https://pulumi.com logo
#aws
Title
# aws
p

plain-park-4925

06/08/2020, 10:05 PM
I'm trying to get Pulumi to deploy to my LocalStack AWS environment but can't seem to get it to work.. I can successfully deploy to one of my actual AWS accounts specified in my default profile but I keep getting a 403 forbidden. I've tried to create an IAM user with admin access and generated an access/secret key in my LocalStack AWS environment. 403 Forbidden. I've tried to manually use AWS CLI pointed at my LocalStack environment to get STS credentials and still another 403 Forbidden when I try to use those to deploy. There must be something I didn't set correctly with my LocalStack environment because it works in one of my actual AWS accounts... Any ideas?
Diagnostics: awss3BucketPolicy (bucket-policy): error: error using credentials to get account ID: error calling stsGetCallerIdentity InvalidClientTokenId: The security token included in the request is invalid. status code: 403, request id: 6a2edecb-806b-470e-929d-2aae4e8b0604
g

gentle-diamond-70147

06/08/2020, 11:29 PM
Running with
--debug --logtostderr
might provide some more information to help you troubleshoot.
👍 1
We generally don't recommend localstack as its not 100% compatible despite the project's efforts/goals.
p

plain-park-4925

06/08/2020, 11:39 PM
interesting, that's good to know.
thanks for the debug command
yeah, it just doesn't look like it likes my attempt.
Copy code
pulumi config set aws:endpoints <http://localhost:4566>
might have to live with the fact that it won't work. Terraform seems works nicely against LocalStack. Some devs are starting to use Pulumi and figured it'd be something nice to showcase to them.
g

gentle-diamond-70147

06/09/2020, 1:05 AM
Maybe try singular
aws:endpoint
p

plain-park-4925

06/09/2020, 1:35 AM
same error 😕
it's just not meant to be..
not sure if it matters or not but I'm not using LocalStack via the Docker container. Ran into some issues so I just ran it as
localstack start --host
f

fresh-summer-65887

08/02/2020, 9:52 AM
Just started to try the same activity. The aws provider has an
Endpoints
property you can set in code https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/#ProviderArgs-endpoints However each endpoint in individually specified https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/types/input/#ProviderEndpoint ... which might be a bit monotonous to set them all to
Copy code
<http://localhost:4566>
Just got this working for me, going to explore further. It's .net/c# so convert to lang of choice.
Copy code
var providerArgs = new ProviderArgs
{
    Region = "eu-central-1",
    Endpoints = new[]
    {
        new ProviderEndpointArgs
        {
            S3 = "<http://localhost:4566>",
            Sts = "<http://localhost:4566>"
        }
    },
    S3ForcePathStyle = true,
    AccessKey = "ignored",
    SecretKey = "ignored"
};

var provider = new Provider("local-stack", providerArgs);

var defaultResourceOptions = new CustomResourceOptions
{
    Provider = provider,
};

var bucket = new Bucket("my-bucket", options: defaultResourceOptions);
q

quiet-leather-94755

08/02/2020, 3:42 PM
Can't you set it in the YAML config file for the stack, sort of like..
Copy code
config:
  aws:endpoints:
    s3: ...
f

fresh-summer-65887

08/03/2020, 2:14 PM
I'll try that too.
q

quiet-leather-94755

08/03/2020, 3:08 PM
By the way.. I found a discussion, and a couple of links, here: https://github.com/pulumi/examples/issues/185