https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# golang
s
This message was deleted.
1
i
I need this to happen in the same pulumi up command so the same execution that creates the VPC also creates the firewall and the subnets and the route tables.
b
@icy-london-58403 you can range over it, but you'll need to use an 
apply
because 
networkfirewall.FirewallFirewallStatusArrayOutput
isn't actually known until it's created. I don't have a concrete example of your particular use case, but there's an example of ranging over an 
ArrayOutput
here: https://github.com/pulumi/examples/blob/e942d6130cd402d48db56889581ce2db1879803f/kubernetes-go-guestbook/components/serviceDeployment.go#L55-L63
i
@billowy-army-68599 let me give it a try. Thanks
@billowy-army-68599 any chance you know what’s wrong with this?
Copy code
func (vpc *VPC) GetFirewallEndpointIDByZone(ctx *pulumi.Context, zone string) pulumi.StringOutput {
	ready := pulumi.All(vpc.NetworkFirewall.FirewallStatuses)
	return ready.ApplyT(func(statuses []networkfirewall.FirewallFirewallStatus) string {
		found := false
		for _, status := range statuses {
			for _, syncState := range status.SyncStates {
				getZoneResult, err := aws.GetAvailabilityZone(ctx, &aws.GetAvailabilityZoneArgs{
					AllAvailabilityZones: nil,
					Filters:              []aws.GetAvailabilityZoneFilter{},
					Name:                 syncState.AvailabilityZone,
					State:                nil,
					ZoneId:               nil,
				})
				if err != nil {
					ctx.Log.Error(fmt.Sprintf("Error: %s", err), nil)
				}
				if getZoneResult.ZoneId == zone {
					found = true
					return *syncState.Attachments[0].EndpointId
				}
			}
		}
		if !found {
			ctx.Log.Error(fmt.Sprintf("Error: Could not find firewall endpoint id in zone %s", zone), nil)
		}
		return ""
	}).(pulumi.StringOutput)
}
Error:
panic: applier must have 1 input parameter assignable from []interface {}
b
hmm, not offhand. @lemon-agent-27707 any ideas?
w
Why did you want to use 
All
here? That returns an 
ArrayOutput
which has an underlying type of 
[]interface{}
which is why applyt expects the argument to be of that type. You could change it to match what the error notes, and then convert. But I have a feeling you just don’t need the All call at all? (And would then pass a more strongly typed value to ApplyT so that you could use the applier you have above).
i
@white-balloon-205 
All
is just being used out of inexperience and ignorance
im trying it without
That did it!
Copy code
// GetFirewallEndpointIDByZone
func (vpc *VPC) GetFirewallEndpointIDByZone(ctx *pulumi.Context, zone string) pulumi.StringOutput {
	ready := vpc.NetworkFirewall.FirewallStatuses
	return ready.ApplyT(func(statuses []networkfirewall.FirewallFirewallStatus) string {
		found := false
		for _, status := range statuses {
			for _, syncState := range status.SyncStates {
				getZoneResult, err := aws.GetAvailabilityZone(ctx, &aws.GetAvailabilityZoneArgs{
					AllAvailabilityZones: nil,
					Filters:              []aws.GetAvailabilityZoneFilter{},
					Name:                 syncState.AvailabilityZone,
					State:                nil,
					ZoneId:               nil,
				})
				if err != nil {
					ctx.Log.Error(fmt.Sprintf("Error: %s", err), nil)
				}
				if getZoneResult.ZoneId == zone {
					found = true
					return *syncState.Attachments[0].EndpointId
				}
			}
		}
		if !found {
			ctx.Log.Error(fmt.Sprintf("Error: Could not find firewall endpoint id in zone %s", zone), nil)
		}
		return ""
	}).(pulumi.StringOutput)
}
@white-balloon-205 and @billowy-army-68599 thanks so much 😃
Building a Proof of Concept Multip VPC Cross Account network that utilizes the AWS Network Firewall and Transit Gateway to share NAT gateways to all other VPCs as well as provide firewall rules for ingress and egress. I wouldn’t mind contributing it to some examples repo when I’m done -- if such a thing exists or is needed.
Diagram is work in progress too. But it’s roughly correct
w
Awesome! We’re working on pulling together a site to link out to great components/examples - this looks like a great addition. @billowy-army-68599 is likely the right person to help make sure this gets added there!
👍 1
4 Views
Open in Slack
PreviousNext
Powered by