Hi Folks, we recently started facing the issue mentioned here: https://github.com/pulumi/pulumi-eks/issues/720. I have added details about the error and our dependencies: https://github.com/pulumi/pulumi-eks/issues/720#issuecomment-1486265287. It would be great if anyone can guide me on this,

Hi Folks, is there any news in deprecating docker bridge CIDR with the upcoming removal of Microsoft Azure Kubernetes Service API? github: https://github.com/Azure/AKS/issues/3534. I can still see the input properties (DockerBridgeCidr) in azure-native https://www.pulumi.com/registry/packages/azure-native/api-docs/containerservice/managedcluster/ and azure classic https://www.pulumi.com/registry/packages/azure/api-docs/containerservice/kubernetescluster/. Do we need to update our Pulumi code which uses the docker bridge CIDR for earlier version for AKS using Linux node pools? https://learn.microsoft.com/en-us/azure/aks/cluster-configuration#container-runtime-configuration

Hi guys, how to you manage stack references? Since stack references are defined by just strings, not verifiable at compile time, it is easy to for example rename a stack output and not realize it breaks some other stacks. How do you deal with that?

Question around the maximum number of Azure VMs and cores managed using Pulumi: The Azure docs say that "The following limits apply when you use Azure Resource Manager and *Azure resource groups*": • VMs per subscription: 25,000 per region. • VM total cores per subscription 20 per region. • VM per series, such as Dv2 and F, cores per subscription 20 per region. There is an option to "Contact support to increase limit", but was wondering whether Pulumi is affected by the mentioned limit?

Hey, looking for some pointers on deployment of a backend REST service and a web app frontend. The goal is to create one IaC flow that could handle aws/azure/gcp it does not need to be a auto scaled production solution. need to host backend and frontend and hook up everything together and end up with a working website. Any suggestions? breadcrumbs i should follow?

Is my calculation correct that ~20 000 pulumi resources would cost ~$7 500?

Hi all, How to pass connection object to a python file using pulumi.local Here is the scenario, connection_object=<object created for connecting DB> Query = <query to be executed>

random = local.Command(resource_name, create=f'''python3 python_test.py "{query}" "{connection_object}"''')

But I am getting below error /bin/sh: 1: cannot open trino.dbapi.Connection: No such file

How I am supposed to use and stack existing the pulumi service from my local machine?

pulumi stack import

?

Is it possible to alter a resource’s

parent

without triggering a replacement, but in a way that can be versioned in Git and automatically deployed ? (I used to

pulumi stack export

, manually edit then

pulumi stack import

but I wonder if there’s a cleaner way to do this)

what is the best way in pulumi to fetch a pod spec (service account) that was setup with helm chart, don’t see any way to actively fetch resources

I don't have a good grasp on providers; I use (typescript)

@pulumi/kubernetes

and

@pulumi/command

to delete some CRDs when a specific helm chart is deleted. I'd like to be able to write:

new local.Command("name", {
  delete: "kubectl delete thing"
}, { provider: k8sProvider});

However that yields:

unrecognized resource type: "command:local:Command" for this provider

The error message suggests that somehow makeKubeProvider can be made aware of other providers - but it's really opaque to me as to how this happens. I'm also pulling a blank searching for docs on how this works. Does anyone have any pointers?

Hi! It might be a stupid question, but how do I validate a

pulumi.Input<string>

field in my constructor? Imagine the following code:

class RuwenTest extends pulumi.ComponentResource {
  constructor(
    name: string,
    text: pulumi.Input<string>,
    opts?: pulumi.ComponentResourceOptions
  ) {
    super("ruwen:index:Test/Test", name, {}, opts);

    // validate if text contains foo
    pulumi.output(text).apply((t) => {
      if (t.includes("foo")) {
        throw new Error("text contains foo");
      }
    });
  }
}

Since apply is not executed in pulumi preview, I will only see the error if I actually apply the change. I want to see it early. And I struggled to unit test the error. What is the recommended approach?

I’m building a container with

awsx.ecr.Image

in a github action. In update mode it works fine, but in preview mode it fails with this message:

awsx:ecr:Image ([image-name]):
   error: Head "https://***.<http://dkr.ecr.us-east-2.amazonaws.com/v2/[redacted]/manifests/latest|dkr.ecr.us-east-2.amazonaws.com/v2/[redacted]/manifests/latest>": no basic auth credentials

where the URL is my

FROM

image in a private ecr repo. Anyone else seen this peculiar failure mode?

Hi, can anyone explain me what's the purpose of

.pulumi/Pulumi.yaml

in the case of self-managed backend? In my case it's backed by AWS S3 bucket. I've just found out that my builds haven't been passing since 23th March because my fine-grained IAM role for use with GitHub Actions doesn't contain permission to access this object. The builds were passing until that time, though, the last one passing just a couple of hours before. The Pulumi version used by Pulumi GitHub action changed from v3.58.0 to v3.59.0 between the passing and failing job, if that matters. Was that

.pulumi/Pulumi.yaml

file/object just introcuded by that time? I haven't found any mentions about it in https://www.pulumi.com/docs/intro/concepts/state/.

