I’m writing a rollback script for some AWS services provisioned in Pulumi. Right now I have a (fragile) bash script that parses

pulumi stack output

for various resource identifiers. I’d prefer to write the script in Python where I can actually import the relevant values, but I’m not sure if there’s a way to do this. Any guidance here? Thanks!

Hi, I'm using the new azure-native provider and I'm trying to bind a managed certificate to a custom domain (within a webapp), but I'm missing "CertificateBinding" (https://www.pulumi.com/docs/reference/pkg/azure/appservice/certificatebinding/#certificatebinding) from the old provider... I have absolutely no clue how to do this with the native provider, any hint appreciated, thx!

I am trying to use a s3 bucket as a backend for storing state. When I use

local

as a backend, I can successfully provision AWS resources, but when I try to setup a s3 backend, I get the below error. I can read/write to the bucket via AWS CLI. I have also tried using a fully public bucket (for debugging only) and got the same error. Any advice would be greatly appreciated

error: could not create stack: An IO error occurred while writing the new snapshot file: blob (key ".pulumi/stacks/dev.json") (code=Unknown): AccessDenied: Access Denied
        status code: 403, request id: XXXXXXXXXXXXX, host id: XXXXXXXXXXXXXXXXXXXXXX

Hi all, I am wondering if there’s a way to detect drift if some resource has been manually altered? As an example, I created a gcs bucket with pulumi and then manually added a label, running

pulumi refresh

says there are no changes? This is something that I would expect cfn to catch, is that not possible? Maybe I am misunderstanding the purpose of the

refresh

command. Just experimenting with

pulumi

at the moment

Hello everyone. I'm looking to adopt pulumi, and would like to serve static websites via AWS Amplify. I noticed there's no official support yet (on TF AWS provider as well) - and really curious what's the path when these issues rise in the future? is there a best practice to add unofficial support? thanks

I’m trying to understand if I’m doing something wrong or right in my code organization. I have a place in my code i’m creating an AWS Route Table. At that place in my code, I do a ctx.Export(“route_table_id”, rt.ID()) Later in a different function, I want to access this previously exported route table ID — so I started with using NewStackReference()… but it seems to fail an internal error / traceback when I try to use that ID. Is there a better way to “import” a resource that may be in the “current” stack?

Hi, I am finding pulumi is not doing things it says it will in the preview. i.e preview shows

Resources:
    + 17 to create
    - 2 to delete
    19 changes. 8 unchanged

and after the update it shows

Resources:
    + 15 created
    8 unchanged

two things have failed to create so the +15 is expected but pulumi has made no attempt to delete the resources and no error is mentioned regarding the resources to be destroyed. Am i misunderstanding something?

Morning, quick question: what is the best way to export a resource properties as output from a stack and consume it in another stack?

When using S3 backend, do I need to use

pulumi logout

when I'm changing stacks?

It feels so clunky after using the native dashboard 😅

Anyone happen to know what

The _unique_ provider ID of the resource to lookup.

might be alluding to on this provider: https://www.pulumi.com/docs/reference/pkg/azuredevops/user/?

Hey guys. Really stupid questions that its getting me crazy. Looked over the whole documentation, but didn't find how to do it. And even in some previous messages the same question was asked, but without getting clear how to solve it... I exported a specific output in some part of my stack, like:

pulumi.export("network.vpc.id",vpc.id)

How do i, in a separate part of the same stack can retrieve that exported property? All within the same stack. I've tried with StackReference, but since i'm within the same stack i want to reference i got a "resource registered twice" error msg

Hello - I'm very new to Pulumi, and am playing around with creating an AWS ECS cluster. I've got stuck with trying to configure the application load balancer. I want to define a rule that checks the request host header, so only a specific domain name routes to a given fargate service. The listener action args wants a

targetGroupArn

but I can't see what to pass in there. I'm using AWS crosswalk - is that limited in terms of what I can configure? Can anyone point me to docs/tutorials on more complex load balancer config please?

This is probably a really noob question. The "getting started" azure-csharp tutorial generates unique names by appending random alphanumerics at the end of the names for the resources. Is it possible to prevent that / force the naming to follow a different convention such as a set prefix on all the resources?

I am trying to deploy certmanager into an EKS cluster using helm but am running into issues with CRD creation (if think b/c of the complexity of the CRDs for certmanager). I have been looking into the crd2pulumi CLI tool, but no joy trying to follow the related examples. Does anyone have any docs or examples of a working setup?

