https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# general
s
This message was deleted.
b
Right now I have it broken out by AWS service (IAM, ECS, StateMachines, etc) and I’ve hit a point where things are depending on each other in a circle..
p
I’m structuring it in terms of how I think about the infrastructure, so network, naming, roles, scaling instead of the specific details
b
I see, in this case I’m using lambda, IAM and ECS and all 3 pulumi resource depend on some resource ARN of the others be it a ECS task definition arn, or lambda arn
Here is a section of a larger pulumi project that I’m a bit stuck on. https://github.com/Incisive/pulumi-question/tree/master/secrets_scanner If you look at 
ecs.js
you’ll see that it’s including 
iam.js
which is also including 
ecs.js
. I had pulled the IAM roles back into the respective groups by just defining the roles within ECS and lambda etc, however the issue still remains that the roles need access to resource ARN’s, and so does the lambda / state machine code.
Hoping for some help here, in terraform the global resource graph makes this really easy, however by using the node module system and not some higher-level resource graph it’s making it hard to abstract the pieces into individual files. Would love to know if Pulumi has any ways of addressing this that maybe I’m not aware of yet 🙂
i
I have a common package that is a sibling to the pulumi packages with shared code.
I use tsconfig 
paths
mappings in the other packages to reuse the code via 
import {x, y, z} from '@acme/pulumi'
b
Just want to follow up here, I managed to get it working again and ultimatley it ended up being heavily circular dependencies between my ECS, Lambda, IAM and step_functions files. I pulled out the “app like” infrastructure (mainly the state machine definition) into it’s own file. For anyone else who encounters this I used this library to help visualize the dependency graph: https://github.com/pahen/madge
Open in Slack
PreviousNext
Powered by