Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
package-authoring
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
m
magnificent-pillow-80370
04/19/2023, 3:25 PManyone has issues assuming role in pulumi: https://github.com/pulumi/examples/blob/master/aws-py-assume-role/assume-role/__main__.py
s
steep-toddler-94095
04/19/2023, 5:20 PMdid you set
roleToAssumeARNm
magnificent-pillow-80370
04/20/2023, 11:50 AMI am passing role arn as the variable in the program:
role_arn = "arn:aws:iam::123456789:role/role_name"
# Create a new AWS provider that uses the assumed role
aws_provider = Provider("custom", region="us-east-1", assume_role={"role_arn": role_arn,
"session_name": "session_name"})If I assume the role using sts and use it in aws provider, the code works fine. code doesn't work the way its mentioned in the example: https://github.com/pulumi/examples/blob/master/aws-py-assume-role/assume-role/__main__.py
sts_client = boto3.client("sts")
# Assume the role and get the credentials
assumed_role = sts_client.assume_role(RoleArn=role_arn,
RoleSessionName="pulumi_role_session",
)
# Set assumed role credentials
assumed_role_credentials = assumed_role["Credentials"]
# Create the AWS provider with temporary credentials
aws_provider = aws.Provider("temp_creds_provider",
access_key=assumed_role_credentials["AccessKeyId"],
secret_key=assumed_role_credentials["SecretAccessKey"],
token=assumed_role_credentials["SessionToken"],
region="us-east-1",
)