https://pulumi.com logo
#general
Title
# general
a

acceptable-army-69872

10/10/2019, 5:15 PM
I've been playing with the client VPN stuff, and it seems like the features aren't really flushed out. You can create a client vpn, and associate it with a subnet, but you can't assign the security groups, manage the routes, or the authorization. Does that sound right? If so, it's better than nothing, but could be better.
Does it make sense to do a ticket for something like that, or is this a "wait for upstream to have better support"
or is there a way to do arbitrary aws cli commands for gaps?
w

white-balloon-205

10/10/2019, 5:32 PM
Does it make sense to do a ticket for something like that, or is this a "wait for upstream to have better support"
In general, things like this would need to be addressed up-stream. We're happy to help drive visibility and potentially contribute to PRs - but I'd suggest first making sure there are tracking issues opened in the upstream repos.
or is there a way to do arbitrary aws cli commands for gaps?
Does CloudFormation have sufficient support? https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnendpoint.html If so, you can use https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/cloudformation/#Stack to deploy a single (or couple) resources using CloudFormation from within Pulumi. Else - you can also build a dynamic provider that wraps calls to
aws
calls for the CRUD operations. This is a little more work for sure - but possible and very flexible. https://github.com/pulumi/examples/blob/master/azure-ts-dynamicresource/cdnCustomDomain.ts is a complete example of this sort of thing.
a

acceptable-army-69872

10/10/2019, 6:34 PM
All of that is spectacular information. Thank you!