530 questions
-2
votes
0
answers
51
views
How to create child projects with same display name under different parent folders in wiz using Terraform? [closed]
I am new to Terraform and trying to write an automation code to create wiz projects in a parent child hierarchy. The parent folders are created successfully, but when I try to create child projects ...
- 483
Best practices
0
votes
0
replies
42
views
How to manage (Google Cloud Composer) Airflow roles with infrastructure as code?
Are there any best practices for handling roles in code?
Most of our setup is managed via Terraform. It would be great if there was a possibility.
There is a Terraform provider, however using the ...
- 3,731
-1
votes
1
answer
43
views
Issue with OpenTofu tests against AWS Cloudfront Distributions [closed]
I could use an assist on my opentofu tests
Here is a small snippet of my Terraform module
resource "aws_cloudfront_distribution" "main" {
price_class = "...
- 2,321
0
votes
1
answer
51
views
How to automatically extract AWS Lambda configurations to Terraform for GCP migration? [closed]
I'm migrating multiple AWS Lambda functions to GCP and need to generate Terraform configurations that match the existing AWS setup. Currently, I'm manually writing each Lambda configuration, which is ...
- 11
-1
votes
1
answer
66
views
AWS CDK: using stages as "stacks" and apps as "stages"
I am working on migrating our Typescript application from Serverless Framework to AWS CDK.
Background
Our application started out as mostly just lambda functions, api gateways and some IoT resources. ...
- 307
1
vote
1
answer
154
views
GCP Infrastructure Manager needs excessive ADMIN or OWNER role on project to work
I'm trying to configure GCP Infrastructure Manager (IM) with my custom Service Account (SA), but I can't do that without assigning it a project ADMIN or OWNER role.
I assigned SA the following roles:
...
- 11
0
votes
1
answer
161
views
Update properties of Bicep template resource
I'm deploying a Key Vault via bicep file with some standard rules, then after the initial configuration of some other resources I want to harden that Key Vault with advanced properties. For instance, ...
- 305
0
votes
0
answers
43
views
Create SQL DB user without exposing database during IaC depoyment
I have and Azure DevOps CD pipeline, that deploys Azure Infrastructure (using Pulumi).
It creates and Azure Database for PostgreSQL.
I want to create SQL User (other than existing superadmin) in ...
- 27.8k
0
votes
0
answers
166
views
Issue creating Redis Service Connector for Azure Container Apps
Context
I'm trying to create a Service Connector (preview) to access a Redis Cache from an Azure Container App.
I'm using a shell script (zsh) to automate the deployment.
I've already configured ...
- 23.2k
0
votes
0
answers
62
views
Create Logic App Standard using Pulumi Azure Native
I am new to Infrastructure As Code (IAC). I have created and configured the Logic App Standard with 2 workflows in it using Azure Portal. But I was asked to create them using IAC. My requirement is to ...
- 57
0
votes
1
answer
127
views
Merging multiple aws iam roles for lambdas in terraform
I have following configuration in terraform:
locals {
common_env_vars = {
DATABASE_NAME = var.database_name
}
lambda_config = {
filename = "empty.zip"
...
0
votes
1
answer
116
views
Pulumi Dynamic Provider with azure-devops-node-api Fails Due to Serialization Error
I am writing a Pulumi dynamic resource provider to control Azure DevOps project pipeline settings using the azure-devops-node-api client. Here's my provider code:
import * as pulumi from '@pulumi/...
- 85
0
votes
0
answers
91
views
Running Bicep Deployment Script Privately Over a Private Endpoint with Custom Image from Private Registry
We are working on using deployment scripts on a private network and need to use a custom container image. The image is stored in a private registry, and we would like to pull additional modules or ...
0
votes
0
answers
11
views
Why do CloudFormation stack dependencies report UPDATE_COMPLETE in reverse order?
I have multiple CloudFormation stacks with serial dependencies (Stack A2 depends on Stack A1, etc.).
I've noticed a pattern during stack updates where CloudFormation appears to report the ...
- 1,140
2
votes
1
answer
118
views
When importing an existing repo to github_repository, how do you fix Schrödinger's repo?
Background
My estate-repos repo,
defines repos in repos.yaml.
uses the github/repo module from tofu-modules to create the repos using sensible defaults.
Goal: Import manually created repos
I am ...
- 972
0
votes
1
answer
218
views
Authorization error on my storage account when lisitng files from databricks
I have the strange issue where I dont understand why Im having the authorization error:
Im running this code with out any error:
dbutils.fs.ls("abfss://[email protected]/&...
1
vote
2
answers
45
views
Is there a way to specify what module version to use in the Cloudformation template?
