https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • a

    ambitious-ram-5811

    12/03/2019, 1:23 AM
    The
    inputs
    property of HttpFunction seems to be the ticket, but it's zero documented and I haven't found any examples that use it
    t
    • 2
    • 2
  • a

    agreeable-australia-82656

    12/03/2019, 5:42 PM
    hi I'm interested if there is a way either cli or api or to get an access token rather than via the web front end?
    f
    • 2
    • 4
  • e

    elegant-dress-88912

    12/03/2019, 6:29 PM
    hello, I can't configure secrets provider Google KMS, it keeps saying
    Sorry, could not create stack 'dev': secrets (code=PermissionDenied): rpc error: code = PermissionDenied desc = Permission 'cloudkms.cryptoKeyVersions.useToEncrypt' denied on resource 'projects/<proj>/locations/us-central1/keyRings/<keyring>/cryptoKeys/<key>' (or it may not exist).
    I verified that access is OK, I can encrypt/decrypt with gcloud cli
    • 1
    • 1
  • e

    elegant-dress-88912

    12/03/2019, 6:43 PM
    mb it does not work with symmetric key?
  • e

    elegant-dress-88912

    12/03/2019, 6:48 PM
    @bitter-oil-46081 can you help with my question above? Have you tested gcpkms secrets provider? Thanks in advance
  • g

    glamorous-printer-66548

    12/03/2019, 6:48 PM
    Hi, I'm trying to adopt a bunch of existing resources into pulumi. To do so I'm using this syntax:
    new datadog.Dashboard('foo',
      { description: 'foo', layoutType: 'ordered', widgets: [], title: 'foo' },
      {
        import: '3abc-qix-gn5',
      }
    );`
    Note that in this example the widgets part is under-specified - the to-be-imported resource has already many items under
    widgets
    . Therefore when I do a preview, I get
    inputs to import do not match the existing resource; importing this resource will fail
    which is kinda fine. When I do the preview with diff I can actually see what parts in my config are missing. Ideally I'd like to copy the widgets section from the diff and simply copy & paste it into my pulumi (typescript) code, so that I don't have to create all the inputs code from scratch. However while the diff looks javascript-ish, it's missing commas and has all the
    -
    and
    [arrayindex]
    characters. Now my question is: Is there a way I can get a more javascript-ish diff without all those extra characters so that I can simply use the diff as my starting point for the config? Or is there any other way to semi-manually generate pulumi code for existing resources to ease adoption? Note I already tried
    pulumi preview --diff --json
    but unfortunately the detailed diff is missing when I do so (unlike when running
    pulumi preview --diff
    which shows the full diff but with all those extraneous diff characters.)
    w
    • 2
    • 2
  • q

    quaint-garden-96746

    12/03/2019, 8:34 PM
    Hi, now i stack with a problem, when the simple pulumi stack command take a lot of time
    time pulumi --logtostderr -v=9 stack
    I1203 22:28:22.700826   89424 backend.go:408] found username for access token
    I1203 22:29:03.110095   89424 backend.go:408] found username for access token
    Current stack is stage:
        Owner: project_iac
        Last updated: 7 hours ago (2019-12-03 15:03:51.875385 +0200 EET)
        Pulumi version: v1.6.1
    Current stack resources (123):
    ...
    Current stack outputs (7):
    ...
    real	0m40.506s
    user	0m0.289s
    sys	0m0.093s
    the others commands like pulumi up slow as well how can i debug what is the reason of the huge slow down ?
    c
    • 2
    • 9
  • s

    steep-printer-55468

    12/03/2019, 9:18 PM
    Hello again, I have a question about cross-acount resources. I've got a zone in Route 53 managed in one account (call it A). I'm delegating a subdomain to a zone I'm managing with Pulumi in another account (B). I have a role and policy configured in A to permit B to make the necessary changes to Route 53. Is there any way in my config applying to account B that I can assume the role in A to create the record set in A's Route 53?
    c
    q
    • 3
    • 10
  • w

    worried-engineer-33884

    12/03/2019, 11:33 PM
    I ran
    pulumi refresh
    and then on the next
    pulumi up
    I am getting this error:
    Error: Cannot find module './servicequotas/index'
    I don't have any servicequotas resources in my program. Where is this coming from?
    q
    • 2
    • 15
  • m

    mammoth-psychiatrist-53448

    12/03/2019, 11:57 PM
    Quick question, is there a way to generate the terraform template?
  • r

    rhythmic-hair-33677

    12/04/2019, 2:13 AM
    Do you guys have templates for making a pulumi provider (i.e. something that is not a TF provider)?
    w
    • 2
    • 6
  • p

