Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
azure
- l
limited-carpenter-34991
07/12/2021, 12:24 PMI cannot finde the service principal and its scecret object inside the azure-native.l- 2
- 2
- m
mysterious-australia-14256
07/13/2021, 10:05 AMIs there an example anywhere on how to configure the diagnostic settings for a service bus? I want to be able to specify what I want logging (OpperationalLogs and AllMetrics) and what I want to do with the logs (send to a log analytics workspace in this case)?- 1
- 1
- m
mysterious-australia-14256
07/13/2021, 2:05 PMI am trying to create a new Web.Connection object for connecting to a Service Bus. The Service Bus is created earlier in the stack and when I create the Connection I need to specify the PrimaryConnectionString from the this Service Bus as a ParameterValue. I am trying to look up the PrimaryConnectionString using Pulumi.AzureNative.ServiceBus.ListNamespaceKeys but this fails if the Service Bus doesn't already exist. Is there a way around this i.e. to look up the string only after the Service Bus has been created and not progress the creation of the Connection until this has been done?t- 2
- 4
- m
mysterious-australia-14256
07/13/2021, 6:11 PMWhat is the correct way to handle dependencies when the parent object is created by a template? For example, I have used a template deployment to create a Web.CustomApi. This returns a Pulimi.AzureNative.Resources.Deployment object. I then want to create a Web.Connection that depends on the Web.CustomApi. Am I OK to specify the returned Deployment object of the Web.CustomApi in the DependsOn property of the CustomResourceOptions parameter when creating the Web.Connection or do I need to try and pull back a reference to the resource actually created by the Deployment?cs- 3
- 3
- m
mysterious-australia-14256
07/14/2021, 10:06 AMHi All, I'm still struggling with using ARM template deployment to create a Web.CustomApi connector and then a Web.Connection that uses the API. The main issue is that the connection never shows up when I run a Pulumi Preview. It does however deploy if I run a Pulumi Up. I have code that creates the API via a deployment along the lines of
I then create the connection using an expanded version of the following where I am retrieving the CustomApi object created by the above deployment and using that when creating the connection.var connectorDeployment = new Pulumi.AzureNative.Resources.Deployment( .... )
This does deploy correctly and everything works but I would like to get Pulumi Preview to pick up this operation. How can I tweak my code so that Pulumi Preview is picking up the connection correctly? I also have an issue where a Pulumi Destroy is only removing the deployment and not the actual object that was created.var outputResources = connectorDeployment.Properties.Apply(props => { Pulumi.AzureNative.Web.CustomApi bamConnector = Pulumi.AzureNative.Web.CustomApi.Get(connectorDeploymentResourceName, props.OutputResources[0].Id); var connection = Pulumi.AzureNative.Web.Connection(name, args, new CustomResourceOptions { DependsOn = bamConnector, Parent = bamConnector }); return props; }t- 2
- 9
- a
ancient-eve-13947
07/14/2021, 1:37 PMmaybe better here than in general: how does one get the connection string for a
for an Azure servicebus via Typescript? the documentation statesNamespaceAuthorizationRule
should have an outputNamespaceAuthorizationRule
, but the d.ts says it has only name, rights and type as outputs.primaryConnectionStringt- 2
- 4
- a
ancient-eve-13947
07/14/2021, 5:28 PMwhen trying to create a b2c tenant, on
I get the following error:pulumi up
the code I use is:Diagnostics: pulumi:pulumi:Stack (Cloud-dev): error: update failed azure-native:azureactivedirectory:B2CTenant (b2c): error: cannot check existence of resource '/subscriptions/25110286-d288-4e46-851b-4e2bc880672f/resourceGroups/rgdevc54575e2/providers/Microsoft.AzureActiveDirectory/b2cDirectories/deonfunction%20getStack%28%29%20%7B%0A%20%20%20%20return%20runtime.getStack%28%29%3B%0A%7Ddirectory': status code 400, <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""<http://www.w3.org/TR/html4/strict.dtd>"> <HTML><HEAD><TITLE>Bad Request</TITLE> <META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD> <BODY><h2>Bad Request - Invalid URL</h2> <hr><p>HTTP Error 400. The request URL is invalid.</p> </BODY></HTML>
any idea what's going on here?const tenant= new azure.azureactivedirectory.B2CTenant("b2c", { resourceGroupName: resourceGroup.name, sku: { name: "Standard", tier: "A0" }, properties: { countryCode: "DE", displayName: `DEON-${pulumi.getStack}` }, resourceName: `deon${pulumi.getStack}directory` });t- 2
- 4
- a
ancient-eve-13947
07/14/2021, 6:35 PMis there a way to tell Pulumi "completely throw away what you think you know about the state of my Azure resources", while keeping everything in my Pulumi.dev.yaml? so that afterwards, when I do a
, it will just create a new resource group etc? background: something went wrong with destroying and now some Azure resources take ages to get deleted, and I'd like to continue testing meanwhile.pulumi upt- 2
- 5
- a
ancient-eve-13947
07/14/2021, 7:04 PMI try to deploy a B2C tenant like this:
and onlet suffix= pulumi.getStack(); suffix= suffix=="production" ? "" : suffix; const displayName= pulumi.interpolate `DEON - ${suffix}`; const resourceName= pulumi.interpolate `deon${suffix}directory`; const tenant= new azure.azureactivedirectory.B2CTenant("b2c", { resourceGroupName: resourceGroup.name, location: "europe", // because B2C has other, fewer possible locations sku: { name: "Standard", tier: "A0" }, properties: { countryCode: "DE", displayName }, resourceName });
I get this error:pulumi up
what am I doing wrong?b2c (azure-native:azureactivedirectory:B2CTenant) error: autorest/azure: Service returned an error. Status=404 Code="NotFound" Message="Resource with ID '25110286-d288-4e46-851b-4e2bc880672f/rgdev9a38f1a5/deondevdirectory' does not exist." Target="resource"t- 2
- 8
- a
ancient-eve-13947
07/15/2021, 11:55 AMfor a B2C tenant, how can I upload custom policies (Identity Experience Framework)? and how can I edit the manifest (download/upload it) for app registrations?
