https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • a

    alert-zebra-27114

    02/16/2022, 11:24 AM
    Howdy all, Are there any consensus on how to update an existing Kubernetes ConfigMap from Pulumi. It is the usual CoreDNS configuration in a EKS based cluster šŸ™‚ I'm trying to do an import then update cycle via automation, but I'm not having too much success with this.
    p
    • 2
    • 5
  • e

    early-ability-21848

    02/16/2022, 12:18 PM
    hi, i'm getting an error
    Error creating EdgeCacheOrigin: googleapi: Error 404: Method not found.
    when trying to create an
    EdgeCacheOrigin
    for a bucket, pretty much from the documentation:
    const webStaticOrigin = new gcp.networkservices.EdgeCacheOrigin(
      "web-static-origin",
      {
        originAddress: webStaticBucket.url,
      }
    );
    any idea how to fix?
    • 1
    • 1
  • l

    lively-breakfast-59078

    02/16/2022, 1:58 PM
    Hi everyone. Getting a strange error when setting up an ECR RegistryScanningConfiguration. The config can have multiple rules. A rule (according to the Pulumi source, and AWS config) can have a value of "SCAN_ON_PUSH", "CONTINUOUS", or "MANUAL". I've been able to provision a config with a "SCAN_ON_PUSH" rule. Adding a "MANUAL" rule causes it to break on validation.
    1 error occurred:
    	* updating urn:pulumi:production::<service-name>::aws:ecr/registryScanningConfiguration:RegistryScanningConfiguration::<service-name>: 1 error occurred:
    	* error creating ECR Registry Scanning Configuration: InvalidParameterException: Invalid parameter failed to satisfy constraint: 'Invalid scan frequency: MANUAL'
    Any pointers?
    • 1
    • 6
  • e

    elegant-plumber-85706

    02/16/2022, 3:23 PM
    Hello everybody, I wanna create multiple database within a Azure Postgres v13 flexible server. As I found here I need to use
    v20200214preview
    like this:
    export const myDB = new azureNative.dbforpostgresql.v20200214preview.Server(
      "myDB",
      {
        administratorLogin: config.POSTGRES_USERNAME,
        administratorLoginPassword: config.POSTGRES_PASSWORD,
        createMode: "Default",
        storageProfile: {
          backupRetentionDays: 7,
          storageMB: 32768,
        },
        resourceGroupName: config.RESOURCE_GROUP_NAME,
        serverName: config.POSTGRES_SERVER_NAME,
        sku: {
          name: config.POSTGRES_INSTANCE_TYPE,
          tier: config.POSTGRES_INSTANCE_TIER,
        },
        version: "13",
      },
      {
        dependsOn: resourceGroup,
      }
    )
    But when I try to add new database to this server I can't find
    Database
    resource in this preview class:
    new azureNative.dbforpostgresql.v20200214preview.Database    <------ This resource not exists in Pulumi
    Can you tell me how I can add more database to the above postgres server? In the azure document they told that it's allowed and possible to use single postgres server with multiple database:
    Within an Azure Database for PostgreSQL server, you can create one or multiple databases. You can opt to create a single database per server to utilize all the resources, or create multiple databases to share the resources.
    Ref: https://docs.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-servers
  • f

    freezing-van-87649

    02/16/2022, 5:10 PM
    Ooh, looks like the public roadmap got updated, thanks!
    šŸ‘€ 1
  • v

    victorious-wall-1075

    02/16/2022, 5:11 PM
    Hello, is there an example of how to use Minio as backend ? I have a local minio instance that I want to use.. I tried this:
    āžœ pulumi login "<s3://pulumi-bucket?endpoint=192.168.31.2:54640&disableSSL=true&s3ForcePathStyle=true>"
    When I try to bring up the stack:
    āžœ pulumi up
    error: could not query backend for stacks: error listing stacks: could not list bucket: blob (code=Unknown): MissingRegion: could not find region configuration
    Also, my minio endpoint has login/password, I am not sure where to specify that
    m
    • 2
    • 7
  • b

    bored-table-20691

    02/16/2022, 7:02 PM
    Let’s say I have a project and stack named
    itay/myproj/mystack
    , and then I use a StackReference to refer to it from another project and stack (
    itay/someproj/clientstack
    ). Then, say I rename the original stack to
    itay/myproj2/mystack2
    . Now, if I do a
    pulumi up
    on the
    itay/someproj/clientstack
    stack. Will I get an error saying that
    itay/myproj/mystack
    doesn’t exist, since it’s stored in the state of this client stack? What’s the right way to tackle this?
    • 1
    • 1
  • h

