busy-napkin-83700
12/04/2023, 9:30 PMbusy-napkin-83700
12/04/2023, 9:32 PMaws:ssoadmin:PermissionSet (GRASP):
error: 1 error occurred:
* updating urn:pulumi:identity-center-mapping::Identity-Center::aws:ssoadmin/permissionSet:PermissionSet::GRASP: 1 error occurred:
* reading SSO Permission Set (arn,arn): operation error SSO Admin: DescribePermissionSet, failed to get rate limit token, retry quota exceeded, 1 available, 5 requested
aws:ssoadmin:PermissionSetInlinePolicy (Data-Developer-inline):
error: 1 error occurred:
* updating urn:pulumi:identity-center-mapping::Identity-Center::aws:ssoadmin/permissionSetInlinePolicy:PermissionSetInlinePolicy::Data-Developer-inline: 1 error occurred:
* putting SSO Permission Set (arn) Inline Policy: operation error SSO Admin: PutInlinePolicyToPermissionSet, failed to get rate limit token, retry quota exceeded, 1 available, 5 requested
pulumi:pulumi:Stack (Identity-Center-identity-center-mapping):
error: Error: invocation of aws:ssoadmin/getPermissionSet:getPermissionSet returned an error: invoking aws:ssoadmin/getPermissionSet:getPermissionSet: 1 error occurred:
* listing SSO Permission Sets: operation error SSO Admin: ListPermissionSets, failed to get rate limit token, retry quota exceeded, 0 available, 5 requested
dry-potato-52542
12/04/2023, 10:05 PMdry-potato-52542
12/04/2023, 10:05 PMdry-potato-52542
12/04/2023, 10:06 PMdry-potato-52542
12/04/2023, 10:06 PMdry-potato-52542
12/04/2023, 10:06 PMbusy-napkin-83700
12/04/2023, 10:07 PMbusy-napkin-83700
12/04/2023, 10:07 PMbusy-napkin-83700
12/04/2023, 10:08 PMdry-potato-52542
12/04/2023, 10:09 PMdry-potato-52542
12/04/2023, 10:09 PMdry-potato-52542
12/04/2023, 10:12 PMdry-potato-52542
12/04/2023, 10:12 PMbusy-napkin-83700
12/04/2023, 10:12 PMbusy-napkin-83700
12/04/2023, 10:13 PMdry-potato-52542
12/04/2023, 10:13 PMbusy-napkin-83700
12/04/2023, 10:14 PMdry-potato-52542
12/04/2023, 10:14 PMdry-potato-52542
12/04/2023, 10:14 PMdry-potato-52542
12/04/2023, 10:15 PMdry-potato-52542
12/04/2023, 10:16 PMdry-potato-52542
12/04/2023, 10:16 PMdry-potato-52542
12/04/2023, 10:16 PMbusy-napkin-83700
12/04/2023, 10:16 PMdry-potato-52542
12/04/2023, 10:16 PMbusy-napkin-83700
12/04/2023, 10:18 PMdry-potato-52542
12/04/2023, 10:18 PMbusy-napkin-83700
12/04/2023, 10:18 PMdry-potato-52542
12/04/2023, 10:18 PMbusy-napkin-83700
12/04/2023, 10:19 PMconst permissionSet = pulumi.output(aws.ssoadmin.getPermissionSet({
instanceArn: config.require("instanceArn"),
name: "PermissionSet",
}));
How would you put that in an async call?dry-keyboard-94795
12/04/2023, 10:29 PMdry-keyboard-94795
12/04/2023, 10:33 PMadaptive
busy-napkin-83700
12/04/2023, 10:38 PMbusy-napkin-83700
12/04/2023, 10:46 PMdry-keyboard-94795
12/04/2023, 10:53 PMpulumi up --parallel 4
, which may reduce the amount of concurrent calls to aws. Pulumi runs all resources in parallel by default.
You could also change from the getPermissionSet
function and instead use .get
methods. This will track the data in state instead of querying aws each time.
