https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • b

    broad-dog-22463

    01/14/2021, 9:42 PM
    there isn't at a stack level, jsut at the resource level I'm afraid
    l
    w
    • 3
    • 5
  • b

    broad-dog-22463

    01/14/2021, 9:43 PM
    protect:true
  • l

    little-cartoon-10569

    01/14/2021, 9:46 PM
    Related question: is there a way to determine if
    destroy
    is being called? For some stacks I'm ok with
    up
    making changes but want to prohibit
    destroy
    .
    👀 1
  • a

    astonishing-gigabyte-43889

    01/14/2021, 10:59 PM
    I am experiencing a weird issue. I was accidentally removed from my organization. After getting a new invitation I get an error when I try to accept it. Has anyone else experienced this?
  • g

    gray-xylophone-22620

    01/15/2021, 12:35 AM
    Hi all! 🙂 I have a problem - I want to extract newly created AWS EKS cluster security group (a one that is created as a part of cluster creation) to use it when later creating launch template for worker nodes (I use custom AMI, so that's the only way to still use EKS managed node groups). I use Go. In my code, I create cluster
    eksCluster := eks.NewCluster(...)
    , and then try to refer to it's security group
    securityGroup := eksCluster.VpcConfig.ToClusterVpcConfigOutput().ClusterSecurityGroupId().Elem()
    . This results in
    panic: runtime error: invalid memory address or nil pointer dereference
    error when doing
    pulumi up
    . The problem seems to be that the
    Elem()
    function causes too early pointer dereference. I can't just use value returned by
    ClusterSecurityGroupId()
    because it returns
    StringPtrOutput
    . This is incompatible with the type I need to create launch template, as
    LaunchTemplateArgs -> NetworkInterfaces -> SecurityGroups
    is of
    StringArray
    type, so I need
    StringOutput
    . Can you help? Am I doing something wrong, or it's some kind of bug?
    l
    c
    • 3
    • 50
  • t

    tall-needle-56640

    01/15/2021, 1:08 AM
    I want to make async calls after some resources are created (as there is no provider for what I want). I put the calls in a custom component, but I cannot figure out how to make them not run on
    pulumi preview
    ?
    b
    l
    • 3
    • 8
  • h

    hundreds-egg-46465

    01/15/2021, 4:22 AM
    Hey, just wondering what is the difference between
    delete-replaced
    and
    replaced
    ?
    w
    • 2
    • 2
  • f

    full-mouse-82324

    01/15/2021, 4:58 AM
    Hello all -- I'm trying to bulk import gcp firewall resources using >> pulumi import -f Rules.json -d ... {          "type": "gcp:compute/firewall:Firewall",          "name": "allow-local",          "id": "7949084422313144519" } ... That results in error: gcp:compute:Firewall (allow-local): error: gcp:compute/firewall:Firewall resource 'allow-local' has a problem: ExactlyOne: "allow": one of
    allow,deny
    must be specified exporting the firewall rule with >>gcloud compute firewall-rules list --format=json produces a valid firewall resource. Using the cli with >>pulumi import gcp:compute/firewall:Firewall default projects/my-project/global/firewalls/allow-local produces the same error. This is true for all firewall rules. The vpc resource in the same import returns a valid preview. Thoughts?
  • w

    worried-queen-62794

    01/15/2021, 6:00 AM
    Is the example for DSN Validation with Route 53 wrong? It shows iterating over the
    exampleCertificate.domainValidationOptions
    output in a way that doesn't look like it would work.
  • m

    miniature-leather-70472

    01/15/2021, 9:35 AM
    Might be an obvious question, but the "encryptedkey" that is stored in the stack file, is this safe to check in to git? I assume this still needs the encryption provider (in our case Azure Key Vault) to decrypt it?
  • b

    broad-dog-22463

    01/15/2021, 11:32 AM
    @miniature-leather-70472 yes it is
  • m

    miniature-leather-70472

    01/15/2021, 11:36 AM
    @broad-dog-22463 thanks!
  • o

    orange-holiday-79016

    01/15/2021, 2:31 PM
    Are inter-stack dependencies supported across projects in a self-managed backend? If so, how? (more in thread)
    p
    • 2
    • 4
  • s

    swift-hamburger-98290

    01/15/2021, 5:03 PM
    Is it possible to keep a resource from a previous
    pulumi up
    ? The problem we are facing is in Azure, and has to do with App Services, Deployment Slot, and deploy from ZIP. But the question is more generic I think. Example:
    const app = new azure.appservice.AppService("app", { ... });
    
    const blob = new azure.storage.Blob("blob", { ... });
    
