lively-ice-73493
08/16/2021, 9:08 PM// Attach required role for ECS to pull images
const roleAttachment = new aws.iam.PolicyAttachment(
`${solution_name}-policy-attachment`,
{
roles: [solutionRole.name],
policyArn:
aws.iam.ManagedPolicy.AmazonECSTaskExecutionRolePolicy,
}
);
The AmazonECSTaskExecutionRolePolicy
is attached to another Role (role-b) in an AWS account. When you run pulumi destroy
on the pipeline with the attachment in it, the attachment is also removed from role-b
. System down.
This seems related: https://github.com/pulumi/pulumi/issues/918
What am suppose to do besides create a bunch of user-defined policies and not use managed policies? Not what we want to do.worried-church-46455
08/17/2021, 1:40 AMconfig:
aws:rds:Instance:
engine: "mysql"
instance_type:
dev: "db.t2.micro"
prod: "db.t2.xlarge"
I can do some codegen myself to regroup my new configuration format and separate it into .dev.yml & .prod.yml.
Do you guys see any obvious cons with this step up? Is it possible to customize this behavior with in pulumi?lemon-television-29125
08/17/2021, 7:55 AMlemon-television-29125
08/17/2021, 7:56 AMancient-eve-13947
08/17/2021, 1:03 PMmysterious-lighter-33699
08/17/2021, 2:18 PMdeliverybot
for updating pulumi environments? I think it would allow us to do exactly what we need to do (have a really convenient & streamlined manual intervention step before deploying but be integrated with github actions), but I can't find the two mentioned together yet.calm-quill-21760
08/17/2021, 5:30 PMCertificateSigningRequestConditionArgs
and CertificateSigningRequestStatusArgs
but have yet to find documentation as to how these tie into a CertificateSigningRequest
so I can get the Kubernetes secret signed (“Approved,Issued”). Anyone have a pointer to an example?refined-terabyte-65361
08/17/2021, 6:05 PMmysterious-lighter-33699
08/17/2021, 6:33 PMpulumi up
the URL where people can follow along, in a machine-readable form? I'd like to provide a link to that from a github workflow and it's only really accessible in logs right nowancient-night-64850
08/17/2021, 7:14 PMrough-window-15889
08/17/2021, 7:41 PMwet-fall-57893
08/18/2021, 2:22 AMspread
on const ssmPolicyDocumentStatement: pulumi.Input<pulumi.Input<aws.iam.PolicyStatement>[]>
context: need to merge 2 statements one from AWS managed policy the other is customrich-cat-16319
08/18/2021, 2:35 AM"$ref": "/aws/v4.0.0/schema.json#/resources/aws:s3%2Fbucket:Bucket"
 that is in the schema.json
 Does anyone know where can I find the same reference but for the azure-native:web:WebApp
 ?fast-florist-41572
08/18/2021, 8:45 AMancient-eve-13947
08/18/2021, 9:51 AMancient-eve-13947
08/18/2021, 11:03 AMpulumi up
or pulumi preview
?sparse-intern-71089
08/18/2021, 1:32 PMicy-jordan-58549
08/18/2021, 3:13 PMbillowy-pilot-50934
08/18/2021, 3:34 PMstocky-magazine-78486
08/18/2021, 3:37 PMmany-psychiatrist-74327
08/18/2021, 4:30 PMpulumi stack output
tells me what the outputs are now, but can I see the outputs for a previous revision/version?billowy-pilot-50934
08/18/2021, 6:42 PMbillowy-pilot-50934
08/18/2021, 6:43 PMbillowy-pilot-50934
08/18/2021, 6:43 PM[
{
"cidrBlocks": [],
"description": "Traffic from subnet",
"fromPort": 0,
"ipv6CidrBlocks": [],
"prefixListIds": [],
"protocol": "-1",
"securityGroups": [],
"self": true,
"toPort": 0
},
{
"cidrBlocks": [],
"description": "Traffic VPN",
"fromPort": 0,
"ipv6CidrBlocks": [],
"prefixListIds": [],
"protocol": "-1",
"securityGroups": [
"sg-Hidden"
],
"self": false,
"toPort": 0
},
{
"cidrBlocks": [
"0.0.0.0/0"
],
"description": "HTTPS",
"fromPort": 443,
"ipv6CidrBlocks": [],
"prefixListIds": [],
"protocol": "tcp",
"securityGroups": [],
"self": false,
"toPort": 443
}
]
billowy-pilot-50934
08/18/2021, 6:43 PMbillowy-pilot-50934
08/18/2021, 6:43 PMprivate SecurityGroup ImportSecurityGroup()
{
var tags = new InputMap<string>();
tags.Add("Name", "subnet-1_SG");
return new SecurityGroup("dev-1a_sg",
new SecurityGroupArgs
{
Name = "dev-public-1a_sg",
VpcId = "vpc-097dc5c3d016997a8",
Description = "Security group",
Tags = tags,
// I would like to get this information
// which shows in my stack online
Egress = null
//^^^^^^^
},
new CustomResourceOptions
{
ImportId = "sg-Hidden"
});
}
billowy-pilot-50934
08/18/2021, 6:44 PMcalm-quill-21760
08/18/2021, 10:56 PMpulumi
from downloading a plugin? I have a previous version installed but it insists on downloading a later one (that I suspect has a bug).rapid-iron-52715
08/18/2021, 11:07 PMrapid-iron-52715
08/18/2021, 11:08 PM