If you enable cluster logging in EKS, it creates a log group as a 'side effect', but it isn't directly exposed or added into Pulumi's state. I'd like to bring this resource under control of my pulumi program after it gets created so I can modify it (ruling out a simple

.get

), but the

import

resource option isn't designed for that use-case. Is there a way to import that resource during my programs initial run without resorting to importing it after the fact?

so are you importing it? how do you plan to use this? im curious because if you remove the “cluster logging” you will loose those logs but pulumi will want to create them

When you enable EKS logging, it creates a log group for you with unlimited retention. I want to manage that log group with pulumi so I can set the retention to 14d. Since this resource is created as a side-effect, I don't want to have to manually import it into my state after deployment, imo I should be able to specify that the resource is going to be created and I want it managed. The id resource option allows you to load an existing resource rather than have pulumi create it, so that allows me to get it into state. Unfortunately it looks like pulumi doesn't then allow you to apply changes to the resource though, eg this brings it into state but doesn't actually make the retention change:

this.clusterLogGroup = new aws.cloudwatch.LogGroup('eks-cluster-log-group', {
      name: pulumi.interpolate`/aws/eks/${this.clusterName}/cluster`,
      retentionInDays: 14
    }, {
      parent: this,
      dependsOn: this.eks,
      id: pulumi.interpolate`/aws/eks/${this.clusterName}/cluster`
    })