https://pulumi.com logo
#getting-started
Title
# getting-started
e

enough-shoe-73030

11/06/2023, 1:47 PM
Hi there, I'm new to Pulumi, I've setup ESC and can run command like "`esc run xyz/dev -i aws s3 ls"` but once I try running
pulumi up
,I'm recieving error :
Copy code
unable to validate AWS credentials.
I couldn't find clear steps on how to integrate esc with Pulumi. can anyone give me a hint or point me to the proper doc?
I can run and configure aws on my client, but I thought esc is there to avoid storing those credentials in my local.
f

fierce-night-38522

11/06/2023, 5:31 PM
Hey @enough-shoe-73030! Have you imported your ESC environment into your Pulumi config file? You can take a look at this guide for an example.
e

enough-shoe-73030

11/06/2023, 5:33 PM
Hi @fierce-night-38522, thanks for the link. I tried to follow that guidline, which section is exactly about importing ESC to Pulumi config?
f

fierce-night-38522

11/06/2023, 5:36 PM
It's the "Integrating with Pulumi IaC" section (if you click the above link it will take you right to it). You'll basically want to make sure you have added in your ESC file a second level key named
pulumiConfig
and add your AWS environment variables underneath that:
Copy code
values:
  pulumiConfig:
    AWS_ACCESS_KEY_ID: ${aws.login.accessKeyId} //etc
and then in your Pulumi config file you want to add a top level key named
environment
and provide the name of your environment underneath that
Copy code
environment:
  - <your-environment-name-here>
e

enough-shoe-73030

11/06/2023, 5:37 PM
I see, I'll try it. thanks
f

fierce-night-38522

11/06/2023, 5:37 PM
no problem!
@enough-shoe-73030 Just a quick follow up to correct myself, the AWS environment variables in the ESC environment file should be defined under the
environmentVariables
second level key and not the `pulumiConfig`:
Copy code
values:
  aws:
    login:
      fn::open::aws-login:
        oidc:
          duration: 1h
          roleArn: <your-role-arn>
          sessionName: esc-session
  environmentVariables:
    AWS_ACCESS_KEY_ID: ${aws.login.accessKeyId}
    AWS_SECRET_ACCESS_KEY: ${aws.login.secretAccessKey}
    AWS_SESSION_TOKEN: ${aws.login.sessionToken}
e

enough-shoe-73030

11/06/2023, 5:53 PM
thanks alot I
I will update the result here
@fierce-night-38522, my ESC env ( called '`esc-dev`') is like this:
Copy code
values:
  aws:
    login:
      fn::open::aws-login:
        oidc:
          duration: 1h
          roleArn: <XYZ>
          sessionName: pulumi-environments-session
  environmentVariables:
    AWS_ACCESS_KEY_ID: ${aws.login.accessKeyId}
    AWS_SECRET_ACCESS_KEY: ${aws.login.secretAccessKey}
    AWS_SESSION_TOKEN: ${aws.login.sessionToken}
and
esc run  reetl/esc-dev -i aws s3 ls
works perfectly. Now: 1. created a new Pulumi project/stack using this command:
pulumi new aws-python
( named '`dev`') which created following files : (
Pulumi.yaml
and
Pulumi.dev.yaml
) 2. no I'm trying to run
Pulumi up
without need for having aws credential stored in my laptop. just using ESC . what is the next step here ? ( how do I connect ESC to Pulumi IaC? )
f

fierce-night-38522

11/06/2023, 7:33 PM
In the
Pulumi.dev.yaml
file add the following:
Copy code
environment:
  - esc-dev
This is telling Pulumi IaC to import your ESC environment file into this configuration file.
e

enough-shoe-73030

11/06/2023, 7:34 PM
I did and still getting the same error
ah. type there
but still getting error : unable to validate AWS credentials. Details: No valid credential sources found. Please see https://www.pulumi.com/registry/packages/aws/installation-configuration/ for more information about providing credentials.
f

fierce-night-38522

11/06/2023, 7:38 PM
And just to double check, was your Pulumi program created in the same Organization as your ESC environment file? (e.g.
reetl
)
e

enough-shoe-73030

11/06/2023, 7:38 PM
yes.
BTW the document here says
environment*s*
not
environment
( s at the end)
f

fierce-night-38522

11/06/2023, 7:40 PM
Have you tried it with
environments
?
e

enough-shoe-73030

11/06/2023, 7:40 PM
i tried both.
in other doc it says without "s" :
f

fierce-night-38522

11/06/2023, 7:42 PM
Thank you for pointing that out! We'll make sure to update the docs so that they are aligned. In my current IDE it is working with
environment
. Let me see if I can try to reproduce
e

enough-shoe-73030

11/06/2023, 7:42 PM
yes, now it's working without 's'.
awesome!
I understand ESC is new, right? would be great to have an easy to understand guide for the integration with Pulumi IaC
f

fierce-night-38522

11/06/2023, 7:44 PM
Thank you for the feedback! We are currently working on adding content that will make this a lot clearer
e

enough-shoe-73030

11/06/2023, 7:44 PM
awesome!
f

fierce-night-38522

11/06/2023, 7:48 PM
Would you mind sharing the link to the page that showed
environments
? We will work on getting that updated asap
e

enough-shoe-73030

11/06/2023, 7:49 PM
homepage of
Environments
menu : https://app.pulumi.com/<XYZ>/esc