What is causing this error? awss3BucketObjectLockConfigurationV2 (demo-bucket-lock): error: 1 error occurred: * creating S3 Bucket (demo-bucket-e14b5a4) Object Lock Configuration: operation error S3: PutObjectLockConfiguration, https response error StatusCode: 400, RequestID: EA3HGME2SGQWEVKM, HostID: vbrtfrC866c4J08lSS3EbZjGyA/QvoAEHWZ7vLbnmdxSnn6sijw1pE8MtcXX+3Nfjhxp555hOzw=, api error MalformedXML: The XML you provided was not well-formed or did not validate against our published schema

import pulumi_aws as aws

import pulumi_awsx as awsx

from pulumi import ResourceOptions, Output

import pulumi

# Create an AWS S3 Bucket

bucket = aws.s3.Bucket('demo-bucket',

versioning=aws.s3.BucketVersioningArgs(

enabled=True

),

opts=ResourceOptions(retain_on_delete=True)

)

# Building the JSON policy for public-read

public_read_policy = {

'Version': '2012-10-17',

'Statement': [

{

'Effect': 'Allow',

'Principal': '*',

'Action': 's3:GetObject',

'Resource': Output.concat('arn:aws:s3:::', bucket.id, '/*'),

}

],

}

bucket_policy = aws.s3.BucketPolicy('demo-bucket-policy', bucket=bucket.id, policy=public_read_policy)

# Configure the bucket to use an indefinite Object Lock retention policy

# By setting 'mode' to 'COMPLIANCE' and not specifying a 'days' or 'years' argument

# Configure Object Lock on the bucket

object_lock_config = aws.s3.BucketObjectLockConfigurationV2(

"demo-bucket-lock",

bucket=bucket.id,

# Enable Object Lock

object_lock_enabled='Enabled',

rule=aws.s3.BucketObjectLockConfigurationV2RuleArgs(

default_retention=aws.s3.BucketObjectLockConfigurationRuleDefaultRetentionArgs(

# Compliance mode to prevent object version deletions

mode="COMPLIANCE",

)

)

)

Hmm that's a strange error. Just a thought but do you know what value

bucket.id

has? It's possible that the object lock configuration takes in the bucket name as the value for

bucket

and if

bucket.id

isn't the bucket name then that might explain the 400 BadRequest from AWS.

Ultimately I removed this block of code since it introduced a new bucket. I have an older untracked bucket that I'm using which produced from a previous setup, as a result of the retain_on_delete bucket parameter.