dazzling-scientist-80826
05/29/2019, 6:49 PMpulumi logs
returns no logs for functions that were created with an aws provider that does assume-role - is this a known issue? is there a workaround?The specified log group does not exist
which makes sense if the aws calls are not doing the proper assume-role operation based on the providerwhite-balloon-205
dazzling-scientist-80826
05/29/2019, 6:59 PMwhite-balloon-205
dazzling-scientist-80826
05/29/2019, 7:04 PMaws:profile
config issuewhite-balloon-205
pulumi
. I expect it’s not a particularly difficult change. I can provide pointers a little later today.dazzling-scientist-80826
05/29/2019, 7:08 PMdiff --git a/pkg/operations/operations_aws.go b/pkg/operations/operations_aws.go
index d319edcf..301bcbb4 100644
--- a/pkg/operations/operations_aws.go
+++ b/pkg/operations/operations_aws.go
@@ -21,6 +21,7 @@ import (
"<http://github.com/aws/aws-sdk-go/aws|github.com/aws/aws-sdk-go/aws>"
"<http://github.com/aws/aws-sdk-go/aws/credentials|github.com/aws/aws-sdk-go/aws/credentials>"
+ "<http://github.com/aws/aws-sdk-go/aws/credentials/stscreds|github.com/aws/aws-sdk-go/aws/credentials/stscreds>"
"<http://github.com/aws/aws-sdk-go/aws/session|github.com/aws/aws-sdk-go/aws/session>"
"<http://github.com/aws/aws-sdk-go/service/cloudwatchlogs|github.com/aws/aws-sdk-go/service/cloudwatchlogs>"
"<http://github.com/pkg/errors|github.com/pkg/errors>"
@@ -165,7 +166,12 @@ func getAWSSession(awsRegion, awsAccessKey, awsSecretKey, token string) (*sessio
extraConfig.Credentials = credentials.NewStaticCredentials(awsAccessKey, awsSecretKey, token)
}
- return awsDefaultSession.Copy(extraConfig), nil
+ sess := awsDefaultSession.Copy(extraConfig)
+ extraConfig2 := aws.NewConfig()
+ var err2 error
+ extraConfig2.Region = aws.String(awsRegion)
+ extraConfig2.Credentials, err2 = stscreds.NewCredentials(sess, "MY_ARN_HERE"), nil
+ return awsDefaultSession.Copy(extraConfig2), err2
}
func (p *awsConnection) getLogsForLogGroupsConcurrently(