https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# general
s
This message was deleted.
p
Copy code
sg, err := ec2.NewSecurityGroup(ctx, "EKS", &ec2.SecurityGroupArgs{
                        Description: pulumi.String("Group for the EKS cluster"),
                        VpcId: pulumi.String(vpcid),
                        Ingress: ec2.SecurityGroupIngressArray{
                                // Allow ssh in from the ssh hosts
                                &ec2.SecurityGroupIngressArgs{
                                        Description: pulumi.String("ssh in from the ssh-hosts"),
                                        FromPort: <http://pulumi.Int|pulumi.Int>(22),
                                        ToPort: <http://pulumi.Int|pulumi.Int>(22),
                                        Protocol: pulumi.String("tcp"),
                                        SecurityGroups: pulumi.StringArray{
                                                pulumi.String("sg-0f61cce3d6946c140"), // This needs to be looked up as this is the Test one
                                        },
                                },
                        },
                        Egress:  ec2.SecurityGroupEgressArray{
                                // allow https out to anywhere
                                &ec2.SecurityGroupEgressArgs{
                                        FromPort: <http://pulumi.Int|pulumi.Int>(443),
                                        ToPort:   <http://pulumi.Int|pulumi.Int>(443),
                                        Protocol: pulumi.String("tcp"),
                                        CidrBlocks: pulumi.StringArray{
                                                pulumi.String("0.0.0.0/0"),
                                        },
                                        Ipv6CidrBlocks: pulumi.StringArray{
                                                pulumi.String("::/0"),
                                        },
                                },
                        },
                        Tags: pulumi.StringMap{
                                "Name": pulumi.String("Test-EKS"), // needs to be compiled from the VPC and -EKS
                        },
                })
                // Create an EKS cluster with the default configuration.
                cluster, err := eks.NewCluster(ctx, "Test", &eks.ClusterArgs{
                        ResourcesVpcConfig: &eks.ClusterResourcesVpcConfigArgs{
                                SubnetIds: pulumi.StringArray{
                                        pulumi.String(private[0]),
                                        pulumi.String(private[1]),
                                        pulumi.String(private[2]),
                                },
                                EndpointPrivateAccess: pulumi.Bool(true),
                                EndpointPublicAccess: pulumi.Bool(false),
                                SecurityGroupIds: pulumi.StringArray{
                                        sg.Id,
                                },
                        },
                        RoleArn: eksRole.Arn,
                })
                if err != nil {
                        return err
                }
These are the blocks where I create the sg and try to use the Id in the EKS cluster block. I can get the Arn, with sg.Arn or the account id with sg.OwnerId
I guess I'll have to parse the ARN and get the sg-#### string that way but I'm puzzled as to why sg.Id fails.
b
@creamy-holiday-75376 I believe you need 
sg.ID()
you might consider using our EKS package to make your life easier
p
Thanks, I was sure I tried that 😅 , but it seems to be working now.
I did try the EKS package, but for reasons lost in a haze of Xmas I switched to doing it by hand.
Open in Slack
PreviousNext
Powered by