a better way to describe - there is no way to pin a cli version to a minor ie. 2.25.x - we don't support that

if you require the CLI to be a const version then I would suggest pinning the exact version you require and then opting in to any changes

feel free to open an issue if you feel this would help and make life easier and we can definitely look into it

As a followup, I jsut added this issue which we can tackle - https://github.com/pulumi/action-install-pulumi-cli/issues/18

@echoing-match-29901 Great job on the v3.0.0 release. That was fast!

I decided to surf github and I noticed there are a lot of people writing their code in what I would consider in the typical way we program. I have also noticed that people are writing their Pulumi programs in a more declarative way not really instantiating anything (because pulumi does this for us?) . Which way is the right way? Or is it dealers choice? Any recommendations? I've been making classes and newing up instances of said classes instead of making consts and assigning attributes to them alone.

People are absolutely going to hit the situation where the main action is updated and their build will fail as we're using an older CLI version. I think what's needed is the ability to pin at the "main" action to use the same semver pattern as the proposed change to the install action. Pinning the main action version, and the CLI version seems like the only way, meaning that for the ~30 pipelines we already have, we'd need to update every one of them when a patch version comes out.

I've opened the issue above @worried-knife-31967 for us to add that ability in the action

Ah, I thought that was for the CLI install action, not the main up/preview action.

Anyone by chance know how we associate a subnet to a route table? I dont see how you explicitly do that in this doc. I see associating an RT with a Natgateway but not a subnet. I originally though ok I can add the subnet name to the route itself which doesnt seem to do anything. Good news is the RT builds and has all I want in it but I cant figure out how we associate the subnet with the RT programmatically. https://www.pulumi.com/docs/reference/pkg/azure-native/network/routetable/

Trying to build a docker image and I'm getting this error:

Error: No 'docker' command available on PATH:

. I do have

docker

in my path so I'm not sure what it's complaining about

👋 Hi all. I’m trying (but failing) to import an existing GCP kubernetes cluster into my stack, following the command here: https://www.pulumi.com/docs/guides/adopting/import/#pulumi-import-command I think I don’t understand what the “id” is supposed to be. The examples uses an S3 bucket and passes the S3 bucket name as the ID. I tried passing the cluster name as the ID but that fails. Basically, I’m doing

pulumi import gcp:container/cluster:Cluster <my-pulumi-cluster> <gcp-cluster-name>

. I get this error:

Preview failed: importing <gcp-cluster-name>: Import id "<gcp-cluster-name>" doesn't match any of the accepted formats: [projects/(?P<project>[^/]+)/locations/(?P<location>[^/]+)/clusters/(?P<name>[^/]+) (?P<project>[^/]+)/(?P<location>[^/]+)/(?P<name>[^/]+) (?P<location>[^/]+)/(?P<name>[^/]+)]

And if I try something like

clusters/<gcp-cluster-name>

, I get this error:

googleapi: Error 400: Location "clusters" does not exist., badRequest

What is the correct ID to use for the cluster?

Greetings! What public metrics about Pulumi’s growth are there besides GitHub stars, as mentioned in https://medium.com/runacapital/open-source-growth-benchmarks-and-the-20-fastest-growing-oss-startups-d3556a669fe6 ?

Is there a way to do this ins Pulumi?

provider "kubernetes" {
  load_config_file       = "false"
  host                   = data.aws_eks_cluster.cluster.endpoint
  token                  = data.aws_eks_cluster_auth.cluster.token
  cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
}

From what I can see from the documentation, I need to provide a kubeconfig, which is not really doable since the kubeconfig that is given by terraform's eks module requires

aws-iam-authenticator

Is anyone else getting this error in their github actions CI/CD pipeline?

Error: Major version mismatch. You are using Pulumi CLI version 3.0.0 with Automation SDK v2. Please update the SDK.

I checked the pulumi/actions repo and it seems like you're getting the same error: https://github.com/pulumi/actions/runs/2385713822 UPDATE: We fixed this by pinning the version of the pulumi action, e.g.

uses: pulumi/actions@v2.2.0

loving the new branding guys, nice one!

Hi, I am a new user of pulumi and it is a great tool. But I wanted to ask: do you please know anyone some nice example of how to use websocket api? From the documentation https://www.pulumi.com/docs/reference/pkg/aws/apigatewayv2/api/ I'm not very wise, so I would like to ask for inspiration. Thank you very much.

