bland-electrician-81799
03/03/2022, 1:02 AMgreat-sunset-355
03/09/2022, 7:05 AMpulumi.interpolate
in python?prehistoric-shoe-5168
03/11/2022, 6:36 PMrough-oyster-77458
03/11/2022, 9:21 PMpulumi.export()
to export a variable in file1.py
. I'm going to use this variable in file2.py
Is there any way to get this variable in file2.py
?
So far I have found how to import this variable in CLI onlyhallowed-animal-47023
03/12/2022, 2:10 AMprimary_private_route_table = ec2.RouteTable(
f'{environment}-primary-private-subnet-route-table',
vpc_id=vpc.id,
routes=[
ec2.RouteTableRouteArgs(
cidr_block="0.0.0.0/0",
gateway_id=nat_ids['primary_nat_id']
)
],
tags={
"Name": f'{environment}-primary-private-subnets-route-table',
"Environment": f'{environment}'
}
)
~ routes: [
~ [0]: {
~ cidrBlock : "0.0.0.0/0" => "0.0.0.0/0"
+ gatewayId : "nat-08f9a3f32bfaaa09c"
- natGatewayId: "nat-08f9a3f32bfaaa09c"
}
]
fast-spoon-69536
03/14/2022, 5:45 PMesa.create_app_role(example.endpoint.apply(lambda endpoint: f"{endpoint}"),admin_username,admin_password,app_role_payload,role_name)
_The create_app_role function takes the following inputs._
endpoint - the endpoint is only available after the previous resource is deployed.
_admin_username - username to log into the endpoint_
_admin_password - admin password_
_app_role_payload - a dictionary / REST payload_
_role_name - name of the role to create_
The basics of what I'm trying to do is.
1. deploy aws opensearch
2. call the opensearch internal API to create roles and users after it is deployed.
endpoint needs to be a str, but it is a Output<str>. How can I get it to be a str? Or is there a better approach ?
TypeError: can only concatenate str (not "Output") to str
little-photographer-14867
03/16/2022, 12:06 AMread_sa = serviceaccount.Account(
"read-sa",
account_id="read-sa",
display_name="Read Service Account"
)
py_repo = artifactregistry.Repository(
"pypi-repo",
location="us-west1",
repository_id="pypi-repo",
description="python pacakges.",
format="PYTHON",
)
read_binding = artifactregistry.RepositoryIamBinding(
"read-binding",
project=py_repo.project,
location=py_repo.location,
repository=py_repo.name,
role="roles/artifactregistry.reader",
members=[
f"serviceAccount:{read_sa.email}",
],
)
But I am getting errors:
gcp:artifactregistry:RepositoryIamBinding (read-binding):
error: 1 error occurred:
* Error applying IAM policy for artifactregistry repository "projects/test-project/locations/us-west1/repositories/pypi-repo": Error setting IAM policy for artifactregistry repository "projects/test-project/locations/us-west1/repositories/pypi-repo": googleapi: Error 400: Invalid service account (<pulumi.output.Output object at 0x7f7f53ff7f10>).
Am I defining the members
arg properly, or correct in using the service account email in an f-string? Mostly following this ts example.average-article-76176
03/16/2022, 5:28 PMpurple-plumber-90981
03/17/2022, 3:31 AMnice-father-44210
03/17/2022, 6:42 PMComponentResources
that encode our best practices while allowing the calling code to override some aspects of the underlying AWS resources.
We want to expose the available overrides as Pulumi’s Args
objects. E.g.,:
class SecureS3Bucket(pulumi.ComponentResource):
def __init__(
self,
name: str,
bucket_overrides: aws.s3.BucketArgs = aws.s3.BucketArgs(),
Is there a convenient way to manipulate/merge BucketArgs
objects? E.g., we might overlay required attribute values on top of the supplied bucket_overrides
argument before passing the merged object into the Bucket(BucketArgs)
constructor.
