sparse-intern-71089
10/21/2021, 4:03 PMprehistoric-activity-61023
10/21/2021, 4:11 PMprehistoric-activity-61023
10/21/2021, 4:12 PMpulumi stack export
• remove manually the resources from the exported JSON
• import it back
• remove reference from the source code
• run pulumi up
so it syncsfresh-wire-95028
10/21/2021, 4:12 PMnew aws.ec2clientvpn.Endpoint(endpointName, {
..
authenticationOptions: [
{
type: 'federated-authentication',
samlProviderArn: 'ARN GOES HERE',
},
],
});
prehistoric-activity-61023
10/21/2021, 4:13 PMprehistoric-activity-61023
10/21/2021, 4:17 PMfresh-wire-95028
10/21/2021, 4:17 PMpulumi stack export
. I thought it generates this stuff on demand based on my code. But practically I've seen it tends to differ in some scenarios. Like I always run into this pending operations
problem, where I have to manually go in and delete that part of the JSON. But I don't really follow why.prehistoric-activity-61023
10/21/2021, 4:18 PMpulumi stack export
dumps the current state of your stackprehistoric-activity-61023
10/21/2021, 4:18 PMpulumi stack export
is how the current state according to pulumi looks likeprehistoric-activity-61023
10/21/2021, 4:19 PMprehistoric-activity-61023
10/21/2021, 4:19 PMpulumi up
command, you might be asked to manually adjust the state file (by doing export -> fix -> import)fresh-wire-95028
10/21/2021, 4:20 PMaws:iam:SamlProvider (default):
error: Preview failed: unable to delete resource "urn:pulumi:toli::xxx::aws:iam/samlProvider:SamlProvider::default"
as it is currently marked for protection. To unprotect the resource, either remove the `protect` flag from the resource in your Pulumiprogram and run `pulumi up` or use the command:
`pulumi state unprotect urn:pulumi:toli::xxx::aws:iam/samlProvider:SamlProvider::default`
I don't see a reference to it in my code.
At some point I tried doing a pulumi import aws:iam/samlProvider:SamlProvider ...
and it gave me the code necessary (which included a long XML file). I didn't want to deal with storing that XML file...so I decided to keep it custom.
Could that import
have somehow put that resource into my state, without putting it in the code?prehistoric-activity-61023
10/21/2021, 4:21 PMprehistoric-activity-61023
10/21/2021, 4:21 PMprehistoric-activity-61023
10/21/2021, 4:21 PMprehistoric-activity-61023
10/21/2021, 4:21 PMprehistoric-activity-61023
10/21/2021, 4:21 PMfresh-wire-95028
10/21/2021, 4:21 PMprehistoric-activity-61023
10/21/2021, 4:22 PMprehistoric-activity-61023
10/21/2021, 4:22 PMfresh-wire-95028
10/21/2021, 4:22 PMfresh-wire-95028
10/21/2021, 4:22 PMprehistoric-activity-61023
10/21/2021, 4:23 PMprehistoric-activity-61023
10/21/2021, 4:23 PMprehistoric-activity-61023
10/21/2021, 4:25 PMnew aws.ec2clientvpn.Endpoint
to your code it does… nothing. You just declared that you want it.
3. When you run pulumi up
it compares the current state (nothing) with your desired state (one aws.ec2clientvpn.Endpoint
resource). In result, it generates action to CREATE it.prehistoric-activity-61023
10/21/2021, 4:25 PMaws.ec2clientvpn.Endpoint
with appropriate urn
is added to the stateprehistoric-activity-61023
10/21/2021, 4:25 PMpulumi up
it doesn’t do anythingprehistoric-activity-61023
10/21/2021, 4:26 PMDELETE
action as a resultprehistoric-activity-61023
10/21/2021, 4:26 PMprehistoric-activity-61023
10/21/2021, 4:27 PMCREATE
action (and it already exists)prehistoric-activity-61023
10/21/2021, 4:27 PMprehistoric-activity-61023
10/21/2021, 4:28 PMprehistoric-activity-61023
10/21/2021, 4:28 PMprehistoric-activity-61023
10/21/2021, 4:29 PMget
(https://www.pulumi.com/registry/packages/aws/api-docs/iam/samlprovider/; part Look up an Existing SamlProvider Resource
)fresh-wire-95028
10/21/2021, 4:32 PMtoli
stack, without it touching the provider or complaining 🙂
Thanks a bunch!prehistoric-activity-61023
10/21/2021, 4:34 PMprehistoric-activity-61023
10/21/2021, 4:35 PMprehistoric-activity-61023
10/21/2021, 4:36 PM