bland-thailand-60821
09/27/2022, 8:18 PMbland-thailand-60821
09/27/2022, 8:19 PMimport * as pulumi from "@pulumi/pulumi";
import * as equinix_metal from "@pulumi/equinix-metal";
import * as fs from "fs";
const userData = fs.readFileSync('bs.sh','utf8');
const projectId = "xxx";
const testProjectSshKey = new equinix_metal.ProjectSshKey("testProjectSshKey", {
publicKey: "ssh-rsa ",
projectId: projectId,
});
const dsbasenode = new equinix_metal.Device("ds-base-node",{
hostname: "ds-base-node",
plan: "c3.small.x86",
metro: "sv",
operatingSystem: "ubuntu_20_04",
billingCycle: "hourly",
projectSshKeyIds: [testProjectSshKey.id],
projectId: projectId,
userData: fs.readFileSync('./basenode.sh'),
});
// Export the name of the project
export const dsbasenodeIP= dsbasenode.accessPublicIpv4;
bland-thailand-60821
09/27/2022, 8:19 PMconst userData = fs.readFileSync('bs.sh','utf8');
userData: fs.readFileSync('./basenode.sh'),
Is above right way to call shell script @stocky-restaurant-98004 ?stocky-account-72012
09/27/2022, 9:37 PMgreen-bird-4706
09/28/2022, 12:35 AMtf2pulumi
but it doesn't support Terraform modules which we rely on heavily, so I abandoned that. I found a video on youtube of a livestream () that uses tfstate
to import resources. I have tried to emulate that, I have this resources.json
file:
{
"resources": [
{
"name": "lambda",
"type": "AWS::Lambda::Function",
"id": "ingestDataLambda"
}
]
}
Which I just scraped out with JS. It was longer but I cut it down to importing one resource for simplicity.
When I run pulumi import -f resources.json --out index.ts
I get an error
error: preview failed: failed to validate provider config: Could not automatically download and install resource plugin 'pulumi-resource-AWS'at version v5.16.0, install the plugin using `pulumi plugin install resource AWS v5.16.0`.
Underlying error: error downloading plugin AWS to file: failed to download plugin: AWS-5.16.0: 403 HTTP error fetching plugin from <https://get.pulumi.com/releases/plugins/pulumi-resource-AWS-v5.16.0-linux-amd64.tar.gz>
I also get a 403
error when I run the pulumi plugin install
. I have tried removing the node_modules
folder and using yarn
, using Pulumi 3.38.0
and Pulumi 3.40.2
. I am running:
Description: Debian GNU/Linux 9.13 (stretch)
Release: 9.13
Codename: stretch
Inside Windows 11 WSL2. I have managed to deploy a simple S3 bucket to the AWS account so the Pulumi setup works, it just doesn't want to import for me. I have also tried reinstalling Pulumi on
Description: Ubuntu 20.04.5 LTS
Release: 20.04
Codename: focal
But it has the exact same issue. I am currently running v14.19.1
Thanks in advance for any help. I have searched this Slack channel and stack overflow but haven't found anything that will help.some-continent-7311
09/28/2022, 10:21 AMimport * as pulumi from "@pulumi/pulumi";
import { Output } from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
export = async () => {
const environment = pulumi.getStack();
const clusterConfig = new pulumi.StackReference(`xyz/cluster-config/${environment}`);
const tenantIds = await clusterConfig.requireOutput("tenantIds").apply(value => value as string[]);
const config = new pulumi.Config();
const project = config.require('project');
const location = config.require('location');
const storageClass = config.require('storageClass');
const bucketUrls = new Array();;
for (let tenantId of tenantIds) {
const tenantName = tenantId.split('-')[0];
const bucketName = `xyz-${environment}-${tenantId}`;
const bucket = new gcp.storage.Bucket(bucketName, {
name: bucketName,
project,
location,
storageClass,
labels: {
'tenant': tenantName,
'env': environment,
},
});
bucketUrls.push(bucket.url);
}
return {
bucketUrls
};
};
However, when I run pulumi up
I get this error:
index.ts(16,23): error TS2488: Type 'Output<string[]>' must have a '[Symbol.iterator]()' method that returns an iterator
because of this line:
const tenantIds = await clusterConfig.requireOutput("tenantIds").apply(value => value as string[]);
What’s the proper way to convert Ouptput<any>
to string[]
and iterate the list of strings?aloof-leather-66267
09/30/2022, 3:54 AMimport type
.thousands-area-40147
10/06/2022, 7:53 AMname
in the pulumi.Config()
constructor? Documentation says:
name is the configuration bag's logical name and uniquely identifies it. The default is the name of the current project.Is it simply the other project's name? To which of the .yaml files in the other project's directory would it refer then? Is it possibly to specify the stack? Thanks in advance! 🙏
green-bird-4706
10/07/2022, 2:33 AMPowerUserAccess
with saml2aws
to the test
account and Pulumi seems to be ok pick up the credentials from the ~/.aws/credentials
file and create resources. But I cannot create IAM policies with this role due to the policies on the role.
