shy-solstice-54260
02/27/2024, 3:07 AMs3.BucketObject()
it was working fine so far, but recently I changed the permissions on IAM role to deny s3:GetObjects
for all resources. After this change, my pulumi code is failing with error
aws:s3:BucketObject (my-object):
error: 1 error occurred:
* creating urn:pulumi:teleport::launchpad::aws:s3/bucketObject:BucketObject::my-object: 1 error occurred:
* reading S3 Object (my-object): Forbidden: Forbidden
status code: 403,
Does s3.BucketObject() need GetObject permission to read metadata of the object or know the status of the upload?little-cartoon-10569
02/27/2024, 3:16 AMshy-solstice-54260
02/27/2024, 3:18 AMlittle-cartoon-10569
02/27/2024, 3:25 AM@pulumi/aws/...??
import that you can use the access the AWS client classes. If not, you can just add the @aws-sdk/client-s3 dependency.little-cartoon-10569
02/27/2024, 3:27 AMshy-solstice-54260
02/27/2024, 3:42 AMbig-state-95297
02/27/2024, 3:55 AMlittle-cartoon-10569
02/27/2024, 6:39 PMbig-state-95297
02/29/2024, 2:46 AMpulumi refresh
?little-cartoon-10569
02/29/2024, 2:50 AMpulumi refresh
attempts to resolve as much drift as it can. It won't fix things like deletes or creates. There is nothing that does that.