This message was deleted.
# aws
s
This message was deleted.
b
Delete before replace is the answer here, what didn’t work about that?
n
That works only if you update the same policy, in this case I was generating a new policy (with a new id) to attach to the same bucket. When doing the
pulumi up
command, first pulumi create the new BucketPolicy (and I suppose attach it to the bucket) and then remove the old one. But working this way, the bucket results with no policy at all.
In order to reapply the correct policy, I need to perform a
pulumi refresh
- Pulumi recognize this way the new policy I wanted to apply has been actually deleted in the
pulumi up
operation - and then re-do the
pulumi up
command
b
Why wouldn’t you just modify the existing policy? Is there a reason you need to define and entirely new policy for this?
n
yeah, the reason was a wrong configuration. We were applying two policies to some buckets instead of working with multiple statements within the same policy, Pulumi created the two policies correctly, but the latest policy was the only one actually applied to the bucket. Therefore I had to fix the bug by creating a new policy with multiple statements inside. But this generated the issue above.
b
hrm, maube I’m not quite following what’s happening here, do you have a code example I can look at?
n
I can recreate the scenario somehow, but I can't share the actual code unfortunately. Gimme me a bit of time
@billowy-army-68599 Here the code, both the before and after, with some comments