If a module is registered in CloudFormation with a default version, is there a way to specify a different version in the CF YAML file? For instance, if the default version is '000002' but I want to ...
0
votes
1
answer
87
views
DevOps tools for visualizing/managing resource relationships in GCP?
I'm working on a GCP project where we need better visibility into how our resources are connected and dependent on each other. Our infrastructure has grown complex with multiple services, networks, ...
- 19
0
votes
1
answer
164
views
Barebones Python Function App via IaC for Azure
I need a bare minimum Bicep file to create an EMPTY Python 3.11 Function App in Azure via Infrastructure as Code (IaC). I do not want App Insights support. I should be able to deploy to a preexisting ...
- 752
0
votes
1
answer
77
views
Azure Infra - Connect external vNet with APIM
Problem statement:
Company A - has a vNet. Some application is running in th4 vNet.
Company B - has APIM which consolidates all the APIs running in AKS.
Company A needs to connect Company B in private ...
- 109
0
votes
1
answer
255
views
Pulumi stacks (which exist) not appearing in `pulumi stack ls -a`
I've just pulled an IaC repo with Pulumi code, and I'm trying to select my default stack, but when I run pulumi stack ls -a no stacks are listed:
% pulumi stack ls --all ...
- 626
0
votes
1
answer
92
views
Azure create PROD out of DEV Environment
Context
We have a working dev environment in azure.
The project is about hosting a frontend, a backend and a database via container apps. It is still in the beginning so there are not that many ...
- 119
0
votes
1
answer
93
views
How can I get the absolute path for a directory created with pyinfra?
I created a new directory with pyinfra using the relative path new_dir
from pyinfra.operations import files, server
files.directory("new_dir")
Now I would like to get the absolute path of ...
- 11.9k
0
votes
1
answer
108
views
Azure managed grafana plugin definition in Bicep
I'm trying to add the infinity data source plugin to my Azure managed Grafana which is deployed using Bicep. However the documentation for adding plugins using Bicep is non existent and I cannot find ...
- 59
0
votes
0
answers
25
views
NPM Install in Downstream Pipeline Triggering Upstream Project
I'm working with a multi-project CI/CD setup and I'm encountering an issue with my downstream pipeline. I have configured a trigger to include a downstream project as follows:
trigger: include: - ...
- 1
0
votes
1
answer
223
views
provider error new hashicorp/get provider
terraform plan causes:
Error: Inconsistent dependency lock file
The following dependency selections recorded in the lock file are inconsistent with the current configuration:
provider registry....
1
vote
1
answer
470
views
Using script commands, how to add multiple scale rules to an Azure Container App?
Every time the update command runs, deletes the last Scale Rule, Custom type, a cron job and a memory utilization percentage set
The update command executes and it overlays the previous update, since ...
- 29
1
vote
1
answer
211
views
Terraform - GitHub Provider | scalable methods in managing organizations
I'm trying to manage GitHub Enterprise with 200+ organizations using Terraform. Here's what I've achieved so far:
I've used the GitHub Provider (integrations/github) in Terraform to create/modify 10+ ...
- 23
-1
votes
1
answer
868
views
Terraform - Error: Provider configuration not present
When I was trying to provision my Azure resources via running the Terraform script in Azure DevOps pipelines, I encountered the following error:
│ Error: Provider configuration not present
│
│ To ...
- 27
0
votes
1
answer
446
views
How to store github settings as code instead of in a UI
Is there a way to store my github repo's settings "as-code" rather than interacting with the settings via UI? Aka these things:
I would like to do this so that:
We can keep a history of ...
- 27.4k
-1
votes
1
answer
568
views
The provider hashicorp/azurerm does not support resource type "azurerm_resource_group_policy_assignment"
Im trying to set some policy rules on the Rg level with this.
My code looks like this:
locals {
tenant_id = "xxxxxxxxxxxx"
subscription_id = var.env == "dev" ? "...
- 735
0
votes
1
answer
142
views
Share values from child to parent
I would like to achieve common tags to be included with a set of other tags. Let's assume this is my working directory tree:
├── README.md
├── _envcommon
│ └── eks-vpc.hcl
├── non-production
│ ├── ...
- 859
1
vote
1
answer
35
views
How to integrate the lambdas uris in the AWS API Gateway Specification YAML?
I'm working on managing my AWS API Gateway resources with Terraform. I've already generated the specification.yaml file for my API Gateway directly from the AWS Management Console.
My questions are:
...
- 35
1
vote
1
answer
871
views
Terraformer Import Error: exec: no command When Importing AWS Resources on Windows
I'm trying to use Terraformer on Windows to import my AWS resources into Terraform configuration files. I have Terraform and Terraformer installed, but I'm encountering an error when running the ...