https://www.pulumi.com/docs/concepts/resources/get/busy-napkin-83700
12/04/2023, 10:57 PMbusy-napkin-83700
12/04/2023, 10:58 PM(default 2147483647)
lolbusy-napkin-83700
12/04/2023, 11:00 PMbusy-napkin-83700
12/04/2023, 11:01 PMdry-keyboard-94795
12/04/2023, 11:01 PMbusy-napkin-83700
12/04/2023, 11:02 PM- uses: pulumi/actions@v3
with:
color: auto
command: up --parallel 4
busy-napkin-83700
12/04/2023, 11:07 PMdry-potato-52542
12/04/2023, 11:48 PMdry-potato-52542
12/04/2023, 11:48 PMdry-potato-52542
12/04/2023, 11:49 PMdry-potato-52542
12/04/2023, 11:51 PMconst permissionSet = pulumi.output(
aws.ssoadmin.getPermissionSet({
instanceArn: config.require("instanceArn"),
name: "PermissionSet",
})
);
let otherResource("name", {
arg: permissionSet.arn
})
otherResource
in this depends on you ps.dry-potato-52542
12/04/2023, 11:51 PMdry-potato-52542
12/04/2023, 11:52 PMdry-potato-52542
12/04/2023, 11:57 PMlet psNames = ["PermissionSet", "PermissionSet2", "PermissionSet3"]
let dep = null;
let psList = [];
psNames.forEach(ps => {
let dependency = [];
if (dep) {
depends.push(dep);
}
let pulumiPs = aws.ssoadmin.getPermissionSet({instanceArn: config.require("instanceArn"), name: ps}, {dependsOn: dependency})
psList.push(pulumiPs);
dep = pulumiPs;
})
let otherResource("name", {
arg: psList[0].arn
})
dry-potato-52542
12/04/2023, 11:57 PMdry-potato-52542
12/04/2023, 11:58 PMdry-potato-52542
12/04/2023, 11:59 PMconst permissionSet = pulumi.output(aws.ssoadmin.getPermissionSet({
instanceArn: config.require("instanceArn"),
name: "PermissionSet",
}));
seems liek you resolving this is right awaydry-potato-52542
12/05/2023, 12:00 AMdry-potato-52542
12/05/2023, 12:02 AMawait call()
Better to use call.then(data => {})
dry-potato-52542
12/05/2023, 12:03 AMconst permissionSet = aws.ssoadmin.getPermissionSet({
instanceArn: config.require("instanceArn"),
name: "PermissionSet",
});
dry-potato-52542
12/05/2023, 12:03 AMpermissionSet.arn
will make pulumi resolve then values rather then you doing it manuallydry-potato-52542
12/05/2023, 12:03 AMdry-keyboard-94795
12/05/2023, 8:29 AMawait
.dry-keyboard-94795
12/05/2023, 8:32 AMdry-potato-52542
12/05/2023, 12:01 PMdependsOn
does not working? https://www.pulumi.com/docs/concepts/options/dependson/dry-potato-52542
12/05/2023, 12:02 PMdry-keyboard-94795
12/05/2023, 12:03 PMdependsOn
isn't supported for functions, only resourcesdry-keyboard-94795
12/05/2023, 12:06 PMAlso I may miss something but Control Tower has to do with AWS SSO?
It's a recently migrated aws api that's showing the same symptoms, a regression from changing the underlying sdk for that resource, which ssoadmin has also just undergone in TF.
dry-potato-52542
12/05/2023, 12:08 PMdry-potato-52542
12/05/2023, 12:09 PMdry-potato-52542
12/05/2023, 12:09 PMdry-keyboard-94795
12/05/2023, 12:12 PMdry-potato-52542
12/05/2023, 12:17 PMdry-potato-52542
12/05/2023, 12:18 PMdry-potato-52542
12/05/2023, 12:19 PMdry-potato-52542
12/05/2023, 12:19 PMdry-keyboard-94795
12/05/2023, 12:30 PMdry-potato-52542
12/05/2023, 12:35 PMdry-keyboard-94795
12/05/2023, 12:36 PMdry-potato-52542
12/05/2023, 12:37 PMdry-potato-52542
12/05/2023, 12:38 PMdry-potato-52542
12/05/2023, 12:39 PMdry-keyboard-94795
12/05/2023, 12:39 PMdry-potato-52542
12/05/2023, 12:40 PMdry-keyboard-94795
12/05/2023, 12:41 PMAWS_RETRY_MODE=adaptive
until pulumi up
succeeds with the new parameter.
Though I know you've worked around the issue by rolling back to an older versiondry-keyboard-94795
12/05/2023, 1:03 PMCan you bring some examples? How on you opinion AWS SDK inference throttling? I just don't understand your point
Different SDKs have different implementations. What I'm saying is is that the integration of the new sdk could be incorrect. Maybe because the v1 sdk didn't implement retries, tf had its own implementation that worked, and the v2 sdk doesn't retry as effectively as tf's implementation. https://github.com/hashicorp/terraform-provider-aws/commit/3de914de01c8ae37665b6fa8933c1cbb0699b097 Regardless, the reason behind the error doesn't matter.
dry-potato-52542
12/05/2023, 4:03 PMdry-potato-52542
12/05/2023, 4:04 PMdry-potato-52542
12/05/2023, 4:05 PMdry-potato-52542
12/05/2023, 4:05 PMdry-potato-52542
12/05/2023, 4:06 PMbusy-napkin-83700
12/05/2023, 6:41 PMretryMode: adaptive
maxRetries: 20
busy-napkin-83700
12/05/2023, 6:41 PMdry-potato-52542
12/05/2023, 7:10 PMdry-potato-52542
12/05/2023, 7:10 PM