etc. etc.) to capture the resource(s) in error and inspect the returned error. What I'd like to be able to do is intercept this error, provision the
    TXT
    record in CloudFlare DNS, retry the operation, then delete the
    TXT
    record again. I'm using the #typescript SDK.
    t
    • 2
    • 4
  • b

    breezy-cricket-40277

    07/24/2020, 3:36 PM
    Update Strategy Azure Kubernetes Service with
    [diff: ~addonProfile]
    . What’s the deal with this? I didn’t change any code on my Pulumi code and I get this update strategy that basically
    diffs
    my kubeconfig (to be the same one) and a bunch of
    metadata and provider
    changes without no code changes whatsoever.
    g
    b
    • 3
    • 50
  • k

    kind-mechanic-53546

    07/29/2020, 3:27 AM
    Does anyone have a good azure service for config management? I'd like to export all my config (endpoints, secrets, connection strings, hostnames etc...) to have 1 consolidated place, currently, it's spread over 10 odd pulumi stacks In AWS, I'd use SSM Parameter store, but Azure App Configuraton is 1) not supported by Terraform or Pulumi and 2) expensive
    c
    • 2
    • 10
  • k

    kind-mechanic-53546

    07/31/2020, 7:38 AM
    Is there any programmatic way to add the
    Contributor
    role for a subscription to an
    azuread.Application
    ?
    t
    • 2
    • 3
  • t

    tall-needle-56640

    08/03/2020, 10:14 PM
    Hello all. I just started PoC-ing Pulumi and I'm immediately struck with ambiguity and oddity in the framework. For instance, if I want to create a simple web app, I start typing WebApp, not AppService (though FunctionApp exists), or AppServicePlan, not Plan (vague). Is there any effort to clean this up in future versions of the framework?
  • t

    tall-needle-56640

    08/03/2020, 10:20 PM
    Or ASP skus:
    new PlanSkuArgs { Size="0", Tier = "S" }
    results in
    The parameter SKU.Name has an invalid value
    . Why tell me that the name is wrong, when I didn't provide a name? Why is nothing telling me what values are allowed? Is the Azure provider just in its early days. I think Pulumi is a great idea and I have more experimentation to do, but I wish I was falling into the pit of success. 😞
    l
    • 2
    • 2
  • k

    kind-mechanic-53546

    08/04/2020, 7:33 AM
    Not specifically for azure but more Azure Devops I run an npm script as shorthand for
    pulumi up
    , (e.g.
    npm run up
    ) which does
    pulumi up --yes --policy-pack ./policy-pack-here
    When I run this in an Azure Devops pipeline using the npm custom script, it fails with
    error: getting secrets manager: passphrase must be set with PULUMI_CONFIG_PASSPHRASE environment variable
    which is strange since the environment variable is set (and
    pulumi version
    works in a different step) Question, why would the environment variable not be propagating down to the npm task, is this expected?
    t
    • 2
    • 3
  • b

    bland-ice-32467

    08/06/2020, 8:05 PM
    Is there a way to change an object after it is created? For context: I have a service principal for a pulumi user (which will run in a CI/CD pipeline). It needs certain permissions to read the various secrets, kand keys in a key vault. In order to keep the code (somewhat) clean, I'd like add these permissions by them selves. This causes a problem when I try to "add" permissions to an existing access policy. Can you offer some tips on how to change an existing pulumi resource (
    pulumi_azure.keyvault.AccessPolicy
    ), which may or may not exist in Azure, or how I should go about creating a service principal that has all the necessary permissions to create all resources I am able to create through the Azure Portal?
  • m

    millions-dog-5491

    08/12/2020, 10:02 AM
    Hi. Any suggestions to how I can import a ApplicationPassword resource when I only have the name of the resource, and not the KeyId? The KeyId is necessary to compile an identifier to use with CustomResourceArgs.ImportId... but also needed to call the ApplicationPassword.Get() method to get the existing ApplicationPassword resource... Or is the design intended so that I am supposed to export the KeyId upon first run, and refer to this at subsequent runs? I want to avoid that a new password is generated and applied to the Application at every execution. I am open to the possibility I am missing something 🙂 Using C#. Thanks
  • f

    future-kite-91191

    08/19/2020, 2:14 PM
    Hi! I'm using the Azure DevOps Pulumi Task (via Marketplace) and try to deploy our stack. We get this error. Any idea?
    error: problem logging in: getting user info from pul-****************************************: performing HTTP request: Get "pul-********************************/api/user": unsupported protocol scheme ""
    c
    • 2
    • 2
Powered by Linen
Title
f

future-kite-91191

08/19/2020, 2:14 PM
Hi! I'm using the Azure DevOps Pulumi Task (via Marketplace) and try to deploy our stack. We get this error. Any idea?
error: problem logging in: getting user info from pul-****************************************: performing HTTP request: Get "pul-********************************/api/user": unsupported protocol scheme ""
c

clever-sunset-76585

08/19/2020, 2:49 PM
Hi, it seems that somehow your token is being used as the API URL somehow, possibly due to misconfiguration of the pipeline. What does your Azure Pipelines config file look like? And how did you specify the token for the CLI?
f

future-kite-91191

08/19/2020, 5:40 PM
Correct, was a line in there that should have been removed via Git merge conflict resolve.. Thanks!
👍 1
View count: 4