I'm just getting going with Pulumi, I'm trying to create a component which takes a list of items which is basically the argument list for an Azure Network Security Group Rule, minus the name and parent Security Group reference, I'm trying to figure out whether I should be creating my own class for this, or can I just use the existing Pulumi class? Seems like a waste to redeclare a class that is almost the same, but I think the Securty Group reference is required for the Pulumi class

Can anyone speak to their workflows for Local Dev -> Staging/Prod with Pulumi? I was testing out using Pulumi to manage local Docker container instances, which I could then push to something like Cloud Run/Fargate for the

staging/prod

environments, but I can't seem to find any content online of people using it this way. Rather than use

docker-compose

for local, and maintaining that setup (with all the env vars etc) it seems like a better flow to have everything inside of Pulumi, and just toggle the target based on environment. But I couldn't seem to figure out how to get Pulumi to force a re-deploy locally of a Docker container from the

stack

, so I think maybe this isn't an intended use? Any experience/input would be greatly appreciated 🙏

Question, how can you move a resource between projects/stacks?

This maybe more of a Python question than Pulumi itself..but I'm trying to instantiate the AWS Provider class and would like to overwrite the s3 endpoint. I'm following the Pulumi sample on Github for creating a static S3 bucket. Whenever I run

pulumi up

it throws a stack trace and says "NameError: name 'ResourceOptions' is not defined".. Can anyone point me in the right direction? Here's a snippet.

import json
import mimetypes
import os

from pulumi import export, FileAsset
from pulumi_aws import s3, Provider

provider = Provider("provider", region="us-east-1", endpoints="<http://localhost:4566>")

web_bucket = s3.Bucket('jon-pulumi-localstack-bucket', website={"index_document": "index.html"}, opts=ResourceOptions(provider=provider))

I've just come across the mixins in aws.cloudwatch's nodejs SDK. Awesome stuff, solves my problem perfectly. It doesn't seem to exist in any of the other SDKs. It also doesn't map to the Terraform provider, and it creates a nice ComponentResource (based on the Lambda mixin). Does anyone know if this in is the aws module for mostly historical reasons? It seems like it (and the Lambda mixins) are perfectly suited to the awsx module. Also, are there other extended resources like this? These are the sorts of things I use Pulumi for, I'm collecting them :)

how to use StackReferences with e.g. s3 backend?

Proposed way of integrating some provider that has a terraform provider but no pulumi integration (yet)?

Can someone expand on this topic:

Pulumi has deep support for cloud native technologies, like Kubernetes, and supports advanced deployment scenarios that cannot be expressed with Terraform. This includes Prometheus-based canaries, automatic Envoy sidecar injection, and more. Pulumi is a proud member of the Cloud Native Computing Foundation (CNCF).

why you can’t do it using terraform? Thanks

hi, with typescript, i know it is possible to reference resource outputs in lambda functions, so i can do

const file = new aws.s3.BucketObject("filename", {...});

and later in a lambda access it using

file.id.get()

. is it possible to create an array of resources and access them from a lambda too? when i try the naive way of pushing resources into an array it seems to turn up empty thank you

What's the

template|url

parameter refered to in the

pulumi up

man page?

pulumi up [template|url] [flags]

Quick question. Is it possible to read the config for an existing azure cs function somehow and use this in a new pulumi project

Hi! How can I remove a resource listed in pulumi stack which does no longer exist? In particular I am stuck because an AWS Service (which does not exists) cannot be found by pulumi because it doesn't have access to the assigned cluster (because this also doesn't exist anymore). Pulumi refresh crashes to update the service because of the missing cluster. I want to destroy the whole stack anyways, but there are still 80 something more resources I do not want to manually delete. Is there any way I can tell pulumi to ignore that non-existing Service it tries to refresh ? (btw. pulumi state delete <service urn> tells me the service does not exist

Hi all, i'm using Pulumi to setup AKS on our gov cloud and faced the error of

Addon kubeDashboard is not supported in this cloud env

. Disable this addon doesn't work. Is there any about this?

Hi there, how are people dealing with more closed environments? E.g., you are setting up AWS RDS or the EKS Kubernetes API only reachable from within a VPC and you want to install something there? Does Pulumi have something e.g. for jumphosts or port forwarding?

Is there a suggested way to see if a secret already exists in aws secrets manager, if not populate it with a random password? I don’t want to overwrite existing existing secrets.

Anybody have a clever workaround for Helm chart updates, specifically for deprecated APIs in 1.16? Issue described here: https://github.com/pulumi/pulumi/issues/2877#issuecomment-641553544

does anyone has an example of creating rest api gateways on aws, I wanna do it in python but an example on any language can suffice. I have looked at https://github.com/pulumi/examples/blob/master/aws-ts-apigateway but it uses awsx which is not available outside ts, so i would like an example without awsx if possible. thanks

Is there a way to share secrets among stacks? I create stacks dynamically for each branch that is pushed to my git repo. We do this to stand up a staging environment for each branch.

