Please provide more explanation around how the time resource works.

[jamest-pin]

File: themes/default/content/registry/packages/time/_index.md

For example, the trigger is just a definition with no content. How and when does it trigger the time resource to do things?

I want to add aws tags for all my resources with a timestamp of when it was first created, and when it was last updated.

Is this possible? If so how would I achieve it? Seems unwieldy to create a time resource for every other resource.

[toriancrane]

Hi @jamest-pin! Thank you for raising this issue. We will take a look into improving content around this topic.

Regarding your specific use case, one thing you can do is create a custom component that wraps AWS resources and adds the required tags. These tags will include a timestamp for when the resource was first created and when it was last updated.

I am sharing a sample implementation in Python using a simple S3 bucket and IAM role:

import pulumi
import pulumi_aws as aws
from datetime import datetime
import json

class TaggedResource(pulumi.ComponentResource):
    def __init__(self, name, resource_type, resource_args, opts=None):
        super().__init__('custom:resource:TaggedResource', name, None, opts)

        self.creation_time = datetime.utcnow().isoformat()
        resource_args['tags'] = {'Created': self.creation_time, 'LastUpdated': self.creation_time}

        if resource_type == 's3':
            self.resource = aws.s3.Bucket(name, **resource_args,
                                          opts=pulumi.ResourceOptions(parent=self,
                                                                      additional_secret_outputs=['tags']))
        elif resource_type == 'iam_role':
            self.resource = aws.iam.Role(name, **resource_args,
                                         opts=pulumi.ResourceOptions(parent=self,
                                                                     additional_secret_outputs=['tags']))

        def update_tag(args):
            args['tags']['LastUpdated'] = datetime.utcnow().isoformat()
            return args

        pulumi.Output.all(self.resource.id, self.resource.tags).apply(
            lambda args: update_tag({'id': args[0], 'tags': args[1] or {}}))

        self.register_outputs({})

# Creating a tagged S3 bucket
bucket = TaggedResource('my-bucket', 's3', {})

# Creating a tagged IAM role
iam_role = TaggedResource('my-iam-role', 'iam_role', {
    'assume_role_policy': json.dumps({
        "Version": "2012-10-17",
        "Statement": [{
            "Action": "sts:AssumeRole",
            "Effect": "Allow",
            "Principal": {
                "Service": "ec2.amazonaws.com"
            }
        }]
    })
})

In this code:

• TaggedResourceis a custom component that can create either an S3 bucket or IAM role based on the resource_type parameter
• When a resource is first created, both 'Created' and 'LastUpdated' tags will have the same timestamp.
• The update_tag function updates the 'LastUpdated' timestamp every time the Pulumi program runs and makes changes to the bucket.
• pulumi.Output.all().apply() is used to update the tags after resource creation.

[jamest-pin]

Thanks so much @toriancrane . I ought to have mentioned am using yaml and so it's a little harder to visualise than with a proper programming language.

[toriancrane]

Hi @jamest-pin , thank you for your response! To my knowledge, YAML doesn't support the same level of programming logic (like classes and conditionals) as Python or other programming languages. Instead, you declare resources in a more straightforward, declarative manner. Given that, I'm not sure if what you are looking to do is possible in YAML but I am asking around internally just to double check.

In the meantime, feel free to connect with our community on Slack for additional support. Somewhere there may have a solution that meets your needs.