https://pulumi.com logo
Powered by
#aws
Title
g

gifted-vase-28337

08/11/2020, 8:26 PM
āœ… šŸ‘‹ hi all, I'm experiencing unexpected behavior with pulumi aws. When 
config:aws:endpoints
contains endpoints for both 
iam
and 
cloudwatch
, the `iam`endpoint is ignored, causing IAM requests to be sent to 
<http://iam.amazonaws.com|iam.amazonaws.com>
.
I'm using 
localstack
. Things I've tried: 1. Running the IAM commands directly with 
aws --endpoint-url=<http://localhost:456> iam the-command...
-- works as expected. 2. Running 
pulumi up
with all 
aws:endpoints
included, except 
cloudwatch
-- works as expected. 3. Eliminating all custom endpoints but 
cloudwatch
and 
iam
-- the 
iam
endpoint is ignored in this minimal case. 4. Starting 
localstack
with 
SERVICES=iam,cloudwatch
-- the issue persists.
Copy code
āžœ pulumi version
v2.8.2

āžœ pip list | grep pulumi-aws
pulumi-aws             2.13.1

āžœ python --version
Python 3.8.5
Similarly, when any of the 
iam
, 
cloudwatch
, or 
sns
endpoints is set, the 
s3
endpoint is ignored and requests are sent to 
<http://s3.amazonaws.com|s3.amazonaws.com>
.
Also, when both 
iam
and 
s3
endpoints are set, the 
iam
requests are sent to 
<http://iam.amazonaws.com|iam.amazonaws.com>
.
To eliminate 
localstack
and the aws terraform provider as the sources of the issue, I've successfully created the resources via the 
aws
CLI tool and also via 
terraform apply
.
For anyone following along, the endpoints must be specified like this:
Copy code
aws:endpoints:
- s3: '...'
  iam: '...'
  ec2: '...'
  ...
and not like this:
Copy code
aws:endpoints:
- s3: '...'
- iam: '...'
- ec2: '...'
- ...
Powered by