https://pulumi.com logo
Join Slack
Powered by
Hi, I am new to pulumi and IAC in general so let m...
# aws
b
Hi, I am new to pulumi and IAC in general so let me know if this is not the rirght place to ask this question. I am currently trying to setup our companies initial infrastructure which I would like to use ECS + fargate services to keep the management of docker containers pretty low touch. I am currently envisioning a ECS cluster that will run three different example services. - two of which will be accessible to the public internet which also have access to services within the VPC. - web server - api server - One which is not but has access to other services within the VPC (ex: RDS) - background workers First given that I am new to IAC and pulumi I have been trying to follow the example here with Pulumi Crosswalk and changed it a bit (see thread for code). The idea that I was going for with these tweaks was to use a public image 
nginx:latest
(for example) + add a ALB as well just to make sure that this works and I can reach it at a public IP. However I am running into the following issue and not really sure what the issue is
Copy code
error: Error: invocation of aws:ec2/getVpc:getVpc returned an error: invoking aws:ec2/getVpc:getVpc: 1 error occurred:
      * no matching EC2 VPC found


        at Object.callback (/snapshot/awsx/node_modules/@pulumi/pulumi/runtime/invoke.js:148:33)
        at Object.onReceiveStatus (/snapshot/awsx/node_modules/@grpc/grpc-js/src/client.ts:338:26)
        at Object.onReceiveStatus (/snapshot/awsx/node_modules/@grpc/grpc-js/src/client-interceptors.ts:426:34)
        at Object.onReceiveStatus (/snapshot/awsx/node_modules/@grpc/grpc-js/src/client-interceptors.ts:389:48)
        at /snapshot/awsx/node_modules/@grpc/grpc-js/src/call-stream.ts:276:24
        at processTicksAndRejections (node:internal/process/task_queues:78:11)
    error: Error: failed to register new resource pulumi-service [awsx:ecs:FargateService]: 2 UNKNOWN: invocation of aws:ec2/getVpc:getVpc returned an error: invoking aws:ec2/getVpc:getVpc: 1 error occurred:
      * no matching EC2 VPC found
The code I am running into this issue with. Also the package versions are list below but should be the latest since this a brand new create stack. `@pulumi/aws`: 5.31.0 `@pulumi/awsx`: 1.0.2 
@pulumi/pulumi
: 3.58.0
index.ts
b
@bored-branch-92019 you’re not passing the vpc configuration to your fargate service, so it’s trying to use the default which doesn’t exist. take a look at the network configuration settings in awsx.ecs.fargateservice
b
Follow up question If I wanted to use an existing VPC + security groups + subnets. Is there a way to import them while making it absolutely 100% immutable so that pulumi never tries to change, update, delete those resources but just references them for use in building other net new infra? I ask because the ECS + Fargate service side would all be new to our company but we have several other setups within a VPC not managed by any IAC (right now 😏 ) that would very bad if they were updated by pulumi.
b
you can set 
protect
on those resources so that it won’t modify any immutable properties
alternatively you can just reference them with aws.ec2.getVpc
b
🙏 I will give this a try.
Open in Slack
PreviousNext
Powered by