The

inputs

property of HttpFunction seems to be the ticket, but it's zero documented and I haven't found any examples that use it

hi I'm interested if there is a way either cli or api or to get an access token rather than via the web front end?

hello, I can't configure secrets provider Google KMS, it keeps saying

Sorry, could not create stack 'dev': secrets (code=PermissionDenied): rpc error: code = PermissionDenied desc = Permission 'cloudkms.cryptoKeyVersions.useToEncrypt' denied on resource 'projects/<proj>/locations/us-central1/keyRings/<keyring>/cryptoKeys/<key>' (or it may not exist).

I verified that access is OK, I can encrypt/decrypt with gcloud cli

mb it does not work with symmetric key?

@bitter-oil-46081 can you help with my question above? Have you tested gcpkms secrets provider? Thanks in advance

Hi, I'm trying to adopt a bunch of existing resources into pulumi. To do so I'm using this syntax:

new datadog.Dashboard('foo',
  { description: 'foo', layoutType: 'ordered', widgets: [], title: 'foo' },
  {
    import: '3abc-qix-gn5',
  }
);`

Note that in this example the widgets part is under-specified - the to-be-imported resource has already many items under

widgets

. Therefore when I do a preview, I get

inputs to import do not match the existing resource; importing this resource will fail

which is kinda fine. When I do the preview with diff I can actually see what parts in my config are missing. Ideally I'd like to copy the widgets section from the diff and simply copy & paste it into my pulumi (typescript) code, so that I don't have to create all the inputs code from scratch. However while the diff looks javascript-ish, it's missing commas and has all the

-

and

[arrayindex]

characters. Now my question is: Is there a way I can get a more javascript-ish diff without all those extra characters so that I can simply use the diff as my starting point for the config? Or is there any other way to semi-manually generate pulumi code for existing resources to ease adoption? Note I already tried

pulumi preview --diff --json

but unfortunately the detailed diff is missing when I do so (unlike when running

pulumi preview --diff

which shows the full diff but with all those extraneous diff characters.)

Hi, now i stack with a problem, when the simple pulumi stack command take a lot of time

time pulumi --logtostderr -v=9 stack
I1203 22:28:22.700826   89424 backend.go:408] found username for access token
I1203 22:29:03.110095   89424 backend.go:408] found username for access token
Current stack is stage:
    Owner: project_iac
    Last updated: 7 hours ago (2019-12-03 15:03:51.875385 +0200 EET)
    Pulumi version: v1.6.1
Current stack resources (123):
...
Current stack outputs (7):
...
real	0m40.506s
user	0m0.289s
sys	0m0.093s

the others commands like pulumi up slow as well how can i debug what is the reason of the huge slow down ?

Hello again, I have a question about cross-acount resources. I've got a zone in Route 53 managed in one account (call it A). I'm delegating a subdomain to a zone I'm managing with Pulumi in another account (B). I have a role and policy configured in A to permit B to make the necessary changes to Route 53. Is there any way in my config applying to account B that I can assume the role in A to create the record set in A's Route 53?

I ran

pulumi refresh

and then on the next

pulumi up

I am getting this error:

Error: Cannot find module './servicequotas/index'

I don't have any servicequotas resources in my program. Where is this coming from?

Quick question, is there a way to generate the terraform template?

Do you guys have templates for making a pulumi provider (i.e. something that is not a TF provider)?

Hello people, I'm running into this weird issue with AKS. The nodepool gets re-created any time I do

pulumi up

, which now makes the deployment take so long. This is what my cluster looks like:

const k8sCluster = new azure.containerservice.KubernetesCluster(config.clusterName, {
    resourceGroupName: resourceGroup.name,
    location: resourceGroup.location,   
    name: config.clusterName,
    agentPoolProfiles: [{
        name: "nodepool1",
        count: config.nodeCount,
        vmSize: config.nodeSize,
        osType: "Linux"
    }],
    dnsPrefix: `${pulumi.getStack()}-kube`,
    servicePrincipal: {
        clientId: app.applicationId,
        clientSecret: spPassword
    },
    tags: {
        environment: config.env,
    },
}, { dependsOn: [app, adSpPassword] });

And here is

pulumi up

in action:

