https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • g

    gifted-island-55702

    11/20/2020, 12:54 PM
    Hi! I am playing with
    random.RandomPassword
    and I'm wondering why it's
    result
    output is not marked as secret and I have to do:
    const password = new random.RandomPassword('myPassword', {...}, { additionalSecretOutputs: ['result'] })
    Shouldn't it be marked as sensitive by default?
  • a

    acceptable-train-73155

    11/20/2020, 1:47 PM
    Hello, My stack is really simple with a single component :
    export const loadBalancer = new lb.ApplicationLoadBalancer('alb');
    No param is given so it defaults to default vpc, which as subnets in two availability zones, and still I see :
    error creating application Load Balancer: ValidationError: At least two subnets in two different Availability Zones must be specified
    Any idea on what is happening ? Thx
    • 1
    • 1
  • n

    nice-oyster-71086

    11/20/2020, 9:33 PM
    Hello everyone! I have a general question, does Pulumi have a way to apply tags to all resources in a stack?
    c
    • 2
    • 3
  • k

    kind-school-28825

    11/21/2020, 8:49 AM
    Is there a concept of a
    local
    stack? What I mean is, before pushing to the
    development
    branch where my github actions run
    pulumi up
    I want to test out if everything works one step before, where a stack gets created automatically, resources are created in the cloud, things get deployed, and when no errors are returned by pulumi and I am satisfied with my deployment, I would then merge the branch to the
    development
    branch and the
    local
    resources and the stack are destroyed? Sometimes when I make some changes,
    pulumi preview
    doesn't return any errors, because I have defined everything correctly, but in reality my setup i.e port mapping to my ECS instance has not been set up properly, so I want to go back, modify my config and try again. Is that something possible? I have a feeling that's what the automation API is capable of.
    ✅ 1
    • 1
    • 1
  • c

    curved-pharmacist-41509

    11/21/2020, 11:57 AM
    Is there a way to gather timings of different resources. I have something which is taking some time during preview and wondered if there is an easy way to track it down
    n
    • 2
    • 1
  • c

    careful-architect-87653

    11/22/2020, 10:25 AM
    Hey everyone, is there a way to access the current stack name in code? I'm trying to work around SQS FIFO queue name issue (#967). I'm happy to provide my own name, but I'd like it to be unique inside the stack
    k
    • 2
    • 2
  • s

    salmon-honey-75627

    11/23/2020, 1:15 AM
    is there a way to force pulumi destroy to delete s3 bucket objects?
    error: deleting urn:pulumi:dev::crytic::aws:s3/bucket:Bucket::my-bucket: 1 error occurred:
        	* error deleting S3 Bucket (my-bucket-467da8e): BucketNotEmpty: The bucket you tried to delete is not empty
    l
    b
    b
    • 4
    • 7
  • l

    little-cartoon-10569

    11/23/2020, 1:33 AM
    I'm currently deleting an RDS instance. The instance is gone, but the optiongroup won't delete, because it's referred to by all the auto-backups that RDS has made. It'll timeout soon and I'll have to go through the manually-delete/export stack/update stack/import stack rigmarole to get it sorted. Is there an alternative? Maybe something like: * Pulumi could discover unmanaged resources that would prevent a deletion (e.g. BucketObjects, backups, etc.), * mark some types of resources as "can be blocked on deletion" and given them a shorter timeout, a more-specific failed-to-delete error message and don't mark them as deletion-in-progress? * A
    pulumi undelete
    command that marks the resources as not-deleted instead of deletion-in-progress (so that I can go delete the unmanaged resources then run
    pulumi up
    again, cleanly).
  • m

    miniature-leather-70472

    11/23/2020, 2:17 PM
    Is there any way to not store some data in the state? I've found that when deploying cert-manager helm chart using Pulumi the state file grows from around 200Kb, to 8Mb, due to the amount of CRD's in the chart. Is there anyway to get these deployed without inflating the state and making everything slow
    b
    • 2
    • 2
  • i

    icy-london-56932

    11/23/2020, 8:29 PM
    are there any plans for a rook+ceph provider?
    b
    • 2
    • 11
  • l

    little-cartoon-10569

    11/24/2020, 12:02 AM
    Doc improvement suggestion: the Pulumi type could be added to all resource doc pages. It's used in a few things like
    pulumi import
    and stack transformations, but to find a type I (think I) have to open node_modules/@pulumi/<provider>/<somedir>/<resource>.js and look down the bottom of the file.
    b
    • 2
    • 7
  • f

    freezing-house-86375

    11/24/2020, 12:06 AM
    hey guys, my team is trying to migrate from heroku to aws ecs. On heroku we used to have 'rollback' features. Is there any way to do similar thing in pulumi?
  • l