    const slotName = `slot-staging-${Date.now()}`;
    const slot = new azure.appservice.Slot(slotName, {
        appSettings: {
          WEBSITE_RUN_FROM_PACKAGE: azure.storage.signedBlobReadUrl(storage, blob),
        }
        ...
      },
    });
    
    new azure.appservice.ActiveSlot("swapslot", {
      appServiceName: app.name,
      appServiceSlotName: slot.name, // needs to be unique to swap with every `pulumi up`
      resourceGroupName: resourceGroup.name,
    });
    After the first deployment, if the slot was swapped successfully, the ZIP running in production is the blob above mentioned. Now if we do
    pulumi up
    a second time, and the slot is again swapped successfully, the ZIP running in production is again the blob defined above. But now the problem is that we "lose" the previous blob (
    n - 1
    ), so if for some reason we want to go back to the previous version, the ZIP is gone from the storage. We want to manage 2 blobs with a single blob declaration basically. So the question is: can I somehow get the blob from the previous
    pulumi up
    execution, thus keeping both the blob of the current deployment and the blob from the previous deployment?
    b
    • 2
    • 2
  • w

    wet-soccer-72485

    01/15/2021, 11:32 PM
    Sometimes I wish I had a nice UI that reads the JSON of the state data and let me easily edit resources, specifically to delete things one at a time. Anyone ever feel like they would like a tool to edit the state JSON data visually? Anyone want to help me make a tiny Electron app to do this?
    b
    c
    • 3
    • 4
  • b

    billions-xylophone-85957

    01/16/2021, 1:59 PM
    Hi folks, a contentious question: what language would be the best choice for a big-ish Pulumi project/set of projects? We started out with Go, until we've hit a roadblock of "no dynamic providers", not to mention the amount of memory the linker consumes with aws go-sdk. As far as I understand, it's pretty unlikely that dynamic providers support is going to be easy to add in a reasonable timeframe because of the way dynamic providers are implemented (closure serialization IIUC). Fortunately, we're still at a point where we can change languages and the choice boils down to Typescript or Python. At the end of the day, it's a question of SDK maturity and feature parity on the Pulumi side. Since Pulumi itself is in TS, am I right to assume that TS SDK is more mature and features /bugfixes end up in the TS SDK first? A good example would probably be the Automation API support that was first added to TS/Golang and only very recently to Python. Languages themselves compare to each other pretty equally (not to start a holy war 🙂), maybe with the exception of how easy it is to hire folks on the intersection of infrastructure and language experience. What do you think?
    b
    b
    +2
    • 5
    • 6
  • b

    big-island-38073

    01/16/2021, 3:57 PM
    Is there a way to manage installed packages on a remote ubuntu machine? • I am able to provision an ubuntu VM with a community pulumi provider for proxmox • I'd like to top-up the VM instantiation with a few services (like a running docker daemon) I know this is not a typical use, any hints/ideas would be appreciated.
    q
    • 2
    • 2
  • s

    sticky-ram-39640

    01/16/2021, 5:47 PM
    Hi guys, I’m trying to follow the EKS example to set up a kubernetes cluster on AWS, but I’m running into the error
    Error: providerCredentialOpts and AWS_PROFILE must be set together
    Must I configure a specific AWS profile and role for the
    providerCredentialOpts
    ?
    c
    • 2
    • 3
  • d

    damp-optician-53935

    01/16/2021, 5:47 PM
    Hello, I am new to pulumi, I would like to know if there is an example of fullstack (where rest api, database and a web with a framework such as react, angular or laravel are implemented) I would be very grateful if I had it
  • s

    swift-monitor-84282

    01/17/2021, 12:25 AM
    Hey everyone, good evening! Could someone please provide me a link to the docs or just give me a tip on how can I interact with other AWS services from within a "magic lambda"? To be more specific, given the following code:
    const MyBucket = new aws.s3.Bucket("MyBucket")
    
    const api = new awsx.apigateway.API("hello-world", {
        routes: [{
            path: "/",
            method: "POST",
            eventHandler: async (event) => {
                return {
                    statusCode: 200,
                    body: "Hello, world!",
                };
            },
        }],
    })
    How could I create/upload a file to "MyBucket" in the "eventHandler" lambda function logic?
    b
    l
    • 3
    • 9
  • m

    magnificent-restaurant-51456

    01/17/2021, 2:15 PM
    is there anything compared to terraform's chef provisioner in pulumi?
  • l

    little-cartoon-10569

    01/17/2021, 9:07 PM
    Did
    <http://api.pulumi.com|api.pulumi.com>
    fall off the internet for a few minutes? A deployment failed, but I can now reach the webui..
    g
    • 2
    • 2
  • f