We have another account - control
that does our deployments for us. If I login to it with saml2aws
and modify that stacks pulumi.dev.yaml
file to have this:
config:
aws:assumeRole:
roleArn: arn:aws:iam::<<test acc id>>:role/ExternalDeployer
aws:region: ap-southeast-2
prima-data-ingestion:vpcId:
secure: <<VPC ID>>
When I pulumi up
I get:
error: Error: invocation of aws:kms/getKey:getKey returned an error: unable to validate AWS credentials. Make sure you have:
• Set your AWS region, e.g. `pulumi config set aws:region us-west-2`
• Configured your AWS credentials as per <https://pulumi.io/install/aws.html>
You can also set these via cli using `aws configure`.
at Object.callback (/home/rhys/projects/pulumi/deploy/node_modules/@pulumi/runtime/invoke.ts:159:33)
at Object.onReceiveStatus (/home/rhys/projects/pulumi/deploy/node_modules/@grpc/grpc-js/src/client.ts:338:26)
at Object.onReceiveStatus (/home/rhys/projects/pulumi/deploy/node_modules/@grpc/grpc-js/src/client-interceptors.ts:426:34)
at Object.onReceiveStatus (/home/rhys/projects/pulumi/deploy/node_modules/@grpc/grpc-js/src/client-interceptors.ts:389:48)
at /home/rhys/projects/pulumi/deploy/node_modules/@grpc/grpc-js/src/call-stream.ts:276:24
at processTicksAndRejections (internal/process/task_queues.js:77:11)
If I run aws configure
and set the Access Key ID
and Secret Access Key
, set the correct region
and leave the output format as None
it doesn't make any difference. I have also tried to put this information and the token
into ~/.aws/credentials
and it still has the same issue? How do I get Pulumi to use the role for Deployments?
In Terraform it was as simple as adding this block to the AWS provider:
assume_role {
role_arn = "arn:aws:iam::<<test acc id>>:role/ExternalDeployer"
}
(and I use actual values <<test acc id>>
- just not going to put them on Slack just fyi) Thanks in advance.high-barista-92349
10/07/2022, 10:20 AMimport * as aws from "@pulumi/aws";
import * as awsx from "@pulumi/awsx";
import * as pulumi from "@pulumi/pulumi";
const vpcId = "vpc-xxx";
const awsxVpc = new awsx.ec2.Vpc("vpc", {vpcId});
console.log(`subnets: ${await awsxVpc.publicSubnetsIds}`);
console.log(`private: ${await awsxVpc.privateSubnetIds}`);
...
// A bunch of resources generated e.g. new aws.ec2.Instance(...)
IIUC, I can only run the pulumi runtime via pulumi pre to trigger the code above and see the output because the entry point is always index.ts.
For new projects this is fine as the overall resources managed is small and this is fast. However, for existing large pulumi projects, this workflow becomes very tedious and annoying because it tries to preview all the other resources that aren't changed.calm-butcher-40899
10/08/2022, 10:09 AMpulumi up/preview
with the quickstart codes for creating an S3 bucket:
error: could not validate provider configuration: 1 error occurred:
* Invalid or unknown key
I tried creating a VPC resource and still got this error, which makes me feel there’s provider config issues.
But when I use the same config on Terraform, everything works. I will attach in 🧵 my stack config and localstack docker-compose file for reference.
Any comments and insights on the issue will be much appreciated!!abundant-king-20145
10/10/2022, 4:42 PM--policy-pack
flag. But, is there a way to do the same on an automation-api project. I cant find the option.green-bird-4706
10/12/2022, 5:15 AMerror: aws:iam/policy:Policy resource 'Amazing-Lambda-can-log-to-cloudwatch' has a problem: "policy" contains an invalid JSON: invalid character '\n' in string literal. Examine values at 'Policy.Policy'.
