https://pulumi.com logo
Join Slack
Powered by
I’m not sure why I get this error: ``` Type ...
# aws
m
I’m not sure why I get this error:
Copy code
Type                       Name                                 Plan     Info
     pulumi:pulumi:Stack        outbound-proxy-sandbox.eu-central-1           
     └─ aws:ec2:LaunchTemplate  outbound-proxy-launch-template                1 error
 
Diagnostics:
  aws:ec2:LaunchTemplate (outbound-proxy-launch-template):
    error: aws:ec2/launchTemplate:LaunchTemplate resource 'outbound-proxy-launch-template' has a problem: Expected Object Type: Expected object, got string. Examine values at 'LaunchTemplate.IamInstanceProfile'.
I am declaring the object:
Copy code
const outboundProxyIamInstanceProfile = new aws.iam.InstanceProfile(`${appName}-instance-profile`, {
  role: outboundProxyInstanceRole,
});

const outboundProxyLaunchTemplate = new aws.ec2.LaunchTemplate(
  `${appName}-launch-template`,
  {
    namePrefix: `${appName}-`,
    iamInstanceProfile: outboundProxyIamInstanceProfile,
    ...
  },
  { dependsOn: outboundProxyIamInstanceProfile },
);
I can define it inline as an object… but then… lol…
Copy code
aws:iam:InstanceProfile (outbound-proxy-instance-profile):
    error: Duplicate resource URN 'urn:pulumi:sandbox.eu-central-1::outbound-proxy::aws:iam/instanceProfile:InstanceProfile::outbound-proxy-instance-profile'; try giving it a unique name
l
The _LaunchTemplate_'s iamInstanceProfile property is not an 
aws.iam.InstanceProfile
. It's an inline object with fields arn and name.
So you want
Copy code
const outboundProxyLaunchTemplate = new aws.ec2.LaunchTemplate(
  `${appName}-launch-template`,
  {
    namePrefix: `${appName}-`,
    iamInstanceProfile: {
      arn: outboundProxyIamInstanceProfile.arn,
      name: outboundProxyIamInstanceProfile.name
    },
    ...
  },
  { dependsOn: outboundProxyIamInstanceProfile },
);
🤦‍♂️ 1
m
Thank you for this!
So the only major blocker I have now is:
Copy code
* Error creating Auto Scaling Group: ValidationError: You must use a valid fully-formed launch template. Security group sg-024a9e83f1b59c229 and subnet subnet-90c3aaba belong to different networks.
        status code: 400, request id: f2e7928a-d319-4c5e-ade7-45a4ab5ab974
I’m confused about how to assign the correct subnet ids per instance.
l
Subnets and SGs are specific to VPCs. You can't put an instance in a subnet in VPC A and associate an SG from VPC B. Would that be the problem here?
m
Yes, in my case, I have one SG in VPC A, and each instance would be in VPC A, just a different AZ, so a different subnet. Are you saying I’ll need to create an SG per subnet in VPC A?
l
No. Just per VPC. SGs can be used by all resources within the same VPC.
m
Hmm, not sure why I’m getting the error then… the SG should be valid
l
What is "network" in the error message? I've never used ASGs / launch templates, so I'm missing a bit of context. Maybe for ASGs there's an additional requirement beyond same-VPC?
m
Can’t tell you right now, but I can get back to you tomorrow. That’s a good hint. Our VPC is using 
fromExistingId()
, so it could also be related to that.
👍 1
I can’t see the networks in the diff. Any idea how I can get these?
l
I don't even know what "networks" means in that error statement.. which is why I brought it up 🙂
Open in Slack
PreviousNext
Powered by