530 questions
Best practices
0
votes
0
replies
42
views
How to manage (Google Cloud Composer) Airflow roles with infrastructure as code?
Are there any best practices for handling roles in code?
Most of our setup is managed via Terraform. It would be great if there was a possibility.
There is a Terraform provider, however using the ...
-2
votes
0
answers
51
views
How to create child projects with same display name under different parent folders in wiz using Terraform? [closed]
I am new to Terraform and trying to write an automation code to create wiz projects in a parent child hierarchy. The parent folders are created successfully, but when I try to create child projects ...
- 483
0
votes
2
answers
3k
views
Could not retrieve the list of available versions for provider hashicorp/azapi (Azure/azapi)
I am trying to create Application ID URI of an application registration that is already deployed to Azure and using azapi for that as Application ID URI is going to be the app's own application_id (i....
- 1
26
votes
3
answers
11k
views
How to use Terraform in a cloud agnostic way
I have seen many examples on how to use Terraform to launch AWS resources. I have also seen many claims that Terraform is cloud agnostic.
What I have not seen is an example of how I can launch a VPC ...
- 2,350
-1
votes
1
answer
44
views
Issue with OpenTofu tests against AWS Cloudfront Distributions [closed]
I could use an assist on my opentofu tests
Here is a small snippet of my Terraform module
resource "aws_cloudfront_distribution" "main" {
price_class = "...
- 2,321
0
votes
1
answer
51
views
How to automatically extract AWS Lambda configurations to Terraform for GCP migration? [closed]
I'm migrating multiple AWS Lambda functions to GCP and need to generate Terraform configurations that match the existing AWS setup. Currently, I'm manually writing each Lambda configuration, which is ...
- 18.7k
-1
votes
1
answer
66
views
AWS CDK: using stages as "stacks" and apps as "stages"
I am working on migrating our Typescript application from Serverless Framework to AWS CDK.
Background
Our application started out as mostly just lambda functions, api gateways and some IoT resources. ...
- 12.1k
2
votes
1
answer
118
views
When importing an existing repo to github_repository, how do you fix Schrödinger's repo?
Background
My estate-repos repo,
defines repos in repos.yaml.
uses the github/repo module from tofu-modules to create the repos using sensible defaults.
Goal: Import manually created repos
I am ...
- 20.2k
1
vote
2
answers
45
views
Is there a way to specify what module version to use in the Cloudformation template?
If a module is registered in CloudFormation with a default version, is there a way to specify a different version in the CF YAML file? For instance, if the default version is '000002' but I want to ...
- 1,931
0
votes
1
answer
161
views
Update properties of Bicep template resource
I'm deploying a Key Vault via bicep file with some standard rules, then after the initial configuration of some other resources I want to harden that Key Vault with advanced properties. For instance, ...
- 760k
3
votes
2
answers
4k
views
Azure Bicep - Conditionally create a secret
I'm creating a KeyVault with Bicep and I want to create a secret in the vault, but only when there's no secret yet with the given name.
Checking if the KeyVault exists wasn't working, so I'm checking ...
- 30.5k
2
votes
2
answers
3k
views
Azure BICEP deploy if doesn't already exist
I'm not sure if this is possible, but what I'm trying to do is create a virtual network from one virtualNetwork.main.bicep file and then create a subnet from another subnet.main.bicep within the ...
- 30.5k
1
vote
1
answer
154
views
GCP Infrastructure Manager needs excessive ADMIN or OWNER role on project to work
I'm trying to configure GCP Infrastructure Manager (IM) with my custom Service Account (SA), but I can't do that without assigning it a project ADMIN or OWNER role.
I assigned SA the following roles:
...
- 511
0
votes
0
answers
43
views
Create SQL DB user without exposing database during IaC depoyment
I have and Azure DevOps CD pipeline, that deploys Azure Infrastructure (using Pulumi).
It creates and Azure Database for PostgreSQL.
I want to create SQL User (other than existing superadmin) in ...
- 27.8k
0
votes
1
answer
127
views
Merging multiple aws iam roles for lambdas in terraform
I have following configuration in terraform:
locals {
common_env_vars = {
DATABASE_NAME = var.database_name
}
lambda_config = {
filename = "empty.zip"
...
2
votes
1
answer
593
views
hitting: 'pulumi new' error: cloning templates repo: reference not found
Following get started here at pulumi, After setting up the service account at google cloud, trying to run pulumi new, it asked for login on pulumi which was successful, and then it throw an error: ...
