https://pulumi.com logo
#general
Title
# general
s

sticky-airline-40485

01/21/2022, 3:15 PM
hi folks, this might be a dumb/already answered questions, but is there a way to modify existing resources? For example, I have an AWS S3 bucket, I do a resource lookup with
Bucket bucket = Bucket.Get("bucket", "my-bucket")
; but then how do I modify
bucket
, for example, to enable Versioning?
bucket.Versioning = ...
gives an error because
Versioning
is read-only. Stuck on this for several hours now šŸ˜ž
p

prehistoric-activity-61023

01/21/2022, 3:16 PM
you can import existing resource into pulumi project
s

sticky-airline-40485

01/21/2022, 3:17 PM
thanks @prehistoric-activity-61023 but importing also only gives me a
Bucket bucket
object, but how can I then modify this
bucket
?
p

prehistoric-activity-61023

01/21/2022, 3:18 PM
I don’t really get the question šŸ¤”
Once the resource is imported and it’s managed by pulumi, you should be able to configure it declaratively as any other resource.
m

millions-furniture-75402

01/21/2022, 3:18 PM
Yes, you can modify the resource you've "gotten" but be aware of the drift you'll be causing
p

prehistoric-activity-61023

01/21/2022, 3:19 PM
so if you modify the imported resource (by changing its definition in code), it’s gonna generate appropriate actions during next
pulumi up
s

sticky-airline-40485

01/21/2022, 3:20 PM
but how do I configure/modify the resource declaratively once I have it?
p

prehistoric-activity-61023

01/21/2022, 3:20 PM
when you import the resource, you should get a code snippet to insert into your pulumi project
you should be able to simply modify it and pulumi will detect the difference between the imported state and definition in the code
s

sticky-airline-40485

01/21/2022, 3:21 PM
I have that, but where do I change the resource? In the bucketArgs?
p

prehistoric-activity-61023

01/21/2022, 3:21 PM
yeah
unless resource cannot be altered - there are some resources in the cloud that are immutable once created
not sure if that’s the case for S3 versioning (I’m more familiar with GCS)
s

sticky-airline-40485

01/21/2022, 3:24 PM
I see... is
import
the only way to modify an existing resouce then? Because
Bucket.Get
doesn't allow a
BucketArgs
parameter (it only has a similar
BucketState
parameter, which only helps qualify the search)
p

prehistoric-activity-61023

01/21/2022, 3:24 PM
try to do sth like this šŸ™‚ 1. Create an empty pulumi project. 2. Create a S3 bucket. 3. Try to import it into the given project. 4. Apply changes to the code (at this point, it should look just like a ā€œnormalā€ S3 bucket managed by pulumi) and see if that works for you
s

sticky-airline-40485

01/21/2022, 3:25 PM
OK, I'll try that. thanks @prehistoric-activity-61023 and @millions-furniture-75402 for your help
p

prehistoric-activity-61023

01/21/2022, 3:27 PM
Bucket.Get
allows you to GET some information about an existing resource (so you can use that in other resources managed by pulumi). However, it does NOT ADD IT TO THE STATE so the resource is not managed by pulumi and because of that, it cannot be altered.
import
DOES ADD TO THE STATE so the resource becomes pulumi-managed. That means if you don’t alter your code appropriately (based on the code snippet
pulumi import
should print for you), pulumi will think you want to delete that resource (it goes like this: ā€œit’s present in the state, it’s not defined in code => remove it from the cloud so code==state)
m

millions-furniture-75402

01/21/2022, 3:28 PM
I think you want to do something like this (untested):
Copy code
const myBucketModifications = new aws.s3.Bucket(`${appName}-with-mods`, {
  bucket: aws.s3.Bucket.get("my-bucket", "my-bucket-id").bucket,
  serverSideEncryptionConfiguration: {
    rule: {
      applyServerSideEncryptionByDefault: {
        sseAlgorithm: "AES256",
      },
    },
  },
});
I guess we should have asked you what your scenario is. Was this bucket created by another process, or Pulumi?
p

prehistoric-activity-61023

01/21/2022, 3:31 PM
^ that’s a good question
In case you’d like to see how it should look like in case of importing some already existing cloud resource not managed by pulumi:
Copy code
āÆ pulumi -s <REDACTED> import gcp:storage/bucket:Bucket my-python-var-name example-pulumi-bucket
...

Please copy the following code into your Pulumi application. Not doing so
will cause Pulumi to report that an update will happen on the next update command.

Please note that the imported resources are marked as protected. To destroy them
you will need to remove the `protect` option and run `pulumi update` *before*
the destroy will take effect.

import pulumi
import pulumi_gcp as gcp

my_python_var_name = gcp.storage.Bucket("my-python-var-name",
    force_destroy=False,
    location="US",
    name="example-pulumi-bucket",
    storage_class="STANDARD",
    opts=pulumi.ResourceOptions(protect=True))
as you can see, at the end there’s a python snippet I should add to my code to match the (already) modified state. I added this snippet to my
main.py
and when I run
pulumi up
, it says there’s nothing to change. Now, when I modify it like this:
Copy code
my_python_var_name = gcp.storage.Bucket("my-python-var-name",
    force_destroy=False,
    location="US",
    name="example-pulumi-bucket",
    storage_class="STANDARD",
=>  versioning=gcp.storage.BucketVersioningArgs(enabled=True),
    opts=pulumi.ResourceOptions(protect=True))
it wants to alter my bucket:
Copy code
Type                   Name                    Plan       Info
     pulumi:pulumi:Stack    <REDACTED>             
 ~   └─ gcp:storage:Bucket  my-python-var-name      update     [diff: +versioning]
 
Resources:
    ~ 1 to update
    10 unchanged
5 Views