https://pulumi.com logo
#typescript
Title
# typescript
a

acceptable-army-69872

03/05/2021, 7:00 PM
TIL: pulumi.Config('aws') lets you reference the aws variables set (bag?) in your Pulumi.yaml. This was 🤯. I had to keep exporting AWS_PROFILE, because I have some cert generation code that requires being run in us-east-1, which uses a
new Provider
which doesn't automatically pick up the profile set by
config set aws:profile blah
Now I can do something like this and not have an environment variable dependency. This pleases me.
Copy code
const aws_config = new pulumi.Config('aws');

const awsUsEast1 = new Provider("usEast1", { region: "us-east-1", profile: aws_config.require('profile')});

const sslCert = new Certificate("sslCert", {
    domainName: domain,
    validationMethod: "DNS",
  }, { provider: awsUsEast1 });
b

broad-dog-22463

03/05/2021, 7:14 PM
@acceptable-army-69872 yeah this is awesome right? Because of that , I am able to do this:
Copy code
const providers: {[key: string]: aws.Provider} = {
    "us-east-1": new aws.Provider("us-east-1", {region: "us-east-1"}),
    "us-east-2": new aws.Provider("us-east-2", {region: "us-east-2"}),
    "us-west-2": new aws.Provider("us-west-2", {region: "us-west-2"}),
    "eu-west-1": new aws.Provider("eu-west-1", {region: "eu-west-1"}),
    "eu-west-2": new aws.Provider("eu-west-2", {region: "eu-west-2"}),
};

for (const providerKey of Object.keys(providers)) {
    const provider = providers[providerKey];

    const lambda = new aws.lambda.Function(`my-lambda-function-${providerKey}`, {
        name: "sample-lambda",
        runtime: aws.lambda.Go1dxRuntime,
        timeout: 900,
        role: lambdaRole.arn,
        handler: "main",
        memorySize: 1024,
        code: new pulumi.asset.FileArchive("deployment.zip"),
        environment: {
            variables: {
                "DESTROY_ENABLED": "true"
            }
        },
    }, {provider});
}
where we can deploy a pulumi app across multiple regions at the same time
a

acceptable-army-69872

03/05/2021, 7:18 PM
That is rad, and I appreciate the typescriptyness of it!
That provider object is kind of a double edged sword, I think that code default to using the AWS_PROFILE variables (or your exported secret keys), and not one set in pulumi.yaml.
so if you have all your code happily humming along using the one out of the aws config set, and then introduce a Provider in your code and don't deal with sourcing the config yourself, your code starts popping up
error: unable to discover AWS AccessKeyID and/or SecretAccessKey - see <https://pulumi.io/install/aws.html> for details on configuration
errors.
b

broad-dog-22463

03/05/2021, 7:21 PM
yeah that specific code above is - but I could easily have had difference credentials per region and have specified a profile per provider
a

acceptable-army-69872

03/05/2021, 7:21 PM
It totally makes sense why that happens, but I did the "i'll deal with that later" thing and exported vars for 8 months.
lazy devmonster.