- 133
0
votes
1
answer
116
views
Pulumi Dynamic Provider with azure-devops-node-api Fails Due to Serialization Error
I am writing a Pulumi dynamic resource provider to control Azure DevOps project pipeline settings using the azure-devops-node-api client. Here's my provider code:
import * as pulumi from '@pulumi/...
- 1,795
0
votes
0
answers
166
views
Issue creating Redis Service Connector for Azure Container Apps
Context
I'm trying to create a Service Connector (preview) to access a Redis Cache from an Azure Container App.
I'm using a shell script (zsh) to automate the deployment.
I've already configured ...
- 23.2k
0
votes
0
answers
62
views
Create Logic App Standard using Pulumi Azure Native
I am new to Infrastructure As Code (IAC). I have created and configured the Logic App Standard with 2 workflows in it using Azure Portal. But I was asked to create them using IAC. My requirement is to ...
- 57
2
votes
5
answers
2k
views
Create AWS_API_GATEWAY_RESOURCES in a loop
I am trying to create the aws_api_gateway resources using terraform, to avoid the hassle of adding the same code again and again, am trying to create a loop which create multiple resources for me in ...
- 86
0
votes
0
answers
91
views
Running Bicep Deployment Script Privately Over a Private Endpoint with Custom Image from Private Registry
We are working on using deployment scripts on a private network and need to use a custom container image. The image is stored in a private registry, and we would like to pull additional modules or ...
0
votes
0
answers
11
views
Why do CloudFormation stack dependencies report UPDATE_COMPLETE in reverse order?
I have multiple CloudFormation stacks with serial dependencies (Stack A2 depends on Stack A1, etc.).
I've noticed a pattern during stack updates where CloudFormation appears to report the ...
- 1,140
0
votes
0
answers
274
views
ARM TTK Tests "apiVersions Should Be Recent" failing
I'm trying to implement some tests for the ARM template that I've got in my pipeline but I'm getting a failure on api versions being too old.
api versions must be the latest or under 2 years old (730 ...
- 22.7k
0
votes
1
answer
218
views
Authorization error on my storage account when lisitng files from databricks
I have the strange issue where I dont understand why Im having the authorization error:
Im running this code with out any error:
dbutils.fs.ls("abfss://[email protected]/&...
0
votes
1
answer
87
views
DevOps tools for visualizing/managing resource relationships in GCP?
I'm working on a GCP project where we need better visibility into how our resources are connected and dependent on each other. Our infrastructure has grown complex with multiple services, networks, ...
- 670
0
votes
1
answer
164
views
Barebones Python Function App via IaC for Azure
I need a bare minimum Bicep file to create an EMPTY Python 3.11 Function App in Azure via Infrastructure as Code (IaC). I do not want App Insights support. I should be able to deploy to a preexisting ...
- 1,190
2
votes
2
answers
2k
views
How to add condition in ARM Bicep template?
Let’s say, I want to deploy a separate resource only if param isProduction bool
is true.
Is that possible with Bicep?
I could not find this in the documentation.
- 22.7k
0
votes
1
answer
77
views
Azure Infra - Connect external vNet with APIM
Problem statement:
Company A - has a vNet. Some application is running in th4 vNet.
Company B - has APIM which consolidates all the APIs running in AKS.
Company A needs to connect Company B in private ...
- 3,254
0
votes
1
answer
255
views
Pulumi stacks (which exist) not appearing in `pulumi stack ls -a`
I've just pulled an IaC repo with Pulumi code, and I'm trying to select my default stack, but when I run pulumi stack ls -a no stacks are listed:
% pulumi stack ls --all ...
- 626
0
votes
1
answer
93
views
How can I get the absolute path for a directory created with pyinfra?
I created a new directory with pyinfra using the relative path new_dir
from pyinfra.operations import files, server
files.directory("new_dir")
Now I would like to get the absolute path of ...
- 11.9k
0
votes
1
answer
446
views
How to store github settings as code instead of in a UI
Is there a way to store my github repo's settings "as-code" rather than interacting with the settings via UI? Aka these things:
I would like to do this so that:
We can keep a history of ...
- 668
0
votes
1
answer
93
views
Azure create PROD out of DEV Environment
Context
We have a working dev environment in azure.
The project is about hosting a frontend, a backend and a database via container apps. It is still in the beginning so there are not that many ...
- 1,831
4
votes
5
answers
18k
views
Bicep: Creating random string
I'm coming from a Terraform background and AWS. Now I'm using Bicep with Azure, so please bear with me :)
In Terraform, we create random passwords with the random_password resource. We then stored ...
- 91
3
votes
2
answers
5k
views
How do I convert the Output into str, to used as inputs in Pulumi resources of the second project?
