Hi, I am evaluating Pulumi for our projects. I'd like to find a best practice on how to add Tags for existing subnet? Any suggestion? Here is the code that cannot work properly.

(async () => {
    publicSubnets = await vpc.publicSubnets;
    publicSubnets.forEach(
        sub => {
            // console.log(sub.id);
            new aws.ec2.Tag('',{
               resourceId: sub.id,
               key: '<http://kubernetes.io/role/elb|kubernetes.io/role/elb>',
               value: '1'
            });
        }
    );
})();

Are these subnets that are created as part of the same pulumi project?

Yes, they are created with VPC automatically by default. But it is still nice if I can find a way to add tag on existing subnets. In enterprise use case, it is common the network architect create subnet and assign to teams.

Ok so I'm not sure what you're doing with

await vpc.publicSubnets

which is where my confusion lies. But what you should be doing is using the

Get Existing Subnet

function. That is here: https://www.pulumi.com/registry/packages/aws/api-docs/ec2/subnet/#look-up Or, you can use this function to get a list of subnets from an existing VPC: https://www.pulumi.com/registry/packages/aws/api-docs/ec2/getsubnetids/ Once you have the result of either function you can use the subnet ID to instantiate your

aws.ec2.Tag

resource. This should not need to occur within an async context. In either case, you want to make sure you are not using the

aws.ec2.Tag

resource to add tags to a resource that is also being managed from the same pulumi project. Because for instance in the case of a subnet your separate

aws.ec2.Tag

resource will conflict with the values you provided the

aws.ec2.SubnetArgs.Tags

property.

In the definition export declare class Vpc

get publicSubnets(): Promise<x.ec2.Subnet[]>;

I am using await to resolve the Promise. This is what I want to do: 1. Create a VPC 2. Create a EKS cluster with that VPC 3. Get Public Subnets of that VPC 4. Attach Tags kubernetes.io/role/elb=1 to each public subnet However, when I get subnet.tags, it always says the properties is null.

What is

x

? Are you using crosswalk? And if so what version of crosswalk are you using?

I am not using crosswalk

so where is

publicSubnets()

function coming from? Is that something you defined? Are you using

EKS

provider?

Is the awsx library call crosswalk? if it is, sorry for the confusing

Yes it is called CrossWalk, sorry. Note that the

awsx

resources are

ComponentResources

. Meaning they contain declarations of

aws

provider resources with common settings. So if you look at the implementation of

awsx.ec2.Vpc

here you'll see that it is declaring an instance of

awsx.ec2.Subnet

which if you follow that you will see that that declares and instance of

aws.ec2.Subnet

here. So that is where your "default" subnets are coming from. Point being that that are managed by your pulumi project. So in your current scenario, if you want to add tags to those subnets you should do it before they are created. You should do this by passing some information to the

subnets

property of

awsx.ec2.VpcArgs

which is here, the

awsx.ec2.VpcSubnetArgs

type has a

tags

property. If you want to add tags to a subnet that already exists, it can't be managed by the same pulumi project - and in this case you can just use the method I mentioned above already.

Got it, thx for the guide