Hello All, How can I get the oidcProvider for aws eks in python? I saw the equivalent code in

.ts

is

// Create a Kubernetes cluster.
const cluster = new eks.Cluster('mlplatform-eks', {
  createOidcProvider: true,
});

cluster.core.oidcProvider.arn
cluster.core.oidcProvider.url

However, I do not see any exposed method for python? Am I missing something? I can do the same thing from aws cli but I need to do it programmatically from within pulumi to create components for another assume-policy component.

aws eks describe-cluster --name mlp-mlops-eksCluster-c2aab22 --query "cluster.identity.oidc.issuer" --output text

<https://oidc.eks.us-west-1.amazonaws.com/id/ABCFDRREJJKJEFBD0D4EABB3D90A>

aws iam list-open-id-connect-providers | grep ABCFDRREJJKJEFBD0D4EABB3D90A

"Arn": "arn:aws:iam::XXXXXXX:oidc-provider/oidc.eks.us-west-1.amazonaws.com/id/ABCFDRREJJKJEFBD0D4EABB3D90A"

I’m creating a task definition for AWS ECS, and I need to provide a string with my task environment variables inside. I want to use a pulumi config secret, but when I get that secret I get an Output which can’t be put into the string. Do any of you have suggestions for how to get this secret in string form?

Hello All. I'm trying to import an existing google cloud ServiceAccount using the latest google-native v0.19.1 plugin and am failing. As I'm new to Pulumi, I'm coding in golang a hybrid "query existing resources and pass them to the corresponding New calls as an import" in my Pulumi program. This lets me play around with both the query/get side and the upsert side. Note: please forgive the variable prefixes... p is for pulumi to differentiate other model spaces from which I'm drawing while I get my bearings. Note: Also, I'm

<eliding>

specific info where necessary, I hope keeping the gist of it clear.

var pServiceAccountOptions []pulumi.ResourceOption
var pServiceAccount *pulumiIAM.LookupServiceAccountResult
if pServiceAccount, err = pulumiIAM.LookupServiceAccount(pctx, &pulumiIAM.LookupServiceAccountArgs{
    Project:          "<my-actual-google-project-id>",
    ServiceAccountId: "<my-actual-service-account-id>",
}); err != nil {
    err = nil // Don't propagate an error, but don't try to import it.
} else {
    // Import it.
    // This works, and we get the pServiceAccount
    pServiceAccountOptions = append(pServiceAccountOptions, pulumi.Import(pulumi.ID(<WHAT-HERE>)))
}

The query works, and I'm trying to set up the ResourceOption to import into a following iam NewServiceAccount call (not shown here). I've tried many properties and variants taken from the pServiceAccount for <WHAT-HERE>, but I get:

=  google-native:iam/v1:ServiceAccount projects/<project-id>/serviceAccounts/<service-account-id>@<project-id>.<http://iam.gserviceaccount.com|iam.gserviceaccount.com> import
 =  google-native:iam/v1:ServiceAccount projects/<project-id>/serviceAccounts/s<service-account-id>@<project-id>.<http://iam.gserviceaccount.com|iam.gserviceaccount.com> import error: Preview failed: property "projectsId"/"project" not found
 +  pulumi:pulumi:Stack <my-stack> create error: preview failed
 =  google-native:iam/v1:ServiceAccount projects/<project-id>/serviceAccounts/<service-account-id>@<project-id>.<http://iam.gserviceaccount.com|iam.gserviceaccount.com> import 1 error
 +  pulumi:pulumi:Stack <my-stack> create 1 error

Note: If I do NOT use the resource import option, the preview shows that a new service account would be created. I've done the same approach with other resources, and it works, but I know that Service Accounts are an odd beast with respect to identifiers. What am I doing wrong here? What does <WHAT-HERE> need to be?

Hi All, How can I use the bucket name inside a inline policy json using pulumi in python e.g.

mlflow_s3_policy = aws.iam.RolePolicy("mlflow_s3_policy",
                                      role=mlflow_s3_role.id,
                                      policy=json.dumps({
                                          "Version": "2012-10-17",
                                          "Statement": [{
                                              "Action": "*",
                                              "Effect": "Allow",
                                              "Resource": mlflow_bucket.bucket.apply(lambda bucket_name: f'arn:aws:s3:::{bucket_name}/*'),
                                          }],
                                      }))

I get the following error

TypeError: Object of type Output is not JSON serializable

Hi All, Is it possible to detect if a resource is going to be replaced/deleted ? I need to trigger some logic in case a resource is going to be replaced

how can I get config data into serialized pulumi functions. for example like

cfg.requireSecret()

. currently it just serializes the literal function, but not the value

Still looking for a fix for enabling Azure managed certificates on a Web App - specifically using a traffic manager in front of the endpoints which allows https.

Anyone know how to get the currently configured azure-native location? The config file has: config: azure-nativelocation eastus2 But I can't figure out how to access it programmatically... any ideas?

Hello everyone! I am working with Pulumi do deploy a stack on Kubernetes. I would like to include the name of one my backend service in the nginx.conf of the frontend via a config-map. Is there a better way rather than put a string in the config and run a replace on the string? The issue is that

api_url

is an Output type and the replace function expects a string. The following is my snippet:

with open('./nginx.conf', 'r') as file:
        config = file.read()
        config = config.replace("{{API_URL}}", api_url.apply(lambda foo: foo))
        print(config)

    config_map = ConfigMap(
        'nginx-config',
        metadata=ObjectMetaArgs(labels=labels),
        data={'default.conf': config}
        )

Hello , Looking for an advice , I am trying pulumi with python and would like to know the better usage of Output . • Creating a resources let say r = xx.CreateResources(…) ==> r (A pulumi output object) • Would like to extract the raw value of a property ,let say r.http_url (which is again a type of

pulumi.output.Output object

. • Would like to print these values via a print statement (like terraform output format) ,what is the best way to fetch the value via Ouput() method ?

