https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • s

    stocky-spoon-28903

    08/09/2018, 11:25 AM
    I’m getting a lot of this kind of thing when modifying security group rules:
    Do you want to perform this update? yes
    Updating stack 'vault-dev'
    Performing changes:
    
         Type                                      Name                         Status                  Info
     *   pulumi:pulumi:Stack                       pulumi-vault-test-vault-dev  done
     *   └─ operator-error:aws:vault:VaultServers  algo-vault-servers           unchanged
     ~      └─ aws:ec2:SecurityGroup               algo-vault-server-sg         **updating failed**     changes: ~ ingress, 2 errors
    
    Diagnostics:
      aws:ec2:SecurityGroup: algo-vault-server-sg
        error: Plan apply failed: updating urn:pulumi:vault-dev::pulumi-vault-test::operator-error:aws:vault:VaultServers$aws:ec2/securityGroup:SecurityGroup::algo-vault-server-sg: Error revoking security group ingress rules: InvalidPermission.NotFound: The specified rule does not exist in this security group.
        	status code: 400, request id: 72b0d525-f31f-4fff-a0dc-7229cfb50af3
    
        error: update failed
    
    info: no changes required:
          50 resources unchanged
  • s

    stocky-spoon-28903

    08/09/2018, 11:26 AM
    IIRC this is why Terraform has separate
    aws_security_group_rule
    resources as well as the nested ones, and there is a storied history about those bits. Is this something others are commonly seeing?
  • s

    stocky-spoon-28903

    08/09/2018, 11:43 AM
    Hmm, attempting to fix it by manual delete and refresh gives me an interesting state too:
    Permalink: <https://app.pulumi.com/jen20/vault-dev/updates/45>
    error: post-step event returned an error: failed to save snapshot: after mutation of snapshot: resource urn:pulumi:vault-dev::pulumi-vault-test::operator-error:aws:vault:BastionHost::algo-vault-bastion-host's dependency urn:pulumi:vault-dev::pulumi-vault-test::operator-error:aws:vault:VaultServers$aws:ec2/securityGroup:SecurityGroup::algo-vault-server-sg comes after it
  • s

    stocky-spoon-28903

    08/09/2018, 11:46 AM
    Then did a stack export, removed the offending security group, imported (success), but then got a panic on the next refresh:
  • s

    stocky-spoon-28903

    08/09/2018, 11:46 AM
    -.sh
    m
    • 2
    • 5
  • t

    thousands-microphone-24535

    08/09/2018, 2:14 PM
    Hi! Probably a dumb question. Is there a way to pass the AWS_PROFILE to use as a parameter to
    pulumi update
    ? The guide talks about setting is as an ENV but is quite annoying to have to change the ENV manually while jumping between different projects. Any tips? ^^
  • s

    stocky-spoon-28903

    08/09/2018, 2:39 PM
    I believe there was something just merged that would allow you set provider config in code, but I’m not sure whether it’s hit a release yet. Right now I think you have to have AWS_PROFILE set in the environment
  • t

    thousands-microphone-24535

    08/09/2018, 2:41 PM
    Setting if in the config yml is what I was just trying 😛 well i’m gonna use the env for now. thanks ^^
  • w

    white-balloon-205

    08/09/2018, 3:47 PM
    You should be able to do
    pulumi config set aws:profile production
    to set the profile to use via Pulumi config. This will take priority over anything from the environment.
    👍 2
    t
    • 2
    • 2
  • s

    stocky-spoon-28903

    08/09/2018, 6:08 PM
    Is there a good example of using the function capture and serialization with a plain
    aws.lambda.Function
    resource?
    m
    w
    l
    • 4
    • 13
  • a

    adamant-restaurant-73893

    08/09/2018, 11:25 PM
    New bloggage from @colossal-beach-47527 https://twitter.com/PulumiCorp/status/1027696618680791042
  • a

    adamant-restaurant-73893

    08/09/2018, 11:25 PM
    http://blog.pulumi.com/creating-and-reusing-cloud-components-using-package-managers
    ❤️ 3
  • b

    bland-lamp-97030

    08/10/2018, 12:55 PM
    I've hit the same issue as described by https://github.com/pulumi/pulumi-cloud/issues/145#issuecomment-341567911
  • b

    bland-lamp-97030

    08/10/2018, 12:56 PM
    I'm using cloud-aws to create a Service on fargate, but the task requires access to KMS
  • b

    bland-lamp-97030

    08/10/2018, 12:56 PM
    I've created the necessary policy, but there appears to be no way to add it to the task/service
  • b

    bland-lamp-97030

    08/10/2018, 12:57 PM
    I'm wondering if there's a work around possible, or if I should +1 the issue
    m
    • 2
    • 1
  • i

    important-jackal-88836

    08/10/2018, 5:39 PM
    is it possible to generate a random property in pulumi code and reuse it somehow on the next deploy instead of randomly generating it again?
  • c

    colossal-beach-47527

    08/10/2018, 5:40 PM
    @important-jackal-88836 in situations like that, I usually just embed the stack’s name. (e.g.
    pulumi.getStackName()
    IIRC.) That is a stable value that will remain constant across deployments. If that doesn’t work, you could specify a random number generator seed in your Pulumi config.
  • m

    microscopic-florist-22719

    08/10/2018, 5:41 PM
    @bitter-oil-46081 has done some clever work on this recently.
  • b

    bitter-oil-46081

    08/10/2018, 5:41 PM
    Let me show you some code, @important-jackal-88836.
  • b

    bitter-oil-46081

    08/10/2018, 5:42 PM
    https://github.com/ellismg/github-branch-cleanup-bot/blob/master/random.ts
  • b

    bitter-oil-46081

    08/10/2018, 5:42 PM
    https://github.com/ellismg/github-branch-cleanup-bot/blob/09428bccf51820ed91e092488532c11e99238f37/github.ts#L207-L209
  • i

    important-jackal-88836

    08/10/2018, 5:44 PM
    sweet
  • i

    important-jackal-88836

    08/10/2018, 5:45 PM
    you should npm that
    💯 2
  • b

    bitter-oil-46081

    08/10/2018, 6:03 PM
    I think it may be exported from
    @ellismg/pulumi-github-webhooks
    ? maybe import {RandomResource} from "@ellismg/pulumi-github-webhooks/random" works.
  • i

    important-jackal-88836

    08/10/2018, 6:38 PM
    man my IAC is lookin so slick
    💥 2
  • d

    dazzling-scientist-80826

    08/10/2018, 8:55 PM
    if i've got a TypeScript cloud.Function, what's the best way to do a promises-friendly http POST?
    w
    l
    • 3
    • 21
  • b

    bland-lamp-97030

    08/12/2018, 11:00 AM
    Is there any good way to add new resources created by pulumi to existing resources that are managed in other ways? As a concrete example, say I wanted to add an allow rule for a new subnet I've created to an existing security group for an RDS database
  • b

    bland-lamp-97030

    08/12/2018, 11:00 AM
    can you "fetch" resources without pulumi trying to create them?
  • h

    helpful-vegetable-35581

    08/12/2018, 3:48 PM
    The resource classes all have a "get" method, I think it's designed for this use case but not totally clear what's expected for the ID: https://pulumi.io/reference/pkg/nodejs/@pulumi/aws/rds/#method-get-7
Powered by Linen
Title
h

helpful-vegetable-35581

08/12/2018, 3:48 PM
The resource classes all have a "get" method, I think it's designed for this use case but not totally clear what's expected for the ID: https://pulumi.io/reference/pkg/nodejs/@pulumi/aws/rds/#method-get-7
View count: 1