https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# aws
s
This message was deleted.
b
You likely got it with your last note - the node you’re running Pulumi on will need to be able to access the Postgres API, so if the Aurora RDS rejects that access, Pulumi won’t be able to connect.
🙌 1
t
Aaah, I suspected that might be the culprit, dang. And there's probably not an easy way around it I suppose? 😄
b
But generally you would run Pulumi for a node that has network access to it.
t
Technically it does through an SSH tunnel—changed the 
endpoint
parameter of the 
postgresql.Provider
to 
localhost
and now it works. The problem is that when the entire stack is provisioned at once (and setting up the bastion host through which the connection goes is part of it), establishing the SSH tunnel would have to be part of the program. Still, this is progress, so thank you a lot! 😄
b
Yep, you’d want to set up the bastion host to be able to do that 🙂
g
@thousands-area-40147 or your CI/CD runner to have that access
Github or gitlab runner can run on ECS. Technically pulumi program can run in lambda but I'd not risk that for timeouts. So if not ECS then AWS Code Deploy/Pipeline (but I hate AWS Code* services so that's pass for me)
t
We're only starting to adopt IaC, so I'll make sure to relay your input to the team! Thanks! 😄
g
hmm it depends on your experience but it wouldn't be a bad idea to hire a consultant for few hours just to give you some evaluation and tips how to move forward
t
Got someone already, I just want to be able to ask informed questions 😁
37 Views
Open in Slack
PreviousNext
Powered by