https://pulumi.com logo
#aws
Title
# aws
a

astonishing-jackal-3977

10/02/2023, 10:27 AM
Hello everyone. I'm having problems with deploying
pulumi_aws.ssoadmin.CustomerManagedPolicyAttachment
. I have two
CustomerManagedPolicyAttachments
with one
PermissionSet
and when there are any changes to one of the policy attachments I get an error on pulumi up . The error:
Copy code
creating SSO Customer Managed Policy Attachment (iam-get-role-policy-c4c5cc5,/,arn:aws:sso:::permissionSet/ssoins-69873ef126937df1/ps-449344b8cb6b7ec5,arn:aws:sso:::instance/ssoins-69873ef126937df1): error waiting for SSO Permission Set (arn:aws:sso:::permissionSet/ssoins-69873ef126937df1/ps-449344b8cb6b7ec5) to provision: unexpected state 'FAILED', wanted target 'SUCCEEDED'. last error: %!s(<nil>
I think this might be related to this terraform bug: https://github.com/hashicorp/terraform-provider-aws/issues/33337 I already tried tweeking the
ResourceOptions
with
depends_on
,
delete_before_replace
and
replace_on_changes
, but to no effect. Sometimes it works on a rerun, but it's not really predictable. Let me know if you need more information. e: I was thinking about using the aws-native package, but introducing new dependencies (esepcially in preview) might not be possible.
2 Views