worried-queen-62794
04/22/2024, 11:09 PMstack.preview
with a tiny program that just contains an aws.iam.Role
. I keep getting this error:
pulumi:providers:aws (default_6_29_0):
error: rpc error: code = Unknown desc = 2 errors occurred:
* CheckConfig failed because of malformed resource inputs: error unmarshalling property "assumeRole": invalid character 'a' looking for beginning of value
* CheckConfig failed to unmarshal news: error unmarshalling property "assumeRole": invalid character 'a' looking for beginning of value
That resource doesn’t have an assumeRole
property AFAICT (it has assumeRolePolicy
). Any idea what could be going on? It looks like this is error is coming from the pulumi-terraform-bridge
. How can I find out what is causing this?little-cartoon-10569
04/22/2024, 11:55 PMworried-queen-62794
04/23/2024, 12:06 AMconst program: PulumiFn = async () => {
new aws.iam.Role(
"Bootstrap",
{
description: `Allows users to deploy the TODO project.`,
path: "/user/",
name: "Bootstrap",
assumeRolePolicy: JSON.stringify({})
},
opts
);
};
I know that isn’t a valid policy but I am trying to minimise the problemlittle-cartoon-10569
04/23/2024, 12:10 AMworried-queen-62794
04/23/2024, 12:12 AMworried-queen-62794
04/23/2024, 12:14 AMconst program: PulumiFn = async () => {
new aws.iam.Role(
"Bootstrap",
{
description: `Allows users to deploy the TODO project.`,
path: "/user/",
name: "Bootstrap",
assumeRolePolicy: JSON.stringify({
Version: "2012-10-17",
Statement: [{
Action: "sts:AssumeRole",
Effect: "Allow",
Sid: "",
Principal: {
Service: "<http://ec2.amazonaws.com|ec2.amazonaws.com>",
},
}],
})
},
opts
);
};
little-cartoon-10569
04/23/2024, 1:04 AMworried-queen-62794
04/23/2024, 1:07 AMlittle-cartoon-10569
04/23/2024, 1:19 AMlittle-cartoon-10569
04/23/2024, 1:19 AMworried-queen-62794
04/23/2024, 1:20 AMconst { version } = require("@pulumi/aws/package.json");
await stack.workspace.installPlugin("aws", version);
little-cartoon-10569
04/23/2024, 1:22 AMaws.Provider
that you're using. Are you using the default provider? If you are, what aws:...
properties are you putting in your stack YAML file?worried-queen-62794
04/23/2024, 1:33 AMconfig:
aws:assumeRole: arn:aws:iam::675932482749:role/user/Bootstrap
It’s a bit of an unusual setup. I basically run the program twice. Once with a manually created user and then once it is bootstrapped I run it again with the bootstrap role. I was setting it in code so this shouldn’t be here in the YAML file (not sure why my search didn’t find it).worried-queen-62794
04/23/2024, 1:34 AMlittle-cartoon-10569
04/23/2024, 1:42 AMlittle-cartoon-10569
04/23/2024, 1:47 AMconfig:
aws:assumeRole:
roleArn: "arn:aws:iam::675932482749:role/user/Bootstrap"
worried-queen-62794
04/23/2024, 1:49 AM