magnificent-soccer-44287
01/27/2024, 4:36 AMDiagnostics:
aws:s3:Bucket (pmb-main-app-bucket):
error: connection error: desc = "transport: Error while dialing: dial tcp 127.0.0.1:38887: connect: connection refused
magnificent-soccer-44287
01/27/2024, 4:36 AMimport * as aws from "@pulumi/aws";
import * as pulumi from "@pulumi/pulumi";
export const createMainAppBucket = (iamUser: aws.iam.User) => {
const pmbAppBucket = new aws.s3.Bucket('pmb-main-app-bucket', {
bucket: 'pmb-main-app-bucket',
}, { protect: true });
const pmbBucketOwnershipControls = new aws.s3.BucketOwnershipControls('pmb-bucket-oc', {
bucket: pmbAppBucket.id,
rule: {
objectOwnership: "BucketOwnerPreferred",
},
});
const pmbAppBucketPolicy = new aws.iam.Policy('pmb-main-app-s3-policy', {
policy: {
Version: "2012-10-17",
Statement: [{
Effect: "Allow",
Action: [
"s3:*"
],
Resource: [
pmbAppBucket.arn.apply(arn => `${arn}/*`),
pmbAppBucket.arn.apply(arn => `${arn}`)
],
}],
},
}, { dependsOn: [pmbBucketOwnershipControls] });
const pmbAppBucketPolicyLink = new aws.iam.UserPolicyAttachment('pmb-main-app-s3-attachment',
pulumi.all([iamUser.name, pmbAppBucketPolicy.arn]).apply(([user, policyArn]) => {
return { user, policyArn }
}));
const pmbAppBucketAccessBlock = new aws.s3.BucketPublicAccessBlock('pmb-main-app-s3-ab', {
bucket: pmbAppBucket.id,
blockPublicAcls: false,
blockPublicPolicy: false,
});
return pmbAppBucket;
}
magnificent-soccer-44287
01/27/2024, 4:36 AMmagnificent-soccer-44287
01/27/2024, 4:38 AMmagnificent-soccer-44287
01/27/2024, 4:45 AMmagnificent-soccer-44287
01/27/2024, 4:45 AMmagnificent-soccer-44287
01/27/2024, 5:16 AMpulumi:pulumi:Stack (pmb-main-dev):
panic: interface conversion: interface {} is nil, not map[string]interface {}
goroutine 101 [running]:
Trying to dig through source and find out what is happeningclever-sunset-76585
01/27/2024, 5:21 AMI just did a massive refactor on our stack to get it from thousands of lines down to something more manageable. pulumi up kept passing with the refactor but the resources were all created and each up was "no changes". When I tried to re-up the stack in a different AWS account, all hell broke loose.
Did you create a new stack to use with the new AWS account?
magnificent-soccer-44287
01/27/2024, 5:21 AMmagnificent-soccer-44287
01/27/2024, 5:21 AMexport const createEcsCluster = (name: string, logGroup?: aws.cloudwatch.LogGroup) =>
new aws.ecs.Cluster(name, {
name,
configuration: logGroup ? {
executeCommandConfiguration: {
logging: "OVERRIDE",
logConfiguration: {
cloudWatchLogGroupName: logGroup.name,
cloudWatchEncryptionEnabled: false,
s3BucketName: "",
s3KeyPrefix: ""
}
}
} : {}
});
And then in index:
const pmbMainAppCluster = createEcsCluster('ecs-main-app')
const pmbSidekiqCluster = createEcsCluster('ecs-sidekiq-app');
const pmbInfraCluster = createEcsCluster('ecs-infra', pmbServiceInfraLogGroup);
magnificent-soccer-44287
01/27/2024, 5:22 AMmagnificent-soccer-44287
01/27/2024, 5:22 AMconst pmbMainAppCluster = new aws.ecs.Cluster('ecs-main-app', {
name: 'ecs-main-app' });
const pmbSidekiqCluster = new aws.ecs.Cluster('ecs-sidekiq-app', {
name: 'ecs-sidekiq-app' });
const pmbInfraCluster = new aws.ecs.Cluster('ecs-infra', {
name: 'ecs-infra',
configuration: {
executeCommandConfiguration: {
logging: "OVERRIDE",
logConfiguration: {
cloudWatchLogGroupName: pmbServiceInfraLogGroup.name,
cloudWatchEncryptionEnabled: false,
s3BucketName: "",
s3KeyPrefix: ""
}
}
}
});
magnificent-soccer-44287
01/27/2024, 5:24 AMclever-sunset-76585
01/27/2024, 5:25 AMlogConfiguration
that you set when your parameter is false. Can you set it to undefined
or is it not optional and that's why you used an empty object?magnificent-soccer-44287
01/27/2024, 5:26 AMmagnificent-soccer-44287
01/27/2024, 5:26 AMmagnificent-soccer-44287
01/27/2024, 5:26 AMclever-sunset-76585
01/27/2024, 5:28 AMconfiguration
object. I think the problem might be that you are setting it to an empty object if logGroup
is false.magnificent-soccer-44287
01/27/2024, 5:28 AMmagnificent-soccer-44287
01/27/2024, 5:28 AMclever-sunset-76585
01/27/2024, 5:29 AMmagnificent-soccer-44287
01/27/2024, 5:29 AMmagnificent-soccer-44287
01/27/2024, 5:29 AM}, { dependsOn: DEV_USE_LAST_IMAGE ? [] : [pmbMainDockerImage] });
magnificent-soccer-44287
01/27/2024, 5:29 AMclever-sunset-76585
01/27/2024, 5:31 AMmagnificent-soccer-44287
01/27/2024, 5:31 AMclever-sunset-76585
01/27/2024, 5:31 AMmagnificent-soccer-44287
01/27/2024, 5:31 AMmagnificent-soccer-44287
01/27/2024, 5:33 AMnew aws.ecs.Cluster(name, {
name,
configuration: logGroup ? {
executeCommandConfiguration: {
logging: "OVERRIDE",
logConfiguration: {
cloudWatchLogGroupName: logGroup.name,
cloudWatchEncryptionEnabled: false,
s3BucketName: "",
s3KeyPrefix: ""
}
}
} : {}
});
if I elevate the ternary to the top-level object, ie.:
new aws.ecs.Cluster(name, {}); <--- switch that one
The issue goes awaymagnificent-soccer-44287
01/27/2024, 5:34 AMexport const createEcsCluster = (name: string, logGroup?: aws.cloudwatch.LogGroup) =>
new aws.ecs.Cluster(name, logGroup ? {
name,
configuration: {
executeCommandConfiguration: {
logging: "OVERRIDE",
logConfiguration: {
cloudWatchLogGroupName: logGroup.name,
cloudWatchEncryptionEnabled: false,
s3BucketName: "",
s3KeyPrefix: ""
}
}
}
} : { name });
worksclever-sunset-76585
01/27/2024, 5:35 AMconfiguration
, if specified, must have some properties defined in it. there must be some validation in there.
By using a top-level {}
, basically, you are leaving everything undefined
under it and because name
qualifies for auto-namimg, Pulumi can satisfy that requirement by itself without an explicitly provided value.magnificent-soccer-44287
01/27/2024, 5:37 AMclever-sunset-76585
01/27/2024, 5:37 AM