https://pulumi.com logo
Powered by
e

early-musician-41645

07/19/2019, 11:07 PM
Couldn't find any in github, and the interface docs for 
SecretVersion
aren't totally clear how to use it
w

white-balloon-205

07/19/2019, 11:44 PM
Any specific questions? This is an example:
Copy code
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const config = new pulumi.Config();
const secretstring = config.requireSecret("secretstrign")

// Create an AWS resource (S3 Bucket)
const secret = new aws.secretsmanager.Secret("mysecret");
const secretVersion = new aws.secretsmanager.SecretVersion("v1", {
    secretId: secret.id,
    secretString: secretstring,
});

// Export the name of the bucket
export const secretVersionARN = secretVersion.arn
e

early-musician-41645

07/24/2019, 5:18 PM
Sorry, forgot to follow up. That works, it's what I ended up doing.
@white-balloon-205 Followup question, I'm using this code but I am having no luck with converting 
pulumi.Output<string>
to a 
string
that I can use. Any hints?
Copy code
67   private async createKeypairSecret(): Promise<string> {
     68
     69     let key = new tls.PrivateKey(this.secretName, {
     70       algorithm: "RSA",
     71       rsaBits: 4096,
     72     });
     73
     74     key.privateKeyPem.apply((key: any) => { console.log("private key PEM: "+key) } );
     75     key.publicKeyOpenssh.apply((key: any) => { console.log("public key openssh: "+key) } );
     76     key.publicKeyPem.apply((key: any) => { console.log("public key PEM: "+key) } );
     77
     78     let privateKey = key.privateKeyPem;
     79     let publicKey = key.publicKeyOpenssh;
     80
     81     this.createSecret(publicKey, privateKey);
     82
     83     return publicKey;
     84   }
     85
     86   // Create an AWS secret resource
     87   private async createSecret(publicKey, privateKey) {
     88     let secretString =  {
     89       publicKey: publicKey,
     90       privateKey: privateKey
     91     };
     92
     93     const secret = new aws.secretsmanager.Secret(this.secretName, {
     94       name: this.secretName,
     95       description: "SSH keypair for worker nodes in an EKS cluster",
     96       tags: this.secretTags
     97     });
     98
     99     const secretVersion = new aws.secretsmanager.SecretVersion("v1", {
    100       secretId: secret.id,
    101       secretString: JSON.stringify(secretString),
    102     });
    103
    104   }
Errors:
Copy code
worker-ssh-keypair.ts(83,5): error TS2322: Type 'Output<string>' is not assignable to type 'string'.
    worker-ssh-keypair.ts(87,30): error TS7006: Parameter 'publicKey' implicitly has an 'any' type.
    worker-ssh-keypair.ts(87,41): error TS7006: Parameter 'privateKey' implicitly has an 'any' type.
w

white-balloon-205

07/24/2019, 7:40 PM
How are you using 
createKeypairSecret
? Are you passing that to a resource input? If so, it should presumably return an 
Output<string>
instead of 
Promise<string>
. It also doesn't look like it needs to be 
async
.
e

early-musician-41645

07/24/2019, 8:02 PM
I guess it doesn't really matter? The error is happening when I try to call 
createSecret
and the 
publicKey
and 
privateKey
are passed in.
createKeypairSecret is not passed to a resource input. Instead, I'm trying to get the 
publicKey
as a string which is passed to an 
eks.Cluster
resource
i.e. 
createKeypairSecret
is expected to return a 
string
Powered by