abundant-knife-92318
09/27/2023, 4:46 PMWebAppComponent
is a simple wrapper that constructs a WebApp
, AppServicePlan
, and WebAppSlot
)
public void UpdateAccessList(WebAppComponent webApp)
{
_ = webApp.Resource.PossibleOutboundIpAddresses.Apply(
outboundIps => outboundIps.Split(",").Select(
outboundIp => new ProjectIpAccessList(NameGenerator.MongoIpAccessRule(outboundIp), new ProjectIpAccessListArgs
{
Comment = webApp.Resource.Name.Apply(x => $"Azure AppService - {x}"),
IpAddress = outboundIp,
ProjectId = Resource.ProjectId,
}, new CustomResourceOptions
{
Provider = MongoProvider.Provider,
DependsOn = { webApp.Resource, Resource }
})
).ToList());
}
Which is super, until at some point Pulumi (arguably, reasonably) decides that all these resources need to be deleted because subsequent previews don't include them 😄
EDIT: It seems that if you go through with the update pulumi doesn't actually delete the ProjectIpAccessList
resources - presumably because the value of the .apply
becomes available during the run, but this is not available at preview
time. I wonder if this could be solved by making the PossibleOutboundIpAddresses
property an output so that it is available for subsequent runs of up
?stocky-restaurant-98004
09/27/2023, 4:59 PMabundant-knife-92318
09/27/2023, 5:01 PMstocky-restaurant-98004
09/27/2023, 5:01 PMforeach id in subnetIds
.abundant-knife-92318
09/27/2023, 5:02 PMstocky-restaurant-98004
09/27/2023, 5:03 PMProjectIpAccessList
in a separate stack if the overhead is worth the safety you'd get.abundant-knife-92318
09/27/2023, 5:05 PMstocky-restaurant-98004
09/28/2023, 10:02 PM/32
for these rules (i.e. a single IP), you might be able to avoid the apply. Could you maybe provision the public IP separately and pass it through?