https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
getting-started
  • b

    billowy-army-68599

    08/10/2021, 4:26 PM
    i answered in some slack threads, but will reiterate here: the 403 error is coming from the AWS API, so it's related to something there. I suspect there are issues related to how you've authenticated to AWS AWS has an article on 403 errors when dealing with S3 buckets: https://aws.amazon.com/premiumsupport/knowledge-center/s3-troubleshoot-403/ there's also a stack overflow answer here: https://stackoverflow.com/questions/26691286/amazon-s3-bucket-returning-403-forbidden
  • b

    billowy-pilot-50934

    08/10/2021, 4:57 PM
    I'm good, I grabbed someone with AWS experience and I missed some permissions in the s3 policy
    🎉 1
  • b

    billowy-pilot-50934

    08/10/2021, 5:00 PM
    Thanks @billowy-army-68599, I missed your response but you were correct. Much appreciated
  • b

    brave-planet-10645

    08/11/2021, 10:07 AM
    Hi folks, in about an hour we're going to be running a webinar on Azure Infrastructure as Software with TypeScript, hosted by Matt Stratton, one of our Developer Advocates. You can join for free here: https://www.bigmarker.com/pulumi/Azure-Infrastructure-as-Software-with-TypeScript-db14f093eacf656ef6cdd7fc
  • a

    alert-mechanic-59024

    08/11/2021, 6:12 PM
    Heya all. I have a few questions regarding the Pulumi K8s Operator (PKO), which I’d really appreciate some feedback on. In no particular order: Does the PKO support checking out the head of branches, rather than specific commits - i.e. follow master (and what is the default branch it uses - it is complaining about not being able to find my master branch); Does PKO support local state management, rather than operating against the Pulumi API? (If so, how does one pass this requirement to the stack CR); I’m getting “Failed to setup Pulumi workdir”,“Request.Namespace”:“default”,“Request.Name”:“bow-poc”,“Stack.Name”:“bow-poc”,“error”:“failed to create local workspace: failed to create workspace, unable to enlist in git repo: unable to checkout branch: object not found”" when attempting to pull down a remote repo. Could someone point me in the right direction, please?
  • f

    famous-train-38484

    08/12/2021, 1:25 PM
    [pulumi_kubernetes][python] Hi folks, I've spent a couple of time trying to implement a resource here using the pulumi. I need to set permission for my volume access like 0755 and then I'm trying to write it on the pulumi script in octal mode like 0o755 but it is not working, the pulumi convert for 755. Does anyone here know how can I work around that?
    p
    b
    • 3
    • 6
  • m

    many-yak-61188

    08/13/2021, 1:43 PM
    QQ: Happy friday everyone, Is there an example of using AWS WAF that someone can share?
    g
    • 2
    • 1
  • w

    wonderful-dress-5700

    08/14/2021, 1:58 AM
    Hi, I am trying to import an exising azure resource group using CLI but get this error
    pulumi import azure:core/resourceGroup:ResourceGroup <resource-group-name> '/subscriptions/<subscriptionId>/resourceGroups/<resource-group-name>'
    Error that I am receiving
    azure:core/resourceGroup:ResourceGroup resource '<resource-group-name>' has a problem: Missing required argument: The argument "location" is required, but no definition was found.. Examine values at 'ResourceGroup.Location'
    Overall I was wondering if there is an easier way to import all the resources in a resource group?
    g
    • 2
    • 2
  • d

    dry-answer-66872

    08/16/2021, 8:44 AM
    Hi All, I have followed along this tutorial "https://www.pulumi.com/docs/tutorials/aws/ec2-webserver/" I was able to create EC2 and able to see in AWS console and able to see the webserver running fine by hittinh in browser or curl The question I have is, how do I connect to that AWS box? It needs a private key and that is kinda missing here, not sure what needs to be done, could be trivial Could someone help me?
    b
    • 2
    • 9
  • w

