bulky-agent-73210
05/31/2022, 11:11 AM.pulumi
? Using Pulumi inline programs, if that mattersrich-agency-75207
05/31/2022, 1:42 PMoptions:
additionalSecretOutputs:
- privateKeyData
This ensured that the corresponding output is [secret]
and the json key is, indeed, obfuscated; however, it has only been base64 encoded as opposed to encrypted using GCP's KMS service.
Clearly I've missed a step in this process and/or have too high expectations wrt pulumi's encoding scheme if the secrets provider is changed.
Please can someone clarify?silly-smartphone-71988
05/31/2022, 2:48 PMbitter-army-70832
05/31/2022, 4:53 PMrefined-evening-26861
05/31/2022, 6:41 PMrefined-evening-26861
05/31/2022, 7:38 PMmost-jordan-25674
05/31/2022, 8:52 PMhelpful-easter-62786
05/31/2022, 10:02 PMsalmon-printer-16080
06/01/2022, 1:55 AMApp Service Managed Certificate
as part of a deployment of an App Service to Azure. I cannot see where I can do that within the following API's in Pulumi, can someone point me in the right direction?
I have looked into the following providers / APIs - maybe I have missed something:
• https://www.pulumi.com/registry/packages/azure-native/api-docs/web/webapphostnamebinding/
• https://www.pulumi.com/registry/packages/azure/api-docs/appservice/managedcertificate/
• https://www.pulumi.com/registry/packages/azure/api-docs/appservice/customhostnamebinding/
• https://www.pulumi.com/registry/packages/azure/api-docs/appservice/certificate/
• https://www.pulumi.com/registry/packages/azure/api-docs/appservice/certificatebinding/bulky-agent-73210
06/01/2022, 8:56 AMorange-crowd-9665
06/01/2022, 9:32 AMadamant-father-26302
06/01/2022, 10:06 AMrich-agency-75207
06/01/2022, 10:36 AMrich-agency-75207
06/01/2022, 10:36 AMgoogle-native
Address
- https://www.pulumi.com/registry/packages/google-native/api-docs/compute/v1/address/rich-agency-75207
06/01/2022, 10:37 AMINTENRAL
IP resource. Purpose: VPC-PEERING
rich-agency-75207
06/01/2022, 10:37 AMsubnetwork
should only be used for GCE_ENDPOINT
and DNS_RESOLVER
rich-agency-75207
06/01/2022, 10:38 AMThe URL of the subnetwork in which to reserve the address. If an IP address is specified, it must be within the subnetwork's IP range. This field can only be used with INTERNAL type with a GCE_ENDPOINT or DNS_RESOLVER purpose.
rich-agency-75207
06/01/2022, 10:38 AMrich-agency-75207
06/01/2022, 10:38 AMerror: error sending request: googleapi: Error 400: Invalid value for field 'resource.subnetwork': ''. No default subnetwork was found for an address with type INTERNAL.
rich-agency-75207
06/01/2022, 10:38 AMerror: error sending request: googleapi: Error 400: Invalid value for field 'resource.purpose': 'VPC_PEERING'. The type/purpose values are invalid for subnetwork address.
rich-agency-75207
06/01/2022, 10:39 AMsubnetwork
rich-agency-75207
06/01/2022, 10:39 AMrich-agency-75207
06/01/2022, 10:40 AMrich-agency-75207
06/01/2022, 10:48 AMPRIVATE_RFC_1918
cold-midnight-33684
06/01/2022, 12:03 PMrich-tiger-43483
06/01/2022, 1:04 PMalert-zebra-27114
06/01/2022, 1:48 PMnarrow-translator-93508
06/01/2022, 2:31 PMKubernetes Operator
and GCP KMS
, because of a custom backend
(first), and custom secrets
provider (second), I have the below error in the logs.
Permission 'cloudkms.cryptoKeyVersions.useToDecrypt' denied on resource 'projects/XXX/locations/europe-west6/keyRings/secrets/cryptoKeys/pulumi'
Anyone else faced the same issue?adamant-father-26302
06/01/2022, 2:32 PMgo get <http://github.com/pulumi/pulumi-awsx/sdk|github.com/pulumi/pulumi-awsx/sdk>
), but getting below error when using it in code
error: no resource plugin 'pulumi-resource-awsx' found in the workspace at version v1.0.0-testplsignore.0 or on your $PATH, install the plugin using `pulumi plugin install resource awsx v1.0.0-testplsignore.0`
any solutions to that? (tried pulumi plugin install resource awsx v1.0.0-beta.7
but did not help)famous-needle-81667
06/01/2022, 2:57 PMuser_data = base64encode(
templatefile("../templates/bash_script.sh.tftpl", {
internal_lb_dns_name = aws_lb.aws-internal-load-balancer.dns_name
}
)
)
How to achieve similar results with pulumi?
If it was not a templated file it would be easy, namely:
UserData: pulumi.StringPtr(base64.StdEncoding.EncodeToString(bashScriptContent))
However, I need to inject some variables into that script that will be known once some resources got created.
Any help would be appreciated, this is a part of my Master's Degree thesis and it would be a shame that this cannot be solved in Pulumi 😄
//EDIT, I'm writing in Golang