Hi all, is there a way for me to create and retrieve AWS SES SMTP credentials resource, in Golang?

Quick question I haven't found answered in the docs: can I check the current stack in my Pulumi program? I thought it might be accessible through Config. Or should I just put the differences in Config vars and use that to differentiate between stacks?

Hi, I couldn't find this in via search so I hope it wasn't asked before. How can I connect to Cloudflare and create resources (workers/KV/DO/etc.) there?

I want to emulate the workflow of terraform where the plans artifact is preserved for final approval and then the run stage uses that. Last I checked that was still a beta feature. Is this still in beta or is this stable enough to use for normal workloads now? I'd like to get my PR's deploying the infrastructure changes with a preview again (I am using azure DevOps so takes a little work)

I just upgraded to the latest version of the Pulumi CLI and now when I run

pulumi up

, I get this diagnostics error and it won't let me update my stack:

pulumi:pulumi:Stack (PulumiArm-prod):
  The launch profile "(Default)" could not be applied.
  A usable launch profile could not be located.

In the .NET

Pulumi.AzureAD

NuGet package, the

Pulumi.AzureAD.Application

used to have

AvailableToOtherTenants

,

Oauth2AllowImplicitFlow

, and

ReplyUrls

. Have they been moved? I have been Googling but have not been able to find them. EDIT: Resolved by reverting back to the older version and they all had deprecated attributes with guidance on the new properties.

Are there someone who is using databricks provider? https://github.com/pulumi/pulumi-databricks trying to create a provider, but getting this errors:

error: could not validate provider configuration: 4 errors occurred:
        * : invalid or unknown key: azure_client_id
        * : invalid or unknown key: azure_client_secret
        * : invalid or unknown key: azure_tenant_id
        * : invalid or unknown key: azure_workspace_resource_id

I'm setting my Provider config values as the docs advise (

gcp:project

,

gcp:region

) Can I now rely on them via something like

project_id = config.require("gcp:project")

? I get an error suggesting I need to set it in my Pulumi project namespace. Is there a way to access these directly w/o duplicating them?

Hey Guys… I am having some problems to run python program in my Pulumi/Terraform project. I got it bridged to a Terraform Provider I’ve developed and the SDK compiled correctly, but then I am having difficulties getting the custom PackageName to work correctly as the custom package don’t seem to be identified by Pulumi. The MakeFile from the boilerplate does not provide an install for python sdk. Does anybody have any detailed guidelines on how to run this programs successfully in the virtual environment? I managed to get it working using Typescript, but not Python. Thank you

Hello, I'm trying to use https://github.com/pulumi/pulumi-component-provider-py-boilerplate to build my own component resource. I have packaged my component and installed it with

pulumi plugin install resource  xyz 0.0.1 --file ./dist/pulumi-resource-xyz-v0.0.1-linux-amd64.tar.gz

. But the last thing I can not find in the doc, it's how to use the plugin/resource in my main (python) code. Can someone help me with that ? Thanks !

Hi. Do you know if it is possible to export a preview in JSON format when using the await stack.PreviewAsync(); with Pulumi Automation API? I need the same JSON output as if I ran Pulumi CLI command: pulumi preview --json

Not sure how I got into this state, or what's triggering it. Any tips?

k: await serialize_property(
      File "/home/a/.cache/pypoetry/virtualenvs/nocap-api-tm7b1NnF-py3.10/lib/python3.10/site-packages/pulumi/runtime/rpc.py", line 450, in serialize_property
        raise ValueError(f"unexpected input of type {type(value).__name__}")
    ValueError: unexpected input of type tuple

Hi, did somebody experiment use of aws lightsail with container service using pulumi ? i try to build a small app using pulumi lightsail and i don't how to start it. Thank you in advance

Hello. I”m looking for some guidelines here. I’m using Pulumi to set up VMs for running my experiments. I have multiple VMs running in parallel, and I could call the pulumi run command multiple times from different VMs to run multiple experiments in parallel, or on the same vm, run multiple experiments in parallel, by calling pulumi up while the stack created some resources for another experiment that is still running. If I try to reuse the same stack across experiments, the stack either updates an existing set of resources it created, or it destroys any existing resources it previously created for another experiment that is still running. So, for each experiment, I’m creating a new stack and then deleting the stack at the end of the experiment. Is this the right way to do this? Is there a better way to do it?

Hello, I'm having trouble with aliases after setting the parent of a resource.

const mongodbPassword = new random.RandomPassword(
  `my-password`,
  {
    length: 32,
    special: false,
  },
  {
    parent: this, // <-- previously undefined
    aliases: [
      {
        name: `my-password`,
        project: pulumi.getProject(),
        stack: pulumi.getStack(),
        parent: pulumi.rootStackResource,
      },
    ],
  }
);

Have I done something obviously wrong? I've also tried using a full URN for the "name" in the alias object but I get the same result. Pulumi thinks it needs to delete and create the resource because of the parent change. I'm having this problem for all resources in my stack including a helm Chart resource.

Can Pulumi be considered as an CDK? in the list with AWSCDK, terraformCDK etc?

hey, is there a way to reference a stack configured with a different secret provider?

👋 Hi everyone!

I need help

where do i go?