If anyone has ever tried to modularize their Pulumi project and organize the code better than just a single big

index.ts

file, and also organize it so that infrastructure definition is separate from “runtime” application (e.g. Lambda code), you may have encountered issues with either compiling (module not found) or runtime (tslib not found) because you didn’t have all your runtime application code in the same part of the directory tree as the infrastructure code, and used

import

to either non-relative or

../

paths.

Hey team, I am on a typescript compilation speed investigation again and there are some small things which could really make a huge difference to Pulumi projects if people wanted opt in once the underlying issues were fixed. Is anyone from the team interested in working with me to get these sorted? https://github.com/pulumi/pulumi-aws/issues/772 and https://github.com/pulumi/pulumi-aws/pull/1015 are key PRs to this happening. I fixed the issues in the AWS sdk ages ago so deep imports now really speed up compilation there. But because Pulumi imports the aws-sdk I can’t get any of those benefits in projects which use Pulumi

Hello, I am creating the code pipeline using Typescript.

stages: [
        {
            name: "Source",
            actions: [{
                name: "Source",
                category: "Source",
                owner: "ThirdParty",
                provider: "Github",
                version: "1",
                outputArtifacts: ["source_output"],
                configuration: {
                    ConnectionArn: "",
                    FullRepositoryId: "",
                    BranchName: "develop",
                },
            }],
        },

Its returning me this error.

Error creating CodePipeline: InvalidActionDeclarationException: ActionType (Category: 'Source', Provider: 'Github', Owner: 'ThirdParty', Version: '1') in action 'Source' is not available in region 'US_WEST_2'

Can anyone help me with this?

Hi i am looking for example where we can pull docker images from dockerhub

i only see examples with build could not find anything related to pull images can someone help me to find docker api reference for pull

Team - I had to completely delete a stack due to some issues, however, when I try to recreate the stack, unfortunately the Secrets still exist due to AWS 30 day policy on deleting secrets. As a temp work around, I've had to rename those secret refs in my build so they create net new ones (adding a

-new

suffix for the time being). Can you think of any other way I might be able to work around an issue like this?

follow-up question, I'm getting an error when creating lambdas that we've created before, saying that the request Entity is too large? Does this automatically get pushed to S3 if it's too big or do we have to orchestrate it?

aws:lambda:Function (eu-west-2-dev-dbtester-func):
    error: 1 error occurred:
        * error creating Lambda Function: RequestEntityTooLargeException:
        status code: 413, request id: 84cfdf77-4668-4921-a3fd-8635f200245a

This is not a question but rather a discussion/feature-request. Don't know if this is the right place for it so bear with me please I have been using Pulumi with TypeScript for a while now and got familiar with the idioms and practices but I still find several related issues to result in "not so nice" code. 1. Pulumi with TypeScript lacks top-level await support which makes using

async/await

really awkward. you need to wrap the main code in an async funtion then call that from

index.ts

using the

then/catch/finally

syntax. Not the end of the world but truly annoying 2. You could wrap all async code in

pulumi.output

which is perfect for things that are resources or resource-like but not really needed for other async API calls 3. Certain things like IAM policies which are arguably part of almost every single AWS program don't support

Input<T>

properties. I don't want to create an independent IAM policy for every IAM role/user (mainly because that indicates they are re-usable and then you need to assign them an intuitive name) so I tend to use inline policies which suffer from the aforementioned problem. I feel either those should accept

Input<T>

or there should be dedicated

IamInlinePolicyDocument

type that does. Wrapping everything in

all()/apply()

is just resulting in ugly looking code when used excessively

Hi I am trying to create ecr repo using pulumi typescript used basic example

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const foo = new aws.ecr.Repository("foo", {
    imageScanningConfiguration: {
        scanOnPush: true,
    },
    imageTagMutability: "MUTABLE",
});

but when my repo gets created i am expecting name to be foo but it creates repo with random id foo-719afa7 how to create repo without random id ?

was

deleteBeforeReplace

removed from resource options recently? I can't see it in the type declaration with

@pulumi/pulumi

v3.6.1

Is there any way for me to see exactly what's getting deployed to Lambda via "magic" callback functions?

if I want to call an API after the regular pulumi deployments have happened, using some of the output properties of some resources, how would I go about this? More concretely: a) where do I put the code that is supposed to run after the resources have been created/updated? b) how can I use outputs in that code? c) can I somehow store custom state in Pulumi? or more generally: somehow use it's update/dependency mechanism so my API calls only execute when needed? background: I want to call the Graph API after an Azure B2C tenant has been created in order to create app registrations and upload custom policies?

