Hi, I need a help in updating the service discovery instance's custom attribute. I have created a service discovery in aws via pulumi let it be service A, and it holds only one instance, in that I have added a custom attribute. Now I'm creating a new service B when creating the service B I need to update the service A's custom attribute with the value got from service B. Any help would be greatly appreciated.

Hi, I would like to make a REST API call to an endpoint. I can use the language specific tools (ie for python, `requests`or

urllib

), but I would like pulumi to understand to make the API call only once on the first

pulumi up

. In other words is there a pulumi resource that make REST API call? Thanks

Hi all, I'm interested in transitioning to Pulumi for a fairly large TF repo. I've already tried tf2pulumi and that didn't work, however I have a long car ride coming up where I won't have access to internet and I was thinking about creating it then. Is there a good way to do a testing "plan" without internet access? I just want to see what it would do if it had no real previous state.

was there an incompatible change in the tls provider?

SelfSignedCert.subjects

has changed to subject (singular) and from array to a scalar, but I don't recall changing version in the package.json...

Hi all! I've recently began using Pulumi's automation API to manage Cloudfront Distributions and ran into an efficiency problem. Wondering if someone here could help me out: • I commonly use 4+ distributions for my environments. • Each distribution is taking about 3 minutes to complete. • They all appear to be deploying serially, i.e. one after another. • So, about 12 minutes per execution of the deployment script. _The actual question_: Is it possible to deployment the distributions in parallel instead of one after another? edit: Sorry for all the edits. My brain is frazzled after coding all day.

I have started working with the Auth0 provider and I ran into a problem. I'm trying to configure custom database connection with Auth0. I'm using auth0.Connection. When I run

pulumi up

it says my connection resource was created but I see no update on the Auth0 web ui. When I run

pulumi up

(multiple times) it always ways the plan is to create the "options" on my connection. Even though nothing has changed since the last

pulumi up

. I'm provisioning Connection like this:

auth0.Connection(
            f"{name}-connection",
            options=auth0.ConnectionOptionsArgs(
                brute_force_protection=True,
                custom_scripts={"login": login_script},
                debug=True,
                disable_cache=True,
                disable_signup=True,
                import_mode=False,
                name="Database Connection Opts",
                tenant_domain=auth0.get_tenant().domain,
            ),
            strategy="custom",
            enabled_clients=client_ids,
            display_name="Database Connection",
            opts=opts,
        )

Does anyone have any clue what I might be doing wrong?

Hi, I have created 2 VPCs with Private Subnets in each. Now in future, is it possible to update Routes in a Route tables via pulumi- typescript so as to make a private subnet of VPC-A gets connected to a private subnet of VPC-B via a peering gateway ? I tried my hand with this already but I got few exceptions. So I am not sure if that is possible at all using "getRoutetable". Or is there any other way around. Thanks for any suggestions, help.

So I have two separate projects, one deploys the UI and the other deploys the backend API. The common thing they share is a Kubernetes namespace. Is there a way to have either project deploy the namespace without each project trying to own it? I could create a third project that does the namespace but that is a bit.... cluttered

Hi Looking at awsx vpc package This document mentions about a natgateway strategy, (https://www.pulumi.com/docs/guides/crosswalk/aws/vpc/) However this doesn't seem to be available in the package, only fields found regarding nats are numberOfNatGateways. Am I looking at the wrong place? pulumi AWS Virtual Private Cloud (VPC) Pulumi Crosswalk for AWS provides simple, out of the box VPC functionality that follows widely accepted best practices.

I am seeing conflicting references to whats available in the package https://www.pulumi.com/registry/packages/awsx/api-docs/ec2/vpc/ https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/awsx/ec2/#Vpc Am I missing something?

Hi, I need help to resolve the following case i face now, Project -1 : First I create "VPC-A" with a Private Subnet without any specific routes. Project - 2: Secondly I create another VPC "VPC-B" with a Public Subnet and 2 Private Subnets. Along with this I establish Peering Connection between these two VPCs and once the peering connection is made, new route tables are created so that the Private Subnets of "VPC B" can "ingress" into Private Subnets of "VPC A". So far so good. Now, I need to add routes to the already existing route table of the Private Subnet of "VPC - A" to egress to Private Subnets of "VPC-B" via the "Peering gateway". Like this I may in future need to add more routes to an existing route table. Is this possible ? i am not trying to import already existing route table outside the pulumi stack. I tried different means and many times i got exception as "trying to create a new route table with an existing name, try give an unique name". Need a helping hand in this .

