i m running pulumi up and getting a 404 Not Found Stack xxxx pulumi-community #general

Title

h

handsome-lizard-2724

04/08/2019, 8:46 PM

i'm running "pulumi up" and getting a "404 Not Found: Stack xxxx not found" for a stack that is definitely there... if i run pulumi stack select, it even lets me pick it again... anyone have ideas for me?

l

lemon-spoon-91807

04/08/2019, 8:52 PM

@quiet-hamburger-20840 can you help here?

h

handsome-lizard-2724

04/08/2019, 9:28 PM

looks like it was due to a lack of permissions in AWS. still seems like an odd error message though...

not so much 404...but maybe 403? or even 401. at least then i know it's a perms thing and not that my stack has disappeared 🙂

l

lemon-spoon-91807

04/08/2019, 9:30 PM

Hopefully chris can help explain what's going on!

@colossal-beach-47527 ^

i paged the wrong chris originally

c

colossal-beach-47527

04/08/2019, 9:31 PM

We return a 404 to not disclose the existence of resources. So if you tried to run

pulumi up

on a stack you don’t have permissions to access, e.g. one in a different Pulumi organization, you’d see a 404 instead of a 403. However, in this situation it doesn’t seem like that is the case.

Could you provide some more context here? e.g. the commands you are running? What does

pulumi stack ls

,

pulumi whoami

and

pulumi up

show?

h

handsome-lizard-2724

04/08/2019, 9:35 PM

let's see: 1. I ran

Copy code

pulumi up

2. I selected the stack from the stack selection 3. I got a 404 stack not found 4. Tried

Copy code

pulumi up -s <stack name>'

5. Got 404 6.

Copy code

pulumi stack select

7. Picked the stack 8.

Copy code

pulumi up

9. 404 10. pulumi.com...see the stack 11. cry Then a team member added me to the AWS IAM role that granted access to the related AWS resources. Now all things

Copy code

pulumi xxx

work as expected.

If stack select failed or pulumi.com showed me nothing, i could have understood the 404, but that wasn't the case

what other things can i provide to be useful, given things are working now

c

colossal-beach-47527

04/08/2019, 9:48 PM

Let me review things, one sec.

Then a team member added me to the AWS IAM role that granted access to the related AWS resources. Now all things

Copy code
pulumi xxx

work as expected.

That’s definitely some surprising behavior 😛 , and almost certainly a bug somewhere in the

pulumi

CLI. Could you share with me the name of the Pulumi stack that you got these errors on, but were eventually able to successfully run

pulumi up

? That will allow me to query our backend API logs, to see what response codes were sent to the CLI tool. I suspect the problem is actually in the

pulumi

tool itself, since any error messages relating to resource management (e.g. AWS IAM creds) don’t interact with the Pulumi Service’s API.

h

handsome-lizard-2724

04/08/2019, 10:02 PM

interesting...ok...i've had my understanding corrected. i was a member of the "tableau" organization, but wasn't on the team owning the stack. it was adding me to the team that allowed things to work, not adding the AWS perms. does it sound right that i would be able to see the stack in the UI but the command line would 404 in that case?

the stack i was working with was "tableau/mustang-aws-iam-sandbox"

c

colossal-beach-47527

04/08/2019, 10:09 PM

Ok, that does make more sense. It’s possible that everything here is working as expected, modulo us needing to provide better error messages in this situation. I’ll look into things to confirm, but I would guess the following happened: - You have READ access to the stack, which is why you can see it within the Pulumi Console UI. - You did not have WRITE access to the stack, which is required to perform an update to it. And that’s why you saw that

from the CLI. - After you were added to the team and added

WRITE

permission to the stack, you were able to update it like intended.

Historically we’ve erred on the side of very opaque errors, but in this situation — where you are a member of the organization, with READ access to the stack — returning a 403 would have been more reasonable. (Assuming that was the case.) Anyways, sorry for the trouble. Hopefully we can improve the UX around this type of situation.

h

handsome-lizard-2724

04/08/2019, 10:15 PM

being new to Pulumi, but having worked a little with Terraform and a fair bit with ARM...this is 1000% better 🙂 thanks for listening to me learn things! and thanks for the great work!

partypus 2

❤️ 1