I'm trying to do something to get a "Map" of providers that I can use for populating other resource creation calls. The provider creation seems to work, but the Map stays empty and I can't use the providers anywhere.

function createProviderMap(o_accounts: aws.organizations.Account[]): Map <string, aws.Provider> {
  let providerMap = new Map();

  o_accounts.map( o_account => {
    pulumi.all([o_account.id, o_account.name ]).apply ( ([id, name]) => {
      providerMap.set(name, new aws.Provider(`${id}-provider`, {
                    assumeRole: {
                        roleArn: `arn:aws:iam::${id}:role/OrganizationAccountAccessRole`,
                        sessionName: "PulumiSession",
                    },
                    profile: config_aws.require('profile'),
                    region: aws.config.requireRegion(),
                }));
    });
  });
  console.log(providerMap);
}

I feel like I'm missing something big, but this is my first use of Map. Perhaps the issue is I'm creating the provider inside of a

.all

...thoughts?

Hi I new to typescript i am trying to import a function but i am getting error below

Import sources within a group must be alphabetized.

import {ecr} from "./ecr/index";

function:

import * as aws from "@pulumi/aws";

export  function ecr (ecrRepo : string){
    new aws.ecr.Repository( ecrRepo, {
        imageScanningConfiguration: {
            scanOnPush: true,
        },
        imageTagMutability: "MUTABLE",
        name: ecrRepo

    });

}

Can someone help me fix this Thanks

Anyone have any advice for nice refractors in Pulumi code? The more I work in it the more I find myself balancing an acts between making it too yaml based by making objects in the environment yaml files which defeats some of the point of pulumi or maybe I’m overthinking. Anyone have any good examples of some clean refactors they’ve done that they’re proud of or would like to show off?

curious if anyone has a good example TS code for creating resources if param was passed in or not and returning either the string returned, or the pulumi equivalent. For example, if in a config file a certificate arn is passed in, then use that cert arn when creating a cloudfront resource, but if the cert isn’t passed in, then create the cert and pass in the cert arn

I have this example. It's one route with a method type post

new aws.apigatewayv2.Route(
     test-route,
    {
      apiId: apigw.id,
      routeKey: "POST /api/pets",
      target: pulumi.interpolate`integrations/${integration.id}`,
    },
    { provider },
  );

But, I need to create a route to pass a parameter to the endpoint

new aws.apigatewayv2.Route(
     test-route,
    {
      apiId: apigw.id,
      routeKey: "GET /api/pets/3",
      target: pulumi.interpolate`integrations/${integration.id}`,
    },
    { provider },
  );

How do I create the route that receives a parameter in the url of

/api/pets/$id

?

Is this type of unmarshalling allowed?

config:
  aws:region: us-east-1
  pulumi_node:application-dashboards:
  - namespace: api-platform
    topic:
    - ap-topic-1
    - ap-topic-2  
    applications:
    - name: template-api-reference
      topic:
      - tar-topic-1
      - tar-topic-2
    - name: msk-healthcheck-consumer
    - name: msk-healthcheck-producer

let pulumiConfig = new pulumi.Config()
let applicationDashboards = pulumiConfig.getObject<ApplicationDashboards[]>("application-dashboards")

export interface ApplicationDashboards {
    namespace: string
    topic: string[]
    applications: {
        name: string
        topic: string[]
    }[]
}

This produces the output below

console.log(JSON.stringify(applicationDashboards))
console.log(applicationDashboards)

[{"applications":[{"name":"template-api-reference","topic":["tar-topic-1","tar-topic-2"]},{"name":"msk-healthcheck-consumer"},{"name":"msk-healthcheck-producer"}],"namespace":"api-platform","topic":["ap-topic-1","ap-topic-2"]}]
    [
      {
        applications: [ [Object], [Object], [Object] ],
        namespace: 'api-platform',
        topic: [ 'ap-topic-1', 'ap-topic-2' ]
      }
    ]

