• a

    adamant-father-26302

    3 months ago
    I'm trying to use the newly released awsx for golang (
    go get <http://github.com/pulumi/pulumi-awsx/sdk|github.com/pulumi/pulumi-awsx/sdk>
    ), but getting below error when using it in code
    error: no resource plugin 'pulumi-resource-awsx' found in the workspace at version v1.0.0-testplsignore.0 or on your $PATH, install the plugin using `pulumi plugin install resource awsx v1.0.0-testplsignore.0`
    any solutions to that? (tried
    pulumi plugin install resource awsx v1.0.0-beta.7
    but did not help)
    a
    4 replies
    Copy to Clipboard
  • f

    famous-needle-81667

    3 months ago
    Hello everyone, trying to port some changes from Terraform to Pulumi and run into an issue: This is EC2 instance spec in terraform. I have a templated bash script into which I inject loadbalancer DNS name.
    user_data                   = base64encode(
        templatefile("../templates/bash_script.sh.tftpl", {
            internal_lb_dns_name = aws_lb.aws-internal-load-balancer.dns_name
          }
        )
      )
    How to achieve similar results with pulumi? If it was not a templated file it would be easy, namely:
    UserData:            pulumi.StringPtr(base64.StdEncoding.EncodeToString(bashScriptContent))
    However, I need to inject some variables into that script that will be known once some resources got created. Any help would be appreciated, this is a part of my Master's Degree thesis and it would be a shame that this cannot be solved in Pulumi 😄 //EDIT, I'm writing in Golang
    f
    f
    3 replies
    Copy to Clipboard
  • w

    worried-queen-40276

    3 months ago
    Hello All, How can I get the oidcProvider for aws eks in python? I saw the equivalent code in
    .ts
    is
    // Create a Kubernetes cluster.
    const cluster = new eks.Cluster('mlplatform-eks', {
      createOidcProvider: true,
    });
    
    cluster.core.oidcProvider.arn
    cluster.core.oidcProvider.url
    However, I do not see any exposed method for python? Am I missing something? I can do the same thing from aws cli but I need to do it programmatically from within pulumi to create components for another assume-policy component.
    aws eks describe-cluster --name mlp-mlops-eksCluster-c2aab22 --query "cluster.identity.oidc.issuer" --output text
    <https://oidc.eks.us-west-1.amazonaws.com/id/ABCFDRREJJKJEFBD0D4EABB3D90A>
    aws iam list-open-id-connect-providers | grep ABCFDRREJJKJEFBD0D4EABB3D90A
    "Arn": "arn:aws:iam::XXXXXXX:oidc-provider/oidc.eks.us-west-1.amazonaws.com/id/ABCFDRREJJKJEFBD0D4EABB3D90A"
  • m

    most-jordan-25674

    3 months ago
    I’m creating a task definition for AWS ECS, and I need to provide a string with my task environment variables inside. I want to use a pulumi config secret, but when I get that secret I get an Output which can’t be put into the string. Do any of you have suggestions for how to get this secret in string form?
  • f

    fancy-jelly-16159

    3 months ago
    Hello All. I'm trying to import an existing google cloud ServiceAccount using the latest google-native v0.19.1 plugin and am failing. As I'm new to Pulumi, I'm coding in golang a hybrid "query existing resources and pass them to the corresponding New calls as an import" in my Pulumi program. This lets me play around with both the query/get side and the upsert side. Note: please forgive the variable prefixes... p is for pulumi to differentiate other model spaces from which I'm drawing while I get my bearings. Note: Also, I'm
    <eliding>
    specific info where necessary, I hope keeping the gist of it clear.
    var pServiceAccountOptions []pulumi.ResourceOption
    var pServiceAccount *pulumiIAM.LookupServiceAccountResult
    if pServiceAccount, err = pulumiIAM.LookupServiceAccount(pctx, &pulumiIAM.LookupServiceAccountArgs{
        Project:          "<my-actual-google-project-id>",
        ServiceAccountId: "<my-actual-service-account-id>",
    }); err != nil {
        err = nil // Don't propagate an error, but don't try to import it.
    } else {
        // Import it.
        // This works, and we get the pServiceAccount
        pServiceAccountOptions = append(pServiceAccountOptions, pulumi.Import(pulumi.ID(<WHAT-HERE>)))
    }
    The query works, and I'm trying to set up the ResourceOption to import into a following iam NewServiceAccount call (not shown here). I've tried many properties and variants taken from the pServiceAccount for <WHAT-HERE>, but I get:
    =  google-native:iam/v1:ServiceAccount projects/<project-id>/serviceAccounts/<service-account-id>@<project-id>.<http://iam.gserviceaccount.com|iam.gserviceaccount.com> import
     =  google-native:iam/v1:ServiceAccount projects/<project-id>/serviceAccounts/s<service-account-id>@<project-id>.<http://iam.gserviceaccount.com|iam.gserviceaccount.com> import error: Preview failed: property "projectsId"/"project" not found
     +  pulumi:pulumi:Stack <my-stack> create error: preview failed
     =  google-native:iam/v1:ServiceAccount projects/<project-id>/serviceAccounts/<service-account-id>@<project-id>.<http://iam.gserviceaccount.com|iam.gserviceaccount.com> import 1 error
     +  pulumi:pulumi:Stack <my-stack> create 1 error
    Note: If I do NOT use the resource import option, the preview shows that a new service account would be created. I've done the same approach with other resources, and it works, but I know that Service Accounts are an odd beast with respect to identifiers. What am I doing wrong here? What does <WHAT-HERE> need to be?
  • w

    worried-queen-40276

    3 months ago
    Hi All, How can I use the bucket name inside a inline policy json using pulumi in python e.g.
    mlflow_s3_policy = aws.iam.RolePolicy("mlflow_s3_policy",
                                          role=mlflow_s3_role.id,
                                          policy=json.dumps({
                                              "Version": "2012-10-17",
                                              "Statement": [{
                                                  "Action": "*",
                                                  "Effect": "Allow",
                                                  "Resource": mlflow_bucket.bucket.apply(lambda bucket_name: f'arn:aws:s3:::{bucket_name}/*'),
                                              }],
                                          }))
    I get the following error
    TypeError: Object of type Output is not JSON serializable
    w
    w
    3 replies
    Copy to Clipboard
  • w

    worried-gold-55244

    3 months ago
    Hi All, Is it possible to detect if a resource is going to be replaced/deleted ? I need to trigger some logic in case a resource is going to be replaced
    w
    1 replies
    Copy to Clipboard
  • t

    thankful-coat-47937

    3 months ago
    how can I get config data into serialized pulumi functions. for example like
    cfg.requireSecret()
    . currently it just serializes the literal function, but not the value
    t
    l
    2 replies
    Copy to Clipboard
  • s

    salmon-printer-16080

    3 months ago
    Still looking for a fix for enabling Azure managed certificates on a Web App - specifically using a traffic manager in front of the endpoints which allows https.
    s
    c
    11 replies
    Copy to Clipboard
  • c

    crooked-sunset-90921

    3 months ago
    Anyone know how to get the currently configured azure-native location? The config file has: config: azure-native:location: eastus2 But I can't figure out how to access it programmatically... any ideas?
    c
    a
    +1
    11 replies
    Copy to Clipboard