Channels
pulumi-ai
package-authoring
pulumi-cdk
oracle-cloud-infrastructure
learn-pulumi-events
linen
registry
built-with-pulumi
pulumi-cloud
contribex
testingtesting321
hacktoberfest
cloudengineering
yaml
pulumi-crosscode
content-share
finops
multi-language-hackathon
office-hours
workshops
blog-posts
localstack
welcome
gitlab
pulumi-kubernetes-operator
jobs
aws
pulumi-deployments
dotnet
golang
announcements
java
pulumiverse
python
install
getting-started
cloudengineering-support
testingtesting123
hackathon-03-19-2020
typescript
google-cloud
contribute
azure
kubernetes
docs
automation-api
status
general
Title
b
bored-branch-92019
03/16/2023, 4:16 PMHi, I am new to pulumi and IAC in general so let me know if this is not the rirght place to ask this question.
I am currently trying to setup our companies initial infrastructure which I would like to use ECS + fargate services to keep the management of docker containers pretty low touch. I am currently envisioning a ECS cluster that will run three different example services.
- two of which will be accessible to the public internet which also have access to services within the VPC.
- web server
- api server
- One which is not but has access to other services within the VPC (ex: RDS)
- background workers
First given that I am new to IAC and pulumi I have been trying to follow the example here with Pulumi Crosswalk and changed it a bit (see thread for code).
The idea that I was going for with these tweaks was to use a public image
nginx:latesterror: Error: invocation of aws:ec2/getVpc:getVpc returned an error: invoking aws:ec2/getVpc:getVpc: 1 error occurred:
* no matching EC2 VPC found
at Object.callback (/snapshot/awsx/node_modules/@pulumi/pulumi/runtime/invoke.js:148:33)
at Object.onReceiveStatus (/snapshot/awsx/node_modules/@grpc/grpc-js/src/client.ts:338:26)
at Object.onReceiveStatus (/snapshot/awsx/node_modules/@grpc/grpc-js/src/client-interceptors.ts:426:34)
at Object.onReceiveStatus (/snapshot/awsx/node_modules/@grpc/grpc-js/src/client-interceptors.ts:389:48)
at /snapshot/awsx/node_modules/@grpc/grpc-js/src/call-stream.ts:276:24
at processTicksAndRejections (node:internal/process/task_queues:78:11)
error: Error: failed to register new resource pulumi-service [awsx:ecs:FargateService]: 2 UNKNOWN: invocation of aws:ec2/getVpc:getVpc returned an error: invoking aws:ec2/getVpc:getVpc: 1 error occurred:
* no matching EC2 VPC foundThe code I am running into this issue with.
Also the package versions are list below but should be the latest since this a brand new create stack.
`@pulumi/aws`: 5.31.0
`@pulumi/awsx`: 1.0.2
@pulumi/pulumib
billowy-army-68599
03/16/2023, 4:40 PM@bored-branch-92019 you’re not passing the vpc configuration to your fargate service, so it’s trying to use the default which doesn’t exist. take a look at the network configuration settings in awsx.ecs.fargateservice
b
bored-branch-92019
03/16/2023, 6:51 PMFollow up question If I wanted to use an existing VPC + security groups + subnets. Is there a way to import them while making it absolutely 100% immutable so that pulumi never tries to change, update, delete those resources but just references them for use in building other net new infra?
I ask because the ECS + Fargate service side would all be new to our company but we have several other setups within a VPC not managed by any IAC (right now 😏 ) that would very bad if they were updated by pulumi.
b
billowy-army-68599
03/16/2023, 7:12 PMyou can set
protectalternatively you can just reference them with aws.ec2.getVpc
b
bored-branch-92019
03/16/2023, 7:35 PM:thank-you: I will give this a try.