    plain-eye-9759

    12/04/2019, 10:22 AM
    Hello people, I'm running into this weird issue with AKS. The nodepool gets re-created any time I do
    pulumi up
    , which now makes the deployment take so long. This is what my cluster looks like:
    const k8sCluster = new azure.containerservice.KubernetesCluster(config.clusterName, {
        resourceGroupName: resourceGroup.name,
        location: resourceGroup.location,   
        name: config.clusterName,
        agentPoolProfiles: [{
            name: "nodepool1",
            count: config.nodeCount,
            vmSize: config.nodeSize,
            osType: "Linux"
        }],
        dnsPrefix: `${pulumi.getStack()}-kube`,
        servicePrincipal: {
            clientId: app.applicationId,
            clientSecret: spPassword
        },
        tags: {
            environment: config.env,
        },
    }, { dependsOn: [app, adSpPassword] });
    And here is
    pulumi up
    in action:
    t
    • 2
    • 6
  • h

    handsome-cat-98152

    12/04/2019, 11:24 AM
    Hello everyone 👋 here's the TL;DR I want to reuse existing kubernetes objects, instead of creating new ones, when applying pulumi More Detailed description of my Problem: I've got a little problem with the
    import
    of existing kuberenetes objects. What I thought It does: Now you can apply a new configuration over the very same kubernetes object What it does: It doesn't work, when there is a minor difference between the new and the existing configuration. Pulumi states that:
    warning: inputs to import do not match the existing resource; importing this resource will fail
    and fails with
    error: inputs to import do not match the existing resource
    error: update failed
    What am I doing wrong here? I just want to update/reuse existing kubernetes ressources
    s
    • 2
    • 5
  • h

    high-jackal-29091

    12/04/2019, 11:32 AM
    Hey, is that a bug or by design?
    m5d.2xlarge
    Amazon Linux 2 AMI (HVM), SSD Volume Type
    has by default 1x300GB SSD disk attached. When I create such instance using
    new aws.ec2.Instance
    everything is fine and ec2 instance is being provisioned with
    /dev/nvme1n1    296G
    volume. However, when I use exactly the same instance size and AMI (ami-0cc293023f983ed53), but create it in autoscaling group
    new awsx.autoscaling.AutoScalingLaunchConfiguration
    it has only ~55GB disk attached (
    /dev/nvme1n1     53G
    ). Can you please help me to understand why and how I can increase disk size?
  • s

    stocky-spoon-28903

    12/04/2019, 3:12 PM
    How is the launch configuration defined?
    w
    h
    • 3
    • 7
  • w

    worried-caravan-35560

    12/04/2019, 4:22 PM
    Loving Pulumi for Azure. Are there any plans to support IoT Central or Azure Digital Twin? #general #dotnet
    • 1
    • 1
  • b

    billions-lock-73409

    12/04/2019, 4:23 PM
    Do cross-stack references support json, or is it simply key-val?
    b
    • 2
    • 8
  • p

    plain-eye-9759

    12/04/2019, 5:17 PM
    Hello everyone I'm running into an issue when using the output of a resource in an ARM template (Typescript). For example, this is the variables section of the ARM template
    "variables": {
          "storageAccountName": config.appServicePlanStorageName,
          "storageAccountKey": appStorageAccount.primaryAccessKey,
          "location": config.location,
    }
    Note that
    storageAccountKey
    is gotten from another resource When the resource got deployed, the value of storageAccountKey was this:
    Calling [toJSON] on an [Output<T>] is not supported.\\n\\nTo get the value of an Output as a JSON value or JSON string consider either:\\n    1: o.apply(v => v.toJSON())\\n    2: o.apply(v => JSON.stringify(v))\\n\\nSee <https://pulumi.io/help/outputs> for more details.\\nThis function may throw in a future version of @pulumi/pulumi.
    I have tried
    "storageAccountKey": appStorageAccount.primaryAccessKey.apply(v => JSON.stringify(v))
    "storageAccountKey": pulumi.output(appStorageAccount.primaryAccessKey).apply(JSON.stringify)
    `"storageAccountKey": pulumi.all([appStorageAccount.primaryAccessKey]).apply(([v]) => 
    ${v}
    )`
    t
    • 2
    • 3
  • c

    clever-nest-47198

    12/04/2019, 6:10 PM
    Is anyone else having pulumi programs just break on 1.6.0 compared to 1.5.1
  • c

    clever-nest-47198

    12/04/2019, 6:10 PM
    Re-apply "propagate resource inputs to resource state during preview, including first-class unknown values." The new set of changes have additional fixes to ensure backwards compatibility with earlier code. This allows the preview to better estimate the state of a resource after an update, including property values that were populated using defaults calculated by the provider. #3327
    this change has bit us in two different repos
  • c