Hi, I have aws sns topic access policy as picture, it was edited by manual, when i try to translate to pulumi IaC code, it not accepted 1. Statement IDs (SID) must be alpha-numeric.

Check that your input satisfies the regular expression [0-9A-Za-z]*

2. I change the Sid to AllowPublishAlarms

error creating IAM Policy sns-access-policy: MalformedPolicyDocument: Policy document should not specify a principal

const snsAccessPolicy = new aws.iam.Policy("sns-access-policy", {
  name: "sns-access-policy",
  policy: {
    Version: "2012-10-17",
    Statement: [
      {
        Sid: "Allow_Publish_Alarms",
        Effect: "Allow",
        Principal: {
          Service: "<http://aps.amazonaws.com|aps.amazonaws.com>",
        },
        Action: ["sns:Publish", "sns:GetTopicAttributes"],
        Resource: "arn:aws:sns:ap-southeast-1:482414749843:amp-sns-topic",
        Condition: {
          StringEquals: {
            "AWS:SourceAccount": "482414749843",
          },
          ArnEquals: {
            "aws:SourceArn":
              "arn:aws:aps:ap-southeast-1:482414749843:workspace/ws-be6e741f-d8ac-4330-b0fb-6a0c0aa92d6f",
          },
        },
      },
    ],
  },
});

Hello, I'm in the middle of an architecture design but have come to a blocker. I've searched the docs/web but cannot find a way to avoid using local stack config files (i.e.

.yaml

files) for stack configuration settings. Ideally, I would like to use something like AWS SSM or similar to manage all stack config variables. Does anyone know if this is possible or must I use YAML files for stack config?

Hello, May be this thread belongs here. Any help is much appreciated. https://pulumi-community.slack.com/archives/CJ909TL6P/p1657791281703139

Just curious to understand. If we plan to use our own local backend(filesystem), then is it completely free? or do we still need to buy the subscriptions as per the pricing plans mention on Pulumi's website?

Hi there. We're deploying Confluent Kafka clusters with Pulumi, which has been working properly for the Basic cluster type. However we now need to deploy Dedicated Confluent clusters, and there doesn't seem to be an option for this with the API. I do notice that when deploying Dedicated Confluent clusters using their console, that the CKU value is set to

1

by default, and so I've tried to do this with Pulumi, as there is a CKU resource name...but nothing seems to change, ie. the cluster is still Basic type, and there's no CKU property with the cluster at all. Has anyone been able to deploy Dedicated Confluent clusters with Pulumi...or even a Standard cluster type, and if so what am I overlooking here?

Question about some resources that i’ve generated using `crd2Pulumi`: In most regular k8s objects, you have something like

readonly metadata: pulumi.Output<outputs.meta.v1.ObjectMeta>;

on the resource instance. However, on my generated resources, it’s instead

pulumi.Output<k8s.types.input.meta.v1.ObjectMeta>

which leads to weird type juggling. everything works, but i’m not able to do something like

resource.meta.name

as an input to another resource. For reference, the CRDs i’m working with are the

<http://snapshot.storage.k8s.io/v1|snapshot.storage.k8s.io/v1>

which are annoying not part of the standard k8s api although they are standardized (not pulumi’s fault).

Does anyone know if we can create spot fleet scheduled scaling via pulumi ? I have found the

aws.autoscaling.Schedule

but it asks for a group and I'm not sure how to reference the spot fleet request. In the aws console, it looks quite simple. Anyone can point me in the right direction ?

Hello. I am getting an error `error: failed to discover plugin requirements: calling `python -m pip list -v --format json`: exit status 1` when I ran

pulumi up

on an pulumi-aws project. I created the pulumi project a few months back, it was working well that time and I created a few resources. I am re-visiting the project again, and it throws me this error. What could have went wrong? I only updated the pulumi version.

Hi, wondering how I could stop pulumi preview or update when error occurred and handle exceptions however I want. Right now I just throw an exception, it does the work but I see:

error: Program failed with an unhandled exception:

, instead I want a short and clear message.

is it possible to write a component in a component provider that accepts inputs/outputs of raw strings (and other primitives), in addition to promises/(input type)?