    little-cartoon-10569

    11/24/2020, 3:04 AM
    I'm working with
    pulumi import
    . I've attempted to import just a few SNS topic policies (I'd successfully imported the topics already). I'm using a json file, and I've set a nameTable with the conveniently-but-confusingly named this and provider properties: I chose this because the generated code was to go in the constructor of a ComponentResources, and the parent of the topics would be
    this
    . Short cut! Importing worked but no code was generated. The state was updated and looks like I want it to. The parent and provider properties of the new resources have the correct values (values from the nameTable properties). This error was output:
    error: no name for provider urn😛ulumi:MyStack::MyProject::Name:aws:MyClass:myId
    What might have gone wrong?
    • 1
    • 1
  • s

    salmon-honey-75627

    11/24/2020, 3:13 AM
    i have to say, i’m not very familiar with devops tooling (i’ve been meaning to look into terraform) and I decided to use pulumi and it’s amazing, big fan. It saved me and my team so much time.
    ❤️ 3
    💯 3
    🎉 2
  • m

    many-mouse-4292

    11/24/2020, 1:04 PM
    I really like the graph projection, both in the ui and the terminal. But I haven’t yet found documentation on how to easily create “parent aggregators”, something like a dummy component. Is there such a default component? So far I’ve been doing this (python), but I have a feeling it is not best practice:
    from pulumi.resource import ComponentResource
    
    class AggregatorComponent(ComponentResource):
        def __init__(self, *args, **kwargs) -> None:
            super(AggregatorComponent, self).__init__(t="aggregator", *args, **kwargs)
    and using it like so
    project_aggregator = AggregatorComponent(name=project_id)
    opts = ResourceOptions(parent=dataset_aggregator)
    DemographyDataset(opts=opts)
    FunctionsDataset(opts=opts)
    ...
    Is there a better way to do this than my homemade
    AggregatorComponent
    ?
  • s

    steep-angle-29984

    11/24/2020, 2:38 PM
    Is there a way to create a non-secret output from a secret output?
    l
    • 2
    • 5
  • n

    narrow-area-20379

    11/24/2020, 2:58 PM
    How does one use async block inside a ComponentResource? I know the pattern of encapsulating my regular pulumi TS code in a big async block. But now I have a ComponentResource class that does some async gets on resources. Do I have to use .then chaining?
    export class CustomComponent extends pulumi.ComponentResource {
      constructor(name, args, opts) {
        super('pkg:CustomComponent', name, {}, opts)
        
        const computeDefaultServiceAccount = await gcp.compute.getDefaultServiceAccount({project: projectId});
        gcp.projects.IAMBinding('blah', { role: '', project: projectId, members: [`serviceAcccount:${computeDefaultServiceAccount.email}`]}
      }
    }
    l
    b
    • 3
    • 21
  • a

    adamant-translator-31969

    11/24/2020, 3:33 PM
    Hi! I try to run pulumi import aws:eks/cluster:Cluster <name> <id> and I receive this error
    error: aws:eks/cluster:Cluster resource 'resource' has a problem: Computed attribute cannot be set
    👀 1
    b
    • 2
    • 1
  • c

    crooked-lunch-83455

    11/24/2020, 4:47 PM
    How do I access the auto named resource inside the resource? I need to basically access
    self.name
    but I want the generated name. I am using python.
    w
    • 2
    • 1
  • f

    future-nail-59564

    11/24/2020, 8:12 PM
    Hey folks! 👋 Is there a way to detect when a given resource output changes (and only when it changes), to have some side effect in your script? I’d like to send an email to user when his/her AWS account password is created or changed, but not every time I update my stack. Is there some event to hook into?
    l
    • 2
    • 39
  • l

    loud-lifeguard-46150

    11/24/2020, 10:48 PM
    Hi everyone, I've been looking for a while around that issue, and would happily get pointers if I've missed the obvious. I have a running swarm in azure using pulumi/python in both UAT and production environments. I've been asked to add a tag to all resources, I thought "too easy, just add the tag and be done with it". Except:
    Type                                   Name       Status                  Info
    pulumi:pulumi:Stack                    XXX-uat    **failed**              1 error
    ~   ├─ azure:core:ResourceGroup            rg         updated                 [diff: ~tags]
    ~   ├─ azure:storage:Account               storage    updated                 [diff: ~tags]
    ~   ├─ azure:containerservice:Registry     dockerhub  updated                 [diff: ~tags]
    ~   ├─ azure:network:VirtualNetwork        vnet       **updating failed**     [diff: ~tags]; 1 error
    ~   ├─ azure:network:NetworkSecurityGroup  nsg        updated                 [diff: ~tags]
    ~   └─ azure:network:PublicIp              public-ip  updated                 [diff: ~tags]
    Diagnostics:
    pulumi:pulumi:Stack (XXX-uat):
    error: update failed
    azure:network:VirtualNetwork (vnet):
    error: 1 error occurred:
    * updating urn:pulumi:uat::XXX::azure:network/virtualNetwork:VirtualNetwork::vnet: Error Creating/Updating Virtual Network "vnetXXXXXXX" (Resource Group "rgdXXXXXXX"): network.VirtualNetworksClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="InUseSubnetCannotBeDeleted" Message="Subnet subnetXXXXXXX is in use by /subscriptions/xxx/resourceGroups/rgdXXXXXXX/providers/Microsoft.Network/networkInterfaces/|providers|Microsoft.Compute|virtualMachineScaleSets|ss-managerXXXXXXX|virtualMachines|0|networkInterfaces|networkprofile/ipConfigurations/IPConfiguration and cannot be deleted. In order to delete the subnet, delete all the resources within the subnet. See <http://aka.ms/deletesubnet|aka.ms/deletesubnet>." Details=[]
    I mean it's clearly a diff update and it requires to delete stuff. As much as I don't mind rebuilding our UAT environment, I can't delete anything off of our production environment. Is there anything I'm missing here?
    • 1
    • 1
  • f

