https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# getting-started
s
This message was deleted.
b
you need to create a provider, which language are you using?
ah, looks like python:
Copy code
database = aws.rds.Instance(
            f"my-db",
    # other options here
        )

db_provider = postgresql.Provider(
    "rds-db",
    host=database.address,
    port=database.port,
    username=database.username,
    password=database.password,
)
then once you’ve done that, pass the provider to the role, eg;
Copy code
postgres_db = postgresql.Database(
    "thedb",
    name="an internal db"
    owner=database.username,
    opts=pulumi.ResourceOptions(provider=db_provider, parent=db_provider),
)
c
That looks much more sensible than the mess I've been gluing together 🙂 Let me try.
While I am doing this, I notice a quirk in my code. I create a random password for the db master user with 
aws.secretsmanager.get_random_password()
and the feed this value to 
aws.rds.Instance(password=random_password.random_password)
The undesired side effect is that the password is re-generated every time i run 
pulumi up
needlessly increasing my wait time. Is there a way to say "only generate a random password if the instance is being created but leave it unchanged otherwise"?
b
I’d use the pulumi-random provider for that instead
c
With the help of docs and Pulumi's ChatGPT I ended up with
Copy code
random_password_provider = random.RandomPassword(
    random_password_resource_name,
    length=16,
    min_lower=1,
    min_numeric=1,
    min_special=1,
    min_upper=1,
    keepers={
        "engine": engine,
        "instance_class": db_instance_class,
        "username": master_db_username,
    },
)
aws.rds.Instance(
password=random_password_provider.result,
....
)
It's wild guess what may justify regeneration of the password. Is there a better way whereby Pulumi can decide to call the random password provider only when it is creating the 
rds.Instance()
?
Open in Slack
PreviousNext
Powered by