Back with n00b questions 🙂 • Context: ◦ I'm using the Automation API and Python. ◦ Working with

aws.cloudfront.Distribution

. ◦ Seems the only way to bounce between regions is to set the

aws:region

configuration. ▪︎ Please correct me if I'm wrong about setting that value. • Questions: ◦ Should the

aws:region

config be changed between calls to

aws.cloudfront.Distribution

, can I expect the subsequent distribution to be deployed in the most resent setting? ◦ If using the stack config to exchange parameters between the local program and the Pulumi program, what is the most effective method of getting a

pulumi.automation.Stack

instance in the Pulumi program? ▪︎ I've considered

__file__

,

pulumi.get_stack()

, and

pulumi.automation.select_stack()

but it seems like I'm missing a more obvious method. ▪︎ Edits: • I'm looking to set new values to the stack's config. • Can confirm that the

pulumi.automation.select_stack()

works.

Hey Can I check if a resource exists in pulumi without throwing an error? I am trying to see if an LB exists and if it does then create some subsequent resources. I tried wrapping the get method in a try catch without much success

hello dears, this package is very awesome, but i have an issue with kind: Ingress rule it fails

apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
kind: Ingress
metadata:
  name: XXXX-web-ingress-rule-development
  annotations:
    <http://kubernetes.io/ingress.class|kubernetes.io/ingress.class>: nginx
    <http://nginx.ingress.kubernetes.io/rewrite-target|nginx.ingress.kubernetes.io/rewrite-target>: /$1
    <http://nginx.ingress.kubernetes.io/use-regex|nginx.ingress.kubernetes.io/use-regex>: "true"
    <http://nginx.ingress.kubernetes.io/proxy-body-size|nginx.ingress.kubernetes.io/proxy-body-size>: "0"
    <http://nginx.ingress.kubernetes.io/proxy-read-timeout|nginx.ingress.kubernetes.io/proxy-read-timeout>: "600"
    <http://nginx.ingress.kubernetes.io/proxy-send-timeout|nginx.ingress.kubernetes.io/proxy-send-timeout>: "600"
    <http://cert-manager.io/cluster-issuer|cert-manager.io/cluster-issuer>: letsencrypt-production
    <http://nginx.ingress.kubernetes.io/ssl-redirect|nginx.ingress.kubernetes.io/ssl-redirect>: 'true'
    <http://nginx.ingress.kubernetes.io/custom-http-errors|nginx.ingress.kubernetes.io/custom-http-errors>: "404"
    <http://nginx.ingress.kubernetes.io/from-to-www-redirect|nginx.ingress.kubernetes.io/from-to-www-redirect>: "true"
    <http://nginx.ingress.kubernetes.io/preserve-trailing-slash|nginx.ingress.kubernetes.io/preserve-trailing-slash>: "true"
    <http://nginx.ingress.kubernetes.io/default-backend|nginx.ingress.kubernetes.io/default-backend>: ءءءء-web-service-development
    <http://nginx.ingress.kubernetes.io/use-regex|nginx.ingress.kubernetes.io/use-regex>: "true"
    <http://nginx.ingress.kubernetes.io/custom-http-errors|nginx.ingress.kubernetes.io/custom-http-errors>: "404"
spec:
  tls:
  - hosts:
    - <http://oci.ءءءء.com|oci.xn--ggbaaa.com>
    secretName: tls-secret-ءءءء-prodd
  rules:
  - host: <http://oci.ءءءء.com|oci.xn--ggbaaa.com>
    http:
      paths:
      - path: /(.*)
        pathType: Prefix
        backend:
          service:
            name: ءءءء-web-service-development
            port:
              number: 3000

do you guys use pulumi to deploy your microservices?

docker.image() is poorly implemented because its builds and push every time without checking the dir hash. how do you solve this issue?

i cant do pulumi preview because of this

Hello, dears. I spend hours to find a solution to my problem. I have a difficult pipeline. Pulumi installs a pod. The pod generates a YAML. Then metacontroller (a tool that makes kubectl apply -f …) applies this YAML. As result, after a couple of minutes, I have a lot of new k8s services (svc) that Pulumi doesn’t know. How after that I can fetch all kubernetes services (kubectl get svc). I expect something like

let services = pulumi.k8s.services.get()

😪