    wonderful-dress-5700

    08/16/2021, 10:09 AM
    Hi, I have the following code snippet from a Pulumi Azure Native project which creates apim Apis. However the probelms is that it only works the first time and successfully creates the APIs based on swagger but does not update the APIs when the list of exposed APIs from our WebApi changes
    var bookingEngineApi = new Api("api", new ApiArgs
                                {
                                    ResourceGroupName = resourceGroup.Name,
                                    ServiceName = apiManagementService.Name,
                                    ApiRevision = "1",
                                    DisplayName = Settings.ApiManagementApiName,
                                    Path = Settings.ApiManagementApiPathName,
                                    Protocols = { Protocol.Http, Protocol.Https },
                                    Format = "openapi+json-link",
                                    Value = $"https://{Settings.AppServiceName}.<http://azurewebsites.net|azurewebsites.net>"
                                }, new CustomResourceOptions
                                {
                                    DependsOn = apiAppService
                                });
  • a

    acoustic-state-79068

    08/16/2021, 11:43 AM
    Hey there! I am trying out pulumi as a potential alternative for provisioning stuff on AWS via bash scripts and cdk. We already have a lot of resources and I wanted to import a loadbalancer, but I am struggeling to figure out how the import resource name is constructed. I tried the import command over here: https://www.pulumi.com/docs/guides/adopting/import/#pulumi-import-command with something like
    aws:elasticloadbalancing:loadbalancer/LoadBalancer
    (and other variations) without any success. Is there a logical scheme for building those strings? Sample error message
    pulumi import aws:elasticloadbalancing:loadbalancer/LoadBalancer xxxxxxxx xxxxxxxx
    Previewing import (dev)
    
    View Live: <https://app.pulumi.com/xxxxxx/cyanite-api/dev/previews/e94fxxxd-36c4-4xxb-932e-xxx564bef403>
    
         Type                                                   Name                Plan       Info
     +   pulumi:pulumi:Stack                                    xxxxxxxx            create     1 error
     =   └─ aws:elasticloadbalancing:loadbalancer/LoadBalancer  xxxxxxxx            import     1 error
     
    Diagnostics:
      pulumi:pulumi:Stack (xxxxxxxxxxxx):
        error: preview failed
     
      aws:elasticloadbalancing:loadbalancer/LoadBalancer (xxxxxxxxxxxxxx):
        error: Preview failed: unrecognized resource type (Read): aws:elasticloadbalancing:loadbalancer/LoadBalancer
    f
    • 2
    • 3
  • c

    cool-belgium-78445

    08/16/2021, 2:55 PM
    Hi there! I am using Pulumi to create some custom infrastructure and am having trouble accessing the outputs of my resources. On the docs (https://www.pulumi.com/docs/intro/concepts/resources/#dynamic-resource-outputs) it says that what I am doing should be correct, but there is also little mention of how to actually access the outputs, so I could be wrong. This is what my resource and provider look like; am I doing anything wrong?
    class AccountProvider(ResourceProvider):
        def __init__(self, props):
            self.parent_client = Client(props["sid"], props["auth_token"])
        def create(self, props):
            subaccount = self.parent_client.api.accounts.create(friendly_name="{}-{}".format(props["name"], stack))
            return CreateResult(id_=subaccount.sid, outs={'sid':subaccount.sid, 'auth_token':subaccount.auth_token})
        def delete(self, id, props):
            self.parent_client.api.accounts(id).update(status="closed")
    
    class Account(Resource):
        sid: Output[str]
        auth_token: Output[str]
        def __init__(self, name: str, props,  opts: Optional[ResourceOptions] = None):
            super().__init__(AccountProvider(props), name, {"name":name, 'sid':None, 'auth_token':None}, opts)
    
    new_account = Account("new_account1", props=AccountCredentials(sid=account_sid, auth_token=auth_token))
    w
    • 2
    • 25
  • d

    dazzling-island-38975

    08/17/2021, 7:11 AM
    Hi, I'm new to Pulumi and I'm trying to use pulumi with azure durable functions. the language I'm using is typescript. Can I have the guidance to start this or relevant tutorials or documentation to follow?
    b
    • 2
    • 1
  • a

    ancient-night-64850

    08/17/2021, 5:39 PM
    How can I append to this array? public static tags: pulumi.Input<{[key: string]: pulumi.Input<string>}>; I would like to do something like tags.append("my_key", "my_value");
  • s