Hi All, I have a problem with my s3 buckets which created on external regions(with AWS provider). This problem happened probably because we upgrade the Pulumi version. We created the s3 buckets with this function below and evertythin works fine:

def create_region_external_s3_artifact_buckets():
    buckets = []
    regions = conf.require_object('externalRegions')
    regions.append(conf.require('primaryRegion'))
    for region in regions:
        provider = Provider(f's3-{region}-provider', region=region)
        bucket_conf = {"name": f'{ARTIFACTS_BUCKET}-{region}', "acl": None, "policy": PUBLIC_OBJECT_READ_FOR_BUCKET}
        name, tags = get_resource_name_by_convention(f'{ARTIFACTS_BUCKET}-{region}')
        policy = _handle_bucket_policy(name, bucket_conf)
        created_bucket = s3.Bucket(
            name,
            bucket=name,
            acl=bucket_conf.get('acl'),
            policy=policy,
            opts=pulumi.ResourceOptions(provider=provider)
        )
        buckets.append(created_bucket)
        pulumi.export(name, created_bucket.arn)
    return buckets

After I upgraded the Pulumi version to 3.0(and the pulumi-aws package), I tried to change something in the bucket but the operation failed . After that, I tried to run Pulumi refresh and I got this error message:

aws:s3:Bucket (prod-lightlytics-artifacts-us-east-1):

error: Preview failed: refreshing urn:pulumi:prod::lightlytics::aws:s3/bucket:bucket::prod-lightlytics-artifacts-us-east-1: 1 error occurred:

* error reading S3 Bucket (prod-lightlytics-artifacts-us-east-1): Forbidden: Forbidden

Do you have any idea why this is happening and how I overcome it? Thanks !!

Hi, I've another question related to Pulumi's new version. I've noticed that you change aws.iam.Policy function and now the policy parameter get string insted dict. Our function looks like this:

def create_iam_policy_write_access_to_bucket(bucket, policy_name_suffix):
    # todo(zeev+dan): why not Managed policy?
    with open('./polices/s3_bucket_write_access_policy.json') as f:
        policy_document = json.load(f)
        policy_document['Statement'][0]['Resource'] = pulumi.Output.concat(bucket.arn, "/*")
        name, _ = get_resource_name_by_convention(f's3_write_access_iam_policy-{policy_name_suffix}')
        s3_write_access_iam_policy = iam.Policy(
            name,
            description="write Access to a given bucket arn",
            policy=policy_document
        )
        return s3_write_access_iam_policy

s3_bucket_write_access_policy.json:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:PutObject",
        "s3:DeleteObject",
        "s3:PutObjectAcl"
      ],
      "Resource": "PLACE_HOLDER_FOR_PULUMI"
    }
  ]
}

We need to edit the policy (change the resource field to the relevant s3 bucket). How can we do it with the new function? I tried a lot of things for example I tried to change the function to:

def create_iam_policy_write_access_to_bucket(bucket, policy_name_suffix):
    with open('./polices/s3_bucket_write_access_policy.json') as f:
        policy_document = json.load(f)
        policy_document['Statement'][0]['Resource'] = pulumi.Output.concat(bucket.arn, "/*")
        name, _ = get_resource_name_by_convention(f's3_write_access_iam_policy-{policy_name_suffix}')
        s3_write_access_iam_policy = iam.Policy(
            name,
            description="write Access to a given bucket arn",
            policy=json.dumps(
                {
                    "Version": "2012-10-17",
                    "Statement": [
                        {
                            "Effect": "Allow",
                            "Action": [
                                "s3:PutObject",
                                "s3:DeleteObject",
                                "s3:PutObjectAcl"
                            ],
                            "Resource": policy_document['Statement'][0]['Resource']
                        }
                    ]
                }
            )
        )
        return s3_write_access_iam_policy

But I am getting this error message : TypeError: Object of type Output is not JSON serializable any idea how can we do it with the new function?

Is there a generic API in Pulumi for creating Kubernetes clusters on EKS / AKS / GKS?

Hmm, i’m still having

Error: Major version mismatch. You are using Pulumi CLI version 3.0.0 with Automation SDK v2. Please update the SDK.

errors on the CI even though all our npm packages are at the latest version. Since i’ve moved to 3 for everything, pinning the action to 2 does not seem like the way to go.

ping your cli to 2.x

but my npm packages are all v3? So cli v3 and npm package v3 should work right?

I will check into the GitHub Action and see if there's any issues

wait, you aren't using GHA then?

• pulumi/action-install-pulumi-cli@v1.0.1 installs get.pulumi.com/releases/sdk/pulumi-v3.0.0-linux-x64.tar.gz • pulumi/actions@v2 gives the error • my package.json has

"dependencies": {
        "@pulumi/kubernetes": "3.0.0",
        "@pulumi/kubernetesx": "0.1.6",
        "@pulumi/pulumi": "3.0.0",
        "@pulumi/cloudflare": "3.0.0"
    }

ok, have you tried pulumi/actions@v3 ?

ah there is another new one 🙂

yeah 🙂