- 35
0
votes
1
answer
112
views
Tools for Terraform that have support for Oracle Cloud Infrastructure resources
I am working (not out of choice) with Oracle Cloud Infrastructure and would like to implement some pre commit checks, mainly linting and static infrastructure scanning + testing. Is anyone aware of ...
-1
votes
1
answer
619
views
How to solve cycle error ( circular dependency error ) of terraform during assume role in providers?
I am trying to use terraform programming for infrastructure software development. The data resource to retrieve account id in order to avoid hardcoding account id/mask account id before checking into ...
- 11.9k
0
votes
1
answer
150
views
Dependency in Terraform OpenAI and VNET/Subnet
I am trying to create an openai endpoint using the openai module in terraform. I have no problem creating the network and then openai separately. However, when I try to add everything under one ...
- 3
1
vote
1
answer
282
views
Issues Deploying Multiple Azure Resources with ARM Template
I need you help with an ARM template issue I'm facing. Here's a brief summary:
I am working on creating a template for deploying a resource group and several resources related to Azure Machine ...
- 9
0
votes
1
answer
222
views
Why is Azure REST API create/update index unsucessful when using vectorSearch on a field
I have a deployment script run in Azure as part of a BICEP file. The deployement script sends a API request to create the AISearchService index which is sucessful.
The problems is that none of the ...
- 1
0
votes
1
answer
394
views
Why can't I use a Terraform `move` block to move an Azure SQL Database to a different resource name?
I've been able to move SQL Alerts between resource names in my terraform, for example:
moved {
from = module.myproj_sqldbs.azurerm_monitor_metric_alert.alert_storage_percentage_exceeds_80["mydb&...
- 30.6k
0
votes
2
answers
377
views
How can I define compile time constants in bicep configuration language?
I'm currently working on deploying multiple workbooks in Azure using Bicep. My goal is to create a resource workbook and deploy multiple instances of it. However, I've encountered an issue with the ...
- 1,675
0
votes
2
answers
250
views
How to setup secret/password values in Secrets Manager using CDK/Cloudformation?
We are looking to configure our SecretsManager instances via Cloudformation/CDK.
Based on what we've read, SecretsManager recommends using their generate secrets function.
Unfortunately, we can't use ...
- 7,908
0
votes
1
answer
182
views
Can we use "normal" languages to build IaC in Microsoft Azure (similarly to AWS's CDK)?
From what I can tell, it appears that Microsoft Azure only allows YAML, Terraform, or Bicep for defining infrastructure in code. AWS's CDK, however, allows one to build out the infrastructure using ...
- 1,125
0
votes
1
answer
273
views
How Create CloudWatch Disk Space Alarm for Different Paths Dynamically
I have configured CW agent to send disk space metrics and create an alarm based on that metric.
I'm using terraform deploy resources in AWS. Below code is working when I only create alarm for a single ...
- 15
1
vote
1
answer
1k
views
AWS cdk gets stuck when deploying AWS:ECS:Service
I'm trying to deploy a frontend app. Whenever I try to deploy it gets stuck. It gets stuck when creating the ECS service. I searched online it says something is missing in the ecs service ...
- 155
0
votes
1
answer
696
views
terraform base64encode multiline
I have the following multiline variable in Terraform for PRIVATE_KEY encoded with base64encode function
oci_prv_key = <<EOT
-----BEGIN PRIVATE KEY-----
xxxxxxxxx
xxxxxxxx
xxxxxxxxx
xxxxxxxxx
----...
- 550
1
vote
2
answers
925
views
Terraform State file and Cloud Infra out of sync
I am new to Terraform and have been trying to figure this out. We have a cloud env which was created as part of development and testing. In the process, a lot of unwanted resources were created by the ...
0
votes
1
answer
529
views
Bicep adding DNS Records saying already exists when it doesn't
I am using Bicep to deploy our applications infrastructure and we're trying to add our SendGrid Domain Authentication DNS Records into the Bicep so we can deploy across our different environments, or ...
- 25
0
votes
1
answer
100
views
OpenStack Pulumi integration - Cannot connect due to apparently lacking parameter in YAML file
I am dealing with a strange situation in configuring a Pulumi deployment in order to maintain a IaC for an OpenStack environment.
The deployment is very simple as below, I started from Python:
import ...
- 11
0
votes
1
answer
280
views
Wrong bicep scope in module
I've got two bicep files, main.bicep and webAppRoleAssignment.bicep
main.bicep
....
module webAppRoleAssignment 'webAppRoleAssignment.bicep' = {
name: 'webAppRoleAssignment'
scope: az....
- 591