Struggling to grok the output futures. I want to do the following • I'm using python • Create a vpc using awsx • In each public subnet start an EC2 instance ◦ This requires iterating on the (future) values of public_subnet_ids ◦ I got it working by spawning the ec2 instances with a lambda using vpc.public_subnet_ids.apply(....) ▪︎ This is not recommended due to it messing up the resource dependency graph. Which predictably resulted in down not working ◦ All other attempts broadly results in ▪︎ " 'Output' object is not iterable, consider iterating the underlying value inside an 'apply'" So my question is what is the correct way to do this?

Hi I am wondering how to update Pulumi state to a new (and non backwards compatible) provider? I have posted more details of the problem here https://stackoverflow.com/questions/77141404/how-to-update-pulumi-state-to-a-new-and-non-backwards-compatible-provider, I think this sort of problem must be common, I wonder how people get around it?

Hi , I am new in Pulumi. I want to use outputs of one stack : pulumi.export('vpc_id', vpc.id) pulumi.export('public_subnet_id', public_subnet.id) , in another stack that is creating ec2. I wish to pass the outputs of this and use in ec2 stack. How to do this?

Folks please raise your thumb for the issue: Request for adding Control Tower Account Factory for Terraform provider to Pulumi - to prioritize AWS Control Tower Account Factory for Pulumi (wo Terraform!)

Hey guys! I have trouble for the configuration of hashicorp vault as secret provider, The only documentation that I can found is alway the line

<hashivault://mykey>

but I need more details to configure the Vault server correctly. Anyone has already used that feature or can help me find the right documentation ? Or maybe I miss understand and it is only usable with HCP Vault (the saas version) ? Thanks! Sonic.

Hi all, I’m trying to import an existing Snowflake storage integration to no avail. I have tried:

pulumi import snowflake:index/storageIntegration:StorageIntegration my_integration MY_DB.MY_SCHEMA.MY_INTEGRATION

and some permutations of that (removing db, schema, etc…). I always get:

error: Preview failed: resource MY_DB.MY_SCHEMA.MY_INTEGRATION does not exist

Has anyone had any luck with this?

Hey, I need to get an Output from pulumi to use on a string variable and not in pulumi component scope Does anyone have an example of that?

Hi all, is there a channel available for sharing learning resources and opportunities outside of the Pulumi community with everyone? Perhaps a casual or random channel.

Hi All, I forgot the Pulumi PULUMI_CONFIG_PASSPHRASE after creating the stack, is there a way to reset the Pulumi phase phase or to delete the stack without Impact of Resources?

Is this typo of error detectable during

pulumi preview

? We didn't get an error during

preview

for a new Route 53 record. But it failed during

up

* creating Route 53 Record: InvalidChangeBatch: [Invalid Resource Record: 'FATAL problem: InvalidCharacterString (Value should be enclosed in quotation marks) encountered with '""xxxxxxxx-domain-verification=xxxxxxxx""'']
    	status code: 400, request id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

It's a valid error and the root cause is similar to this. Not sure if this is something Pulumi (or perhaps any IaC) able to capture earlier?

Welcome!

faint-kitchen-6178

joined #general.

Hi All How can I create a GKE cluster and register it on Anthos using pulumi python? Using gcp.container.cluster provisions a GKE cluster but does not attach it to anthos automatically. Are there any anthos specific configs in gcp,container.cluster module that does this registration? Thanks & Kind Regards

Hello all, I'm trying to deploy a container service to cloud run using Pulumi. I setup a service account with "owner" role (just for a POC) but I keep running into this error:

docker:index:Image (image):
    error: denied: Permission "artifactregistry.repositories.uploadArtifacts" denied on resource

when I run

pulumi up

. PS: With the "owner" role, the service account is expected to have all the permissions. I also went in to confirm and it does have the

"artifactregistry.repositories.uploadArtifacts"

permission. I must be missing something. Would love to get some assistance. Thanks.