I'm trying to use the outputs of one project via stack reference as input of a second project, but it seems I'm missing the last piece as I'm getting an error as shown below that Output can't be ...
- 4,089
0
votes
1
answer
108
views
Azure managed grafana plugin definition in Bicep
I'm trying to add the infinity data source plugin to my Azure managed Grafana which is deployed using Bicep. However the documentation for adding plugins using Bicep is non existent and I cannot find ...
- 59
11
votes
1
answer
32k
views
How to properly reset/fork Terraform default tfstate?
Recently, I've started using workspace per env in my Terraform configuration. I ended up having three workspaces dev, staging and production. But for historical reasons my default workspace still ...
- 10.9k
0
votes
0
answers
25
views
NPM Install in Downstream Pipeline Triggering Upstream Project
I'm working with a multi-project CI/CD setup and I'm encountering an issue with my downstream pipeline. I have configured a trigger to include a downstream project as follows:
trigger: include: - ...
- 1
0
votes
1
answer
223
views
provider error new hashicorp/get provider
terraform plan causes:
Error: Inconsistent dependency lock file
The following dependency selections recorded in the lock file are inconsistent with the current configuration:
provider registry....
- 76.4k
1
vote
1
answer
470
views
Using script commands, how to add multiple scale rules to an Azure Container App?
Every time the update command runs, deletes the last Scale Rule, Custom type, a cron job and a memory utilization percentage set
The update command executes and it overlays the previous update, since ...
- 3,931
1
vote
1
answer
211
views
Terraform - GitHub Provider | scalable methods in managing organizations
I'm trying to manage GitHub Enterprise with 200+ organizations using Terraform. Here's what I've achieved so far:
I've used the GitHub Provider (integrations/github) in Terraform to create/modify 10+ ...
- 3,202
-1
votes
1
answer
870
views
Terraform - Error: Provider configuration not present
When I was trying to provision my Azure resources via running the Terraform script in Azure DevOps pipelines, I encountered the following error:
│ Error: Provider configuration not present
│
│ To ...
- 3,254
0
votes
2
answers
488
views
BigQuery Policy Tags: possible as infra as code?
Like other cloud providers, Google Cloud Platform handles data access rights with a mish-mash of mechanisms.
GCP supports tags, IAM permissions and roles, etc. But it also supports BigQuery policy ...
- 10.2k
-1
votes
1
answer
568
views
The provider hashicorp/azurerm does not support resource type "azurerm_resource_group_policy_assignment"
Im trying to set some policy rules on the Rg level with this.
My code looks like this:
locals {
tenant_id = "xxxxxxxxxxxx"
subscription_id = var.env == "dev" ? "...
- 3,254
0
votes
3
answers
584
views
JSON representation of the current Terraform configuration
I want to have a clear, machine-readable (e.g. JSON) representation of all the resources that are currently defined in my Terraform project, along with all of the resource configs/options. Is there a ...
- 1,652
0
votes
1
answer
142
views
Share values from child to parent
I would like to achieve common tags to be included with a set of other tags. Let's assume this is my working directory tree:
├── README.md
├── _envcommon
│ └── eks-vpc.hcl
├── non-production
│ ├── ...
- 3,202
0
votes
1
answer
112
views
Tools for Terraform that have support for Oracle Cloud Infrastructure resources
I am working (not out of choice) with Oracle Cloud Infrastructure and would like to implement some pre commit checks, mainly linting and static infrastructure scanning + testing. Is anyone aware of ...
- 61
0
votes
2
answers
377
views
How can I define compile time constants in bicep configuration language?
I'm currently working on deploying multiple workbooks in Azure using Bicep. My goal is to create a resource workbook and deploy multiple instances of it. However, I've encountered an issue with the ...
- 538
1
vote
1
answer
871
views
Terraformer Import Error: exec: no command When Importing AWS Resources on Windows
I'm trying to use Terraformer on Windows to import my AWS resources into Terraform configuration files. I have Terraform and Terraformer installed, but I'm encountering an error when running the ...
6
votes
3
answers
5k
views
How to get the "Function Url" which is with in a Function-App deployed using Terraform?
As part of IaC, A Function App, lets name it FuncAppX is deployed using Terraform, which has a function with-in.
I need to access the Url of the same function with-in a function app using Terraform. I ...
- 23.6k
1
vote
1
answer
35
views
How to integrate the lambdas uris in the AWS API Gateway Specification YAML?
I'm working on managing my AWS API Gateway resources with Terraform. I've already generated the specification.yaml file for my API Gateway directly from the AWS Management Console.
My questions are:
...
- 15k