Hello! I'm trying to use the Pulumi OIDC provider in our AWS GovCloud account to support Pulumi Deployments. I have successfully created the

<http://api.pulumi.com/oidc|api.pulumi.com/oidc>

provider and IAM Role per this doc: https://www.pulumi.com/docs/pulumi-cloud/oidc/provider/aws/ I have Enabled the AWS Integration in Pulumi Deployments settings and put in the IAM Role ARN and Session Name. When I manually trigger a Preview Deployment, it fails consistently with this error:

Fetch provider credentials via OIDC
 $ /pulumi-deploy-executor oidc --workDir="/deployment" 

 Error: fetching AWS credentials: WebIdentityErr: failed to retrieve credentials
 caused by: InvalidIdentityToken: No OpenIDConnect provider found in your account for <https://api.pulumi.com/oidc> 
 	status code: 400, request id: 47841196-a280-4c19-a9c4-0938618aba7d

Separately, I have successfully set up a similar OIDC provider for GitHub Actions which we use for ECS Deployments. This works. The Pulumi OIDC provider does not.

Yes - that is something we’ll need to add support for to unblock this. I assume in your case you are hitting this for Deployments, not ESC? Would be great if you wanted to add a note on your scenario to that issue!

yup, I'll add a note to the issue