    stocky-magazine-78486

    08/18/2021, 12:11 PM
    Hi, (newbie question maybe), I use Pulumi to create dynamodb table. Now it auto-renames by appending a random number to my db name. I know it can be avoided by providing “name” field, but without that, how can I access the random generated table name from within my lambda?
    w
    • 2
    • 7
  • s

    stocky-magazine-78486

    08/18/2021, 1:28 PM
    How can I have multiple ManagedPolicies per role? This only allows me to add one. I wish to add both [aws.iam.ManagedPolicies.AWSLambdaBasicExecutionRole, aws.iam.ManagedPolicies.AmazonDynamoDBFullAccess]
    const role = new aws.iam.Role("callout-role", {
      assumeRolePolicy: `{
      "Version": "2012-10-17",
      "Statement": [
        {
          "Action": "sts:AssumeRole",
          "Principal": {
            "Service": "<http://lambda.amazonaws.com|lambda.amazonaws.com>"
          },
          "Effect": "Allow",
          "Sid": ""
        }
      ]
    }
    `
    });
    
    new RolePolicyAttachment("callout-dynamodb-policy",
      {
        role: role,
        policyArn: aws.iam.ManagedPolicies.AmazonDynamoDBFullAccess
      });
    When I tried one
    new RolePolicyAttachment
    after the other, only the last one got picked!
  • b

    busy-house-95123

    08/18/2021, 6:28 PM
    hey đź‘‹ , is there a way to programmatically get the secret value in a nested data structure in configs: example: pulumi config set --path alex:db.admin.password test1234 --secret would create something like:
    <project_name>:db:
      admin:
        password:
          secure: AAABAKBt+0VMEPjInyCkjGfqcxu3TwrYr26RybtkL/NXo+iqVsUdEyBzKll/wZ7ZIVszYGBqy8o=
    I could of course flatten this by not using the --path, and then I could use require_secrets. I’m wondering if this possible to do without flattening it.
    g
    • 2
    • 2
  • w

    white-cat-90296

    08/19/2021, 10:29 AM
    Hi there, I'm new here đź‘‹ I was following the Pulumi API Gateway tutorial (this one https://www.pulumi.com/docs/tutorials/aws/rest-api/ ) and I was wondering what would be the best way for me to use external packages in the lambda function. Here:
    {
                path: "/source",
                method: "GET",
                eventHandler: (req, ctx, cb) => {
                    cb(undefined, {
                        statusCode: 200,
                        body: Buffer.from(JSON.stringify({ name: "AWS" }), "utf8").toString("base64"),
                        isBase64Encoded: true,
                        headers: { "content-type": "application/json" },
                    })
                }
            }
    g
    m
    f
    • 4
    • 6
  • m

    modern-egg-24060

    08/21/2021, 11:17 PM
    @here Has anyone seen this bug, https://github.com/pulumi/pulumi-aws/issues/1605? I am trying to import an ec2 instance but it fails due to ami parameter
    s
    s
    • 3
    • 7
  • g

    gifted-bird-61963

    08/24/2021, 6:37 PM
    Is it possible to run pulumi new against a template on the file system (as opposed to a repository or canned template)? I found the PULUMI_TEMPLATE_LOCATION environment variable in source, but I can't figure out how to use it... or if it's even supposed to be used.
    g
    • 2
    • 6
  • s

    straight-teacher-66836

    08/26/2021, 3:06 PM
    Hi There, i am working on pulumi stack and automation. I forgot my stack passpharse , need to reset or remove. Any pointers? Getting below error.
    error: getting secrets manager: passphrase must be set with PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE environment variables
  • g

    gorgeous-angle-43463

    08/26/2021, 9:23 PM
    I do not see a VMware specific channel, but I am provisioning servers using pulumi-vsphere and it works great, but there is a cloud-init bug that causes my static assigned network configuration to be reverted to DHCP on reboot. I am trying to avoid baking a script into my template for this, but am wondering if anyone has any ideas to possibly apply a file change post initial startup as the solution to the bug suggests?
  • a

    ambitious-battery-86624

    08/28/2021, 12:30 PM
    What's the best way to test dynamic/custom resources?
    g
    • 2
    • 5
  • f

    fresh-librarian-34748

    08/30/2021, 3:19 AM
    Hi, I found that
    pulumi update
    always want to update
    nodeLaunchConfiguration
    of
    eks:index:Cluster
    after days, which will restart all k8s nodes after enable. Do I miss some configuration that should be declared to pin it? Here is some logs:
    pulumi up --cwd infra --stack staging
    Previewing update (staging)
    
