https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • h

    high-translator-22614

    07/30/2019, 12:02 AM
    but if you make the right way the easy path (especially if you provide a lot of utility for dealing with the tediousness that is AWS), then you'll get better developer buy-in
  • h

    high-translator-22614

    07/30/2019, 12:04 AM
    (see also: devops the culture, all software has ux)
  • h

    high-translator-22614

    07/30/2019, 12:05 AM
    so, for example, I wrote https://github.com/dingbots/deplumi to deal with a lot of messy details around lambda, everything from building packages to generating IAM roles to setting up a lambda function as a webservice
    👍 1
  • b

    bitter-oil-46081

    07/30/2019, 12:11 AM
    I'm trying to unpack your question here, @hallowed-raincoat-3555 and I think there may be some confusion on my end about what you are after. I'm assuming that you've read https://www.pulumi.com/docs/reference/organizing-stacks-projects/, because you're using a bunch of the words we have on that page to explain things. There's a difference here between "stacks" which are logically correspond to a deployed instance of a Pulumi program and what you seem to be asking for. Your request to be able to create libraries that make things easier for your devs to build infrastructure which is to be deployed is sort of orthogonal to how you name these deployments. The message above about using ComponentResources to wrap up best practices is correct, but these aren't really tied to the way that you organize and name the actual deployments of you infrastructure into stacks.
  • s

    salmon-beard-79336

    07/30/2019, 3:18 PM
    @bitter-oil-46081 or anyone else, what approach would you recommend to break a relatively long project into modules (I.E.: a module for networking, one for db, one for functions… and so on)?
    b
    • 2
    • 6
  • s

    salmon-beard-79336

    07/30/2019, 4:53 PM
    How can I use the ouput of a custom resource, as a string in a policy? - CustomResource outputs endpoint - Need to use that output as such:
    url="${customResource.endpoint}"
    w
    h
    • 3
    • 15
  • b

    billions-lock-80282

    07/30/2019, 5:39 PM
    Hi, I'm stuck using getResource on a Helm chart to get the loadBalancer hostname of a nginx k8s service. I'm running
    const hostname = nginx.getResource("v1/Service", ns, "nginx-ingress-controller").status.apply(s => s.loadBalancer.ingress[0].hostname);
    but I get
    TypeError: Cannot read property 'loadBalancer' of undefined
  • b

    billions-lock-80282

    07/30/2019, 5:39 PM
    The service definitely has these fields:
    status:
      loadBalancer:
        ingress:
        - hostname: <http://a1abdb135b2cb11e9afc60e430b1c1d1-ee9745e779b8c1b8.elb.us-east-1.amazonaws.com|a1abdb135b2cb11e9afc60e430b1c1d1-ee9745e779b8c1b8.elb.us-east-1.amazonaws.com>
  • b

    billions-lock-80282

    07/30/2019, 5:40 PM
    and nginx is the Helm chart and has type: Chart
  • e

    elegant-crayon-4967

    07/30/2019, 5:45 PM
    easy question for you guys...how do you create a new project via CLI with a different Owner?
    g
    • 2
    • 9
  • b

    bitter-island-28909

    07/30/2019, 5:53 PM
    Where’s the best place to add a change request for the
    awsx.Vpc
    resource? (IMO, it should create AWS service endpoints for private subnets, since routing all S3 traffic through a NAT is probably not what most people have in mind).
    g
    • 2
    • 2
  • e

    early-musician-41645

    07/30/2019, 6:34 PM
    Is there a document somewhere with details about Pulumi's REST api? Specifically, I'd like to list all stack tags (key/values) for stacks in a given project.
    w
    g
    • 3
    • 12
  • o

    orange-tailor-85423

    07/30/2019, 6:43 PM
    quick way to get an
    aws.iam.Role
    object back if you have the role name?
  • o

    orange-tailor-85423

    07/30/2019, 6:43 PM
    aws.iam.GetRole
    seems to return attributes of the role but not the role itself which is what a K8s cluster constructor wants
  • o

    orange-tailor-85423

    07/30/2019, 6:47 PM
    this is due to building a stack that creates all the IAM roles including the cluster role, rather export the role names or ARNs and not entire role objects (if that’s even a thing)
  • h

    high-translator-22614

    07/30/2019, 7:02 PM
    Will it accept the Role ARN?
  • o

    orange-tailor-85423

    07/30/2019, 7:02 PM
    nope
  • h

    high-translator-22614

    07/30/2019, 7:02 PM
    that smells like a bug with the k8s provider (as an external user that doesn't mess with k8s much)
  • o

    orange-tailor-85423

    07/30/2019, 7:03 PM
    -.js
  • h

    high-translator-22614

    07/30/2019, 7:03 PM
    oh, it's declared as only accepting a real
    Role
    but that doesn't mean it's true
  • h

    high-translator-22614

    07/30/2019, 7:04 PM
    (JavaScript and Python have something in the common--the type declarations are more suggestions than fact)
  • o

    orange-tailor-85423

    07/30/2019, 7:06 PM
    hard-coded an ARN - doesn’t like it
    😒 1
  • h

    high-translator-22614

    07/30/2019, 7:10 PM
    that sounds like a deficiency in the provider, and you should probably file an issue on github
  • h

    high-translator-22614

    07/30/2019, 7:10 PM
    (there's probably an argument to be made that if you're predefining roles, they're probably not as reduced as they could be, but i don't feel like arguing opinions and best practices)
  • o

    orange-tailor-85423

    07/30/2019, 7:15 PM
    what do you mean by “as reduced as they could be”
  • o

    orange-tailor-85423

    07/30/2019, 7:15 PM
    i.e. not implementing something like kiam?
  • h

    high-translator-22614

    07/30/2019, 7:45 PM
    ideally, every computation resource should have exactly as much access as it needs to do its job, and no more
  • o

    orange-tailor-85423

    07/30/2019, 7:46 PM
    just attempting to pass info between stacks at this point
  • o

    orange-tailor-85423

    07/30/2019, 7:46 PM
    and passing a promise like a role object seems problematic or impossible
  • o

    orange-tailor-85423

    07/30/2019, 7:46 PM
    I’ll file a bug and see where it goes
Powered by Linen
Title
o

orange-tailor-85423

07/30/2019, 7:46 PM
I’ll file a bug and see where it goes
View count: 1