If I’m getting outputs Marked as [Secret] even when they shouldn’t be…. is there a way to “unmark” something as a secret?

hi all, Just join the slack forum for pulumi, I would like to ask Is there any example code to add keypair to instance ec2 aws (i hope example in golang :)) Thanks a lot

hey, another newbie. trying out pulumi and i can't figure out how i add a private service connection to my network (to connect to cloud sql etc.)

hey folks, looking for a little help here. i have a new stack and i always get this error when i run

pulumi up

, regardless of what i rename my stack to:

error: Duplicate resource URN '<name>'; try giving it a unique name

Hi. I’m trying to pass variables in the EC2 userdata but it’s not pulling the values. What could be the issue?

region = aws.get_region()

user_data = f"""
#!/bin/bash
sudo systemctl start docker
$(aws ecr get-login --no-include-email --region {region})
docker pull {ecr.repository_url}:latest

~ userData: "88b7a8609501c5a4f07efd83f5a4c10be14d0405" => "\n#!/bin/bash\nsudo systemctl start docker\n$(aws ecr get-login --no-include-email --region <pulumi_aws.get_region.AwaitableGetRegionResult object at 0x10a8adb20>)\ndocker pull <pulumi.output.Output object at 0x10af258b0>:latest

Hi - I’m trying to create a stack on digitalocean - a droplet that mounts a data volume. The stack fails to update to a new droplet and attach the volume because the volume is already mounted to the old droplet, and digitalocean only allows volumes to be mounted to one droplet at a time. I think I essentially need to change the order of updates: first destroy the old droplet, then create the new droplet. Is this possible? Nevermind, found it: https://www.pulumi.com/docs/intro/concepts/resources/#deletebeforereplace

Hi. Is it possible to use Pulumi with AWS Kinesis and Lambda?

I couldn't find how to consume and produce messages to Kinesis

Hi Pulumi/ all - I am trying to setup a Yaml pipeline in Azure DevOps (baby steps) to work towards including Pulumi in my pipeline. I can do the commands in my local powershell- however when I build my pipeline and come to this section of code: - task: AzureCLI@2       inputs:         azureSubscription: 'DigitalTech (*)         scriptType: 'ps'         scriptLocation: 'inlineScript'         inlineScript: |           pwd            pulumi whoami                      pulumi stack select H**/postcodelookupmvp/t**           pulumi up         workingDirectory: '$(System.DefaultWorkingDirectory)/pulumi' The pipeline fails. I added in "Pulumi whoami" and discovered that the pipeline is building under another persons account (who has now left the business and I cant give access to my stack). Any clues how to fix this ? Apologies if this is a BTEC question... its only day 2 of implementing Pulumi

Hey all, Luis here, we are in the process on evaluating switching from AWS CDK to Pulumi 🙂

we are using heavily python for CDK and for other Infra/DevOps related projects, but some people recommend using TS with Pulumi due to being the primary development language in the documentation and articles, is there any benefit or pro on using TS instead of Python?

Hi all! I started using the pulumi github action for PRs (with PR Comments) https://www.pulumi.com/docs/guides/continuous-delivery/github-actions/#comments-by-github-actions The bot instead of commenting the short description like in the picture (I guess is a

pulumi preview --supress-outputs

) adds the all output. The step is pretty similar to the example

- uses: pulumi/actions@v3
        with:
          command: preview
          stack-name: dev
          comment-on-pr: true
          github-token: ${{ env.GITHUB_TOKEN }}
          work-dir: ${{ env.working-directory }}
        env:
          PULUMI_ACCESS_TOKEN: ${{ env.PULUMI_ACCESS_TOKEN }}

Can someone help me with this?

Hey guys, I am trying to wrap (bridge) the Databricks Terraform provider to use in Pulumi. I have managed to build the SDKs I need (https://github.com/tksrc/pulumi-databricks/tree/main/sdk/python) but now I am stuck on how to install the SDK. Is there a process or a documentation somewhere I can follow? I noticed that all plugins under ~/.pulumi/plugins are binaries. That makes me think I need to somehow get my SDK to compile to a binary? Thanks!

You can ignore the above. I didn’t see the bin folder…. All good now 🙂

Hi. I setup multiple pulumi lambda functions, but when I enter amazon's lambda console I don't see any function

that is weird. I thought pulumi supposed to create lambda resources.

what am I smissing?

ohh nevermind I used the wrong region on AWS lol

Hi all, I’m new here and trying to learn pulumi now. I am wondering if pulumi supports M1 macbooks because I tried the “Get Started: Set Up Your Environment” on the dashboard and when

pulumi up

I got the error saying

error: transport is closing

. I did the same on my older non-M1 macbook and it succeeded. Only the difference was the hardware so I wonder 😕 I chose GCP and python.

Is it possible to see the value of secrets created using pulumi config from within the pulumi console? At the moment if I have a dictionary/map in the config file and one value is a secret the whole dictionary gets hidden from view which is obscuring a lot more than just the "secret" information.

Hello Everyone, I have a question is it possible to create custom providers in Pulumi? can someone direct me into the documentation for custom resources or some examples in github? I am trying to find an alternative to https://github.com/chrisUsick/terraform-provider-ping that will work in pulumi

Hi there. I'm working with aws-python, and I've successfully created an EC2 instance. I now have put a loop around that logic, ensured that each object has a unique name, but I only get the first instance to verify upon pulumi up. Guidance would be appreciated. TIA.

