Channels
pulumi-ai
package-authoring
pulumi-cdk
oracle-cloud-infrastructure
learn-pulumi-events
linen
registry
built-with-pulumi
pulumi-cloud
contribex
testingtesting321
hacktoberfest
cloudengineering
yaml
pulumi-crosscode
content-share
finops
multi-language-hackathon
office-hours
workshops
blog-posts
localstack
welcome
gitlab
pulumi-kubernetes-operator
jobs
aws
pulumi-deployments
dotnet
golang
announcements
java
pulumiverse
python
install
getting-started
cloudengineering-support
testingtesting123
hackathon-03-19-2020
typescript
google-cloud
contribute
azure
kubernetes
docs
automation-api
status
general
Title
j
jolly-plumber-1488
07/11/2022, 11:07 AMHi guys, has anyone seen this error before when creating eks cluster?
Message_: "Security group(s) [sg-0cb56162e90f5f571] are not in the same VPC as the subnets. Please specify a security group that is associated with the VPC: vpc-0b6bc0745054144c7."cluster = eks.Cluster(
cluster_name,
version="1.22",
skip_default_node_group=True,
vpc_id=vpc.id,
public_subnet_ids=vpc.public_subnet_ids,
node_associate_public_ip_address=False,
private_subnet_ids=vpc.private_subnet_ids,
cluster_security_group=cluster_sg,
service_role=cluster_role,
instance_roles=[node_role],
create_oidc_provider=True,
cluster_tags=common_tags
)vpc.idm
mammoth-electrician-64525
07/11/2022, 11:20 AM@jolly-plumber-1488
I’m not sure exactly but looks like your ‘vpc.id’ is empty or is not the same VPC used by your ‘*_subnets_ids’.
I suggest you create the VPC in another function before, collect ids from this process and add in your function to create the EKS. Using this approach your infrastructure will create not only the EKS but everything that is necessary to create EKS. If you want to delete this stack you will delete not only EKS but the VPC that EKS was created. for example:
https://github.com/pulumi/examples/blob/master/aws-py-eks/__main__.py#L15
j
jolly-plumber-1488
07/11/2022, 11:25 AMThanks for your reply, @mammoth-electrician-64525. Yeah, I found the root cause, there is
idvpc_ididThe provider-assigned unique ID for this managed resource.What is that?
m
mammoth-electrician-64525
07/11/2022, 11:34 AM@jolly-plumber-1488 this is the description about id output, as a default description(https://www.pulumi.com/registry/packages/aws-iam/api-docs/provider/)
👍 1
j
jolly-plumber-1488
07/11/2022, 11:38 AMBTW, is there any suggestion about how to debug issues like this, besides printing logs?
e.g. is there a way to print the raw http request body?
m
mammoth-electrician-64525
07/11/2022, 11:48 AMI believe that verbose logging can help you a bit: https://www.pulumi.com/docs/support/troubleshooting/#verbose-logging
another suggestion, is maybe you can use AWS Native than AWS Classic or another provider for AWS. Native providers can give you full coverage for your infrastructure as code but keep in mind that it is in the preview version: https://www.pulumi.com/registry/packages/aws-native/
j
jolly-plumber-1488
07/11/2022, 12:11 PMThanks a lot, @mammoth-electrician-64525
🕺 1