seems to allow me to create app registrations, but I can't see anything related to manifests?@pulumi/azuread - v
victorious-exabyte-70545
07/15/2021, 4:26 PMHi all, I have a question about managing stack states. Yesterday I prematurely killed pulumi up and it resulted in the state of the stack being lost. I am using blob storage to hold state. When I typed pulumi preview, no stack was found. Is there documentation on how to restore from blob storage? Also, is it better to check in state into the project code in git (vs using s3 or blob storage)? What is best practice for production use of pulumi? I am new to Pulumi so any advice or direction is appreciated. Thanks! - v
victorious-exabyte-70545
07/15/2021, 5:12 PMSo it looks like I should be able to restore from the history right? - v
victorious-exabyte-70545
07/15/2021, 5:13 PM.pulumi/history/dev/dev-1626238159454148000.checkpoint.jsonc- 2
- 4
- l
limited-mouse-98047
07/16/2021, 2:51 PMHi folks. Did anyone else come across the typescript
resource generating passwords that are incompatible withazuread.ServicePrincipalPassword
? The latter apparently cannot accept characters like a backtick (`), which the former will apparently generate if you're lucky. I'm wondering whether this is a bug within the provider on on the azure end.azure_native.containerservice.ManagedCluster👀 1br- 3
- 4
- m
miniature-leather-70472
07/19/2021, 12:17 PMDoes the old Azure provider have anything similar to the GetClientToken in the Azure Native provider?t- 2
- 5
- p
powerful-football-81694
07/19/2021, 1:06 PMHi folks, do all stacks in the same project necessarily need to be deployed to the same Azure subscription? Or is Pulumi completely “agnostic” to this, i.e., does it simply deploy to whatever subscription happens to be the selected one in Azure CLI at the time when you do
?pulumi upbm- 3
- 5
- w
wet-noon-14291
07/20/2021, 9:40 PMAny example of how to configure Cosmos DB with integrated cache using pulumi? Azure docs: https://docs.microsoft.com/en-us/azure/cosmos-db/how-to-configure-integrated-cachet- 2
- 1
- h
handsome-state-59775
07/21/2021, 5:34 AMAny plans for Crosswalk for Azure? I'm specifically interested in Python.t- 2
- 2
- m
mysterious-australia-14256
07/22/2021, 10:13 AMHello, can anyone point me towards guidance on how stackreference works between projects when using an azure storage backend? When I start a new project I typically run "pulumi login azblob://pulumi/<projectname>" e.g. "pulumi login azblob://pulumi/project1". Does this mean that I will only be able to reference other stacks created while logged in to "azblob://pulumi/project1" or can I also reference stacks in other projects sharing the same storage account e.g. project 2 created when logged in to "pulumi login azblob://pulumi/project2"? Thanks , Alanbb- 3
- 16
- l
little-notebook-32921
07/22/2021, 11:35 PMAll, any chance anyone could assist me with understanding this message? "error: Duplicate resource URN 'urn😛ulumi:hess-net-dev::basevnet:😛ulumi:pulumi:Stack::basevnet-hess-net-dev'; try giving it a unique name". I'm looping through a YAML file with GoLang and there seems to be some sort of collision. Any ideas would be much appreciated!b- 2
- 9
- m
miniature-leather-70472
07/26/2021, 12:54 PMI'm guessing this is an Azure thing rather than Pulumi, but is there any way to get a consistent order when an object containers a list? For example, when an object has a firewall with a list of allowed IP's, the order on this can change with each apply, and so Pulumi thinks there is a change. I could ignore changes for that, but I do want the option to add more IP's at a later date - m
melodic-student-71781
07/27/2021, 6:36 PMHi, I'm trying to emulate
where the cluster uses a managed identity instead of an explicit service principal. As far as I understand it, I need to add aaz aks create [...] --attach-acr $MYACR
withRoleAssignment
=containerRegistryId andscope
="AcrPull". RoleAssignment contains `principalId`(required) androleDefinitionId
(optional). How do I fill these two fields? I'm guessingdelegatedManagedIdentityResourceId
