https://pulumi.com logo
#general
Title
# general
b

billions-lock-73409

03/18/2019, 1:48 AM
How are people structuring their larger pulumi infrastructure projects? I think I’ve abstracted the pieces of my application a bit too far and have circular dependencies happening now, is it common to just have all your infrastructure in a single file (IAM roles, lambdas, ECS task def. etc)?
Right now I have it broken out by AWS service (IAM, ECS, StateMachines, etc) and I’ve hit a point where things are depending on each other in a circle..
p

proud-artist-4864

03/18/2019, 3:13 AM
I’m structuring it in terms of how I think about the infrastructure, so network, naming, roles, scaling instead of the specific details
b

billions-lock-73409

03/18/2019, 2:02 PM
I see, in this case I’m using lambda, IAM and ECS and all 3 pulumi resource depend on some resource ARN of the others be it a ECS task definition arn, or lambda arn
Here is a section of a larger pulumi project that I’m a bit stuck on. https://github.com/Incisive/pulumi-question/tree/master/secrets_scanner If you look at
ecs.js
you’ll see that it’s including
iam.js
which is also including
ecs.js
. I had pulled the IAM roles back into the respective groups by just defining the roles within ECS and lambda etc, however the issue still remains that the roles need access to resource ARN’s, and so does the lambda / state machine code.
Hoping for some help here, in terraform the global resource graph makes this really easy, however by using the node module system and not some higher-level resource graph it’s making it hard to abstract the pieces into individual files. Would love to know if Pulumi has any ways of addressing this that maybe I’m not aware of yet 🙂
i

important-leather-28796

03/18/2019, 8:11 PM
I have a common package that is a sibling to the pulumi packages with shared code.
I use tsconfig
paths
mappings in the other packages to reuse the code via
import {x, y, z} from '@acme/pulumi'
b

billions-lock-73409

03/19/2019, 1:31 PM
Just want to follow up here, I managed to get it working again and ultimatley it ended up being heavily circular dependencies between my ECS, Lambda, IAM and step_functions files. I pulled out the “app like” infrastructure (mainly the state machine definition) into it’s own file. For anyone else who encounters this I used this library to help visualize the dependency graph: https://github.com/pahen/madge