jolly-camera-35709
10/22/2020, 6:30 AMjolly-camera-35709
10/22/2020, 6:31 AMjolly-camera-35709
10/22/2020, 6:31 AMimage='{}/{}-build:{}'.format(container_registry.login_server,
project_name,
get_image_tag_stdout),
strong-musician-98782
10/22/2020, 12:48 PMbland-lamp-16797
10/26/2020, 6:11 PMserviceaccount.IAMMember('add data-engineering to roles',
member="serviceAccount:71157116@cloudbuild.gserviceaccount.com",
role='roles/datastore.importExportAdmin',
service_account_id='foo',
)
and I'm confused what service_account_id is if we have member as in terraformbland-lamp-16797
10/26/2020, 6:14 PMworried-plastic-45846
10/27/2020, 11:06 AMpulumi up
fails using pulumi 2.12.1, but works using pulumi 2.11.2. I'm using pulumi-aws 3.6.1.
How can I know which versions of pulumi and pulumi-aws are compatible please ?bland-lamp-16797
10/27/2020, 11:17 AMpulumi_gcp.cloudscheduler.Job("what ever",
description="whatever",
schedule="5 4 * * *",
http_target={
'uri': '<https://cloudbuild.googleapis.com/v1/projects/PROJECT_ID/triggers/TRIGGER_ID:run>',
'body': '{}',
'oauth_token': {
'service_account_email': '<mailto:PROJECT_ID@appspot.gserviceaccount.com|PROJECT_ID@appspot.gserviceaccount.com>',
'scope': '<https://www.googleapis.com/auth/cloud-platform>'
}
}
)
whatever I put in 'body': '{}',
I get
Error creating Job: googleapi: Error 400: Invalid value at 'job.http_target.body' (TYPE_BYTES), Base64 decoding failed for "{}".Should I open the bug for this or I'm totally missing what should be in body ? The body Regex should be
[a-zA-Z\d_-]{1,500}
nutritious-shampoo-16116
10/27/2020, 11:34 AMdef setup_s3_read_write_policy(buckets: List[pulumi.Output], project_name: str, instance_role: iam.Role):
"""
Create a policy to access a list of buckets in R/W mode
"""
def create_and_attach_policy(args: List) -> None:
policy = json.dumps(
{
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:ListBucket"],
"Resource": [f"arn:aws:s3:::{arg}" for arg in args],
},
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": [f"arn:aws:s3:::{arg}/*" for arg in args],
},
],
}
)
S3_POLICY_NAME = create_unique_name(f'{project_name}-buckets-policy')
s3_policy = iam.Policy(S3_POLICY_NAME, policy=policy)
S3_ROLE_POLICY_ATTACHMENT = create_unique_name(
f'{project_name}-buckets-role-policy-attachment'
)
iam.RolePolicyAttachment(
S3_ROLE_POLICY_ATTACHMENT, role=instance_role, policy_arn=s3_policy.arn
)
pulumi.Output.all(*[bucket.id for bucket in buckets]).apply(
lambda args: create_and_attach_policy(args)
)
def setup_s3_read_write_policy(buckets: List[pulumi.Output], project_name: str, instance_role: iam.Role):
"""
Create a policy to access a list of buckets in R/W mode
"""
def create_and_attach_policy(args: List) -> None:
policy = json.dumps(
{
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:ListBucket"],
"Resource": [f"arn:aws:s3:::{arg.id}" for arg in args],
},
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": [f"arn:aws:s3:::{arg.id}/*" for arg in args],
},
],
}
)
S3_POLICY_NAME = create_unique_name(f'{project_name}-buckets-policy')
s3_policy = iam.Policy(S3_POLICY_NAME, policy=policy)
S3_ROLE_POLICY_ATTACHMENT = create_unique_name(
f'{project_name}-buckets-role-policy-attachment'
)
iam.RolePolicyAttachment(
S3_ROLE_POLICY_ATTACHMENT, role=instance_role, policy_arn=s3_policy.arn
)
pulumi.Output.all(*[buckets]).apply(
lambda args: create_and_attach_policy(args)
)
nutritious-shampoo-16116