    View Live: <https://app.pulumi.com/Ma233/fiora/staging/previews/29e82764-6253-4f0d-9b22-f571eb3c75b3>
    
         Type                                  Name                          Plan        Info
         pulumi:pulumi:Stack                   fiora-staging                             2 messages
         └─ custom:resource:EKS                jace
            └─ eks:index:Cluster               jace
     +-        ├─ aws:ec2:LaunchConfiguration  jace-nodeLaunchConfiguration  replace     [diff: ~imageId]
     ~         └─ aws:cloudformation:Stack     jace-nodes                    update      [diff: ~templateBody]
    
    Diagnostics:
      pulumi:pulumi:Stack (fiora-staging):
        W0830 11:13:24.710750   94282 transport.go:260] Unable to cancel request for *exec.roundTripper
    
        W0830 11:13:24.927600   94285 transport.go:260] Unable to cancel request for *exec.roundTripper
    
    
    Do you want to perform this update? details
      pulumi:pulumi:Stack: (same)
        [urn=urn:pulumi:staging::fiora::pulumi:pulumi:Stack::fiora-staging]
                ++aws:ec2/launchConfiguration:LaunchConfiguration: (create-replacement)
                    [id=jace-nodeLaunchConfiguration-6cc66d3]
                    [urn=urn:pulumi:staging::fiora::custom:resource:EKS$eks:index:Cluster$aws:ec2/launchConfiguration:LaunchConfiguration::jace-nodeLaunchConfiguration]
                    [provider=urn:pulumi:staging::fiora::pulumi:providers:aws::default_4_14_0::9f1d7127-76df-4224-b36c-9fc9ec0e7da3]
                  ~ imageId: "ami-075bfc7d8a7e81bc5" => "ami-0d29b23a29ababad8"
                +-aws:ec2/launchConfiguration:LaunchConfiguration: (replace)
                    [id=jace-nodeLaunchConfiguration-6cc66d3]
                    [urn=urn:pulumi:staging::fiora::custom:resource:EKS$eks:index:Cluster$aws:ec2/launchConfiguration:LaunchConfiguration::jace-nodeLaunchConfiguration]
                    [provider=urn:pulumi:staging::fiora::pulumi:providers:aws::default_4_14_0::9f1d7127-76df-4224-b36c-9fc9ec0e7da3]
                  ~ imageId: "ami-075bfc7d8a7e81bc5" => "ami-0d29b23a29ababad8"
                ~ aws:cloudformation/stack:Stack: (update)
                    [id=arn:aws:cloudformation:us-east-2:145889354582:stack/jace-3b8b0f53/742364d0-f6cc-11eb-a94f-0a909640e19a]
                    [urn=urn:pulumi:staging::fiora::custom:resource:EKS$eks:index:Cluster$aws:cloudformation/stack:Stack::jace-nodes]
                    [provider=urn:pulumi:staging::fiora::pulumi:providers:aws::default_4_14_0::9f1d7127-76df-4224-b36c-9fc9ec0e7da3]
                  ~ templateBody: "\n                AWSTemplateFormatVersion: '2010-09-09'\n                Outputs:\n                    NodeGroup:\n                        Value: !Ref NodeGroup\n                Resources:\n                    NodeGroup:\n                        Type: AWS::AutoScaling::AutoScalingGroup\n                        Properties:\n                          DesiredCapacity: 2\n                          LaunchConfigurationName: jace-nodeLaunchConfiguration-6cc66d3\n                          MinSize: 2\n                          MaxSize: 10\n                          VPCZoneIdentifier: [\"subnet-00863d16d1e2634bd\",\"subnet-0a90bf1f4ab7acfe7\"]\n                          Tags:\n                          \n                          - Key: Name\n                            Value: jace-worker\n                            PropagateAtLaunch: 'true'\n                          - Key: <http://kubernetes.io/cluster/jace\n|kubernetes.io/cluster/jace\n>                            Value: owned\n                            PropagateAtLaunch: 'true'\n                        UpdatePolicy:\n                          AutoScalingRollingUpdate:\n                            MinInstancesInService: '1'\n                            MaxBatchSize: '1'\n                " => output<string>
                --aws:ec2/launchConfiguration:LaunchConfiguration: (delete-replaced)
                    [id=jace-nodeLaunchConfiguration-6cc66d3]
                    [urn=urn:pulumi:staging::fiora::custom:resource:EKS$eks:index:Cluster$aws:ec2/launchConfiguration:LaunchConfiguration::jace-nodeLaunchConfiguration]
                    [provider=urn:pulumi:staging::fiora::pulumi:providers:aws::default_4_14_0::9f1d7127-76df-4224-b36c-9fc9ec0e7da3]
    👍 1
    b
    b
    • 3
    • 2
  • v