Hello everyone 👋 here's the TL;DR I want to reuse existing kubernetes objects, instead of creating new ones, when applying pulumi More Detailed description of my Problem: I've got a little problem with the

import

of existing kuberenetes objects. What I thought It does: Now you can apply a new configuration over the very same kubernetes object What it does: It doesn't work, when there is a minor difference between the new and the existing configuration. Pulumi states that:

warning: inputs to import do not match the existing resource; importing this resource will fail

and fails with

error: inputs to import do not match the existing resource
error: update failed

What am I doing wrong here? I just want to update/reuse existing kubernetes ressources

Hey, is that a bug or by design?

m5d.2xlarge

Amazon Linux 2 AMI (HVM), SSD Volume Type

has by default 1x300GB SSD disk attached. When I create such instance using

new aws.ec2.Instance

everything is fine and ec2 instance is being provisioned with

/dev/nvme1n1    296G

volume. However, when I use exactly the same instance size and AMI (ami-0cc293023f983ed53), but create it in autoscaling group

new awsx.autoscaling.AutoScalingLaunchConfiguration

it has only ~55GB disk attached (

/dev/nvme1n1     53G

). Can you please help me to understand why and how I can increase disk size?

How is the launch configuration defined?

Loving Pulumi for Azure. Are there any plans to support IoT Central or Azure Digital Twin? #general #dotnet

Do cross-stack references support json, or is it simply key-val?

Hello everyone I'm running into an issue when using the output of a resource in an ARM template (Typescript). For example, this is the variables section of the ARM template

"variables": {
      "storageAccountName": config.appServicePlanStorageName,
      "storageAccountKey": appStorageAccount.primaryAccessKey,
      "location": config.location,
}

Note that

storageAccountKey

is gotten from another resource When the resource got deployed, the value of storageAccountKey was this:

Calling [toJSON] on an [Output<T>] is not supported.\\n\\nTo get the value of an Output as a JSON value or JSON string consider either:\\n    1: o.apply(v => v.toJSON())\\n    2: o.apply(v => JSON.stringify(v))\\n\\nSee <https://pulumi.io/help/outputs> for more details.\\nThis function may throw in a future version of @pulumi/pulumi.

I have tried

"storageAccountKey": appStorageAccount.primaryAccessKey.apply(v => JSON.stringify(v))

"storageAccountKey": pulumi.output(appStorageAccount.primaryAccessKey).apply(JSON.stringify)

`"storageAccountKey": pulumi.all([appStorageAccount.primaryAccessKey]).apply(([v]) => 

${v}

)`

Is anyone else having pulumi programs just break on 1.6.0 compared to 1.5.1

Re-apply "propagate resource inputs to resource state during preview, including first-class unknown values." The new set of changes have additional fixes to ensure backwards compatibility with earlier code. This allows the preview to better estimate the state of a resource after an update, including property values that were populated using defaults calculated by the provider. #3327

this change has bit us in two different repos

in one of them I get a real unhelpful traceback. I'm guessing somewhere of the 100 resources I make in this state, "name" isn't getting carried through since its a default from a provider.

we run .apply off of the properties of Outputs all the time

The primary use case for these APIs is to allow nested, properties with

known values to be accessed via the lifted property accessor even when

the containing property is not fully know. A common example of this

pattern is the

metadata.name

property of a Kubernetes

Namespace

object: while other properties of the

metadata

bag may be unknown,

name

is often known. These APIs allow

ns.metadata.name

to return a

known value in this case.

luckily theres a great git commit status message that listed exactly what my name was

In order to make ClusterRoleBindings of service accounts created with Pulumi we always have to do

def extract_resource_name(service_account_resource):
    return service_account_resource.metadata['name']

in order to get the fun -randombits Pulumi adds at the end when making the ClusterRoleBinding in python

I’m getting logged out of the Pulumi console frequently this morning, stack diffs are also intermittently showing

null is not an object (evaluating 'Object.keys(n)') DISMISS

Is there a way to suppress output from

pulumi plugin install

command when it is run from a package manager? Specifically, I'd like to omit the output:

[resource plugin aws-1.7.0] installing

Anything going on with this issue? https://github.com/pulumi/pulumi-kubernetes/issues/29

It'd be great to have a

pulumi render

command where I can get raw yaml out of my template

Are there any issues with pulumi at the moment. I'm running

pulumi preview

. It has now been running for > 10 minutes. I checked the previous time that it was run in activity history (17 Nov) and it completed in "seconds". Nothing has changed in the stack since then.