I’m having an issue with helm chart v3 installation… The documented example works, but I’m getting an error when trying to install kube-state-metrics…

Exception: invoke of kubernetes:helm:template failed: invocation of kubernetes:helm:template returned an error: failed to generate YAML for specified Helm chart: failed to pull chart: chart "prometheus-community/kube-state-metrics" version "3.0.1" not found in <https://prometheus-community.github.io/helm-charts> repository

def deploy_kube_state_metrics(k8s_provider):
    from pulumi_kubernetes.helm.v3 import Chart, ChartOpts, FetchOpts
    def fix_crd_issue(obj, opts):
        # <https://github.com/pulumi/pulumi-kubernetes/issues/800>                                                                
        # also, <https://github.com/pulumi/pulumi-kubernetes/issues/1541>                                                         
        if obj["kind"] == "CustomResourceDefinition" and obj.get("status"):
            del obj["status"]
    Chart(
        "kube-state-metrics-helm-chart",
        config=ChartOpts(
            chart="prometheus-community/kube-state-metrics",
            version="3.0.1",
            namespace="kube-state-metrics",
            fetch_opts=FetchOpts(
                repo="<https://prometheus-community.github.io/helm-charts>",
            ),
            transformations=[fix_crd_issue],
        ),
        opts=pulumi.ResourceOptions(provider=k8s_provider),
    )

Hi everyone, I have a noob question about deploying to Kubernetes. How do I set the namespace and cluster to deploy into? Pulumi keeps trying to deploy in the "default" namespace, which I don't have permissions on. Setting my namespace like so didn't seem to do anything:

metadata=ObjectMetaArgs(labels=app_labels, namespace="mynamespace")

Thanks a lot in advance!

Hello everyone. I’m trying to understand `StackReference`s. The docs refer to “fully qualified” stack names. I’m trying to understand how that works for a self-managed backend (say S3). For example, in a self-managed backend, what would the

organization

reference?

Hello friends, I want to try CI/CD Integration Assistant in Pulumi 3.0. However, I can't find the entrance. May you send me the entrance or the guide docs? thx!

Any ideas what I may be missing here? Pulumi new times out. I’ve got

AWS_PROFILE

set

❯ pulumi login
Logged in to JHARRI-GCE12086 as jake.harris (s3://***/api-sendmail/)

❯ pulumi new kubernetes-typescript --force
This command will walk you through creating a new Pulumi project.

Enter a value or leave blank to accept the (default), and press <ENTER>.
Press ^C at any time to quit.

project name: (pulum)
project description: (A minimal Kubernetes TypeScript Pulumi program)
Created project 'pulum'

stack name: (dev)

Sorry, could not create stack 'dev': could not create stack: An IO error occurred while writing the new snapshot file: blob (key ".pulumi/stacks/dev.json") (code=Unknown): InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.

Hi everyone, I want to know how to implement 'pulumi import' via pulumi automation api. I didn't find the relative api, so I have to use runPulumiCmd api to execute it.

Hi, I created a Project and a Stack. Locally, I'm able to successfully run a

pulumi up

, but when I try to run the same Stack in an Azure DevOps pipeline, it fails with this message:

error: getting secrets manager: passphrase must be set with PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE environment variables

The walkthrough mentions nothing about that and also adding that variable with an arbitrary value doesn't have any effect. Any clues?

I have a somewhat non-standard setup whereby I have a GCP project for each environment (dev, staging, prod, etc) containing resources like Pub/Sub topics for that environment, but all databases and compute are in the production project (to save money on K8s cluster fees etc) What would be the best way of setting this up? Currently I'm thinking that the best way would be to have a stack for each of the environments which contains the common stuff, and then to have a single standalone stack that contains the additional resources for production; not sure if there's a better way though, so would appreciate any suggestions for this

Hi, as an input to a CloudFormation template, it takes an array of string Subnet IDs, as a parameter to the Template. (can’t control this). So, I have my two subnet objects, but I can’t figure out how to reasonablly combine them into a single StringInput?

// not valid, but basically what I want to do:
		strings.Join([]string{subnetA.ID(), subnetB.ID()}, ",")


		// howto convert this into "foo,bar" (comma separated string)
		subnetsIDs := pulumi.StringArray{subnetA.ID(), subnetB.ID()}.ToStringArrayOutput().ApplyT(func(input []string) string {
			return strings.Join(input, ",")
		})
		// subnetsIDs is not a StringInput??

Still slogging away with ado (don’t worry my k8s questions are coming soon 😅) This time I can’t figure out how I’m supposed to coerce an output into a number, and the example from docs appears to be broken. (PR forthcoming)

Hi everyone, I want to use ‘pulumi import’ with --parent. However, there is few examples and the urn is hard to concat. I would appreciate it if you give me some cases using 'pulumi import ... --parent', especially with aws lambda.

👋 Our Software Engineering team at WhereIsMyTransport have recently completed a study comparing Terraform and Pulumi and we decided to adopt Pulumi as our default tool for IaC!

Just followed the getting started guide (aws-go)... after years of utter frustration with Terraform (and its non-intuitive model for more complex setups)... I have seen the light with Pulumi! Awesome!!!!

what's a good way to organize multiple stacks inside a project? would each stack equate to a

git

branch?