hey folks, is it possible to create resources in a...
# awsr
red-appointment-82154
12/22/2023, 7:33 AMhey folks, is it possible to create resources in another account using an existing cross account role with pulumi? i tried looking into providers but couldn't get it to work
g
great-sunset-355
12/22/2023, 3:34 PMCreate a provider with
assumeRole Copy code
this.provider = new aws.Provider(
name,
{
assumeRole: {
roleArn: roleArnToAssume,
sessionName: "PulumiSession",
externalId: "PulumiApplication",
},
region: aws.config.requireRegion(),
skipCredentialsValidation: true,
},
{ parent }
);a
ambitious-lion-49640
01/03/2024, 3:39 PMI'm having the same issue right now.
ambitious-lion-49640
01/03/2024, 3:56 PMFor Python, I fixed it by doing this:
Copy code
test_provider = aws.Provider(
"testprovider",
assume_role=aws.ProviderAssumeRoleArgs(
role_arn="arn:aws:iam::<awsaccount>:role/test-role",
session_name="PulumiSession",
),
# assume_role={
# "role_arn": "arn:aws:iam::<awsaccount>:role/test-role",
# "session_name": "PulumiSession",
# # "externalId": "PulumiApplication",
# },
region="us-east-1",
default_tags={"tags": {"created-by": prefix}},
)