    hallowed-horse-57635

    02/16/2022, 10:06 PM
    Question on pulumi import resource commands. Is there a way to import all rules (ingress/egress and all ports etc) for a specific SG without having to specifically adding each and every sg rule explicitly with pulumi import command? i am looking at these examples but each of them list adding one rule at a time... https://www.pulumi.com/registry/packages/aws/api-docs/ec2/securitygrouprule/#import
    šŸ‘€ 1
  • f

    fast-easter-23401

    02/16/2022, 10:14 PM
    Hi everybody, I need to grant read-write permissions to a GCP serviceAccount for a given set of google-sheets documents. Do you know if there’s a way to automate that with pulumi (i.e., creating dynamic-provider)?
  • h

    hallowed-horse-57635

    02/16/2022, 10:49 PM
    Another import related issue - Also we are facing this issue and seems like no resolution yet - https://github.com/pulumi/pulumi-aws/issues/1605. Any updates on this issue?
    🤯 1
  • v

    victorious-wall-1075

    02/17/2022, 4:04 AM
    TL; DR: Is ā€œpulumi loginā€ mandatory step before using automation API. Is there a way to specify the login details into the automation API? I am trying to run pulumi in automation mode (without having ~/.pulumi/credentials). I am configuring the projectSettings this way:
    self.projectSettings = auto.ProjectSettings(
                name=projectName,
                runtime="python",
                backend={"url": f"<s3://pulumi?region=us-east-1&endpoint={epUrl}&disableSSL=true&s3ForcePathStyle=true>"}
            )
    When I run my code - I see this:
    >           raise Exception(err)
    E           Exception: Error Deploying HELM -
    E            code: 255
    E            stdout:
    E            stderr: Logging in using access token from PULUMI_ACCESS_TOKEN
    E           error: invalid access token
    
    IACLib/src/pulumi_iac/platforms/kubernetes/__init__.py:145: Exception
    What am I missing here that pulumi is asking for PULUMI_ACCESS_TOKEN ? If I do pulumi login (and it produces the credentials file), things work fine.
    āžœ cat ~/.pulumi/credentials.json
    {
        "current": "<s3://pulumi?region=us-east-1>\u0026endpoint=192.168.31.2:54640\u0026disableSSL=true\u0026s3ForcePathStyle=true",
        "accessTokens": {
            "<s3://pulumi?region=us-east-1>\u0026endpoint=192.168.31.2:54640\u0026disableSSL=true\u0026s3ForcePathStyle=true": ""
        },
        "accounts": {
            "<s3://pulumi?region=us-east-1>\u0026endpoint=192.168.31.2:54640\u0026disableSSL=true\u0026s3ForcePathStyle=true": {
                "lastValidatedAt": "0001-01-01T00:00:00Z"
            }
        }
    }%
    
    and I have to set these exports:
    
    export AWS_ACCESS_KEY_ID=miniouser
    export AWS_SECRET_ACCESS_KEY=miniopasswd
    export AWS_PROFILE=minio
    I want to know how to pass the credentials via automation without having this file..
    b
    c
    • 3
    • 3
  • v

    victorious-wall-1075

    02/17/2022, 5:29 AM
    I want to add pulumi to my docker image (based on python): when i extract pulumi tar.gz, I see the following files. When copying files into the docker, can I safely exclude the *nodejs*/*go*/*dotnet* files if I am only interested in python?
    āžœ ll pulumi
    total 139196
    -rwxr-xr-x 1 bhakta bhakta 20866682 Feb  5 00:30 pulumi-language-python
    -rwxr-xr-x 1 bhakta bhakta 20916427 Feb  5 00:30 pulumi-language-nodejs
    -rwxr-xr-x 1 bhakta bhakta 21950449 Feb  5 00:30 pulumi-language-go
    -rwxr-xr-x 1 bhakta bhakta 20813269 Feb  5 00:30 pulumi-language-dotnet
    -rwxr-xr-x 1 bhakta bhakta 57955904 Feb  5 00:30 pulumi
    -rwxr-xr-x 1 bhakta bhakta     1893 Feb  5 01:30 pulumi-resource-pulumi-python
    -rwxr-xr-x 1 bhakta bhakta      238 Feb  5 01:30 pulumi-resource-pulumi-nodejs
    -rwxr-xr-x 1 bhakta bhakta     6142 Feb  5 01:30 pulumi-language-python-exec
    -rwxr-xr-x 1 bhakta bhakta     1853 Feb  5 01:30 pulumi-analyzer-policy-python
    -rwxr-xr-x 1 bhakta bhakta      245 Feb  5 01:30 pulumi-analyzer-policy
  • s

