How are people structuring their larger pulumi infrastructur Pulumi Community #general

How are people structuring their larger pulumi inf...

billions-lock-73409

03/18/2019, 1:48 AM

How are people structuring their larger pulumi infrastructure projects? I think I’ve abstracted the pieces of my application a bit too far and have circular dependencies happening now, is it common to just have all your infrastructure in a single file (IAM roles, lambdas, ECS task def. etc)?

billions-lock-73409

03/18/2019, 1:49 AM

Right now I have it broken out by AWS service (IAM, ECS, StateMachines, etc) and I’ve hit a point where things are depending on each other in a circle..

proud-artist-4864

03/18/2019, 3:13 AM

I’m structuring it in terms of how I think about the infrastructure, so network, naming, roles, scaling instead of the specific details

billions-lock-73409

03/18/2019, 2:02 PM

I see, in this case I’m using lambda, IAM and ECS and all 3 pulumi resource depend on some resource ARN of the others be it a ECS task definition arn, or lambda arn

billions-lock-73409

03/18/2019, 7:38 PM

Here is a section of a larger pulumi project that I’m a bit stuck on. https://github.com/Incisive/pulumi-question/tree/master/secrets_scanner If you look at

ecs.js

you’ll see that it’s including

iam.js

which is also including

ecs.js

. I had pulled the IAM roles back into the respective groups by just defining the roles within ECS and lambda etc, however the issue still remains that the roles need access to resource ARN’s, and so does the lambda / state machine code.

billions-lock-73409

03/18/2019, 7:39 PM

Hoping for some help here, in terraform the global resource graph makes this really easy, however by using the node module system and not some higher-level resource graph it’s making it hard to abstract the pieces into individual files. Would love to know if Pulumi has any ways of addressing this that maybe I’m not aware of yet 🙂

important-leather-28796

03/18/2019, 8:11 PM

I have a common package that is a sibling to the pulumi packages with shared code.

important-leather-28796

03/18/2019, 8:14 PM

related discussion link with my shared code package.json and a tsconfig https://pulumi-community.slack.com/archives/C84L4E3N1/p1551983441247900?thread_ts=1551829612.148800&cid=C84L4E3N1

important-leather-28796

03/18/2019, 8:15 PM

I use tsconfig

paths

mappings in the other packages to reuse the code via

import {x, y, z} from '@acme/pulumi'

billions-lock-73409

03/19/2019, 1:31 PM

Just want to follow up here, I managed to get it working again and ultimatley it ended up being heavily circular dependencies between my ECS, Lambda, IAM and step_functions files. I pulled out the “app like” infrastructure (mainly the state machine definition) into it’s own file. For anyone else who encounters this I used this library to help visualize the dependency graph: https://github.com/pahen/madge

Open in Slack

Previous Next