Is something like this possible with pulumi?

const orgCertificate = new acm.Certificate('org-certificate', {
    domainName: orgZone.name,
    validationMethod: 'DNS'
})

let validationRecords: pulumi.Output<string>[] = []

for (let i in orgCertificate.domainValidationOptions) {
    validationRecords.push(
        new route53.Record(`org-validation-record-${i}`, {
            name: orgCertificate.domainValidationOptions[i].resourceRecordName,
            type: orgCertificate.domainValidationOptions[i].resourceRecordType,
            records: [ orgCertificate.domainValidationOptions[i].resourceRecordValue ],
            zoneId: orgZone.zoneId,
            ttl: 60,
            allowOverwrite: true
        }).fqdn
    )
}

new acm.CertificateValidation('org-certificate-validation', {
    certificateArn: orgCertificate.arn,
    validationRecordFqdns: validationRecords
})

I get this error:

error: Running program '/Users/mallison/workspace/gdsgroup/equiv/immersify' failed with an unhandled exception:
    Error: Missing required property 'name'
at new Record (/Users/MYNAME/workspace/DIR/DIR/DIR/node_modules/@pulumi/route53/record.ts:246:23)

Hi. I have an issue with using an npm module that contains code of my dynamic provider (let’s call it

my-provider

). I add it as a dependency in my pulumi program using git url (so I have

"my-provider": "git+ssh……"

in my pulumi program package.json). Now when I try to run

pulumi up

I’m getting:

TypeError: Class constructor Resource cannot be invoked without 'new'

. Both my provider module and my pulumi program tsconfig.json is the following:

{
  "compilerOptions": {
    "strict": true,
    "outDir": "bin",
    "target": "es2016",
    "module": "commonjs",
    "moduleResolution": "node",
    "sourceMap": true,
    "experimentalDecorators": true,
    "pretty": true,
    "noFallthroughCasesInSwitch": true,
    "noImplicitReturns": true,
    "forceConsistentCasingInFileNames": true
  },
  "files": [
    "index.ts"
  ]
}

Any hints what I might be doing wrong?

How do you all recommend installing CRDs. I found

crd2pulumi

which generates the types, but it seems to not install the CRD since 1.0.5 here . is there a recommended way to allow pulumi to control installing it as well as getting types.

Hi what does this mean

config:
  foo:bar: dev

i am see this in Pulumi.dev.yaml

how to access config from code ?

Hi, I have a function with a simple ternary expression that doesn’t work and always evals to true. Can anyone tell me where I’m going wrong?

const iamId = (): (pulumi.Input<string> | pulumi.Output<string>) => {
            return account.name.apply(name => name.includes('iam')) ? account.id : args.iamAccountId
        }

Hi I am working with existing pulumi project where i see

Pulumi.dev.yaml
Pulumi.test.yaml
Pulumi.prod.yaml

and

index.ts

in pulumi.foo.yaml file there are some variables which are being used by index.ts how does pulumi know where to access variable from eg: there is a variable present in all 3 files Pulumi.dev.yaml

foo:project: dev

Pulumi.test.yaml

foo:project: test

Pulumi.prrod.yaml

foo:project: prod

how does pulumi up know where to get the variable from ?

Hi how to check more info on pulumi errors ?

Hi i accidentally cancelled pulumi deployment i tried to export the state and import it but now my stack is all messed up its referencing old pending_operations names all over the stack how to clean up pulumi stack and redo deployment from scratch ? i tried to remove the stack completely, by running 'pulumi stack rm but dint help

Hello, what's the kosher way to put

Output<string>

into

aws.iam.GetPolicyDocumentArgs

? this attempt:

const policy = aws.iam.getPolicyDocument({statements: [{
    actions: ["sts:AssumeRoleWithWebIdentity"],
    principals: [{
        identifiers: [bitbucket.oidcProvider.arn], // this is line 14
        type: "Federated",
    }],
    condition: {
        test: "StringLike",
        variable: bitbucket.oidcProvider.url.apply(url => `${url.replace("https://", "")}:sub`),
        values: ["...."],
    }
}]})

results in:

pulumi.ts(14,23): error TS2322: Type 'Output<string>' is not assignable to type 'string'.