In order to automatically create a `ForwardingRule` for the Pulumi Community #google-cloud

In order to automatically create a `ForwardingRule...

red-area-47037

10/19/2020, 8:47 PM

In order to automatically create a

ForwardingRule

for the Firewall in Pulumi I am currently trying to extract the

Network tag

for the nodes in the nodepool. So far I wasnt successful. I tried to • Extract the network tags via nodeConfig: `pulumi.interpolate `${cluster.gkeCluster.nodeConfig.tags}`` => "" • Extract the network tags via nodePool[0].nodeConfig: `pulumi.interpolate `${cluster.gkeCluster.nodePools[0].nodeConfig.tags}`` => "" • Get one of the nodes via

export const instance = gcp.compute.getInstance( {name: "gke-cluster-default-pool-aaaaaa"});

=> The returned

GetInstanceResult

doesnt have a property tags ... So the first two calls just return an empty string, the third call returns an object which does not have a tags property.. TypeScript complains about it, although the call shoud return a

GetInstanceResult

, which should have the property tags... () In the Console I can see the Network Tags displayed on the VM Instance Details Page, the Instance Templates page ...

red-area-47037

10/19/2020, 9:27 PM

In the end if want to automatically create the Firewall rule as described here using Pulumi: https://github.com/bitnami-labs/sealed-secrets/blob/master/docs/GKE.md#master-to-node-firewall

red-area-47037

10/19/2020, 10:06 PM

I found a workaround: I specify my own custom tag as part of the nodeConfig when creating the cluster... this works and also the first two ways to extract the tags now return my custom tag, but not the one created by GCP itself ... 😞

Open in Slack

Previous Next