Here's the code, surely I can use the output of LogGroup
in my Policy
?
export class Lambda extends pulumi.ComponentResource {
constructor(name: string, args?: any, opts?: pulumi.ComponentResourceOptions) {
<<<>>><<<>>>
this.cloudwatchLog = new aws.cloudwatch.LogGroup(`${name}-lambda-vpc-cloudwatch- log`, {
name: `/aws/lambda/amazingLambda`,
retentionInDays: 14
}, {parent: this});
this.cloudwatchPolicy = new aws.iam.Policy(`AmazingLambda-can-log-to-cloudwatch`, {
description: `Grants AmazingLambda permission to write to Cloudwatch logs for monitoring`,
policy: `{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AmazingLambdaCanLog",
"Effect": "Allow",
"Action": [
"logs:PutLogEvents",
"logs:CreateLogStream",
"logs:CreateLogGroup"
],
"Resource": "${this.cloudwatchLog.arn}"
}
]
}`,
}, { parent: this });
proud-pizza-80589
10/13/2022, 3:06 PMOutput<string>[]
how the hell do i JSON.stringify it so i get a single string with the json serialised into itlittle-cartoon-10569
10/17/2022, 4:57 AMinterface Person { age: number; name: string}
that other projects can use when dereferencing a stack reference.
My assumption is that it's not worth trying to use the Person interface in the exporting project. I shouldn't try to put this in my parent project's index.ts:
export steve: Person = { age: steve.age, name: steve.name };
Instead, I should be happy with this:
export steve = { age: steve.age, name: steve.name };
I assume that the type wrangling I'd have to go through to make the one interface usable in both places is likely to be complicated, and to hide intent. In the parent project, the interface would contain a pile of `pulumi.Output`s (from all the resources providing the values I want to export)). In the dependent projects, all the values are known at the same time so the only Output I need in code is the one wrapping the Person object(const steve: pulumi.Output<Person> = stackref.requireOutput("steve") as pulumi.Output<Person>
).
Is there an easy / clear way to use the one interface in both places? Am I correct in not even trying?little-cartoon-10569
10/18/2022, 2:47 AMjolly-window-25842
10/18/2022, 9:13 AMhelpful-easter-62786
10/18/2022, 5:54 PMzod
library with a dynamic resource provider?
Inside my provider's create
function it blows up like so:
...which indirectly referenced
function 'bound parse': which could not be serialized because
it was a native code function.
green-bird-4706
10/20/2022, 10:58 PMSecretString
value from AWS Secrets Manager. I'm using the AWS providers aws.secretsmanager.getSecretOutput
and am able to retrieve the secret object with all it's metadata, but not the JSON of the secret string that I need. I am considering using the aws-sdk
but would have thought this is something Pulumi could do for me?wooden-queen-83060
10/21/2022, 10:45 AMicy-controller-6092
10/24/2022, 4:29 AMnew aws.iam.Policy('mypolicy', {
...,
policy: JSON.stringify({
... Resource: other.resource.arn ...
})
})
icy-controller-6092
10/24/2022, 4:30 AMicy-controller-6092
10/24/2022, 4:36 AMpolicy: pulumi.output({ … }).apply(v => JSON.stringify(v))
little-cartoon-10569
10/26/2022, 5:45 AM"publishPath": "dist"
in my package.json, but I'm still getting all my files in /dist/..., and there's no /index.js to handle default imports, etc... 😞early-grass-93513
10/28/2022, 5:42 AMfast-island-38778
10/31/2022, 5:01 PMaws.iam.Role.get
requires an id
input which is the`The unique provider ID of the resource to lookup` .
I am using the default AWS provider, pulumi stack --show-ids
gives me the provider ID, but is there an example for how I can get this id
programmatically?careful-book-62830
11/01/2022, 8:37 PMpulumi
itself. Is there a way to not use module: "commonjs"
defined in here ?Thank you in advancethankful-gpu-3329
11/01/2022, 8:55 PMconst vpc = new awsx.ec2.Vpc("custom");
<- but according to @pulumi/awsx
this is insufficient/invalid.
https://joeysharesthings.com/9gyxocthankful-gpu-3329
11/01/2022, 8:56 PMexamples
in the repository. It has made getting started with everything a little frustrating.thankful-gpu-3329
11/01/2022, 9:05 PMpulumi up
using TS from the docs as well:
https://joeysharesthings.com/wHmxRM