https://pulumi.com logo
#general
Title
# general
f

flat-insurance-25294

01/09/2020, 12:15 PM
@white-balloon-205 Sorry I asked before, but not sure if you got it. Is there a way to create or refer to a resource? In this case it’s groups and users (aws IAM). I want to access a group and a user and create either if they don’t exist and add user to the said group if the association isn’t already set.
b

broad-dog-22463

01/09/2020, 1:31 PM
So you can code that exactly how you describe it - query for the group check the response and if it’s null then proceed to the create
f

flat-insurance-25294

01/09/2020, 1:31 PM
Oh shizzle. Could I use the || operator in typescript?
let route = aws.route53.getZone({name: defaultTags.stagingSubDomain}) || new aws.route53.Record(stagingSubDomain, {…}
b

broad-dog-22463

01/09/2020, 1:32 PM
Exactly :)
This is where the use of the programming language rather than a dsl is so powerful :)
f

flat-insurance-25294

01/09/2020, 1:34 PM
Yes sir, it’s a shame though that pulumi itself needs to run in order to activate. Now I got TypeScript (node runtime) piping out to Pulimi (typescript) Would have loved writing it all in TypeScript before loading up pulumi. Stuff like sorting/search files, setting configs and stacks.
b

broad-dog-22463

01/09/2020, 1:35 PM
I’m sorry to say I’ve not quite followed what you mean there but that’s only because it’s 0535 and I’m jetlagged 🤣🤣
f

flat-insurance-25294

01/09/2020, 1:40 PM
Sorry I was very unclear now reading back. The thing is we need to run some code before calling pulumi up in our CI I loathe bash, so I just use Typescript. I could have done this in combination with pulumi but this code actually sets up the stuff pulumi needs. I can’t call pulumi up before this.
Btw you’ve been very helpful I appreciate it.
b

broad-dog-22463

01/09/2020, 1:42 PM
Ah I see what you mean now :) No worries at all - this is why this channel exists
f

flat-insurance-25294

01/09/2020, 1:42 PM
Is there no way of setting configs or secrets programatically with pulumi typescript?
Usecase: We generate a IAM user and add it to a group. Give it rights to access S3, Cloudfront, SES and other stuff and then generate the access_key and secret. Right now they are used as kubernetes secrets, but would be great to store them as pulimi secrets as well. For staging we export them.