should be the id of the AKS cluster, but what's thedelegatedManagedIdentityResourceId
if there is no principal?principalIdb- 2
- 1
- k
kind-mechanic-53546
07/28/2021, 1:29 AMHas anyone else had problems with autocomplete being extremely slow with azure-native?pb- 3
- 8
- i
icy-jordan-58549
07/28/2021, 1:42 PMHi, team. Could someone help me understand why this is happening?azure-native:network:FrontDoor (frontDoor): error: autorest/azure: Service returned an error. Status=<nil> Code="Conflict" Message="Cannot delete frontend endpoint \"<http://fed2test.test.io|fed2test.test.io>\" because it is still directly or indirectly (using \"afdverify\" prefix) CNAMEd to front door \"<http://emtkfed2testprodcmsfd.azurefd.net|emtkfed2testprodcmsfd.azurefd.net>\". Please remove the DNS CNAME records and try again."m- 2
- 2
- p
proud-dusk-33872
07/28/2021, 1:54 PMIs there a way for a stack to contribute to the resource of another stack? For example, a subscription to an Event Grid topic, where the topic itself is owned by another stack. Another example might be a rule / backend on a Front Door instance.f- 2
- 3
- m
melodic-easter-82419
07/29/2021, 3:55 PMInteresting issue. Creating a shared dashboard from pulumi, I see the resource and can view properties. The problem I run into is when I goto the dashboard I get a dashboard does not exist error. - m
melodic-easter-82419
07/29/2021, 3:56 PMIt looks like I do have owner permission for the dashboard. Curious if anyone else has ran into this issue>? - c
cuddly-spring-60602
07/30/2021, 7:53 AMHi #azure, I'm writing a program to deploy a VM and register it within a Automation Account with a pre-existing, but it fails when I want to add a specific option:
This will lead to an error:Settings: pulumi.ArrayMap{ "advancedOptions": pulumi.Array{ pulumi.Map{ "Name": pulumi.String("forcePullAndApply"), "TypeName": pulumi.String("System.Boolean"), "Value": pulumi.Bool(false), }, }, "Properties": pulumi.Array{ pulumi.Map{ "Name": pulumi.String("RegistrationKey"), "TypeName": pulumi.String("System.Management.Automation.PSCredential"), "Value": pulumi.StringMap{ "Password": pulumi.String("PrivateSettingsRef:registrationKeyPrivate"), "UserName": pulumi.String("PLACEHOLDER_DONOTUSE"), }, }, pulumi.StringMap{ "Name": pulumi.String("RegistrationUrl"), "TypeName": pulumi.String("System.String"), "Value": pulumi.String(registrationUrl), }, pulumi.StringMap{ "Name": pulumi.String("NodeConfigurationName"), "TypeName": pulumi.String("System.String"), "Value": pulumi.String(existingConfigurationName), }, pulumi.Map{ "Name": pulumi.String("RebootNodeIfNeeded"), "TypeName": pulumi.String("System.Boolean"), "Value": pulumi.Bool(true), }, pulumi.Map{ "Name": pulumi.String("ActionAfterReboot"), "TypeName": pulumi.String("System.String"), "Value": pulumi.String("continueConfiguration"), }, }, }, TypeHandlerVersion: pulumi.String("2.77"),
Without the advancedOptions Block, it works fine...Any ideas?I0730 08:18:59.628372 6476 provider_plugin.go:739] Provider[azure-native, 0xc000650780].Create(urn:pulumi:dev::TosMarketing::azure-native:compute:VirtualMachineExtension::vm-ext-Gaming-VM1) failed: Code="VMExtensionProvisioningError" Message="VM has reported a failure when processing extension 'vm-ext-Gaming-VM1'. Error message: \"The DSC Extension failed to execute: Cannot convert value \"downloadMappings\" to type \"System.Int32\". Error: \"Input string was not in a correct format.\".\nMore information about the failure can be found in the logs located under 'C:\\WindowsAzure\\Logs\\Plugins\\Microsoft.Powershell.DSC\\2.77.0.0' on the VM.\"\r\n\r\nMore information on troubleshooting is available at <https://aka.ms/VMExtensionDSCWindowsTroubleshoot> " - a
ancient-eve-13947
07/30/2021, 12:39 PMHi, I got a stack consisting of about 20 resources. I used it in the past and it worked fine. Now I'm trying to run
on a clean slate, ie with no resources up yet and I get the following error:pulumi preview