Is there anything that has happened with the

pulumi stack export

command? I can't export any stacks at the moment:

error: stack names are limited to 100 characters and may only contain alphanumeric, hyphens, underscores, or periods:

Hi, I'm trying to build a docker image but I get the following error:

error: failed to solve with frontend dockerfile.v0: failed to read dockerfile: open /var/lib/docker/tmp/buildkit-mount1744191223/myapp.api\Dockerfile: no such file or directory

folder structure

src
-- myapp.api
----- Dockerfile
-- myapp.api.contracts
-- deploy (Pulumi c#)
----- Pulumi.yml
----- deploy.csproj
-- myapp.sln

c# code

var apiImage = new Image("api-image", new()
{
   Build = new DockerBuildArgs
   {
      Context = "..",
      Dockerfile = "..\\myapp.api\\Dockerfile",
      Platform = "linux/amd64",
   },
   ImageName = repo.RepositoryUrl,
   Registry = new RegistryArgs
   {
      Server = repo.RepositoryUrl,
      Username = username,
      Password = password
   }
});

Any suggestions what's wrong? I'm using Windows machine (powershell)

Hi everybody! I'm trying to create new templates on pulumi for AWS and I've ended up in a problem: In the Pulumi.yaml, when I describe the "template" section I can put whatever let's say parameter I want, but I would like even to put conditional clauses in order to execute a specific path if a condition is verified. Is this possible somehow?

Hi all, I'm working on some refactoring of my Pulumi project. How can I rename the

name

field of

Pulumi.yaml

gracefully? If I just modify the field in the file with Vim, that results in changing all URNs and recreating all the existing resources

$ cat Pulumi.yaml            
name: Infrastructure
runtime: dotnet
description: my infrastructure

V

name: NetworkInfra
runtime: dotnet
description: my network infrastructure

I am searching for something in Pulumi to do

az keyvault network-rule add

. I am attempting to use https://www.pulumi.com/registry/packages/azure-native/api-docs/keyvault/vault/ However I am getting this error:

error: cannot create already existing resource

for the virtualNetworkRule.

Hi everyone! Anyone is using pulumi <-> Snowflake for multiple people team? We ran into this error recently. The resource and Pulumi JSON file was created by other colleagues, then when we tried to

destroy

the resource. It’s showing this issue:

The user you were trying to authenticate as differs from the user currently logged in at the IDP

Hi team, I'm just getting started with Pulumi - experimenting with the container service on AWS template, but running into a problem already. The first time I created the stack, everything ran fine. I deleted it - also fine. However, running it again this morning, it ran for 30 minutes without completing (fargate service didn't complete), and now trying to destroy the resources that were created is also hanging..

View in Browser (Ctrl+O): <https://app.pulumi.com/markns/my-container-service/dev/updates/9>

     Type                      Name                      Status
     pulumi:pulumi:Stack       my-container-service-dev
 -   └─ aws:ec2:SecurityGroup  service-mns-sg            deleting (215s)

What should I do here? Go and delete the resources manually?

👋 Bonjour à tous !

Hi, would someone be able to tell me what I'm doing wrong with the role definition below:

const policy: aws.iam.PolicyDocument = {
    Version: "2012-10-17",
    Statement: [
        {
            Action: "sts:AssumeRole",
            Principal: {
                Service: "<http://ecs-tasks.amazonaws.com|ecs-tasks.amazonaws.com>"
            },
            Effect: "Allow",
            Sid: "",
        },
    ],
};
const taskPolicy: aws.iam.PolicyDocument = {
    Version: "2012-10-17",
    Statement: [{
        Effect: "Allow",
        Action: [
            "s3:*",
            "ecs:RegisterTaskDefinition",
        ],
        Resource: "*",
    }],
}
const role = new aws.iam.Role("my-role", {
    assumeRolePolicy: policy,
    inlinePolicies: [
        {
            name: "fsdfsd",
            policy: taskPolicy
        }
    ]
});

I get the error shown below. I'm not sure how to turn the

PolicyDocument

instance into the string that the inline policy is expecting...

Hi friends, usually how long after Terraform publishes a module for a new aws cloud service does it take for this functionality to be available in Pulumi?

Hi, I want to use Pulumi to configure GitHub repos. The repos are already configured manually. I assume I should do a Pulumi import to get this infra into Pulumi?

I'm making a change to the infrastructure and ran into an issue: 1. When I do

pulumi up

, the CLI shows that a storage bucket is being updated. 2. When I click on the "preview" link and go to the Pulumi website, the storage bucket doesn't show up in the list of resources on the "Summary" tab. 3. When I switch to the "Diff" tab, the storage bucket shows up as expected. I reported this issue (including screenshots) using the support form on the Pulumi website, but then got an email saying that the support form is only for enterprise customers. I don't want to include my preview URL or my screenshots on something public like GitHub. How can I report this issue to Pulumi privately?

Is there any way to pass secrets to a Docker build ?

docker.Image

doesn't appear to expose anything 😕

Hi, I've set up an ApiGatewayV2 with a certificate, and I've gotten everything to work. I configured my

Pulumi.Aws.ApiGatewayV2.DomainName

to be

REGIONAL

, which means I need

RegionalDomainName

to set up the certificate. Problem is, there's no way to get the

RegionalDomainName

from the

Pulumi.Aws.ApiGatewayV2.DomainName

. To fix this, we had to make a lookup on

Pulumi.Aws.ApiGateway.DomainName

(not V2), which has the

RegionalDomainName

. Am I missing something? Is this just a missing (for now) feature? AWS CDK does have the

RegionalDomainName

in

ApiGatewayV2

.

@echoing-dinner-19531, currently I’m using Pulumi Action based on your recommendation https://pulumi-community.slack.com/archives/C84L4E3N1/p1675082133113049?thread_ts=1675078507.601099&amp;cid=C84L4E3N1 • is the issue fixed and can I upgrade it to latest version? • how I can suppress output with Action? in CLI I’m using

pulumi up --suppress-outputs

but I cannot find this option on https://github.com/pulumi/actions