https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
azure
  • q

    quaint-toothbrush-75472

    10/06/2021, 8:15 PM
    Hello!! I need to deploy an App Service Plan, a WebApp and then push the nodejs application to this appservice, can i do this with pulumi?
    w
    • 2
    • 1
  • h

    handsome-state-59775

    10/07/2021, 6:19 AM
    How can I get the URL of an NFS File share?
  • g

    great-breakfast-56601

    10/07/2021, 10:06 AM
    Hi Has anyone had difficulty getting an internal loadbalancer to create using a managedidentity?
  • g

    great-breakfast-56601

    10/07/2021, 10:06 AM
    Living in pending state
  • w

    worried-knife-31967

    10/11/2021, 6:30 PM
    Anyone seen any issues with role assigments and a race condition? It seems the deletion of role assignments completes asynchronously, and if you're doing Cosmos RBAC, there is as lock applied. That means that if there's a change applied and it needs to delete the role, you get an exception due to the delete locking the resource asynchronously.
    👀 1
    w
    • 2
    • 1
  • r

    rhythmic-activity-46295

    10/13/2021, 11:05 PM
    Hello, anyone here know how to achieve deny role assignments with pulumi? I've a keyvault in our dev environment which all developers have access to but I want to deny access to a certificate?!
    g
    • 2
    • 1
  • c

    curved-pencil-86122

    10/15/2021, 6:08 AM
    When trying to create BlobServiceProperties I'm getting the following error with strange looking 10-starting ip address. Any ideas? What I'm doing wrong? self.my_storage_account = storage.StorageAccount( account_name=mystorageaccount, ... blob_service_properties.BlobServiceProperties( account_name=self.my_storage_account.name, ... error: autorest/azure: Service returned an error. Status=404 Code="HttpResourceNotFound" Message="The request url http://10.0.14.52:30044/...my_storageaccount?api-version=2021-04-01 is not found."
  • f

    future-kite-91191

    10/15/2021, 10:00 AM
    When running a Pulumi program in Azure Devops against an AKS cluster, we see
    To sign in, use a web browser to open the page <https://microsoft.com/devicelogin> and enter the code CG*****QW to authenticate.
    How can I ensure the pipeline can run without interactive logins? Background: • The AKS cluster has "local k8s account" feature disabled, only AAD accounts can authenticate • The Azure Devops pipeline Service Principal is member of the AAD Group that has admin rights/roles assigned to it for the AKS cluster
    w
    • 2
    • 1
  • m

    many-dress-54535

    10/15/2021, 6:34 PM
    Hello, I am trying to update a
    pulumi_azure_native.network.IpGroup()
    by setting the
    ip_addresses
    and I am getting
    AttributeError: can't set attribute
    error, not sure if I am doing this right because it's the first time I try to set a property...
  • s

    steep-addition-26630

    10/18/2021, 7:35 AM
    Hi, this was asked before but there was no conslusion. I have a function app where the code seems to be deleted on every update from pulumi, even minor changes to the configuration. I'd expect an app restart, but instead the entire application code seems to disappear. Is this expected? The pulumi preview is like this, and is what I would expect:
    ~  azure-native:web:WebApp foo-func update [diff: ~siteConfig]
    ~  azure-native:web:WebAppSlot foo-func update [diff: ~siteConfig]
    It's worth mentioning that I'm currently pushing the code via another pipeline. I'd like to use WebAppSourceControl but it seems we need a bit more setup for that to work (and a documented example wouldn't hurt...)
    b
    • 2
    • 2
  • w

    white-bear-32497

    10/19/2021, 7:06 AM
    Hi, I’m working with the example of app service with my simple nodejs app, all of the examples upload package to blob and use
    WEBSITE_RUN_FROM_ZIP
    to deploy, is there any way to directly deploy from local disk?
    s
    • 2
    • 2
  • v

    victorious-exabyte-70545

    10/19/2021, 6:41 PM
    Hi All, Question: Is there a way to unit test my pulumi azure IOC without network connectivity.  When I worked with AWS I used a python library called boto to mock AWS's api. It was awesome because every cloud formation template generated was tested (all resources mock created). Would love to do this with pulumi and azure.
    t
    • 2
    • 2
  • w

    wet-noon-14291

    10/20/2021, 10:01 PM
    I based a small demo of deploying a typescript cloud function on this, https://github.com/pulumi/examples/blob/master/azure-ts-functions/index.ts example. It works fine if everything is done correct first time, but for me changing the value https://github.com/pulumi/examples/blob/master/azure-ts-functions/index.ts#L35 didn't update the actual cloud function it seemed. So to test it I had to delete the whole stack (just a demo) and deploy again. What is the right approach to update the function if the content of the blob is changed? @tall-librarian-49374 I noticed that you are one of the contributors to that example.
    e
    • 2
    • 3
  • m

    many-dress-54535

    10/20/2021, 10:08 PM
    message has been deleted
  • c

    chilly-magazine-4507

    10/21/2021, 12:11 AM
    Hi all, I am specifying a name on the azure resource group, but I am still getting and autonamed resource group
    b
    b
    • 3
    • 4
  • w