    stocky-spring-27341

    02/17/2022, 6:17 AM
    Hola! New user here. What's the suggested approach for filing bugs?
    e
    b
    • 3
    • 11
  • s

    stocky-spring-27341

    02/17/2022, 7:11 AM
    I got this error after 8m3s 😮
    Diagnostics:
      pulumi:pulumi:Stack (xxxx):
        error: update failed
     
      aws:ecs:Service (xxxx):
        error: 1 error occurred:
        	* failed creating ECS service (xxxx): InvalidParameterException: The target group with targetGroupArn arn:aws:elasticloadbalancing:us-west-2:xxxx:targetgroup/xxxx/xxxx does not have an associated load balancer.
     
    Resources:
        24 unchanged
    
    Duration: 8m3s
  • s

    stocky-spring-27341

    02/17/2022, 7:11 AM
    wonder why this took so long
  • m

    modern-controller-89617

    02/17/2022, 9:10 AM
    Hey everyone! Are there any good resources about more-advanced Pulumi usage patterns? Something to find stuff like "use component resources, you might want to pass a custom provider instead of relying on the default one". Right now, I'm finding mentions of this kind of interesting details in GitHub issues - a book, video series or single blog post around this would be great to know about. Any recommendations?
    šŸ‘ 3
  • e

    elegant-plumber-85706

    02/17/2022, 9:59 AM
    Hey everybody, Does anyone knows how I can translate this azure cli command to Pulumi?
    az postgres flexible-server db create --resource-group
                                          --server-name
                                          [--charset]
                                          [--collation]
                                          [--database-name]
                                          [--subscription]
    l
    • 2
    • 5
  • s

    stocky-spring-27341

    02/17/2022, 1:28 PM
    Heya again! I have a question regarding using existing resource parameters as inputs when creating new resources. I went through the "Input and Outputs" page on the documentation but I still can't seem to get it to work. For example - When I try to create a
    aws.cloudwatch.MetricAlarm
    and I want to use
    <http://aws.lb|aws.lb>.TargetGroup.name
    to construct the
    resource_name
    I get this error. source:
    aws.cloudwatch.MetricAlarm(
                resource_name=Output.concat("", target_group.name, "-CPUHigh-alarm"),
    error:
    raise TypeError("Expected resource name to be a string")
        TypeError: Expected resource name to be a string
        error: an unhandled error occurred: Program exited with non-zero exit code: 1
    Surprisingly, this same approach works for
    aws.cloudwatch.MetricAlarm.dimensions
    treat_missing_data="breaching",
                dimensions={
                    "TargetGroup": Output.concat("", args.target_group.name),
                },
    I haven't been able to figure out how to use existing resource fields when creating new resources. What am I missing?
    m
    a
    • 3
    • 4
  • r

    rich-tiger-43483

    02/17/2022, 2:57 PM
    Hi, I am creating my own provider using the TF bridge and having some troubles with id types when linking resources using
    ID
    . I have a resource called
    Group
    and other called
    Check
    . You should be able to use the
    groupId
    property of the
    Check
    in order to link them. The problem is when I tried to do it, I get this error message:
    error: checkly:index/check:Check resource 'pulumi-api-check' has a problem: Attribute must be a whole number, got 257503. Examine values at 'Check.GroupId'
    I guess this is related with types and for some reason the
    ID
    of the group is being returned as
    string
    when it should be a
    number
    . In my TF provider the
    ID
    has the correct type, so I am not sure why this is happening. I could try to manually parse the
    ID
    to integer when setting it in the group but don’t think will be a good DX. Here is the JS source of the example I am trying to make it work šŸ‘‡
    const checkly = require( "@pulumi/checkly");
    
    const group = new checkly.CheckGroup("group", {
      activated: true,
      concurrency: 1,
      locations: ['us-east-1'],
    });
    
    new checkly.Check("api-check", {
      activated: true,
      frequency: 10,
      type: "API",
      groupId: group.id
    });
    Any help/suggestion will be appreciated šŸ™
    e
    • 2
    • 6
  • w

    wonderful-portugal-96162

    02/17/2022, 4:17 PM
    Hello all, just getting started and I ran into some behavior that I have questions on. 🧵
    p
    b
    • 3
    • 37
  • h

    high-grass-3103

    02/17/2022, 4:50 PM
    Is it just me, or unsecret isn't doing anything?
    a
    m
    • 3
    • 11
  • g

    glamorous-glass-45224

    02/17/2022, 5:01 PM
    I messed up and ran
    pulumi delete <urn>
    on some resource that still exists. (k8s namespace)
    pulumi refresh
    isn't doing anything to add it back to the state and
    pulumi up
    fails because the resource already exists. How can I add it back to the state without having to destroy first?
    m
    • 2
    • 2
  • v

    victorious-wall-1075

    02/17/2022, 5:02 PM
    When I try to use pulumi with MinIO backend AND try to configure AWS:ec2 instance, I see issues resulting from clash in the AWS key and credentials//
    [default]
    aws_access_key_id = MyKey
    aws_secret_access_key = MySecret
    
