https://pulumi.com logo
Title
a

adorable-house-55616

12/09/2022, 4:11 PM
Hello, I am using AWS and trying to work out how to reference an output from one resource during the creation of another. Typically, if they are all created inline, I already have an object reference, and should just be able to reference the normal output properties. However, I was going down the path of splitting everything out into its own class. As an example - let's say I have a KMS key which is stored in a source file under /KMS/Keys/MyKey.cs - then, I have a S3 bucket which needs to reference this Key's ARN to setup server-side encryption - and that code is in, let's say, /S3/Buckets/MyBucket.cs. The idea was to have a folder structure mapped to the AWS services and I have some higher-level code which instantiates everything under /KMS, and then everything under /S3. However, it seems perhaps this is not the way to do this, and instead maybe I should be using Components? I'm still fairly new to Pulumi so still grappling with some of the foundational concepts. Any thoughts on this?
s

stocky-restaurant-98004

12/09/2022, 8:54 PM
Keep it all in a single "main" until you have an obvious reason to use multiple files/modules/classes.
An obvious reason would be like "I have 1000 lines of code in one file".
a

adorable-house-55616

12/09/2022, 8:55 PM
thanks. this is existing infrastructure I'm working on importing in. This is not for a personal project, but will encompass quite a few resources. That said, I think I might have worked out a way forward, but am still tinkering
s

stocky-restaurant-98004

12/09/2022, 8:56 PM
IaC is not as easily refactored as regular code because of the stateful nature (although it can definitely be refactored in Pulumi with aliases), so you're gonna want to keep it a little dumber than app code even if it does not read as pretty.
I recommend you try regular ol' static functions first, then Components if you need them. Try to group resources logically (like a whole service, or foundational networking) rather than by a fine-grained type. I think you'll find it's easier to work with. In general (IaC and app code), you know your code org is right when changes are confined to a small number of files that live in the same place.
(Which is also why I think every MVC framework I've seen does it wrong, but that's another take for another time.)
a

adorable-house-55616

12/09/2022, 9:05 PM
gotcha. I definitely need to have "global" things in one place, and "product" specific items elsewhere. One of the things I'm kicking around is how to reference something across multiple resources. For example, a single policy that needs assigned to several groups. The group requires the policy ARN. The major hurdle was I am attempting to create some generic methods and interface implementations, where method would basically just do a "execute the constructor for any class which implements IPolicy" as an example.
s

stocky-restaurant-98004

12/09/2022, 9:55 PM
An IAM policy? Just create a managed policy and then attach it to multiple principals.
b

bored-activity-40468

12/09/2022, 11:54 PM
Advanced C# example with Automation API, it's nice to look at other dotnet examples https://github.com/gitfool/Pulumi.Dungeon