https://pulumi.com logo
#general
Title
# general
c

colossal-boots-62227

11/23/2021, 8:41 AM
Calling
aws.secretsmanager.get_secret(name="mySecret").arn
results in several deprecated warnings for attributes which are not being accessed
Example:
Copy code
warning: rotation_enabled is deprecated: Use the aws_secretsmanager_secret_rotation data source instead
    warning: rotation_lambda_arn is deprecated: Use the aws_secretsmanager_secret_rotation data source instead
    warning: rotation_rules is deprecated: Use the aws_secretsmanager_secret_rotation data source instead
These attributes are deprecated (see: https://www.pulumi.com/registry/packages/aws/api-docs/secretsmanager/getsecret/#result) but as i’m not accessing them the warning seems spurious
Please confirm if this is a bug and if so I will raise an issue in GH
Also applies to
aws.secretsmanager.get_secret_output()
Pulumi
3.17.1
, Python, AWS classic
4.29.0
l

little-cartoon-10569

11/23/2021, 6:53 PM
Can you try aws_native.secretsmanager.get_secret instead? That uses the Cloud Control API instead of the SecretsManager API and might sidestep the issue.
That error message is from TF, so there's nothing that can be done in the Pulumi codebase to fix it. Avoiding the TF provider might help. (Of course, the error might be at AWS' end, so it might still occur...)
c

colossal-boots-62227

11/24/2021, 3:24 AM
@little-cartoon-10569 I understood that Pulumi does not “use” TF, rather it uses only the schema that was crested by the TF folks: https://www.leebriggs.co.uk/blog/2021/11/06/pulumi-faqs.html
l

little-cartoon-10569

11/24/2021, 3:27 AM
Maybe, but that error message implies otherwise. There's nothing called aws_secretsmanager_secret_rotation in Pulumi. Or "data source", for that matter. They're both TF-only.
c

colossal-boots-62227

11/24/2021, 3:27 AM
In which case I’m imagine this is a Pulumi bug and something they could fix. I will try the native provider as well (i’ve been sticking to classic as Native doesn’t seem quite ready for prime time)
l

little-cartoon-10569

11/24/2021, 3:27 AM
It could be something sucked out of the schema though...
You can use native and classic together. Native is totally robust, but it doesn't cover everything. You can't use only native, but you can use them both together.
c

colossal-boots-62227

11/24/2021, 3:31 AM
I started with native, very first thing I tried failed (now fixed) so I switched to classic only and it’s been mostly solid. No objection to mixing classic and native. I’ll raise the above as a bug against classic in any case, if it’s an upstream problem the Pulumi guys can fill that issue with TF I guess
💯 1
Thanks for the input @little-cartoon-10569 and i’m very jealous you get to be in NZ 🙂
🥝 1
FYI: “Secret is not yet supported by AWS Native, so its creation will currently fail. Please use the classic AWS provider, if possible.” from
pulumi_aws_native
0.7.0