Hi everyone, I'm just getting started with Pulumi and have hit a snag. I need to generate an SAS token for a Blob in an Azure storage container, but can't see anything in the "Azure Native" namespace to do it. I notice "Azure Classic" has methods to create a SAS token for the storage account or the container but nothing for an individual blob object. I'm also not sure whether we are supposed to still be using the "Azure Classic" package or whether everything should be done with "Azure Native" from now on? Either way I can't find anything that will do what I want. Any ideas anyone? TIA

Has anyone come up with workarounds for <https://developers.cloudflare.com/workers/platform/languages>? They use v8 JS engine instead of node so that eliminates JS. Going to look at trying to use golang -> wasm but I may end up having to changing serverless platforms...

I come from Terraform and am evaluating Pulumi vs Terraform's CDK (this is my first day trying it out) and I want to use Pulumi to provision resources in 3 separate AWS accounts that is managed under the same AWS Organization -

play

,

dev

, and

prod

.

play

can contain anything - it's a place for experimentation

dev

contains dev deployments of our API (perhaps different feature/hotfix branches), other internal dev tools

prod

contains the tested version of our API How should I be organizing my code? 1) Use a single project and create the following stacks:

<org>/<project>/prod/infra

<org>/<project>/prod/api

<org>/<project>/dev/infra

<org>/<project>/dev/api/featureX

<org>/<project>/dev/api/featureY

<org>/<project>/dev/api/bugA

<org>/<project>/dev/api/bugB

<org>/<project>/play

But then I would have to add a lot of conditional statements in my program so that they are only deployed into the right stack. 2) Use a separate project for each environment and concern. Define my API and infrastructure as separate Component Resources (https://www.pulumi.com/docs/intro/concepts/resources/#components) and 'import' them into each project.

| project | sub-project | stack    |
    |---------|-------------|----------|
    | prod    | infra       | infra    |
    | prod    | api         | api      |
    | dev     | infra       | infra    |
    | dev     | api         | featureX |
    | dev     | api         | featureY |
    | dev     | api         | bugA     |
    | play    | infra       | infra    |
    | play    | any         | any      |

I understand that projects and stacks are designed to be flexible, but I would appreciate a bit of guidance. I get the feeling that the examples in the documentation expects parity between dev and prod - you deploy this project in dev, and then deploy the same project in prod. How do you organize the code when dev and prod are somewhat different (e.g. internal tools only deployed in dev) but also somewhat similar (e.g. networking)? Thanks in advance for any help you can provide 🙇

Need Help!!!!! Hi Looking for example how to connect Network security Group to Network interface and how to add multiple rules in NSG using python for development of Azure I am pulumi learner Help me out

Hi 👋! I’m new to Pulumi but I’ve generally found the onboarding experience and docs to be great! However, I’ve got a little stuck setting up continuous delivery. Some context: • We have an app that historically has been mostly serverless in nature. • We’re currently using AWS amplify to codegen and deploy cloud formation stacks. • For a few (off topic) reasons we’re looking move away from amplify and bring in some more container based services I’m currently trying out Pulumi and trying to set up CI/CD to match our current workflow. The main sticking point is “Preview Builds” (ie stacks that are created when you open a PR and destroyed when you close it) Two Questions 1. I was a little surprised that this pattern wasn’t covered in the blogs or the docs. Is there a reason for this? 2. It looks like I’d have to do some scripting to get things to work. Is this approach (medium article) still valid?

Hello! I'm pretty new to pulumi (it's awesome so far!) and I'm using AWS and Go. I'm trying to create a VPC and a subnet at the same time and am having trouble figuring out how to do it. I'm sure it's a simple issue. I'm not able to figure out what value to use for the

VpcId

in the

&ec2.SubnetArgs{}

and I'm not finding examples. The examples I have found in Go illustrate looking up an existing VPC, where other languages show the exact example I'm trying to accomplish. Example code follows. I have tried using different things for

VpcId

such as

platformVpc.ID()

(which is what I would use in

ctx.Export()

) and messed with

ApplyT

a bit, but I can't seem to figure out how to convert it to a string. Any help would be greatly appreciated!

// Create VPC
		platformVpc, err := ec2.NewVpc(ctx, "my-awesome-vpc", &ec2.VpcArgs{
			CidrBlock: pulumi.String("10.99.0.0/16"),
		})
		if err != nil {
			return err
		}

		platformVpcSubnetA, err := ec2.NewSubnet(ctx, "my-awesome-subnet-a", &ec2.SubnetArgs{
			VpcId:            pulumi.String("I DON'T KNOW WHAT TO PUT HERE"),
			CidrBlock:        pulumi.String("10.99.0.0/23"),
			AvailabilityZone: pulumi.StringPtr("us-east-1a"),
		})
		if err != nil {
			return err
		}

New to pulumi and trying my hand at unit testing in golang. My code uses config values that are set, but the test always panics saying the config value is not set. How can I tell the test that about the config values set for my stack?

👋 pulumi looks super slick but I'm hitting a few speed bumps along the way, most critical is the exact code from here: https://www.pulumi.com/docs/guides/crosswalk/aws/lambda/#register-an-event-handler-by-creating-a-lambda-function-resource bombs out with an error:

aws:lambda:Function (docsHandlerFunc):
    error: 1 error occurred:
    	* error creating Lambda Function (1): ValidationException:
    	status code: 400, request id: 27d225ae-0642-4798-af1f-b8b86ae640d5

Some googling around indicates this happens, for example, if you provide an id rather than a proper arm for the role but that's not the case here. Is there reason to believe this documentation is wrong/incorrect?