Hi all! Where did the ZScaler Private Access provider go? I remember it still being there a while ago, however it is gone now (Google can even still find links to it:) https://www.pulumi.com/registry/packages/zpa/api-docs/applicationserver/

Hi all! I want to deploy a VM from a content library. Im using C# and the dependency "Pulumi.VSphere". Still get this error "cannot locate virtual machine or template with UUID". I don't get wat te problem is. Can somebody help me out? Greetings, Ruud

Hi is there somewhere an example how to use the automation api in typescript specifically importStack. For example i want to import this into the stack https://www.pulumi.com/registry/packages/auth0/api-docs/tenant/

Hello! I'm trying to provision an AWS Transfer server using

pulumi_aws

, however I am having trouble getting Cloudwatch logs configured Pulumi documentation refers to a structured_log_destinations option in the calling method. However, the

pulumi_aws

python library appears not to support this option. Can someone advise?

I am following the AWS Documentation here to connect Pulumi Workflows with AWS. This was working yesterday but now when trying to get aws creds it is erroring out stating that it does not have rights. See thread

Since pulumi stores information about the deployed infrastructure in a state file, and pulumi stores it on hosted pulumi service and manages that state file. Does there is a way I can manage that state file completely without storing it in pulumi cloud service.

Is there anything happened to pulumi? I am not able to login to panel or run

pulumi up

image.png

Is there any reason why

pulumi destroy

requires pulumi project file to be present in the directory? If I run

pulumi destroy -s organization/project_name/stack_name

it doesn't feel like it still needs to read anything from the file system right? Yet it does complain about missing .yaml file and incorrect project name if there is one from a different project. Any idea why is that?

Hello! Can Pulumi Secrets store environment variables for a Node.js application? I have a Pulumi project where I have the following structure in the repo. /app/ --> Where my node.js app resides /infra/ --> where my infra resides for the node.js app I'd like to use Pulumi to store envar's for my node.js app instead of using something like DotEnv.

hi dudes, exists a way to typing a python function like

def foo(a: str) -> str:
	pass

but using somthing pulumining ? 👀

def foo(a: str) -> Output<T>:
	pass

Need some help - pretty stuck... How can I reference a stack when the current stack's passphrase is different than the stack-to-be-referenced's passphrase?

var otherStack = new StackReference("other-stack");

This works great for all my lower environments which share a stack passphrase. But my production stack has a different passphrase, for obvious reasons. When it executes that code, pulumi dumps an error because the current PULUMI_CONFIG_PASSPHRASE environment variable is valid for the prod stack but not for "other-stack". FWIW, I'm using the default secrets provider - maybe that's technically "passphrase" since I see there's one called "default" in the docs but I don't know what that means or how it's different than "passphrase". Is this possible? Would appreciate direction. Thanks.

Hey all, I'm looking for examples / ways to make a "provider" object that I can pass to a dynamic provider (to pass around authentication details). How do other dynamic-provider users handle auth?

Hi, I have a problem in Pulumu I want to run some conditional commands after the RDS server is created 1. I will check if I am not in preview mode 2. if the RDS is created, I get the ARN by using the apply 3. I will check if the user is not exist in the database, I will create it and make a secret code for that this is a part of code:

const isPreview = pulumi.runtime.isDryRun();
    if (!isPreview) {
        rdsDataServer.endpoint.apply(rdsDataServerEndpoint => {
            rdsDataServer.port.apply(rdsDataServerPort => { 

			....
			// here we have received the rds host, user, password, ...
			// now, we run the query to check if the user exist before 
			if(!userExistsDatabase("username")) 
			{
			
					let secret = new aws.secretsmanager.Secret("...", {
						// The name of the secret
						name: "...",
						tags: {
							...
						}
					});
				
					// create user in database with postgers library	
					// make an object to store the value
					const storeKeyValue = {
						dbUrl: ...,
					}

					// Setting a value for our secret
					let secretValue = new aws.secretsmanager.SecretVersion("...", {
						secretId: secret.id,
						secretString: JSON.stringify(storeKeyValue),
					});				
							
			}
			
		}
	}

it works well for the first time, however when I run the second time, as the user is created before and the secret creation code will not reach, pulumi tries to destroy that. so what is the solution?

What type of database? Pulumi may have a provider for it

Ah, postgres. I'm using this for managing users, https://www.pulumi.com/registry/packages/postgresql/api-docs/role/

I am trying to getCurrentSecretValue for a secret, however I got this error ( img 1) while I have checked it with condition ( img 2). and as you can see my secret does not have value ( img 3 ) how can I check if that is exist before getting it