One way we’ve found is using a combination of pulumi._types.input_type_to_dict(bucket_overrides)
to turn BucketArgs
into a dict
and pulumi.set( args_object, "attribute", "value" )
to apply dict
entries to a BucketArgs
object.agreeable-king-2755
03/18/2022, 2:54 PMdazzling-angle-45051
03/23/2022, 8:19 PMComponentResource
that another type of resource will always be created by Pulumi before? I can use depends_one
, but it's quite verbose and I would like to find a better way for the end user.
To clarify, the ComponentResource
I'm writing is for deploying a bunch of Kubernetes resources, and I would like to make sure that pulumi_kubernetes.core.v1.Namespace
are applied first.
Thanks in advance! 🙏dazzling-angle-45051
03/23/2022, 8:36 PMwith kubernetes.core.v1.Namespace(project):
acme_corp.MyResource(f"{project}-{stack}-myresource")
breezy-painter-29573
03/28/2022, 3:01 AMfor i, az in enumerate(azs):
subnet = aws.ec2.Subnet(
resource_name=f"public-{i}",
vpc_id=vpc.id,
availability_zone=az,
cidr_block=vpc.cidr_block.apply(lambda cidr_block: ip_network(cidr_block).subnets(new_prefix=27)[i]),
tags=tags,
)
subnets.append(subnet)
but it fails with the TypeError: 'generator' object is not subscriptable
. Which, probably makes sense. I just can’t find a way to do it in a for loop.
Thank you in advance!
P.S. ip_network
is a function for netaddr
.incalculable-whale-36468
03/28/2022, 9:24 PMmy_template = "my secret: {my_secret}"
my_secret = config.require_secret('my_secret')
foo = my_template.format(my_secret=my_secret)
This will result in the following output:
my secret: <pulumi.output.Output object at 0x7f02baf74b80>
I tried using apply, and even Output.all, like follows:
foo = my_template.format(my_secret=my_secret.apply(lambda current_secret: current_secret))
But it will give me the same result.
What am I missing here?stocky-xylophone-20575
04/03/2022, 7:50 PMparameter_group = aws.rds.ParameterGroup(parameter_group_name,
family=rds_family,
opts=ResourceOptions(import_=parameter_group_name))
but coming out to inputs to import do not match the existing resource
even though parameter group name is same
i also tried to user aws.rds.ParameterGroup.get()
but it is asking for id which is not present in case of parametergroups , we only have name for a parameter groupalert-raincoat-81485
04/05/2022, 1:32 AMargs[FilsSystemArgs]
but it seems not valid.
Can someone guide me over?
https://www.pulumi.com/registry/packages/aws/api-docs/efs/filesystem/
foo = aws.efs.FileSystem(
"efs_filesystem",
resource_name="efs",
args=[aws.efs.FileSystemArgs()]
})
able-thailand-87943
04/05/2022, 3:23 PMpy.test -v tests/test_foobar.py
But if I run it without explicit providing the file name, to make sure it runs all tests under tests
, it bombs with the error:
pulumi.errors.RunError: Program run without the Pulumi engine available; re-run using the pulumi
CLI
Does anyone have any suggestions to fix this?curved-morning-41391
04/05/2022, 10:09 PMpulumi up
I could do this from within my python program like pulumi.up()
anyone aware if there is a way to do that, or if folks have thought of this?alert-raincoat-81485
04/08/2022, 4:58 PMefsFileSys = aws.efs.FileSystem(
resource_name=stackname+'-'+'efs',
args=aws.efs.FileSystemArgs(
encrypted='true',
kms_key_id='<kms-arn>',
performance_mode="maxIO",
tags={
"Name": stackname + '-' + 'fs'
},
)
)
efsParame=aws.ssm.Parameter(
str(stackname)+'-'+'efs_parameter',
type='String',
name="efs_parameter",
value=str(efsFileSys.dns_name),
)
Output
Parameter store value: <pulumi.output.Output object at 0x10xxxx>
calm-megabyte-11174
04/11/2022, 2:18 AM"""A Python Pulumi program"""
import pulumi
from pulumi_azure_native import storage
from pulumi_azure_native import resources
resource_group = resources.ResourceGroup("aa-msdn-rg-pulumi")
account = storage.StorageAccount('sa',
resource_group_name = resource_group.name,
sku = storage.SkuArgs(
name = storage.SkuArgs.STANDARD_LRS,
),
kind = storage.kind.STORAGE_V2)
primary_key = storage.list_storage_account_keys_output(
resource_group_name = resource_group.name,
account_name = account.name
).accountKeys.keys[0].value
pulumi.export("primary_storage_key",primary_keycdpu)
I get error as below:
File "C:\OnlyOnMyPC\my-training\awesomeazure\.\__main__.py", line 4, in <module>
from pulumi_azure_native import storage
ModuleNotFoundError: No module named 'pulumi_azure_native'
error: an unhandled error occurred: Program exited with non-zero exit code: 1
Yes and I have installed the package as well but still no luck ?
