This message was deleted.

sparse-intern-71089

03/14/2021, 5:37 PM

This message was deleted.

tall-librarian-49374

03/14/2021, 7:17 PM

PodIdentityProfile

seems to be a property of

ManagedCluster

. Why don’t you define it as part of the cluster definitions, similar to https://www.pulumi.com/docs/reference/pkg/azure-native/containerservice/managedcluster/#create-managed-cluster-with-podidentity-enabled ?

tall-librarian-49374

03/14/2021, 7:18 PM

Is there a recommended way to perform updates on existing resources?

We recommend you avoid the need for this, if possible. Aren’t you defining the cluster in your program?

gray-nail-14734

03/14/2021, 10:29 PM

Hi @tall-librarian-49374. If I define my

PodIdentityProfile

as part of my

ManagedCluster

definition as such:

PodIdentityProfile = new ManagedClusterPodIdentityProfileArgs

Enabled = true,

UserAssignedIdentities = new ManagedClusterPodIdentityArgs

Identity = new UserAssignedIdentityArgs

ClientId = pod_identity.ClientId.Apply(id => id),

ObjectId = pod_identity.PrincipalId.Apply(id => id),

ResourceId = pod_identity.Id.Apply(id => id)

},

Name = "pod-id-tag",

Namespace = "pod-id"

},

I get the following error:

azure-native:containerservice:ManagedCluster (auto-aks):

error: Code="PodIdentityAddonUserAssignedIdentitiesNotAllowedInCreation" Message="PodIdentity addon does not support assigning pod identities on creation."

This lines up with the AZ CLI which first has me create the aks cluster with the

--enable-pod-identity

flag, and then use

az aks update

to actually set the pod identity info. I'm trying to figure out how to set my user identity for my pod identity, but can't seem to figure it out.

gray-nail-14734

03/14/2021, 10:32 PM

The problem is that the

PodIdentityProfile

isn't editable after creation (which makes sense).

tall-librarian-49374

03/15/2021, 7:21 AM

This doesn’t answer your question but I opened https://github.com/Azure/azure-rest-api-specs/issues/13417 to track a potential fix upstream

gray-nail-14734

03/15/2021, 10:51 AM

Thanks @tall-librarian-49374. I'll keep an eye on it. And just for my knowledge, since I'm new to Pulumi, what is the recommended approach if you need to update an existing resource in Pulumi? For example, if I decide to enable the cluster autoscaler after the cluster has been created? Thank you!

tall-librarian-49374

03/15/2021, 1:05 PM

You change your program and run

pulumi up

again. Or did I misunderstand the question?

gray-nail-14734

03/15/2021, 4:47 PM

Thanks again @tall-librarian-49374 ... yes, that helps. Really appreciate the help here. Thank you!

average-spoon-16995

03/18/2021, 9:50 AM

did u solve the problem?

gray-nail-14734

03/19/2021, 9:59 PM

Yes, that did solve my problem. I ended up using some configuration to run my Stack, but only performing certain actions if it's a

create

versus an

update

average-spoon-16995

03/22/2021, 11:32 AM

aha ok! thnx!

4 Views

Open in Slack

Previous Next

Pulumi Community

No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.