    witty-airport-81009

    10/21/2021, 10:25 AM
    If i add a provider to an azure-native stack that's already been deployed before the provider was added Pulumi wants to replace resources instead of just updating them. For a lot of resources in the stack that's fine, but for others, like db's this is not optimal. Is there anything I can do to make Pulumi think these are still the same resources, and all it needs to do is update the provider? The provider was added as we moved some resources in a stack across to a different azure subscription, whilst others (e.g. dns zone) remained in the old subscription.
    p
    b
    • 3
    • 12
  • b

    blue-hair-13625

    10/21/2021, 3:25 PM
    Hi, is there a C# sample showing the correct format to assign a user assigned identity to a container instance? I've tried to follow the docs but no luck..
  • m

    millions-journalist-34868

    10/21/2021, 8:51 PM
    Hi. How do you use existing Azure resources from your Pulumi program. In my context I would like to create the resource group that will contain my resources outside of my pulumi stack. The aim is to to the development team Contributor permissions but only on the resource group I created and not on the whole subscription. I have read about Resource getters in the documentation but it seems very specific to AWS. I also found this method on the docs I don't know if it's what I should use. If you have other suggestions, other ways of doing these kinds of things I am listening.
    p
    • 2
    • 10
  • e

    enough-butcher-66045

    10/24/2021, 11:03 PM
    👋 is there any way to specify the certificate management type for a FrontDoor Frontend Endpoint?
  • h

    hallowed-traffic-28168

    10/25/2021, 10:03 AM
    Hi All, I am provisioning the azure storage account with pulumi (python and azure )and want to enforce the below security and best practice for an azure storage account. Please help. 1. Ensure that public access level is set to Private for a blob container. 2. Ensure that “Secure transfer required” is set to “Enabled”. 3. Ensure that  Audit missing blob encryption for storage account is set to On. Thanks, Ravi
  • w

    wooden-receptionist-75654

    10/25/2021, 2:29 PM
    Hi Guys, I’m using a
    azure-native.containerservice
    lib to create AKS cluster and I also would like deploy k8s RBAC objects with
    kubernetes
    lib. I have something like:
    # Creating AKS
    const cluster = new containerservice.ManagedCluster(...)
    
    # Getting a kubectlconfig
    const creds = pulumi.all([cluster.name, resourceGroup.name]).apply(([clusterName, rgName]) => {
      return containerservice.listManagedClusterUserCredentials({
          resourceGroupName: rgName,
          resourceName: clusterName,
      });
    });
    const encoded = creds.kubeconfigs[0].value;
    const kubeconfig = encoded.apply(enc => Buffer.from(enc, "base64").toString());
    
    # Creating provider
    const aksProvider = new k8s.Provider("aks", {
      kubeconfig: kubeconfig
    })
    # And deploying a role
    const devsGroupRole = new k8s.rbac.v1.Role("pulumi-devs",{...},  {provider: aksProvider})
    And it appears that
    kubeconfig
    is required
    browser-based authentication
    for first time. I got
    To sign in, use a web browser to open the page <https://microsoft.com/devicelogin>
    I have tried it with user auth (az login) and got the same in CI with Service Principal. Is there any way to skip it?
    g
    • 2
    • 2
  • n

    narrow-helmet-6313

    10/25/2021, 5:44 PM
    Hi Team,
  • n

    narrow-helmet-6313

    10/25/2021, 5:45 PM
    Hi Team, is there any pulumi api to get the region for the given subscription or location for azure cloud.
  • p

    proud-appointment-22284

    10/27/2021, 6:56 PM
    Hello everyone, It is possible to exclude the subnet resource from imported virtualnetwork in pulumi? (I cannot afford just re-create vnet resource through the pulumi) When I ran pulumi import "azure-native:network:VirtualNetwork name id", I got all resources associated with the vnet resource such as subnets.
    I want to take the subnets part outside of the virtualnetwork resource but the pulumi is not able to handle such extractions, so I end up with this configuration.                                                                   const VirtualNetwork = new network.VirtualNetwork("VirtualNetwork-test", {
        addressSpace: {
            addressPrefixes: ["10.49.184.0/23"],
        },
        enableDdosProtection: false,
        location: "westeurope",
        resourceGroupName: "rsg-network",
        subnets: [{
            addressPrefix: "10.49.185.0/27",
            name: "subnet-test",
            privateEndpointNetworkPolicies: "Enabled",
            privateLinkServiceNetworkPolicies: "Enabled",
            type: "Microsoft.Network/virtualNetworks/subnets",
        }],
        virtualNetworkName: "VirtualNetwork-test",
    },);    
    
