Hi guys, can I use pulumi to provide just bare metal hosted servers (without k8s, etc) ?

How long does it take Pulumi release to incorporate actions that on a cli would be prefix with beta.. e.g.

How pulumi copes with a team changing and applying the same infrastructure at the same moment ? So if a team have X members and they all are changing and applying changes at the same moment - how pulumi locks resources ?

@boundless-room-36997 it doesn’t: it locks entire stacks

So prevents concurrent modification like that

import * as awsx from '@pulumi/awsx';

export const vpc = new awsx.ec2.Vpc('custom', {
  cidrBlock: '10.0.0.0/16',
  numberOfAvailabilityZones: 3,
  subnets: [
    { type: 'public' },
    { type: 'private' },
    { type: 'isolated', name: 'db' },
    { type: 'isolated', name: 'redis' }
  ]
});

export const sg = new awsx.ec2.SecurityGroup('sg', { vpc });
awsx.ec2.SecurityGroupRule.ingress(
  'https',
  sg,
  new awsx.ec2.AnyIPv4Location(),
  new awsx.ec2.TcpPorts(443),
  'allow https access'
);
awsx.ec2.SecurityGroupRule.ingress(
  'ssh',
  sg,
  new awsx.ec2.AnyIPv4Location(),
  new awsx.ec2.TcpPorts(22),
  'allow ssh access'
);

For this above code I am running into this error

aws:ec2:SecurityGroup (sg):
    error: Plan apply failed: Error creating Security Group: InvalidParameterValue: Value (sg-34e72cd) for parameter GroupName is invalid. Group names may not be in the format sg-*.
    	status code: 400, request id: 5a65b4e8-298c-4b18-9e85-94c61d7e19b4

Looks like the

sg

with an

-

is an issue. Am I doing something wrong? Or is it a bug?

I’m not sure if I’ve found a bug or not, but when I do

pulumi login <s3://my-pulumi-bucket/something>

(assuming that data will be stored in

<s3://my-pulumi-bucket/something/.pulumi>

), instead everything ends up in

<s3://my-pulumi-bucket/.pulumi>

. This is really unexpected. Is it intentional behavior?

Related to a prior question - how does one tell a

pulumi.StackReference

to look at a stack in another S3 bucket, by stack name? i.e., I’m in

bar-deploy

, I need to access

foo-deploy

, but I need to specifically get outputs from the

dev

stack (use case: there might be multiple

bar-deploy

stacks using

foo-deploy

@

dev

as their backend). How can I express this?

awsx.elasticloadbalancingv2.ApplicationLoadBalancer..... ipAddressType: config.ipAddressType,

anyone want to help me type this properly? a config string isn't it... it seems to want:

ipAddressType?: pulumi.Input<"ipv4" | "dualstack">;

TSError: ⨯ Unable to compile TypeScript:
    index.ts(65,87): error TS2345: Argument of type '{ name: string; vpc: Vpc; external: true; ipAddressType: string; securityGroups: SecurityGroup[]; subnets: Output<string>[]; }' is not assignable to parameter of type 'ApplicationLoadBalancerArgs'.
      Types of property 'ipAddressType' are incompatible.
        Type 'string' is not assignable to type '"dualstack" | "ipv4" | Promise<"dualstack" | "ipv4"> | OutputInstance<"dualstack" | "ipv4"> | undefined'.
    index.ts(136,64): error TS7006: Parameter 'hostname' implicitly has an 'any' type.

@proud-alarm-92546 how are you getting that, that PR isn't even merged in pulumi-aws yet for that type...

awsx

@lemon-spoon-91807?

Is there a way to call out to gcloud operations like gcloud beta source project-configs update --add-topic=[TOPIC_NAME] --service-account=[SERVICE_ACCOUNT_NAME] which aren't incorporated into pulumi types yet? I guess it would need something like up/down like a db migration

Hi, I'm trying to create Pulumi Node.js program in TypeScript to provision AWS services to multiple regions in one go, using @pulumi/awsx; I’m having trouble understanding what I’m doing wrong while trying to create VPCs in a loop. The regions get mixed while the program tries to create route tables and subnets, like this:

aws:ec2:RouteTable (vpc-test-us-east-2-private-0):
    error: Plan apply failed: Error creating route table: InvalidVpcID.NotFound: The vpc ID 'vpc-03f05ae1180c62fd2' does not exist

Is it possible to change our organization name?

Are there already best practices to structure Pulumi code? Do we need multiple “stacks” like in TF land, using “remote state”? Any blog articles that could bootstrap me?

[solved] Welp - seems like when it rains, it pours. I'm on a Fedora 29 machine; I decided to update to get rid of the version nag and I've just updated (using

curl | sh

) to the most recent version of Pulumi; I now get a panic (listed in thread) whenever I try to run anything and on my side I've relogged in a new shell, run

npm rebuild

, etc. It seems so out of the ordinary that it seems likely to be an issue on my end of things, but perhaps somebody's seen it before (or has some "nuke it from orbit" advice)?

[Solved] When using

import * as aws from "@pulumi/aws";

command, I get errors assigning values via a variable to my ec2 instanceType, but if I use the old format

const aws = require("@pulumi/aws")

the error goes away and my code runs just fine. Thoughts?

Running the above example code and getting failures in EKS:

hey all - i stood up the eks example and i'm trying to deploy a helm chart like the example, except it's a different one. it's failing to start and i think it's my syntax.

export const kubeconfig = cluster.kubeconfig;

const myk8s = new k8s.Provider("myk8s", {
    kubeconfig: cluster.kubeconfig.apply(JSON.stringify),
});

const nginx = new helm.v2.Chart("rancher-nginx", {
    namespace: "rancher",
    repo: "stable",
    chart: "nginx-ingress",
    values: {
        "rbac.create": "true"
    },
 }, { providers: { kubernetes: myk8s }});

Hey there! I upgraded kubernetes from

1.13.4

to

1.14.3

and now when I do

pulumi up

on an existing stack I get

error: Plan apply failed: 1 error occurred:
    * SchemaError(io.k8s.api.core.v1.PodAntiAffinity): invalid object doesn't have additional properties

Ideas?

(worth mentioning I have no

PodAntiAffinity

references in my code)

Solved it by upgrading to latest versions (of

@pulumi/pulumi

,

@pulumi/kubernetes

and the

pulumi

CLI).

Is there a way to poll for resource creation to reinforce a

dependsOn

relationship? We believe we are encountering an issue creating a resource that depends on an IAM RolePolicyAttachment that isn't quite ready when the dependent resource starts to create. https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency

hey all...my team is evaluating on using pulumi teams, i was trying to find more documentation/info regarding the pulumi cloud console---I was wondering, how does the console manage/handle AWS keys/secrets (if it does store aws keys)? thanks!

Is there an easy way to export or migrate a stack from my personal org to a different org?

In just under 2 hours, we'll be live at , talking about Pulumi Crosswalk for AWS, including special guests from Tableau discussing getting up and running with EKS in AWS, partner guests from AWS, and a bunch of teammates demoing cool things around ECS, EKS, Lambda, etc. Hope to see you there!

@big-piano-35669 "just under 2 hours" means......what? 11am PT? (sorry brian, slack did weird)

Yep, 11am PT.