TIL: pulumi.Config('aws') lets you reference the a...
# typescripta
acceptable-army-69872
03/05/2021, 7:00 PMTIL: pulumi.Config('aws') lets you reference the aws variables set (bag?) in your Pulumi.yaml. This was 🤯. I had to keep exporting AWS_PROFILE, because I have some cert generation code that requires being run in us-east-1, which uses a
new Providerconfig set aws:profile blahacceptable-army-69872
03/05/2021, 7:02 PMNow I can do something like this and not have an environment variable dependency. This pleases me.
Copy code
const aws_config = new pulumi.Config('aws');
const awsUsEast1 = new Provider("usEast1", { region: "us-east-1", profile: aws_config.require('profile')});
const sslCert = new Certificate("sslCert", {
domainName: domain,
validationMethod: "DNS",
}, { provider: awsUsEast1 });b
broad-dog-22463
03/05/2021, 7:14 PM@acceptable-army-69872 yeah this is awesome right? Because of that , I am able to do this:
Copy code
const providers: {[key: string]: aws.Provider} = {
"us-east-1": new aws.Provider("us-east-1", {region: "us-east-1"}),
"us-east-2": new aws.Provider("us-east-2", {region: "us-east-2"}),
"us-west-2": new aws.Provider("us-west-2", {region: "us-west-2"}),
"eu-west-1": new aws.Provider("eu-west-1", {region: "eu-west-1"}),
"eu-west-2": new aws.Provider("eu-west-2", {region: "eu-west-2"}),
};
for (const providerKey of Object.keys(providers)) {
const provider = providers[providerKey];
const lambda = new aws.lambda.Function(`my-lambda-function-${providerKey}`, {
name: "sample-lambda",
runtime: aws.lambda.Go1dxRuntime,
timeout: 900,
role: lambdaRole.arn,
handler: "main",
memorySize: 1024,
code: new pulumi.asset.FileArchive("deployment.zip"),
environment: {
variables: {
"DESTROY_ENABLED": "true"
}
},
}, {provider});
}broad-dog-22463
03/05/2021, 7:14 PMwhere we can deploy a pulumi app across multiple regions at the same time
broad-dog-22463
03/05/2021, 7:14 PMa
acceptable-army-69872
03/05/2021, 7:18 PMThat is rad, and I appreciate the typescriptyness of it!
acceptable-army-69872
03/05/2021, 7:19 PMThat provider object is kind of a double edged sword, I think that code default to using the AWS_PROFILE variables (or your exported secret keys), and not one set in pulumi.yaml.
acceptable-army-69872
03/05/2021, 7:20 PMso if you have all your code happily humming along using the one out of the aws config set, and then introduce a Provider in your code and don't deal with sourcing the config yourself, your code starts popping up
error: unable to discover AWS AccessKeyID and/or SecretAccessKey - see <https://pulumi.io/install/aws.html> for details on configurationb
broad-dog-22463
03/05/2021, 7:21 PMyeah that specific code above is - but I could easily have had difference credentials per region and have specified a profile per provider
a
acceptable-army-69872
03/05/2021, 7:21 PMIt totally makes sense why that happens, but I did the "i'll deal with that later" thing and exported vars for 8 months.
acceptable-army-69872
03/05/2021, 7:22 PMlazy devmonster.