529 questions
Best practices
0
votes
0
replies
42
views
How to manage (Google Cloud Composer) Airflow roles with infrastructure as code?
Are there any best practices for handling roles in code?
Most of our setup is managed via Terraform. It would be great if there was a possibility.
There is a Terraform provider, however using the ...
- 3,731
0
votes
1
answer
51
views
How to automatically extract AWS Lambda configurations to Terraform for GCP migration? [closed]
I'm migrating multiple AWS Lambda functions to GCP and need to generate Terraform configurations that match the existing AWS setup. Currently, I'm manually writing each Lambda configuration, which is ...
- 11
1
vote
1
answer
154
views
GCP Infrastructure Manager needs excessive ADMIN or OWNER role on project to work
I'm trying to configure GCP Infrastructure Manager (IM) with my custom Service Account (SA), but I can't do that without assigning it a project ADMIN or OWNER role.
I assigned SA the following roles:
...
- 11
0
votes
0
answers
43
views
Create SQL DB user without exposing database during IaC depoyment
I have and Azure DevOps CD pipeline, that deploys Azure Infrastructure (using Pulumi).
It creates and Azure Database for PostgreSQL.
I want to create SQL User (other than existing superadmin) in ...
- 27.8k
0
votes
0
answers
62
views
Create Logic App Standard using Pulumi Azure Native
I am new to Infrastructure As Code (IAC). I have created and configured the Logic App Standard with 2 workflows in it using Azure Portal. But I was asked to create them using IAC. My requirement is to ...
- 57
0
votes
1
answer
116
views
Pulumi Dynamic Provider with azure-devops-node-api Fails Due to Serialization Error
I am writing a Pulumi dynamic resource provider to control Azure DevOps project pipeline settings using the azure-devops-node-api client. Here's my provider code:
import * as pulumi from '@pulumi/...
- 85
0
votes
0
answers
11
views
Why do CloudFormation stack dependencies report UPDATE_COMPLETE in reverse order?
I have multiple CloudFormation stacks with serial dependencies (Stack A2 depends on Stack A1, etc.).
I've noticed a pattern during stack updates where CloudFormation appears to report the ...
- 1,140
0
votes
1
answer
222
views
Authorization error on my storage account when lisitng files from databricks
I have the strange issue where I dont understand why Im having the authorization error:
Im running this code with out any error:
dbutils.fs.ls("abfss://[email protected]/&...
0
votes
1
answer
87
views
DevOps tools for visualizing/managing resource relationships in GCP?
I'm working on a GCP project where we need better visibility into how our resources are connected and dependent on each other. Our infrastructure has grown complex with multiple services, networks, ...
- 19
0
votes
1
answer
78
views
Azure Infra - Connect external vNet with APIM
Problem statement:
Company A - has a vNet. Some application is running in th4 vNet.
Company B - has APIM which consolidates all the APIs running in AKS.
Company A needs to connect Company B in private ...
- 109
0
votes
1
answer
94
views
Azure create PROD out of DEV Environment
Context
We have a working dev environment in azure.
The project is about hosting a frontend, a backend and a database via container apps. It is still in the beginning so there are not that many ...
- 119
0
votes
1
answer
111
views
Azure managed grafana plugin definition in Bicep
I'm trying to add the infinity data source plugin to my Azure managed Grafana which is deployed using Bicep. However the documentation for adding plugins using Bicep is non existent and I cannot find ...
- 59
0
votes
1
answer
231
views
provider error new hashicorp/get provider
terraform plan causes:
Error: Inconsistent dependency lock file
The following dependency selections recorded in the lock file are inconsistent with the current configuration:
provider registry....
1
vote
1
answer
213
views
Terraform - GitHub Provider | scalable methods in managing organizations
I'm trying to manage GitHub Enterprise with 200+ organizations using Terraform. Here's what I've achieved so far:
I've used the GitHub Provider (integrations/github) in Terraform to create/modify 10+ ...
- 23
0
votes
1
answer
459
views
How to store github settings as code instead of in a UI
Is there a way to store my github repo's settings "as-code" rather than interacting with the settings via UI? Aka these things:
I would like to do this so that:
We can keep a history of ...
- 27.4k
0
votes
1
answer
142
views
Share values from child to parent
I would like to achieve common tags to be included with a set of other tags. Let's assume this is my working directory tree:
├── README.md
├── _envcommon
│ └── eks-vpc.hcl
├── non-production
│ ├── ...
- 859
1
vote
1
answer
875
views
Terraformer Import Error: exec: no command When Importing AWS Resources on Windows
I'm trying to use Terraformer on Windows to import my AWS resources into Terraform configuration files. I have Terraform and Terraformer installed, but I'm encountering an error when running the ...
- 35
-1
votes
1
answer
624
views
How to solve cycle error ( circular dependency error ) of terraform during assume role in providers?
I am trying to use terraform programming for infrastructure software development. The data resource to retrieve account id in order to avoid hardcoding account id/mask account id before checking into ...
- 11.9k
1
vote
1
answer
283
views
Issues Deploying Multiple Azure Resources with ARM Template
I need you help with an ARM template issue I'm facing. Here's a brief summary:
I am working on creating a template for deploying a resource group and several resources related to Azure Machine ...
- 9
0
votes
1
answer
395
views
Why can't I use a Terraform `move` block to move an Azure SQL Database to a different resource name?
I've been able to move SQL Alerts between resource names in my terraform, for example:
moved {
from = module.myproj_sqldbs.azurerm_monitor_metric_alert.alert_storage_percentage_exceeds_80["mydb&...
- 30.6k
0
votes
2
answers
252
views
How to setup secret/password values in Secrets Manager using CDK/Cloudformation?
We are looking to configure our SecretsManager instances via Cloudformation/CDK.
Based on what we've read, SecretsManager recommends using their generate secrets function.
Unfortunately, we can't use ...
- 7,908
0
votes
1
answer
273
views
How Create CloudWatch Disk Space Alarm for Different Paths Dynamically
I have configured CW agent to send disk space metrics and create an alarm based on that metric.
I'm using terraform deploy resources in AWS. Below code is working when I only create alarm for a single ...
- 15
0
votes
1
answer
698
views
terraform base64encode multiline
I have the following multiline variable in Terraform for PRIVATE_KEY encoded with base64encode function
oci_prv_key = <<EOT
-----BEGIN PRIVATE KEY-----
xxxxxxxxx
xxxxxxxx
xxxxxxxxx
xxxxxxxxx
----...
- 550
0
votes
1
answer
532
views
Bicep adding DNS Records saying already exists when it doesn't
I am using Bicep to deploy our applications infrastructure and we're trying to add our SendGrid Domain Authentication DNS Records into the Bicep so we can deploy across our different environments, or ...
- 25
0
votes
1
answer
284
views
Wrong bicep scope in module
I've got two bicep files, main.bicep and webAppRoleAssignment.bicep
main.bicep
....
module webAppRoleAssignment 'webAppRoleAssignment.bicep' = {
name: 'webAppRoleAssignment'
scope: az....
- 591