    [minio]
    aws_access_key_id = minioadmin
    aws_secret_access_key = minioadmin
    I am setting AWS_PROFILE=minio so the backend can use the minio profile. However, this collides with AWS operations as pulimi tries to use the same key with AWS and fails.. If set the profile to default the backend calls fail.. How do I get around this?
    l
    • 2
    • 4
  • m

    modern-quill-17695

    02/17/2022, 6:07 PM
    Hi, Is it possible to create a Pulumi Access Token for an organization account, instead of through a personal account? I'm having trouble getting my GitHub Action to manage my stack through the organization instead of my personal account. More info in slack thread.
    b
    • 2
    • 5
  • e

    echoing-actor-55539

    02/18/2022, 12:07 AM
    How might I set the log group parameters on a pulumi lambda function resource? i would like my lambda logs to only persist for a week instead of default never
    l
    m
    • 3
    • 5
  • f

    future-cartoon-6373

    02/18/2022, 12:37 PM
    šŸ‘‹ Hello everyone!
  • a

    adamant-rain-88639

    02/18/2022, 1:08 PM
    Hello @future-cartoon-6373
  • s

    sparse-gold-10561

    02/18/2022, 2:22 PM
    Is there any way to backup the state locally from the Pulumi Service Backend?
    f
    • 2
    • 4
  • k

    kind-room-82948

    02/18/2022, 4:23 PM
    Anyone know a way to check if the current stack has a lock and wait a specified amount of time for it to clear? I’m trying to deal with parallel CI/CD builds
    e
    • 2
    • 2
  • c

    clever-belgium-19744

    02/18/2022, 5:27 PM
    Hi everyone! šŸ™‚ I read the FAQ on error-handling (I like that this is the first question!) but I’m still left wondering: Can you define custom deploy-time error-handling logic in Pulumi? For example, if I hit some CloudFront API rate-limit with a
    pulumi up
    , can I define error handling that says ā€œWait thirty seconds if you get this error code and retry only onceā€ in a way that I can unit-test with something like
    jest
    ?
    e
    • 2
    • 5
Powered by Linen
Title
c

clever-belgium-19744

02/18/2022, 5:27 PM
Hi everyone! šŸ™‚ I read the FAQ on error-handling (I like that this is the first question!) but I’m still left wondering: Can you define custom deploy-time error-handling logic in Pulumi? For example, if I hit some CloudFront API rate-limit with a
pulumi up
, can I define error handling that says ā€œWait thirty seconds if you get this error code and retry only onceā€ in a way that I can unit-test with something like
jest
?
e

echoing-dinner-19531

02/20/2022, 10:30 AM
Not currently. I'm sure this idea has come up before but I can't find a github issue for it... feel free to make a new one, especially if you've got a concrete use case in mind.
c

clever-belgium-19744

02/23/2022, 7:36 PM
Done! šŸ™‚ https://github.com/pulumi/pulumi/issues/9041
šŸ‘ 1
Please let me know if/how I can be more helpful in my GitHub issue description! ā¤ļø I really care a lot about this use-case, as I’ve been so disappointed by pretty much every IaC tool that seems like it could never support it. Maybe it’s just a bad idea to begin with! But if so, I really want to learn why.
e

echoing-dinner-19531

02/23/2022, 8:32 PM
No it's a fair feature request, I'm really surprised I can't find any other issues about it because I'm sure it's come up before.
c

clever-belgium-19744

02/23/2022, 8:39 PM
I wouldn’t be surprised if it never has! As far as I’ve seen, there hasn’t been much of a discussion about unit-testable and custom deploy-time error handling in the IaC community. It seems like we’ve converged on templates and DSLs where that sort of thing seems really hard to implement. To me, it’s one of those, ā€œIs everyone crazy, or just me?ā€ sorts of things. Hits you right in the impostor syndrome. šŸ˜† But I think Pulumi challenges a lot of traditional thought in that community in a really exciting way!
šŸ˜† 1
View count: 4