hi folks! I'm struggling a bit with some aws resou...
# general
hi folks! I'm struggling a bit with some aws resources in my Pulumi program. I have some security groups like this:
Copy code
const workersIngressSelf = new aws.ec2.SecurityGroupRule(`${name}-workers-ingress-self`, {
      description: "Allow node to communicate with each other.",
      protocol: "-1",
      securityGroupId: workersGroup.id,
      sourceSecurityGroupId: securityGroup.id,
      fromPort: 0,
      toPort: 65535,
      type: "ingress",
these fail at runtime like this:
Copy code
error: Error: failed to register new resource test-cell-cluster-security-groups-workers-ingress-self [aws:ec2/securityGroupRule:SecurityGroupRule]: 2 UNKNOWN: Failed to parse true: json: cannot unmarshal bool into Go value of type []interface {}
I can also reproduce this with
and i'm not really sure what the deal is - anyone know how i can debug this?
Have you got a transformation or something that might be setting a value into one of other properties? That code looks ok to me.
i don't, no.
Copy code
I0123 16:45:24.972907   88746 schema.go:660] Terraform input security_group_id = "74D93920-ED26-11E3-AC10-0800200C9A66"
    I0123 16:45:24.972913   88746 schema.go:660] Terraform input source_security_group_id = "74D93920-ED26-11E3-AC10-0800200C9A66"
    I0123 16:45:24.972916   88746 schema.go:660] Terraform input to_port = 443
    I0123 16:45:24.972918   88746 schema.go:660] Terraform input type = "ingress"
    I0123 16:45:24.972921   88746 schema.go:660] Terraform input description = "Allow pods to communicate with the EKS cluster API."
    I0123 16:45:24.972924   88746 schema.go:660] Terraform input from_port = 443
    I0123 16:45:24.972926   88746 schema.go:660] Terraform input protocol = "tcp"
    I0123 16:45:24.973168   88746 schema.go:1064] Terraform output description = {Allow pods to communicate with the EKS cluster API.}
    I0123 16:45:24.973175   88746 schema.go:1064] Terraform output fromPort = {443}
    I0123 16:45:24.973179   88746 schema.go:1064] Terraform output protocol = {tcp}
    I0123 16:45:24.973183   88746 schema.go:1064] Terraform output type = {ingress}
    I0123 16:45:24.973186   88746 schema.go:1064] Terraform output id = {}
    I0123 16:45:24.973188   88746 schema.go:1064] Terraform output toPort = {443}
    I0123 16:45:24.973191   88746 schema.go:1064] Terraform output self = {false}
I don't see any magic "true"s appearing
Hmm, must be go-yaml decode, so I guess that's not much help.
Maybe try a different version, replace sourceSecurityGroupId with self: true maybe, and see if different versions of the API call produce the same error,.
yeah, kind of unfortunate.
self: true
doesn't help either
What version of the AWS provider are you using? Maybe the API has been changed?
Copy code
$ pulumi plugin ls
aws     resource  6.18.2   598 MB  46 minutes ago  46 minutes ago
awsx    resource  2.4.0    81 MB   46 minutes ago  46 minutes ago
docker  resource  4.5.1    48 MB   46 minutes ago  46 minutes ago
docker  resource  3.6.1    38 MB   46 minutes ago  46 minutes ago

TOTAL plugin cache size: 765 MB
also 6.18.2 in my package.json
i wish i knew which property was failing to parse, that would be a huge hint
I can't even tell if it's a problem building the API request, or parsing the API response...
Or even building the state, it could be there too.
oh, I think i might know why this is
Copy code
$ pulumi config 
KEY                               VALUE
pulumi:disable-default-providers  true
and I am not passing a provider to these resources
Ah. The error message was actively misleading!
It was just that it was the first resource that used the default provider.
yep! dang.
Well spotted, and it's easy to fix. Maybe it'd be worth adding a policy or a stack transformation that throws an error in that case, since that error is so unhelpful.
Actually, if you're good at writing lint rules, that'd be the best way to go.