PS C:\OnlyOnMyPC\my-training\awesomeazure> pip install pulumi_azure_native
Defaulting to user installation because normal site-packages is not writeable
Requirement already satisfied: pulumi_azure_native in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (1.62.0)
Requirement already satisfied: parver>=0.2.1 in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (from pulumi_azure_native) (0.3.1)
Requirement already satisfied: pulumi<4.0.0,>=3.0.0 in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (from pulumi_azure_native) (3.28.0)
Requirement already satisfied: semver>=2.8.1 in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (from pulumi_azure_native) (2.13.0)
Requirement already satisfied: attrs>=19.2 in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (from parver>=0.2.1->pulumi_azure_native) (21.4.0)
Requirement already satisfied: six~=1.13 in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (from parver>=0.2.1->pulumi_azure_native) (1.16.0)
Requirement already satisfied: arpeggio~=1.7 in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (from parver>=0.2.1->pulumi_azure_native) (1.10.2)
Requirement already satisfied: pyyaml>=5.3.1 in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (from pulumi<4.0.0,>=3.0.0->pulumi_azure_native) (6.0)
Requirement already satisfied: protobuf>=3.6.0 in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (from pulumi<4.0.0,>=3.0.0->pulumi_azure_native) (3.20.0)
Requirement already satisfied: dill>=0.3.0 in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (from pulumi<4.0.0,>=3.0.0->pulumi_azure_native) (0.3.4)
Requirement already satisfied: grpcio<1.44.0,>=1.33.2 in c:\users\aagashe002\appdata\roaming\python\python310\site-packages (from pulumi<4.0.0,>=3.0.0->pulumi_azure_native) (1.43.0)
My Python path is already in Environment variable:
``````calm-megabyte-11174
04/11/2022, 2:24 AMfast-spoon-69536
04/22/2022, 2:13 PM# failure if I exclude the local route
egress_vpc_fw_public_subnet_rtb = aws.ec2.RouteTable(custom_tags['Name'],
vpc_id=egress_vpc.id,
routes=[
aws.ec2.RouteTableRouteArgs(cidr_block="0.0.0.0/0",gateway_id=egress_igw.id)
],
tags=custom_tags,
opts=ResourceOptions(depends_on=[tgw, egress_igw],parent=egress_vpc))
aws:ec2:RouteTable (egress_vpc_fw_public_subnet_us_east_2_rtb):
error: 1 error occurred:
* updating urn:pulumi:dev::transitgateway::aws:ec2/vpc:Vpc$aws:ec2/routeTable:RouteTable::egress_vpc_fw_public_subnet_us_east_2_rtb: 1 error occurred:
* error deleting Route in Route Table (rtb-08121bf0496297bff) with destination (10.31.0.0/16): InvalidParameterValue: cannot remove local route 10.31.0.0/16 in route table rtb-08121bf0496297bff
status code: 400, request id: fc0dcdd7-ce6f-4ec8-92e7-250c268c4933
# failure if I add the local route
egress_vpc_fw_public_subnet_rtb = aws.ec2.RouteTable(custom_tags['Name'],
vpc_id=egress_vpc.id,
routes=[
aws.ec2.RouteTableRouteArgs(cidr_block="0.0.0.0/0",gateway_id=egress_igw.id),
aws.ec2.RouteTableRouteArgs(cidr_block=egress_vpc.cidr_block,local_gateway_id=egress_vpc.id)
