https://pulumi.com logo
#getting-started
Title
# getting-started
b

bored-car-93231

01/05/2024, 6:57 PM
What is causing this error? awss3BucketObjectLockConfigurationV2 (demo-bucket-lock): error: 1 error occurred: * creating S3 Bucket (demo-bucket-e14b5a4) Object Lock Configuration: operation error S3: PutObjectLockConfiguration, https response error StatusCode: 400, RequestID: EA3HGME2SGQWEVKM, HostID: vbrtfrC866c4J08lSS3EbZjGyA/QvoAEHWZ7vLbnmdxSnn6sijw1pE8MtcXX+3Nfjhxp555hOzw=, api error MalformedXML: The XML you provided was not well-formed or did not validate against our published schema
import pulumi_aws as aws
import pulumi_awsx as awsx
from pulumi import ResourceOptions, Output
import pulumi
# Create an AWS S3 Bucket
bucket = aws.s3.Bucket('demo-bucket',
versioning=aws.s3.BucketVersioningArgs(
enabled=True
),
opts=ResourceOptions(retain_on_delete=True)
)
# Building the JSON policy for public-read
public_read_policy = {
'Version': '2012-10-17',
'Statement': [
{
'Effect': 'Allow',
'Principal': '*',
'Action': 's3:GetObject',
'Resource': Output.concat('arn:aws:s3:::', bucket.id, '/*'),
}
],
}
bucket_policy = aws.s3.BucketPolicy('demo-bucket-policy', bucket=bucket.id, policy=public_read_policy)
# Configure the bucket to use an indefinite Object Lock retention policy
# By setting 'mode' to 'COMPLIANCE' and not specifying a 'days' or 'years' argument
# Configure Object Lock on the bucket
object_lock_config = aws.s3.BucketObjectLockConfigurationV2(
"demo-bucket-lock",
bucket=bucket.id,
# Enable Object Lock
object_lock_enabled='Enabled',
rule=aws.s3.BucketObjectLockConfigurationV2RuleArgs(
default_retention=aws.s3.BucketObjectLockConfigurationRuleDefaultRetentionArgs(
# Compliance mode to prevent object version deletions
mode="COMPLIANCE",
)
)
)
c

clever-sunset-76585

01/08/2024, 4:41 AM
Hmm that's a strange error. Just a thought but do you know what value
bucket.id
has? It's possible that the object lock configuration takes in the bucket name as the value for
bucket
and if
bucket.id
isn't the bucket name then that might explain the 400 BadRequest from AWS.
b

bored-car-93231

01/09/2024, 4:34 PM
Ultimately I removed this block of code since it introduced a new bucket. I have an older untracked bucket that I'm using which produced from a previous setup, as a result of the retain_on_delete bucket parameter.