This message was deleted.

Perhaps you're executing against the wrong region?

Thanks Dan for looking into this. I did verified the region and availability zone, it is the same us-east1

Can you share the full program?

"""An AWS Python Pulumi program"""

import pulumi

from pulumi_aws import s3, ec2

# Create an AWS resource (S3 Bucket)

bucket = s3.Bucket('my-bucket')

# Export the name of the bucket

pulumi.export('bucket_name', bucket.id)

sg = ec2.SecurityGroup("web-server-sg", description="Test")

allow_ssh = ec2.SecurityGroupRule("AllowSSH", type="ingress",

from_port=22, to_port=22,

protocol="tcp", cidr_blocks=["0.0.0.0/0"], security_group_id=sg.id)

allow_http = ec2.SecurityGroupRule("AllowHTTP", type="ingress",

from_port=80, to_port=80,

protocol="tcp", cidr_blocks=["0.0.0.0/0"], security_group_id=sg.id)

allow_all = ec2.SecurityGroupRule("AllowAll", type="egress",

from_port=0, to_port=0,

protocol="-1", cidr_blocks=["0.0.0.0/0"], security_group_id=sg.id)

ec2_instance = ec2.Instance("web-server",

ami="ami-03a6eaae9938c858c",

instance_type="t3.nano",

key_name="test1",

vpc_security_group_ids=[sg.id],

tags = {"Name": "web"}

#  subnet_id = "subnet-03d7502aaa49932d8"

)

pulumi.export("public_ip", ec2_instance.public_ip)

OK, that all seems reasonable. Generally, folks will use a “getter” function to look up existing resources (like the default VPC and its subnets) and then use those values instead of hardcoding a subnet ID. However, it’s not clear to me if that’s required or just a best practice. Let me dig around a bit and see what I can find.