hey there, is the json exported from

pulumi export

compatible with terraform in order for terraform to erect the same stack from just that json file ?

(sorry haven't used terraform before)

if not is there someway to do it, considering pulumi is based on terraform there should be some way ?

@big-account-56668 yes, using aliases

@bitter-application-91815 no there’s no way to do that - not all Pulumi programs are representable in terraform. Pulumi is also not based on terraform. It just uses the CRUD logic from some providers.

Is https://github.com/pulumi/pulumi-query-kubernetes

deprecated

?

Maybe I am missing it, but does Pulumi have a AWS Class for AWS SSO?

Hi All, Not sure that pulumi kubernetes is compatible with AKS or not but I got many issue when deploying and managing AKS. Could you please share experience? Thanks Steven

I was so excited to deploy some k8s charts with Pulumi. Very good stuff there. I'm waiting for https://github.com/helm/charts/pull/23814 to deploy spinnaker now! 👀

Is is possible to move a resource to be in a

ComponentResource

without having it be deleted and recreated?

is there a way to apply policies(crossguard) when running pulumi automation api ?

Is anybody using bazel or anything else with pulumi to run hermetic builds/deployments?

Hey 🙇 I have a non-technical question. We just signed up our org. using github, but with an account that doesn't have admin access in github. When I now try to login using my github account which does have admin access, I don't have access to the organisation in Pulumi. Is there any way to reset or update this? We prefer for it to be setup via github ease of use. 🙏

How can I add Azure Storage as the backend state? I set the environment variables

AZURE_STORAGE_ACCOUNT

and

AZURE_STORAGE_KEY

, but when I run

pulumi login --cloud-url <https://pulumistatepoc.blob.core.windows.net/>

it prompts me for an access token. What access token? Shouldn't the env vars be enough? How do I get this to work?

The update result for a dynamic resource provider has a field called

outs

which says that it is for

Any properties that were computed during updating

. My interpretation of that was that I only needed to set it if I was computing properties in the update method. Do I need to set that to all the inputs even if I don't touch them?

Hi there, hoping someone can point out a working configuration of AWS ECS Fargate with ALB config, no matter how I try setting the Fargate portMappings I get the following error:

error: preview failed
 
    panic: interface conversion: interface {} is string, not int
    goroutine 184 [running]:
    <http://github.com/terraform-providers/terraform-provider-aws/aws.resourceAwsEcsLoadBalancerHash(0x556d040|github.com/terraform-providers/terraform-provider-aws/aws.resourceAwsEcsLoadBalancerHash(0x556d040>, 0xc002350420, 0xc00232fa10)
        /home/runner/go/pkg/mod/github.com/pulumi/terraform-provider-aws@v1.38.1-0.20201023104507-9632e543c200/aws/resource_aws_ecs_service.go:1169 +0x47f

Offending config - note the portMappings, first line is ok, fails when using the ApplicationListener, have also tried the NetworkListener

const httpListener = new awsx.lb.ApplicationListener("http-listener", {
        external: true,
        port: 80,        
    });

    let actAdminService = new awsx.ecs.FargateService(serviceName, {
        name: serviceName,
        cluster,
        desiredCount: 1,
        serviceRegistries: {
            registryArn: discoveryService.arn,
        },
        taskDefinitionArgs: {
            container: {
                image: imageName,
                memory: 256,
                portMappings: [
                    // THIS WORKS { containerPort: 80, hostPort: 80, protocol: "tcp" }, { containerPort: 443, hostPort: 443, protocol: "tcp" }
                    httpListener //THIS FAILS
                ],                
            },
            executionRole: execRole,

        },
        platformVersion: context.defaultPlatformVersion,

    });

As well as https://medium.com/it-dead-inside/deploy-aws-fargate-clusters-with-pulumi-e06637e6821d and example here https://www.pulumi.com/blog/get-started-with-docker-on-aws-fargate-using-pulumi/

Think this is the tracked issue, https://github.com/pulumi/pulumi/issues/5633 and setting the env var

PULUMI_DISABLE_PROVIDER_PREVIEW=1

Seems to solve the issue

Is there a way to disable pulumi's formatting of the project yaml file? It's conflicting with my prettier config for yaml files, and I also want to be able to add comments in it. I'm also making use of an "enabled" boolean option (helm chart style) for many things that I want to keep in the top of all objects (pulumi sorts alphabetically).

I have a project that needs to work with a stack per environment, and each environment is a different AWS account. How do I configure a remote state backend using S3 in each account/environment?

👋 Hey, I'm following the tutorial for "Configuring AWS API Gateway Custom Domains and SSL using Route53 and ACM" but am receiving the following error after a timeout: 

Error describing created certificate: Expected certificate to be issued but was in state PENDING_VALIDATION

.  I've downgraded to Pulumi 2.11.2 with no success. A few issues I've stumbled across: Terraform,  interface {} is string, not int, deletion of ACM Certificate. - Any one got any ideas on how to get this running? 👀

I'm continuously failing to remove bucket life-cycle rules with the following stack trace. The log does unfortunately not provide more useful information even with very verbose output.

7604 step_executor.go:321] StepExecutor worker(23): step update on urn:pulumi:x::x.cloud::aws:s3/bucket:Bucket::storage-stage failed with an error: transport is closing
7604 step_executor.go:321] StepExecutor worker(23): step update on urn:pulumi:x::x.cloud::aws:s3/bucket:Bucket::storage-stage failed, signalling cancellation

Any ideas? I see other have seen a similar errors

transport is closing

often indicating an underlying root cause.

Hi there, I am currently testing Pulumi (on GCP) and I want to create users (IAM Members) using the go SDK. This is what I do:

name := fmt.Sprintf("member-%s", member.Username)
	args := serviceaccount.IAMMemberArgs{
		Role:   pulumi.String(member.Role),
		Member: pulumi.String(fmt.Sprintf("user:%s", member.EmailAddress)),
	}

	_, err := serviceaccount.NewIAMMember(ctx, name, &args)
	if err != nil {
		return err
	}

	return nil

I get the following error:`missing required argument 'ServiceAccountId'` However, I do fully understand why it’s asking me a ServiceAccountID (and which one) at this point as I was creating IAM Members as follow with Terraform without any issues:

resource "google_project_iam_member" "users" {
  role    = "roles/viewer"
  member  = "user:<EMAIL_ADDRESS>"
}

So I understand that it’s expecting a fully qualified ServiceAccountID but don’t get why and which one, any ideas?

It is really hard to find the

@pulumi\@pulumi

documentation for typescript on the website. The URL is https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/pulumi/ but the package does not show up in the sidebar under "API":

We are using kafka, the confluent cloud service, and I would like to configure what I need using pulumi. Any pointers on what I need to do to authenticate? Do I need to get all the certificates in place or is it possible with a username/password or API key somehow? I would like to setup topics basically.

Hi Friends - having a great time with Pulumi thus far. I have a general question and a request for chat (RFC 😛)

I come from Terraform, where I’ve mostly seen people manage up to the OS level with TF and then use a configuration management tool (e.g. Salt or Ansible) to build from there. Is this the same pattern I should expect to see with Pulumi?

The second - the RFC - is a little more involved. I’ve been enjoying working with some folks who do mostly JAMstack development (so they really like being abstracted away from infrastructure and backend services)

I’ve shown them https://github.com/pulumi/examples and they get excited, except that in many cases these (mostly frontend) devs are unable to do much more than setup a GCP or AWS account without grinding to a halt. so i’ve been doing some PoC work on wrapping pulumi initialization and a “catalogue” UI of these examples. was wondering the following:

waves to @User and owes him an email response