https://pulumi.com logo
#aws
Title
# aws
g

gifted-vase-28337

08/11/2020, 8:26 PM
āœ… šŸ‘‹ hi all, I'm experiencing unexpected behavior with pulumi aws. When
config:aws:endpoints
contains endpoints for both
iam
and
cloudwatch
, the `iam`endpoint is ignored, causing IAM requests to be sent to
<http://iam.amazonaws.com|iam.amazonaws.com>
.
I'm using
localstack
. Things I've tried: 1. Running the IAM commands directly with
aws --endpoint-url=<http://localhost:456> iam the-command...
-- works as expected. 2. Running
pulumi up
with all
aws:endpoints
included, except
cloudwatch
-- works as expected. 3. Eliminating all custom endpoints but
cloudwatch
and
iam
-- the
iam
endpoint is ignored in this minimal case. 4. Starting
localstack
with
SERVICES=iam,cloudwatch
-- the issue persists.
Copy code
āžœ pulumi version
v2.8.2

āžœ pip list | grep pulumi-aws
pulumi-aws             2.13.1

āžœ python --version
Python 3.8.5
Similarly, when any of the
iam
,
cloudwatch
, or
sns
endpoints is set, the
s3
endpoint is ignored and requests are sent to
<http://s3.amazonaws.com|s3.amazonaws.com>
.
Also, when both
iam
and
s3
endpoints are set, the
iam
requests are sent to
<http://iam.amazonaws.com|iam.amazonaws.com>
.
To eliminate
localstack
and the aws terraform provider as the sources of the issue, I've successfully created the resources via the
aws
CLI tool and also via
terraform apply
.
For anyone following along, the endpoints must be specified like this:
Copy code
aws:endpoints:
- s3: '...'
  iam: '...'
  ec2: '...'
  ...
and not like this:
Copy code
aws:endpoints:
- s3: '...'
- iam: '...'
- ec2: '...'
- ...