],
tags=custom_tags,
opts=ResourceOptions(depends_on=[tgw, egress_igw],parent=egress_vpc))
error: 1 error occurred:
* updating urn:pulumi:dev::transitgateway::aws:ec2/vpc:Vpc$aws:ec2/routeTable:RouteTable::egress_vpc_fw_public_subnet_us_east_2_rtb: 1 error occurred:
* error creating Route in Route Table (rtb-08121bf0496297bff) with destination (10.31.0.0/16): InvalidLocalGatewayID.Malformed: Invalid id: "vpc-03b6755e47c26a69f"
status code: 400, request id: 3e59a09d-b7b7-4dfa-b46d-ae0caf214ee7
quick-telephone-15244
04/29/2022, 3:26 PMquick-telephone-15244
04/29/2022, 3:27 PMquick-telephone-15244
04/29/2022, 3:28 PMdisallow_any_*
config options might be a bit much?bitter-horse-93353
05/02/2022, 6:02 PM# mypulumi/__main__.py
bucket = aws.s3.Bucket("bucket")
# myscript.py
from mypulumi import bucket
import boto3
bucket = boto3.client('s3').Bucket(bucket.id) # use the value from the pulumi stack script
Trying to understand if this is a support/common use case and what the best practices around this are. It feels like one benefit of having the definitions in python would be accessing them in various places and knowing that the IDs/ARNs/etc. will always match correctly.wide-xylophone-60952
05/03/2022, 8:37 AMquick-telephone-15244
05/04/2022, 2:08 PMaws:iam/rolePolicyAttachment:RolePolicyAttachment
however when i attempt to apply a transformation at the stack level via pulumi.runtime.register_stack_transformation
I'm not seeing the type_
aws:iam/rolePolicyAttachment:RolePolicyAttachment
within my transformation function?quick-telephone-15244
05/04/2022, 2:09 PM<http://pulumi.info|pulumi.info>
output of every type_
I see within the function:
TYPE: aws:ec2/securityGroup:SecurityGroup
TYPE: aws:kms/key:Key
TYPE: aws:iam/role:Role
TYPE: eks:index:Cluster
TYPE: aws:ec2/securityGroup:SecurityGroup
TYPE: aws:eks/cluster:Cluster
TYPE: kubernetes:core/v1:ConfigMap
TYPE: aws:ec2/securityGroupRule:SecurityGroupRule
TYPE: aws:ec2/securityGroup:SecurityGroup
TYPE: aws:ec2/securityGroup:SecurityGroup
TYPE: pulumi:providers:kubernetes
TYPE: aws:eks/cluster:Cluster
TYPE: eks:index:VpcCni
TYPE: aws:iam/openIdConnectProvider:OpenIdConnectProvider
TYPE: aws:ec2/securityGroup:SecurityGroup
TYPE: aws:ec2/securityGroupRule:SecurityGroupRule
TYPE: pulumi:providers:kubernetes
quick-telephone-15244
05/04/2022, 2:09 PM<http://pulumi.info|pulumi.info>
output of every type_
I see within the function:
TYPE: aws:ec2/securityGroup:SecurityGroup
TYPE: aws:kms/key:Key
TYPE: aws:iam/role:Role
TYPE: eks:index:Cluster
TYPE: aws:ec2/securityGroup:SecurityGroup
TYPE: aws:eks/cluster:Cluster
TYPE: kubernetes:core/v1:ConfigMap
TYPE: aws:ec2/securityGroupRule:SecurityGroupRule
TYPE: aws:ec2/securityGroup:SecurityGroup
TYPE: aws:ec2/securityGroup:SecurityGroup
TYPE: pulumi:providers:kubernetes
TYPE: aws:eks/cluster:Cluster
TYPE: eks:index:VpcCni
TYPE: aws:iam/openIdConnectProvider:OpenIdConnectProvider
TYPE: aws:ec2/securityGroup:SecurityGroup
TYPE: aws:ec2/securityGroupRule:SecurityGroupRule
TYPE: pulumi:providers:kubernetes