Channels
pulumi-ai
package-authoring
pulumi-cdk
oracle-cloud-infrastructure
learn-pulumi-events
linen
registry
built-with-pulumi
pulumi-cloud
contribex
testingtesting321
hacktoberfest
cloudengineering
yaml
pulumi-crosscode
content-share
finops
multi-language-hackathon
office-hours
workshops
blog-posts
localstack
welcome
gitlab
pulumi-kubernetes-operator
jobs
aws
pulumi-deployments
dotnet
golang
announcements
java
pulumiverse
python
install
getting-started
cloudengineering-support
testingtesting123
hackathon-03-19-2020
typescript
google-cloud
contribute
azure
kubernetes
docs
automation-api
status
general
Title
m
many-yak-61188
07/14/2021, 5:10 PMhello 👋 more of a pulumi/actions + github workflow question. I set up github self hosted runners on AWS, the EC2 instances have IAM role based permissions. However when I set up github workflows pulumi insists on configuration of
AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEYb
billowy-army-68599
07/14/2021, 5:30 PMyou should be able to set a config option and it should just work
set this on your provider: https://www.pulumi.com/docs/reference/pkg/aws/provider/#skip_metadata_api_check_python
if you can't get it working, feel free to ping me and I'll jump on a call
m
many-yak-61188
07/14/2021, 5:44 PMty. you are much appreciated 🙏🏻. I'll try it out today shortly. might take you up tomorrow if required 🤞 I'll figure it out.
Sorry, didn't get time to get to this earlier. I made some progress, but I still cannot root cause why
pulumi previewI've two self hosted runners on github. the runners are ec2 instances with a instance profile / instance role assigned to them
when running
pulumi uperror: 1 error occurred:
* error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.
Please see <https://registry.terraform.io/providers/hashicorp/aws>
for more information about providing credentials.
Error: NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrorsi followed the documentation to verify that instance meta data is configured correctly - using
curlaws cliaws configure list
Name Value Type Location
---- ----- ---- --------
profile <not set> None None
access_key ****************BUOX iam-role
secret_key ****************Ynfn iam-role
region us-east-1 imdsnext I decided to ~write~/steal a simple aws go sdk example to see if the sdk finds the credentials correctly
package main
import (
"fmt"
"<http://github.com/aws/aws-sdk-go/aws|github.com/aws/aws-sdk-go/aws>"
"<http://github.com/aws/aws-sdk-go/aws/session|github.com/aws/aws-sdk-go/aws/session>"
"<http://github.com/aws/aws-sdk-go/service/ec2|github.com/aws/aws-sdk-go/service/ec2>"
)
func main() {
states := [] string {"running"}
region := "us-east-1"
sess := session.Must(session.NewSession(&aws.Config{
Region: aws.String(region),
}))
ec2Svc := ec2.New(sess)
params := &ec2.DescribeInstancesInput{
Filters: []*ec2.Filter{
{
Name: aws.String("instance-state-name"),
Values: aws.StringSlice(states),
},
},
}
result, err := ec2Svc.DescribeInstances(params)
if err != nil {
fmt.Println("Error", err)
} else {
fmt.Printf("\n\n\nFetching instance details for region: %s \n ", region)
if len(result.Reservations) == 0 {
fmt.Printf("There is no instance for the region: %s\n", region)
}
for _, reservation := range result.Reservations {
fmt.Println("printing instance details.....")
for _, instance := range reservation.Instances {
fmt.Println("instance id " + *instance.InstanceId)
fmt.Println("current State " + *instance.State.Name)
}
}
fmt.Printf("done for region %s **** \n", region)
}
}this succeeded. 🤷
please lmk any thoughts or if you can spend 5m with me
at your convenience obviously, sorry just realized I was doing this on a weekend. 🤦
b
billowy-army-68599
07/17/2021, 5:58 PMDid you set the config option I mentioned? Please show your stack confit
Config*
m
many-yak-61188
07/17/2021, 6:21 PMah yep, i'm a complete idiot sorry did that now
pulumi config set aws:skipMetadataApiCheck falseall good now 💥 💥💥💥 appreciate the response on the weekend, enjoy the rest of your weekend
b
billowy-army-68599
07/17/2021, 6:46 PMno worries 😄 you'll need to set that for every stack