Since I create staging stacks dynamically in my build pipeline, I use something like the following in my build script:

branch=staging-foo
pulumi --stack=${branch} stack select || pulumi --stack=${branch} stack init

I couldn't find a better way of doing that. Did I miss something?

I'm trying to import an Helm v2 chart https://www.pulumi.com/docs/reference/pkg/kubernetes/helm/v2/chart/ using the

import

property of the 3rd argument to the constructor (which is a

CustomResourceOptions

). However, I get the TypeScript error:

: error TS2345: Argument of type '{ import: string; }' is not assignable to parameter of type 'ComponentResourceOptions'.
      Object literal may only specify known properties, and 'import' does not exist in type 'ComponentResourceOptions'.

Seems that the 3rd argument is a

ComponentResourceOptions

which doesn't have the

import

property. Any idea what I'm doing wrong here?

Hello everyone, For those who use azure providers, you should be aware that a major version (2.0) of the terraform provider has been released few weeks ago. With this new version, `azurerm_virtual_machine`(= pulumi

VirtualMachine

) is now deprecated in favor of `azurerm_linux_virtual_machine`& 

azurerm_windows_virtual_machine

(see [pulumi VirtualMachine disclamer](https://www.pulumi.com/docs/reference/pkg/azure/compute/virtualmachine/#disclaimers). The problem is the new

LinuxVirtualMachine

or

WindowsVirtualMachine

does not support embedded data disk attachement which means that we can not use

cloud-init

to initialize a VM and mount/configure its datadisk. I opened an issue on terraform 👉 https://github.com/terraform-providers/terraform-provider-azurerm/issues/6074. If you can look at it and vote for it, (if you agree of course), it will be great 👍👍👍

Import trying to import a Kubernetes secret. I get the warning from preview:

warning: inputs to import do not match the existing resource; importing this resource will fail

AFAICS, the secret I'm importing is the same as the Kubernetes secret. The difference is listed as

+ data: "[secret]"

Any ideas?

Is there a better way to verify whether a stack exists other than via

pulumi stack ls

?

is there a good place to get a deeper understanding of properties to know what they’re supposed to be? currently trying to create an aws subscription on a topic and looking at the decorator i see

/**
     * The endpoint to send data to, the contents will vary with the protocol. (see below for more information)
     */
    readonly endpoint: pulumi.Input<string>;

but idk what that means ☝️, any ideas?

Is there a way to execute scripts during a pulumi programm?

Can someone help me understand what’s going on with

Output (python)

,

azure.storage.Container("container")

with

pulumi.export('source', container.name.apply(lambda n: n))

gives the output

<pulumi.output.Output object at 0x1094e2a50>

but for other resources it looks like it helps to use apply lambda.

If I run a Pulumi

refresh

on my stack with an aws profile set in the config,

config:
  aws:region: us-west-2
  aws:profile: my-profile

I will get these error messages and preview failure.

warning: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: the server has asked for the client to provide credentials

If I run

pulumi up

on the same stack, I do not get that error message and the update is successful. Any idea what is going on?

Hello everyone, I have the following code, where I'm trying to create 3 containers in Azure, along with 3 blobs:

import * as pulumi from '@pulumi/pulumi';
import * as azure from '@pulumi/azure';

export = async () => {
  const account = await azure.storage.getAccount({
    name: 'myaccount',
  });

  const names = ['container1', 'container2', 'container3'];

  let counter = 1;
  let containers: azure.storage.Container[] = [];
  names.forEach(n =>
    containers.push(
      new azure.storage.Container(`container-${counter++}`, {
        name: n,
        storageAccountName: account.name,
      }),
    ),
  );

  counter = 1;
  let blobs: azure.storage.Blob[] = [];
  containers.forEach(c =>
    blobs.push(
      new azure.storage.Blob(`blob-${counter++}`, {
        name: pulumi.interpolate`${c.name}blob`,
        storageAccountName: account.name,
        storageContainerName: c.name.apply(n => n),
        sourceContent: pulumi.interpolate`This is a blob in ${c.name}`,
        type: 'Block',
      }),
    ),
  );
};

First question: I want to be sure of is to make sure, say,

blob1

goes into

container1

etc. Is there any way to make sure that happens? And also, another thing is let's say for some reason, I want to remove the middle name

container2

from

names

, then resources will be "replaced" to become 2 (eg.,

container3

would be rename In Terraform,

count

and

for_each

have different behaviors: •

count

would have the same effect; if you remove something from the middle, it will replace resources •

for_each

however would only remove that resource and not touch the other ones Is there a way to achieve the same behavior in here? I have a hunch that using

counter

here is messing things up, is there a better way to do it?

If I want to provide config through the command line when running

pulumi up

the doc says I can use the

-c

flag, but what is the format of the

stringArray

it expects?

how do I import to a stack with different name? Trying to split up resources into multiple stacks. I have exported old stack, edited as needed and want to import into new differently named stakc, but getting errors like:

resource 'urn:pulumi:main::tms-pulumi::pulumi:pulumi:Stack::tms-pulumi-ci' is from a different stack (main != ci)