https://pulumi.com logo
Title
a

acceptable-plumber-31485

03/15/2023, 1:33 PM
I'm testing a code on getting an existing security group using the
.get
api/method from https://www.pulumi.com/registry/packages/aws/api-docs/ec2/securitygroup/ What is provider id? I'm currently on EC2 security group console specifically on the existing sg but I can't figure out what provider is.
I figured it out. It's the security group id. The provider id from the documentation confused me. Maybe it can be updated to
c

calm-cat-43230

03/15/2023, 2:14 PM
You’re right, the documentation could probably be a bit clearer on what “provider ID” really is. There’s oblique reference to this in https://www.pulumi.com/docs/intro/concepts/resources/names/#resource-names (as the physical name), and further clarification in https://www.pulumi.com/docs/intro/concepts/resources/get/, but the term “provider ID” isn’t defined anywhere (or, IIRC, used entirely consistently).
a

acceptable-plumber-31485

03/15/2023, 2:15 PM
Thank you
Do you know why Pulumi decided to make resource_name, id mandatory when we can use tags when doing a SecurityGroup.get()? We're using terraform data and we only supply tags to find the resource property like id, arn, etc.
c

calm-cat-43230

03/15/2023, 2:28 PM
Are you looking for this maybe? https://www.pulumi.com/registry/packages/aws/api-docs/ec2/getsecuritygroups/ It’s an
ec2
resource method; not immediately intuitive, but appears to be a common pattern for AWS constructions in Pulumi.
a

acceptable-plumber-31485

03/15/2023, 2:29 PM
This is my code. I'll check your link now
# Retrieve the security group object by name
existing_security_group = aws.ec2.SecurityGroup.get(
    resource_name=existing_security_group_name,
    id="sg-aaaaaaaaaaaaaaa",
    tags={"name": existing_security_group_name},
)
yeah, looks like that's what I want
Should I stop using the code I pasted?
I'm trying to reference my_sg inside aws.ec2.Instance but I'm getting an error referencing it with
my_sg.id
my_sg = aws.ec2.get_security_groups(tags={
    "name": "myhttp-sg",
})

instance = aws.ec2.Instance(
    resource_name="my-instance",
    instance_type="t2.micro",
    ami="ami-1111111111111",
    vpc_security_group_ids=[my_sg.id],
    tags=tags
)
and error
error: 1 error occurred:
    	* creating EC2 Instance: InvalidParameterValue: Value () for parameter groupId is invalid. The value cannot be empty
    	status code: 400, request id: 9f7a42d7-f64b-376a-8e10-bde2445d4770
I'm good. I got it working. I had to use ids property and set index to zero
c

calm-cat-43230

03/15/2023, 3:51 PM
Yes, it’s a list, so there’s a need to encode the assumption that it should only ever match one resource in your case (you may indeed want some sort of code to check for that), or you could just attach all SGs that you get back (which is more generalized, but may swallow a misconfiguration if you will never be needing that in your use case).
a

acceptable-plumber-31485

03/15/2023, 4:00 PM
Yep, was thinking about that too. Thank you.
s

stocky-restaurant-98004

03/15/2023, 6:51 PM
Didn't read the whole thread, but this is a common problem point of confusion. The ID is always the same as the value for
import
, so just check the Import section of the docs. In the meanwhile, if you could also upvote and/or comment on this issue, it would be helpful in prioritizing a fix: https://github.com/pulumi/pulumi/issues/11737