No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Is your provider set up to use a particular profile? If it is, it won't be using the env vars...

Those vars are used for the AWS backend and secrets provider always, but they're only used for the provider if the provider doesn't have other creds configured.

It definitely does use them, at least to assume the role.

Oh, I though if you use `role_arm` to configure the role you assume, then you _have_ to have a `source_profile`?

If you have a `source_profile` and it's not _default_, then those env vars won't be used.

The only way I got it to work in the past was with a custom Provider that uses `assume_role`

Anyway I see in the terraform logs that `sts/GetCallerIdentity` returns 200 so I don't know why pulumi says it is timing out

Ah. I've been using `profile` not `assumeRole`. I don't have experience that can help, sorry.

I think `GetCallerIdentity` is a red herring. That seems to be fine. It's not clear exactly what is going wrong. I ran it again and the logs end with `debug: waiting for quiescence; 19 RPCs outstanding` and then it eventually times out.

Ugh ok it is something completely different. The logs are just really unhelpful again.

what's in the output of `env`, any other AWS env var in there?

<@U01C0L2CHLJ> can you also clear out `~/.aws/sso/cache/`

It's ok it was something totally unrelated.

It was a custom provider that was hanging. The logs just made it look like the last thing it was doing was calling `GetCallerIdentity` , which it was but that is not what was hanging.

It was a bit strange though. I'm sure the first few times it didn't say that resource was the one that it failed on. Hard to know now.