https://pulumi.com logo
Title
r

refined-bear-62276

04/27/2021, 10:06 PM
Hello. I'm trying to set up the basic ecs service example, but I have some policy errors right from the start 😞
const cluster = new awsx.ecs.Cluster("testing");

// Create a listener to handle requests coming in on port 80.  This will automatically create a
// target group that also forwards the requests to targets in it at the same port.
const listener = new awsx.elasticloadbalancingv2.NetworkListener("nginx", {
  port: 80,
});

// Create a Service pointing to the well known 'nginx' image.  Supply the listener we just created
// in the `portMappings` section.  This will both properly connect the service and launched instances
// to the target group.
//
// For a Fargate service just replace this with `new awsx.ecs.FargateService`.
const nginx = new awsx.ecs.EC2Service("examples-nginx", {
  cluster,
  taskDefinitionArgs: {
    containers: {
      nginx: {
        image: "nginx",
        memory: 128,
        portMappings: [listener],
      },
    },
  },
  desiredCount: 2,
});

export let frontendURL = pulumi.interpolate`http://${listener.endpoint.hostname}/`;
aws:iam:RolePolicyAttachment (examples-nginx-task-fd1a00e5):
    error: 1 error occurred:
        * Error attaching policy arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess to IAM Role examples-nginx-task-8d887ee: NoSuchEntity: Policy arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess does not exist or is not attachable.
        status code: 404, request id: 496380b4-0994-4330-b79a-fd6d9cfdb227
 
  aws:iam:RolePolicyAttachment (examples-nginx-task-32be53a2):
    error: 1 error occurred:
        * Error attaching policy arn:aws:iam::aws:policy/AWSLambdaFullAccess to IAM Role examples-nginx-task-8d887ee: NoSuchEntity: Policy arn:aws:iam::aws:policy/AWSLambdaFullAccess does not exist or is not attachable.
        status code: 404, request id: 6747b5d7-4e4b-454a-86c1-41ed662aa065
b

billowy-army-68599

04/27/2021, 10:15 PM
can you link me to where they are in the docs? we'll get them fixed
you should be able to refer to
AWSLambda_FullAccess
r

refined-bear-62276

04/27/2021, 10:29 PM
I haven't used anything special regarding policy management... I found the tut in the doc: https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/awsx/lb/#network-load-balancer
sorry wrong link
and this github example doesn't work anymore either: https://github.com/pulumi/examples/blob/master/aws-ts-hello-fargate/index.ts
Maybe these policies are still used by pulumi
b

billowy-army-68599

04/27/2021, 11:09 PM
can you verify your deps are up to date?
r

refined-bear-62276

04/29/2021, 7:02 PM
So I've upgraded all my pulumi deps, wiped node_modules, yarn lock, and reinstalled, and I still get this error:
aws:iam:RolePolicyAttachment (examples-nginx-task-32be53a2):
    error: 1 error occurred:
        * Error attaching policy arn:aws:iam::aws:policy/AWSLambdaFullAccess to IAM Role examples-nginx-task-48e1259: NoSuchEntity: Policy arn:aws:iam::aws:policy/AWSLambdaFullAccess does not exist or is not attachable.
        status code: 404, request id: 964e52e2-4175-45a3-a613-5a72c28db2c6
 
  aws:iam:RolePolicyAttachment (examples-nginx-task-fd1a00e5):
    error: 1 error occurred:
        * Error attaching policy arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess to IAM Role examples-nginx-task-48e1259: NoSuchEntity: Policy arn:aws:iam::aws:policy/AmazonEC2ContainerServiceFullAccess does not exist or is not attachable.
        status code: 404, request id: 96e5ecb0-110b-4e84-addb-0588291cd166
my package.json:
"dependencies": {
    "@pulumi/aws": "^4.1.0",
    "@pulumi/awsx": "^0.22.0",
    "@pulumi/pulumi": "^3.1.0"
  },
actually I forgot to update awsx
a silly mistake, thanks for helping
works now
❤️