    full-dress-10026

    11/24/2020, 10:53 PM
    I'm trying to integrate Datadog with Fargate via the AWS FireLens integration. I am receiving this error when running pulumi up: "ClientException: When a firelensConfiguration object is specified, at least one container has to be configured with the awsfirelens log driver." I believe I have specified all required parameters but it's tough for me to debug further. Is there a way to get Pulumi to print out the requests it is making to AWS so I can see where my mismatch is?
  • f

    full-dress-10026

    11/24/2020, 11:00 PM
    Ah, I've found it with
    --logtostderr -v=9
    . It appears that Pulumi is ignoring my
    logConfiguration
    block in my container's spec.
  • f

    full-dress-10026

    11/24/2020, 11:03 PM
    Oh, this has been reported before: https://github.com/pulumi/pulumi-awsx/issues/552. The workaround in that issue does appear to work. I've +1'ed and followed that issue.
  • e

    elegant-carpet-8859

    11/25/2020, 2:22 AM
    Is there a good way to read in a values.yaml override file other than just using a language library like
    js-yaml
    ? Trying to install the Linkerd Helm chart using their HA values and I don't want to copy that whole thing into JS, would rather just read it in and then selectively set some more things.
  • i

    icy-jordan-58549

    11/25/2020, 11:03 AM
    Hey Pulumi, is your https://github.com/apps/pulumi github bot opensourced somewhere? I can’t find it
  • f

    future-nail-59564

    11/25/2020, 3:38 PM
    I’m wondering if changing a resource’s parent forces that resource to be recreated? I guess not, as long as you don’t put the name of the parent explicitly in the resource’s name… 🤔 I’m asking because I’m considering grouping users by the team they belong to, which would be helpful to visualize them in the pulumi stack. However, I don’t want a user moving to a different team to require deleting and recreating that user. Could anyone please confirm that such a user would just have its parent modified, without itself being recreated completely?
    g
    l
    • 3
    • 8
  • f

    full-dress-10026

    11/25/2020, 4:20 PM
    Morning all! Has anyone seen this error during the pulumi preview?
    panic: interface conversion: interface {} is string, not bool
        goroutine 340 [running]
    ...
    I can paste additional lines from the stacktrace if interested.
    😢 1
    • 1
    • 2
  • l

    little-cartoon-10569

    11/25/2020, 8:34 PM
    Does anyone know if issue https://github.com/pulumi/pulumi/issues/5705 has resurfaced? I'm getting the same error message when I run mocha unit tests:
    Error: Running program 'foo' failed with an unhandled exception:
    Error: Unable to deserialize resource urn😛ulumi:dev::foo::aws:iam/role:Role::foo, no module is registered for iam/role.
    It's working fine from my programs, so I'm not sure if I've got a problem with dependencies, maybe old versions of something laying around somewhere...
    • 1
    • 5
  • e

    elegant-carpet-8859

    11/25/2020, 10:55 PM
    Does anyone know what the list of
    allowedUses
    for a cert is? The docs https://www.pulumi.com/docs/reference/pkg/tls/selfsignedcert/ just say they're "listed below" but they're not listed anywhere. And I can't find a list in the code either.
    l
    • 2
    • 1
Powered by Linen
Title
e

elegant-carpet-8859

11/25/2020, 10:55 PM
Does anyone know what the list of
allowedUses
for a cert is? The docs https://www.pulumi.com/docs/reference/pkg/tls/selfsignedcert/ just say they're "listed below" but they're not listed anywhere. And I can't find a list in the code either.
l

little-cartoon-10569

11/25/2020, 11:23 PM
Most docs like that are built straight from the Terraform ones. If you come across some confusing phrasing, it's always a good idea to read the equivalent page on terraform.io.
View count: 1