https://pulumi.com logo
#getting-started
Title
# getting-started
b

bored-car-93231

11/15/2023, 3:54 PM
Can I get some help here? I'm unable to a simple deployment even though credentials are correct. https://github.com/pulumi/pulumi-aws/issues/2986
m

miniature-musician-31262

11/15/2023, 4:27 PM
How are you setting your AWS credentials?
Are you using one of the methods described here (and if so, which)? https://www.pulumi.com/registry/packages/aws/installation-configuration/#configuration
I'm also curious whether this repros with something completely vanilla, and in a new shell, to rule out an issue specific to the current environment or program.
For example,
Copy code
export AWS_PROFILE=default
pulumi new aws-python --yes && pulumi up
If that works, then the issue is specific to the program you shared in the earlier thread.
b

bored-car-93231

11/15/2023, 4:53 PM
credentials are set through aws configure, so it's in the aws credentials file but I have also export the value in the local environment. I'm working inside a poetry venv but have tried without the venv with no change to the issue. same issue with the command you shared (credential info scrubbed, albeit original is correct): Type Name + pulumipulumiStack demo-dev └─ pulumiprovidersaws default_6_8_0 Diagnostics: pulumiprovidersaws (default_6_8_0): error: rpc error: code = Unknown desc = unable to validate AWS credentials. Details: validating provider credentials: retrieving caller identity from STS: operation error STS: GetCallerIdentity, https response error StatusCode: 400, RequestID: e03d6756-647d-44a3-8e70-f5b5df16761c, api error IncompleteSignature: '/20231115/us-east-1/sts/aws4_request' not a valid key=value pair (missing equal-sign) in Authorization header: 'AWS4-HMAC-SHA256 Credential=AKA5PSXE3 /20231115/us-east-1/sts/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date, Signature=1906fc70039ecb24abe2160823b589647307e6c7bd661fae1d5253'. Make sure you have set your AWS region, e.g.
pulumi config set aws:region us-west-2
. NEW: You can use Pulumi ESC to set up dynamic credentials with AWS OIDC to ensure the correct and valid credentials are used. Learn more: https://www.pulumi.com/blog/esc-env-run-aws/
Happy to jump on a quick call.
c

clever-sunset-76585

11/15/2023, 5:24 PM
@bored-car-93231 DM me and we'll figure out a time for a call.
For posterity, there was a stray trailing tab character in the
credentials
file. Fixing that did the trick.
4 Views