    const subnet = new network.Subnet("subnet-test", {
        addressPrefix: "10.49.185.0/27",
        name: "subnet-test",
        privateEndpointNetworkPolicies: "Enabled",
        privateLinkServiceNetworkPolicies: "Enabled",
        resourceGroupName: "rsg-network",
        subnetName: "subnet-test",
        type: "Microsoft.Network/virtualNetworks/subnets",
        virtualNetworkName: "VirtualNetwork-test",
    }, {
        parent: VirtualNetwork,
    });
    My goal is to achieve that the subnets part information would be just removed from the virtaulnetwork resource and I will have only standalone subnet resource, so the code should look like:                                           const VirtualNetwork = new network.VirtualNetwork("VirtualNetwork-test", {
        addressSpace: {
            addressPrefixes: ["10.49.184.0/23"],
        },
        enableDdosProtection: false,
        location: "westeurope",
        resourceGroupName: "rsg-network",
        virtualNetworkName: "VirtualNetwork-test",
    },);    
    
    const subnet = new network.Subnet("subnet-test", {
        addressPrefix: "10.49.185.0/27",
        name: "subnet-test",
        privateEndpointNetworkPolicies: "Enabled",
        privateLinkServiceNetworkPolicies: "Enabled",
        resourceGroupName: "rsg-network",
        subnetName: "subnet-test",
        type: "Microsoft.Network/virtualNetworks/subnets",
        virtualNetworkName: "VirtualNetwork-test",
    }, {
        parent: VirtualNetwork,
    });
  • b

    brash-quill-35776

    10/28/2021, 2:28 AM
    Hi, just start to use azure-native, but seems like the args type are incorrect. Basically, the input type is now
    string
    , so I can't put
    input
    type to that then
    output
    type is
    string
    , which I think should be
    output
    type Please take a look If it's a legit issue, I can then create issue in Github
    b
    • 2
    • 2
  • g

    great-breakfast-56601

    10/28/2021, 9:35 AM
    Can anyone offer any reference for the correct casing of AddonProfiles?
  • g

    great-breakfast-56601

    10/28/2021, 9:35 AM
    { "KubeDashboard", new ManagedClusterAddonProfileArgs
                    {
                        Enabled = false,
                    }
                   },
                   { "Azurepolicy", new ManagedClusterAddonProfileArgs
                    {
                        Enabled = true,
                        Config = new InputMap<string>{ {"version", "v2"} }
                    }
                   },
                   { "omsagent", new ManagedClusterAddonProfileArgs
                    {
                        Enabled = true,
                        Config = new InputMap<string>{ {"logAnalyticsWorkspaceResourceID", partnerAnalyticsWorkspace.Id} }
                    }
                   },
  • g

    great-breakfast-56601

    10/28/2021, 9:36 AM
    Are any of these valid?
  • g

    great-breakfast-56601

    10/28/2021, 9:37 AM
    Working in C#. Does the casing change by language?
  • p

    proud-dusk-33872

    10/28/2021, 11:35 PM
    Hi all - trying to better understand how Pulumi works under the good. Given the call
    Pulumi.Deployment.Instance.InvokeAsync<ListConfigurationStoreKeysResult>("azure-native:appconfiguration:listConfigurationStoreKeys", ...)
    , where is
    azure-native:appconfiguration:listConfigurationStoreKeys
    coming from? Is there a config/manifest file somewhere that is used to generate all the code that would contain those references? I couldn't find the string reference outside of code files.
    b
    s
    • 3
    • 10
Powered by Linen
Title
p

proud-dusk-33872

10/28/2021, 11:35 PM
Hi all - trying to better understand how Pulumi works under the good. Given the call
Pulumi.Deployment.Instance.InvokeAsync<ListConfigurationStoreKeysResult>("azure-native:appconfiguration:listConfigurationStoreKeys", ...)
, where is
azure-native:appconfiguration:listConfigurationStoreKeys
coming from? Is there a config/manifest file somewhere that is used to generate all the code that would contain those references? I couldn't find the string reference outside of code files.
b

billowy-army-68599

10/28/2021, 11:59 PM
the SDK product comes from the APi using codegen we create. So we read the API and generate SDK calls. The thing that actually makes the calls themselves is the provider binary in
~/.pulumi/plugins
p

proud-dusk-33872

10/29/2021, 12:03 AM
Ah perfect, thanks.
Is there any reason why things like restarting web apps (https://docs.microsoft.com/en-us/rest/api/appservice/web-apps/restart) isn't mapped to an invokable static class?
(just curious, since it's all generated from the schemas)
b

billowy-army-68599

10/29/2021, 12:05 AM
I'll have to defer to @tall-librarian-49374 or @sparse-park-68967 for that, but it's more than likely because it only has one operation and doesn't create a "resource" You can of course just use the azure SDK in your particular language
p

proud-dusk-33872

10/29/2021, 12:06 AM
Ah ok, that makes sense
Yeah that's the direction I've gone in
Thanks very much
s

sparse-park-68967

10/29/2021, 12:40 AM
yes, we expose some of the get operations but most posts which may mutate state are not exposed. As @billowy-army-68599 mentioned, you could leverage the azure sdk in your language of choice. Its quite easy to initialize an SDK client from within a pulumi program. See https://github.com/pulumi/examples/blob/master/azure-ts-call-azure-sdk/index.ts#L11 for instance.
p

proud-dusk-33872

10/29/2021, 12:51 AM
Legend, thanks
View count: 3