@white-balloon-205 is there an example of using the provider-level

deleteBeforeReplace

option? Related issue: https://github.com/pulumi/pulumi/issues/1620

Has anyone tried to load docker registry credentials into a k8s cluster with pulumi?

how can i get an azure.msi.UserAssignedIdentity clientId please - it doesn't seem to exist in the pulumi source at all but it's an essential part of using them

is this PR included in the latest npm release? https://github.com/pulumi/pulumi-docker/pull/25

hooray i got pod MSI working on azure kubernetes

pulumi's awesome again

Sign In button on www.pulumi.com redirects me to 404

is there any way to hide the docker build output when creating docker builds/pushes?

im building 30 containers at once and its like a firehose

Off-topic: Using pulumi sparked an idea in me: How about generating YAML files for YAML-based CI systems (circle, travis, gitlab and basically almost every “modern” ci system) via a CLI and a bunch of TypeScript libraries? Why? We’re using more and more of gitlab-ci and either our config files becomes super large or we’re using a lot of yaml anchors which are not exactly readable and it’s a lot of try and error to get actually valid YAML out of it. In general it’s also often not clear what config options an CI system offers without checking the documentation in detail. I think it should be possible (and probably not super hard) to build a TypeScript library which can generate for example gitlab CI yamls and is strictly typed, so if you put in some invalid config keys / values the compiler yells at you instead of having to run a lot of try-and-error ci jobs. Also it would be possible to build some reuse / abstraction library to create a set of common jobs that can be reused in multiple repos. Wdyt think of something like this? Anybody heard whether something similar already exists?

Is it normal for pulumi-aws ec2 resources to get spun up/down serially, even though `pulumi up`/`down` is being called with

--parallel 100

. I simply have a list of ec2 instances that I'm spinning up and down, and I've notices that the bigger the list, the longer these operations take. Have I accidentally introduced some kind of data dependency between my machines that forces Pulumi to process them one-by-one?

Hi everyone! I created a #python channel just now to talk about using Pulumi with Python, if people are interested. There’s also #golang for Go!

missing something here.. I'm creating a resource in Azure, and I want the principal ID of that item, it's an output.. but it's giving me back a function. I realize that's because its' from a promise of some type, but how do i get the value as an output? it says I can't use

.get()

during an update.. is this where I'd use

apply()

instead?

If I set

cloud-aws:acmCertificateARN

in my stack config, my

cloud.Service

does not create an ALB with the SSL cert set.

Is this expected? Or perhaps something else needs to be configured?

Ah,

cloud.Service

uses a NLB not a ALB. Hmm.

just posted an issue with pulumi azure, looks like terraform azurerm provider got updated to 1.16.0 but the pulumi azure branch is lagging behind a bit (posted Oct 1st) https://github.com/pulumi/pulumi-azure/issues/134 pretty please! I just hit this issue trying to create a role that allows data access, a new feature added in this TF release.

Hi, firstly, thanks for the great work! Is there a way to add custom authorizer just by using the pulumi-cloud api? Or is there plans on adding it?

Thanks for the reply. Actually I am also enquiring on the direction. So if I need to have grain control over AWS, I should be using pulumi-AWS instead of Pulumi Cloud?

To be honest I started with pulumi-cloud first but realised i could not create secondary indexes for dynamodb, and also authorizer for api therefore I went ahead to use pulumi-AWS instead.

Let me know if I am wrong, as I did went through the source and see it didn’t have apis to create global secondary index on dynamodb

Hi everyone, I just started to play with Pulumi and from the documentation/examples not clear to me how can I change a resource property after it was created? The resources are immutables, they have only read only properties, the "get" methods return read only results as well. I created an eks cluster based on the "aws-ts-eks" example, it worked fine, then I added a kubernetes load balancer, which is not working, because unable to find the public subnets. To make it work, I need to add a "kubernetes.io/cluster/${cluster_name}" tag to the public subnets. My problem is, that the subnets are created before the eks cluster, in fact the "eks.Cluster" constructor expects the subnet ids. I can use the "aws.ec2.getSubnet" method to get the subnet informations, but unable to modify it. I can create a new subnet with "aws.ec2.Subnet" based on the previous one, but I not sure how would pulumi handle that(overwrite the old one, create a new one), especially because the "aws.ec2.Subnet" constructor expects a name, which is not available on the "GetSubnetResult" interface. What is the correct way to do this?

Hi, is there a way to programmatically set a global default provider or (programmatically set a root resource which contains this provider)?? The concrete issue is the following: Currently in my stacks I’m programmatically creating a k8s provider that should be used as the deployment target for all resources in that stack (using https://gist.github.com/geekflyer/b78adab2667d8526a1dd593bc5c844bf#file-gke-ts). In order to use this dynamically created provider, however, I have pass it explicitly to each k8s resource that is created in that stack OR I have to explicitly set a common parent on each resource in that stack and set the k8s provider on that parent. If I accidentally forget to explicitly set the provider or parent on one of the resources, pulumi seems to create an implicit k8s provider based on my local kubectl config / context. Depending on what my current local kubectl context contains, pulumi may end up silently deploying resources to a different cluster than what I actually want. It would be very helpful if I could disable or override this “implicit default provider” programmatically in the entrypoint of my program.

Hey there, when trying to create CloudWatch metric alarms I get this errors with no useful message attached:

aws:cloudwatch:MetricAlarm: test-cache-redis-EngineCPUUtilization
    error: Plan apply failed: Creating metric alarm failed: ValidationError:
        status code: 400, request id: ...

Does anyone with more experience in Pulumi and/or Terraform knows how may I proceed? AWS docs list an infinity of possibilities for 400, but the lack of message doesn’t help to pin down what is going on

is the eks module still being used? https://github.com/pulumi/eks or has it been merged into the aws provider?

It’s still separate.

@creamy-potato-29402 I need a

getCluster

function that provides the kubeconfig. which repo should I file the issue under?

I think the terraform aws provider does give it as an output, so it should be feasible in both

created a PR in the pulumi gcp repo but it’s travis jobs are failing, seemingly due to some CI setup issues, not because of my code: https://github.com/pulumi/pulumi-gcp/pull/53