    victorious-tomato-90057

    08/31/2021, 3:41 AM
    👋 I’m here!
    🎉 1
    đź‘‹ 3
  • a

    ancient-night-64850

    09/01/2021, 8:13 PM
    message has been deleted
  • b

    breezy-piano-61073

    09/01/2021, 8:26 PM
    anyone know how to remove a stack output from an old resource? I was working through some code and added a bucket a while back that got removed from the stack but somehow after running “pulumi up” I still get the output listed even thought the resource is no longer there. I can’t delete it from the stack as it does not have a urn. I could edit the state file to remove it, but I’d like to do that through a pulumi command (if possible)
    âžś pulumi up -y
    Previewing update (dai-shared-dev-us-west-2):
         Type                 Name                                 Plan     
    ...     
     
    Resources:
        7 unchanged
    
    Updating (...):
       Type  Name  Status     
     
    Outputs:
      - bucket_name: "my-bucket-57931f5" <- ##### HOW TO REMOVE THIS?
    
    Resources:
        7 unchanged
    
    Duration: 1s
    • 1
    • 1
  • d

    dazzling-angle-45051

    09/02/2021, 10:23 AM
    Hey there! Quick / simple question from a Pulumi beginner: what is the recommended scope of Pulumi projects? Should I put a Pulumi.yaml along my application code, or should I have another central repository with all things related to Pulumi?
    p
    • 2
    • 2
  • b

    better-noon-15962

    09/03/2021, 12:33 PM
    Hi guys, is there a way to force using a secret-provider when initializing a stack? Ex, when executing
    pulumi stack init my-stack
    to use
    <hashivault://my-secret>
    by default without having to specify
    --secrets-provider="<hashivault://payroll>"
    everytime. Or is there a way to prevent initializing a stack using the passphrase strategy? Thanks!
    g
    • 2
    • 1
  • m

    many-yak-61188

    09/03/2021, 7:01 PM
    đź‘‹ I'm using this very basic example of creating a docker image and pushing to ECR
    const image = repo.buildAndPushImage({
      context: '../',
    });
    I looked for example and documentation, but could not find an example of how to specify a label for the image - for instance i'd like to label the image
    api
    Does anyone have any pointers? much appreciated ty
    g
    • 2
    • 2
Powered by Linen
Title
m

many-yak-61188

09/03/2021, 7:01 PM
đź‘‹ I'm using this very basic example of creating a docker image and pushing to ECR
const image = repo.buildAndPushImage({
  context: '../',
});
I looked for example and documentation, but could not find an example of how to specify a label for the image - for instance i'd like to label the image
api
Does anyone have any pointers? much appreciated ty
g

great-queen-39697

09/07/2021, 4:22 PM
Are you looking to label the image (as in add a bit of metadata to the image) or actually set the name of the image in your registry? If you're labeling, I'd set it in the Dockerfile itself.
m

many-yak-61188

09/08/2021, 3:33 AM
hey laura, thanks for the response. I'm looking to add metadata and implement lifecycle policies based on that
View count: 3