https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# aws
s
This message was deleted.
b
can you share the code you have any the problem you're facing?
t
I’m doing
Copy code
db_user = mysql.User(
    resource_name="db-user",
    user="actualuser",
  plaintext_password=secret_from_config,
    host=rds_instance.address,
    opts=mysql_opts)
where 
mysql_opts
is:
Copy code
mysql_provider = mysql.Provider(
    resource_name="db-provider",
    endpoint=rds_instance.endpoint,
    username=rds_instance.username,
    password=config_secret,
)

mysql_opts = pulumi.ResourceOptions(provider=mysql_provider)
In my RDS instance pulumi statement I’m creating an 
admin
account and I can successfully use it to connect to the db and run sql commands using the 
mysql
CLI Doing sth like this to connect:
Copy code
mysql -h <http://somelongstring.us-west-2.rds.amazonaws.com|somelongstring.us-west-2.rds.amazonaws.com> -u admin -p
So I think the RDS is getting correctly set up… it’s just these other 
mysql
library additional statements that I’m having trouble with.
If I run 
select user from mysql.user;
I even see the username 
actualuser
in the results printed however when I try to log-in with that same 
mysql
CLI I typed above I get Access Denied
Also if I connect to the db using the 
admin
user and the CLI as I mentioned above and manually create a new user I have no problem granting them permissions or then using that new user with the CLI to connect back to the db… Just the user created through Pulumi mysql provider that is having issues.
b
I suspect the issue might be related to 
plaintext_password
- that takes a string, and your 
secret_from_config
will actually be an output, so you may need to wrap it in an apply. Can you verify it's that by setting 
plaintext_password
manually?
👍 1
t
tried with a simple string…. still can’t use the 
mysql
CLI to access the db with that user due to Access Denied
b
you should be able to see the logs and verify the password is being set in mysql, i'd go there next
ohhh I just realized this is why: https://www.pulumi.com/docs/reference/pkg/mysql/user/#host_nodejs the host you've set for the user is the rds instance address, try this
Copy code
db_user = mysql.User(
    resource_name="db-user",
    user="actualuser",
  plaintext_password=secret_from_config,
    host=0.0.0.0,
    opts=mysql_opts)
@tall-winter-40504
t
Wow I just noticed the same 😛
Literally seconds before you sent me that message. It’s good to get confirmation from someone else though… I haven’t tried it yet.
I also only noticed maybe I’m using the wrong host value but wasn’t sure what to put there so thanks for the 
0.0.0.0
suggestion 😛
Hmm still Access Denied 😞
grant
was the other smoking gun I found in the logs
Nvm based on documentation doesn’t seem related.
Trying host 
%
next
THAT DID IT!
ok so it appears I do need 
grant=True
after all
Earlier when I said I successfully got it to work… that line was left in my code from an earlier experiment… I removed it assuming it was a failed experiment now that I had finally gotten things to work but that just broke things again.
Based on the documentation for what that parameter should be doing, this behavior seems incorrect.
Should I file a bug somewhere?
See output below with and without `grant=True`:
Copy code
mysql> show grants for webserver;
+---------------------------------------------------------+
| Grants for webserver@%                                  |
+---------------------------------------------------------+
| GRANT PROCESS ON *.* TO `webserver`@`%`                 |
| GRANT ALL PRIVILEGES ON `databasename`.* TO `webserver`@`%` |
+---------------------------------------------------------+
2 rows in set (0.03 sec)

mysql> show grants for webserver;
+---------------------------------------+
| Grants for webserver@%                |
+---------------------------------------+
| GRANT USAGE ON *.* TO `webserver`@`%` |
+---------------------------------------+
1 row in set (0.03 sec)
3 Views
Open in Slack
PreviousNext
Powered by