    faint-motherboard-95438

    01/17/2021, 11:23 PM
    Hello there, Getting a weird error at preview since last pulumi packages update :
    Diagnostics:
      pulumi:providers:eks (default):
        error: no resource plugin 'eks' found in the workspace or on your $PATH
    I have no idea what that’s supposed to mean or what to do to get rid of it, never had this one in 2 years. Using typescript, cleaned up everything, started from a fresh built container, same problem.
    "@pulumi/aws": "3.23.0",
        "@pulumi/awsx": "0.23.0",
        "@pulumi/eks": "0.21.0",
        "@pulumi/kubernetes": "2.7.6",
        "@pulumi/postgresql": "2.5.3",
        "@pulumi/pulumi": "2.17.2",
        "@pulumi/random": "3.0.1",
    Anyone would know what to do here ?
    l
    • 2
    • 4
  • s

    swift-monitor-84282

    01/18/2021, 12:24 AM
    Hello! How can I retrieve a queue URL after it's creation? An object of the type aws.sqs.Queue doesn't seem to have this attribute. Also, it seems I can't use the aws.sqs.getQueue method to get it.
    l
    • 2
    • 13
  • j

    jolly-camera-35709

    01/18/2021, 6:57 AM
    I was trying to print(config.require_secret('password')), and I got <pulumi.output.Output object at 0x7f229dc2b5c0>, why's that? 'password' is not output of a stack that pulumi got to know only after deploying the stack, here 'password' is a string written in the config file, why can't it be read as a normal string as read other plain text item from the config file?
    b
    • 2
    • 9
  • n

    narrow-battery-9106

    01/18/2021, 11:50 AM
    Hello everyone I am running kubernetes cluster with istio on top of it. I want to use pulumi to automate everything related to infrastructure. Everything is great, but I have a question regarding resources that is provided by istio (ex: VitualService, Gateway etc). How I should define these resources so that pulumi understands how to work with them. I've managed to do it with Go using
    apiextensions.NewCustomResource
    . Is it right way to do? Or is there better solution using go or other languages?
    b
    • 2
    • 1
  • p

    prehistoric-nail-50687

    01/18/2021, 12:46 PM
    Is there any central place for unofficial/community driven pulumi ResourceManagers or Plugins. My guess is, that most people requiring to manage a resource which is not officially documented and managed by Pulumi (the Company) will just write a Dynamic Resource/Custom Resource and hack it in whatever language he needs it. e.g. I’m using TypeScript and It would take me a to long to implement a proper Plugin with Go so everyone could take advantage of my work. If there would be a central place for such stuff, some new things could grow out of it. I have the feeling there is quite some potential for something like this.
    f
    • 2
    • 1
  • s

    swift-agency-29333

    01/18/2021, 1:16 PM
    I am working locally. Right now pulumi saves all stack and project info in .pulumi installation directory. Is there a way I can save all info in my own selected folder or preferably in some NoSQL db.
    b
    • 2
    • 5
  • e

    eager-petabyte-62054

    01/18/2021, 9:23 PM
    Hi, team! I’m trying to batch import several AWS sagemaker resources using the
    pulumi import -f <resource.json>
    tool. One problem I ran into is how to get
    id
    s of the resources. I can import them using
    pulumi import <type> <name>
    without specifying ids. For example,
    pulumi import aws:sagemaker/endpoint:Endpoint 'model-endpoint' 'mode'
    works as expected. I tried not specifying ids in the json, but that caused the tool to panic. I took a look at the doc, but still couldn’t find an answer.
    l
    • 2
    • 9
  • m

    mammoth-honey-6147

    01/18/2021, 9:38 PM
    Just getting started with Pulumi and wondering if you have a large IaC project, how would you normally manage the resources - ie place them in their own individual stacks? (ie stacks for ec2, securitygroup, etc)
    l
    • 2
    • 2
Powered by Linen
Title
m

mammoth-honey-6147

01/18/2021, 9:38 PM
Just getting started with Pulumi and wondering if you have a large IaC project, how would you normally manage the resources - ie place them in their own individual stacks? (ie stacks for ec2, securitygroup, etc)
l

little-cartoon-10569

01/18/2021, 9:44 PM
Lots of good ways to do it. Generally, arrange them in the same way as you would deploy them. So a stack for EC2 is unlikely to be useful, since you'll have instances that you want to never re-deploy, instances that get deployed frequently, instances that might get deployed once or twice a year...
Often, people organize projects by purpose (e.g. "my main app", "the auth infrastructure", "the network and firewalls"...), and stacks within projects by scope (e.g. "dev playarea", "Europe", "staging").
View count: 1