    clever-nest-47198

    12/04/2019, 6:21 PM
    in one of them I get a real unhelpful traceback. I'm guessing somewhere of the 100 resources I make in this state, "name" isn't getting carried through since its a default from a provider.
    Untitled
  • c

    clever-nest-47198

    12/04/2019, 6:24 PM
    we run .apply off of the properties of Outputs all the time
  • c

    clever-nest-47198

    12/04/2019, 6:32 PM
    The primary use case for these APIs is to allow nested, properties with
    known values to be accessed via the lifted property accessor even when
    the containing property is not fully know. A common example of this
    pattern is the
    metadata.name
    property of a Kubernetes
    Namespace
    object: while other properties of the
    metadata
    bag may be unknown,
    name
    is often known. These APIs allow
    ns.metadata.name
    to return a
    known value in this case.
    luckily theres a great git commit status message that listed exactly what my name was
  • c

    clever-nest-47198

    12/04/2019, 6:33 PM
    In order to make ClusterRoleBindings of service accounts created with Pulumi we always have to do
    def extract_resource_name(service_account_resource):
        return service_account_resource.metadata['name']
    in order to get the fun -randombits Pulumi adds at the end when making the ClusterRoleBinding in python
  • b

    busy-umbrella-36067

    12/04/2019, 6:38 PM
    I’m getting logged out of the Pulumi console frequently this morning, stack diffs are also intermittently showing
    null is not an object (evaluating 'Object.keys(n)') DISMISS
    w
    c
    • 3
    • 3
  • p

    proud-animal-24343

    12/04/2019, 8:35 PM
    Is there a way to suppress output from
    pulumi plugin install
    command when it is run from a package manager? Specifically, I'd like to omit the output:
    [resource plugin aws-1.7.0] installing
  • s

    some-carpenter-53382

    12/04/2019, 9:28 PM
    Anything going on with this issue? https://github.com/pulumi/pulumi-kubernetes/issues/29
    g
    • 2
    • 1
  • s

    some-carpenter-53382

    12/04/2019, 9:29 PM
    It'd be great to have a
    pulumi render
    command where I can get raw yaml out of my template
  • a

    alert-monitor-93874

    12/04/2019, 10:16 PM
    Are there any issues with pulumi at the moment. I'm running
    pulumi preview
    . It has now been running for > 10 minutes. I checked the previous time that it was run in activity history (17 Nov) and it completed in "seconds". Nothing has changed in the stack since then.
    g
    l
    • 3
    • 8
  • s

    steep-printer-55468

    12/04/2019, 10:39 PM
    I'm using
    awsx.ec2.Vpc
    to manage VPCs. I have a VPC that previously didn't configure any NAT gateways. I just updated it with
    numberofNatGateways: 2
    to add some gateways but Pulumi doesn't detect the change. Is that a bug? If not, what am I doing wrong? And if so... how do I work around it?
    l
    • 2
    • 9
Powered by Linen
Title
s

steep-printer-55468

12/04/2019, 10:39 PM
I'm using
awsx.ec2.Vpc
to manage VPCs. I have a VPC that previously didn't configure any NAT gateways. I just updated it with
numberofNatGateways: 2
to add some gateways but Pulumi doesn't detect the change. Is that a bug? If not, what am I doing wrong? And if so... how do I work around it?
more on this... seems like `numberOfNatGateways`doesn't work at all
I tried creating a new VPC specifying nat gateways and it doesn't show any nat gateways in the resources to create
l

lemon-spoon-91807

12/05/2019, 1:06 AM
hey @steep-printer-55468 can you show me the code you're sing to make the Vpc?
s

steep-printer-55468

12/05/2019, 2:33 AM
const privateVpc = new awsx.ec2.Vpc("private", {
        cidrBlock: "10.255.0.0/16",
        numberOfAvailabilityZones: 2,
        numberOfNatGateways: 2,
        subnets: [
            { type: "private", name: "private", cidrMask: 24 },
            { type: "isolated", name: "database", cidrMask: 24 },
        ]
    });
I've worked around it in the meantime with this
for (let subnet of privateVpc.privateSubnets) {
        let gw = privateVpc.addNatGateway(`natgw-${subnet.subnetName}`, {
            subnet: subnet.id,
        });

        subnet.createRoute(`natgw-route-${subnet.subnetName}`, {
            destinationCidrBlock: "0.0.0.0/0",
            natGatewayId: gw.natGateway.id,
        });
    }
had an epiphany just now
I am a giant dope and tried to assign nat gateways in a private subnet, which obviously won't work
Pulumi 1, man and his keyboard 0
View count: 1