10/27/2020, 11:35 AMpulumi.Output.all
works if I tell to wait explicitly for the id but not for the s3.Bucket objectdamp-elephant-82829
10/30/2020, 9:12 AMdamp-elephant-82829
10/30/2020, 9:13 AMgorgeous-spoon-23700
11/02/2020, 9:00 AMpulumi stack export
command and extracting the relevant info from the JSON data:
jq = local["/usr/local/bin/jq"]
pulumi = local["pulumi"]
chain = pulumi["stack", "export"] | jq['.deployment.resources[] | select(.type == "pulumi:pulumi:Stack") | .outputs.netcams']
netcams = json.loads(chain())
Should I wait for the python implementation of the Automation API? šred-glass-80261
11/02/2020, 11:29 AMred-glass-80261
11/06/2020, 9:30 PMclever-nest-47198
11/10/2020, 7:11 PMclever-nest-47198
11/10/2020, 7:12 PMaverage-school-38756
11/11/2020, 10:21 PMpulumi up
. Is there a resource which will run a bash script or something, so that pulumi.FileArchive
could run after?purple-arm-63328
11/16/2020, 9:07 PMpurple-arm-63328
11/16/2020, 9:09 PMaws.ec2.getSubnetIds
, how do I get the result? I tried to run_until_completion
the Awaitable but the loop is already running. Is there a way to have the main be an async function?purple-arm-63328
11/16/2020, 9:12 PMgroup = aws.ec2.SecurityGroup.get('sg-0dfd33cdac25b1ec9')
but the signature of that very function takes a resource_name
and an id
as positional arguments. What am I missing?clean-dentist-2515
11/16/2020, 9:17 PMaws.ec2.SecurityGroup.get
the resource_name
is a name that you choose (a label used to identify the resource in Pulumi) and the id
is the actual security group id from EC2purple-arm-63328
11/16/2020, 9:18 PMclean-dentist-2515
11/16/2020, 9:20 PMpurple-arm-63328
11/16/2020, 9:29 PMget
of a resource does not import. Am I wrong?gentle-diamond-70147
11/16/2020, 9:30 PM.get()
does not import the resource, only gets a reference to it. The resource name is still required for Pulumi to track its usage internally, but does not change or affect the real resource.purple-arm-63328
11/16/2020, 9:31 PMgentle-diamond-70147
11/16/2020, 9:32 PMmy_sg = aws.ec2.SecurityGroup.get('my_sg', 'sg-0dfd33cdac25b1ec9')
purple-arm-63328
11/16/2020, 9:32 PMpurple-arm-63328
11/16/2020, 9:32 PMpurple-arm-63328
11/16/2020, 9:32 PMgentle-diamond-70147
11/16/2020, 9:33 PMpurple-arm-63328
11/16/2020, 9:36 PMgentle-diamond-70147
11/16/2020, 9:48 PMpurple-arm-63328
11/16/2020, 9:54 PMclean-dentist-2515
11/16/2020, 9:59 PMOutput
which is like a future or promise
the idiom I've seen elsewhere in the docs is:
real_value = some_output.apply(lambda val: val)
apply
gives you the chance to modify the returned value
I'm not sure if there's a shortcut for when you just want the resolved value unchanged
I don't think you have to interact with any async event loop stuff directlypurple-arm-63328
11/16/2020, 10:11 PMclean-dentist-2515
11/16/2020, 10:14 PMAwaitableGetSubnetIdsResult
?
if you try to access properties on that object like .ids
do they return an Output
?purple-arm-63328
11/16/2020, 10:14 PMclean-dentist-2515
11/16/2020, 10:14 PMpurple-arm-63328
11/16/2020, 10:15 PMclean-dentist-2515
11/16/2020, 10:30 PMoutput = Output.from_input(get_subnet_ids(...))
value = output.apply(lambda val: val)
...can work?
š¤·āāļøpurple-arm-63328
11/16/2020, 10:36 PMgentle-diamond-70147
11/16/2020, 11:35 PMpurple-arm-63328
11/16/2020, 11:47 PMgentle-diamond-70147
11/16/2020, 11:55 PMpurple-arm-63328
11/17/2020, 1:11 AMapply
, it started working. š