No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

This is my Github action yaml
```jobs:
    dev:
        name: Deploy Staging Changes
        runs-on: self-hosted
        steps:
            - name: Checkout
              uses: actions/checkout@v4
            - name: Volta
              run: volta install pnpm
            - name: Setup Node
              uses: actions/setup-node@v3.5.0
              with:
                node-version: "20"
                cache: "pnpm"
            - name: Install dependencies
              run: pnpm install
            - name: Configure AWS Credentials
              uses: aws-actions/configure-aws-credentials@v2
              with:
                aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
                aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
                aws-region: ${{ env.AWS_REGION }}
            - name: Pulumi Update
              uses: pulumi/actions@v3
              with:
                command: up
                stack-name: staging
                comment-on-pr: true
                work-dir: ${{ env.WORKDIR }}
                upsert: true
              env:
                PULUMI_ACCESS_TOKEN: ${{ secrets.ACCESS_TOKEN }}```

I've tried running `pulumi config set` for these too to see if it's the env variables that are the problem and no change

My infra folder is a package in a monorepo and we're using pnpm

Have you checked the values in your deployment secrets? That error message is saying the problem is in AWS_ACCESS_KEY_ID and AWS_SECRET_ACCES_KEY.

I have checked them yes, tested the values locally and then updated the secrets with the working values

I see this in the error log:
&gt; dial tcp: lookup <http://sts.us-west-2.amazonaws.com|sts.us-west-2.amazonaws.com>: no such host
Any ideas why that might be there? Are you running on a firewalled local runner?

It is running on a self hosted runner so I'll check that that isn't blocking Pulumi

It's access to AWS that needs to be enabled. The problem was when trying to connect to <http://amazonaws.com|amazonaws.com>

Are you still getting the same error? Could it have been a temporary issue?

There's been a few people having the same timeout error for STS this week.
Unfortunately, aws doesn't provide health status for the sts service :face_with_rolling_eyes:

<@U012UJTT55M> still seeing it, I've run into a similar issue running pulumi locally when it was working yesterday

It was a temporary problem, however I did need to set my AWS secret key in a step in the action for it to work

That's what `aws-actions/configure-aws-credentials` is for though. If you're setting the access and secret keys manually, then you don't need that action.

I've tried one and the other and without `aws-actions/configure-aws-credentials`  I get a `Error: No valid credential sources found for AWS Provider.`  and without setting the secret manually I get the above error... I'm looking into our AWS IAM config to see if something is stopping it there