Channels
#getting-started
Title
# getting-started
e
enough-shoe-73030
11/06/2023, 1:47 PMHi there, I'm new to Pulumi, I've setup ESC and can run command like "`esc run xyz/dev -i aws s3 ls"` but once I try running
pulumi up Copy code
unable to validate AWS credentials.I can run and configure aws on my client, but I thought esc is there to avoid storing those credentials in my local.
f
fierce-night-38522
11/06/2023, 5:31 PMHey @enough-shoe-73030! Have you imported your ESC environment into your Pulumi config file? You can take a look at this guide for an example.
e
enough-shoe-73030
11/06/2023, 5:33 PMHi @fierce-night-38522, thanks for the link. I tried to follow that guidline, which section is exactly about importing ESC to Pulumi config?
f
fierce-night-38522
11/06/2023, 5:36 PMIt's the "Integrating with Pulumi IaC" section (if you click the above link it will take you right to it).
You'll basically want to make sure you have added in your ESC file a second level key named
pulumiConfig Copy code
values:
pulumiConfig:
AWS_ACCESS_KEY_ID: ${aws.login.accessKeyId} //etcand then in your Pulumi config file you want to add a top level key named
environment Copy code
environment:
- <your-environment-name-here>e
enough-shoe-73030
11/06/2023, 5:37 PMI see, I'll try it. thanks
f
fierce-night-38522
11/06/2023, 5:37 PMno problem!
@enough-shoe-73030 Just a quick follow up to correct myself, the AWS environment variables in the ESC environment file should be defined under the
environmentVariables Copy code
values:
aws:
login:
fn::open::aws-login:
oidc:
duration: 1h
roleArn: <your-role-arn>
sessionName: esc-session
environmentVariables:
AWS_ACCESS_KEY_ID: ${aws.login.accessKeyId}
AWS_SECRET_ACCESS_KEY: ${aws.login.secretAccessKey}
AWS_SESSION_TOKEN: ${aws.login.sessionToken}e
enough-shoe-73030
11/06/2023, 5:53 PMthanks alot I
I will update the result here
@fierce-night-38522, my ESC env ( called '`esc-dev`') is like this:
Copy code
values:
aws:
login:
fn::open::aws-login:
oidc:
duration: 1h
roleArn: <XYZ>
sessionName: pulumi-environments-session
environmentVariables:
AWS_ACCESS_KEY_ID: ${aws.login.accessKeyId}
AWS_SECRET_ACCESS_KEY: ${aws.login.secretAccessKey}
AWS_SESSION_TOKEN: ${aws.login.sessionToken}esc run reetl/esc-dev -i aws s3 lspulumi new aws-pythonPulumi.yamlPulumi.dev.yamlPulumi upf
fierce-night-38522
11/06/2023, 7:33 PMIn the
Pulumi.dev.yaml Copy code
environment:
- esc-deve
enough-shoe-73030
11/06/2023, 7:34 PMI did and still getting the same error
ah. type there
but still getting error :
unable to validate AWS credentials.
Details: No valid credential sources found. Please see https://www.pulumi.com/registry/packages/aws/installation-configuration/
for more information about providing credentials.
f
fierce-night-38522
11/06/2023, 7:38 PMAnd just to double check, was your Pulumi program created in the same Organization as your ESC environment file? (e.g.
reetle
enough-shoe-73030
11/06/2023, 7:38 PMyes.
BTW the document here says
environment*s*environmentf
fierce-night-38522
11/06/2023, 7:40 PMHave you tried it with
environmentse
enough-shoe-73030
11/06/2023, 7:40 PMi tried both.
in other doc it says without "s" :
f
fierce-night-38522
11/06/2023, 7:42 PMThank you for pointing that out! We'll make sure to update the docs so that they are aligned. In my current IDE it is working with
environmente
enough-shoe-73030
11/06/2023, 7:42 PMyes, now it's working without 's'.
awesome!
I understand ESC is new, right? would be great to have an easy to understand guide for the integration with Pulumi IaC
f
fierce-night-38522
11/06/2023, 7:44 PMThank you for the feedback! We are currently working on adding content that will make this a lot clearer
e
enough-shoe-73030
11/06/2023, 7:44 PMawesome!
f
fierce-night-38522
11/06/2023, 7:48 PMWould you mind sharing the link to the page that showed
environmentse
enough-shoe-73030
11/06/2023, 7:49 PMhomepage of
Environments