The code for that passage isDiagnostics: pulumi:pulumi:Stack (Cloud-dev): error: Running program 'C:\Projects\Deon\infrastructure\azureresources' failed with an unhandled exception: Error: invocation of azure-native:cache:listRedisKeys returned an error: request failed /subscriptions/25110286-d288-4e46-851b-4e2bc880672f/resourceGroups/rgDEV/providers/Microsoft.Cache/redis/redis2f94d61f/listKeys: autorest/azure: Service returned an error. Status=404 Code="ResourceNotFound" Message="The Resource 'Microsoft.Cache/Redis/redis2f94d61f' under resource group 'rgDEV' was not found. For more details please go to <https://aka.ms/ARMResourceNotFoundFix>" at Object.callback (C:\Projects\Deon\infrastructure\azureresources\node_modules\@pulumi\pulumi\runtime\invoke.js:139:33) at Object.onReceiveStatus (C:\Projects\Deon\infrastructure\azureresources\node_modules\@grpc\grpc-js\src\client.ts:338:26) at Object.onReceiveStatus (C:\Projects\Deon\infrastructure\azureresources\node_modules\@grpc\grpc-js\src\client-interceptors.ts:426:34) at Object.onReceiveStatus (C:\Projects\Deon\infrastructure\azureresources\node_modules\@grpc\grpc-js\src\client-interceptors.ts:389:48) at C:\Projects\Deon\infrastructure\azureresources\node_modules\@grpc\grpc-js\src\call-stream.ts:276:24 at processTicksAndRejections (internal/process/task_queues.js:79:11)
Now what I don't get is: of course when doing preview, the redis instance isn't there yet. But I kinda expected that Pulumi somehow deals with this in the background, maybe not calling apply if cache.Name is not available yet. Also, I think I didn't have the problem before - but that might just be because I called it incrementally, never on a completely clean slate. Note the same thing happens when I executefunction createRedis() : azure.types.input.web.NameValuePairArgs[]{ var cache= new redis.Redis("redis", { resourceGroupName, enableNonSslPort: true, minimumTlsVersion: redis.TlsVersion.TlsVersion_1_2, sku: { name: "Basic", family: "C", capacity: cfg.requireNumber("Redis.Size") } }); const keys= pulumi.all([resourceGroupName, cache.name]) .apply(([resourceGroupName, name])=>redis.listRedisKeys({resourceGroupName, name})) const connectionString= pulumi.interpolate `${cache.hostName}:6380,password=${keys.primaryKey},ssl=True,abortConnect=False`; return [ { name: "Redis:ConnectionString", value: connectionString }, ]; }
when it's in the preview stage. So this is currently a big blocker for me. Any ideas, anyone?pulumi upt- 2
- 27
- p
powerful-football-81694
07/30/2021, 6:07 PMHi everyone. Does anyone know if it’s possible to look up resources from another Azure subscription than the one currently being deployed to? For example, we use code like this to find a shared key vault:
Is there any way to do this if that key vault is in a different subscription?// Get a reference to our centralized key vault service which lives // in another resource group. The key vault service itself is not created or maintained // by this program. var keyVault = Output.Create(GetVault.InvokeAsync( new GetVaultArgs() { ResourceGroupName = sharedResourceGroupName, VaultName = sharedKeyVaultName }));- 1
- 1
Title
p
powerful-football-81694
07/30/2021, 6:07 PMHi everyone. Does anyone know if it’s possible to look up resources from another Azure subscription than the one currently being deployed to?
For example, we use code like this to find a shared key vault:
// Get a reference to our centralized key vault service which lives
// in another resource group. The key vault service itself is not created or maintained
// by this program.
var keyVault =
Output.Create(GetVault.InvokeAsync(
new GetVaultArgs()
{
ResourceGroupName = sharedResourceGroupName,
VaultName = sharedKeyVaultName
}));Figured it out. For anyone else wondering, here’s how to do this:
var sharedSubscriptionProvider = new Provider(sharedSubscriptionName, new ProviderArgs() { SubscriptionId = sharedSubscriptionId });
var keyVault =
Output.Create(GetVault.InvokeAsync(
new GetVaultArgs()
{
ResourceGroupName = sharedResourceGroupName,
VaultName = sharedKeyVaultName
},
new InvokeOptions()
{
Provider = sharedSubscriptionProvider
}));View count: 3