Hi I have a question I want to provide a K8s provider that c Pulumi Community #general

Hi, I have a question I want to provide a K8s prov...

thankful-optician-22583

08/19/2019, 4:11 PM

Hi, I have a question I want to provide a K8s provider that contains a roleArn. the secret & access key that are in the env vars only can assume roles. When I set them however I see this error

Copy code

error: could not validate provider configuration: 1 error occurred:
    	* : invalid or unknown key: role_arn

This is my configuration

Copy code

new k8s.Provider("myk8s", {
        kubeconfig: new terraform.state.RemoteStateReference("eks", {
            backendType: "s3",
            bucket: "XXXX-tfstate-backend-bucket",
            key: "XXXXXXX",
            workspace: "XXXXXXX",
            region: "us-east-1",
            roleArn: "arn:aws:iam::XXXXXXXXXXX:role/XXXX-XXXX-gitlab-terraform"
        }).getOutput("kubectl_config")});

Has anyone encountered this before?

best-xylophone-83824

08/19/2019, 4:14 PM

try console.log() result of

.getOutput

, it seems that you pass

role_arn

to a k8s provider and it can't recognize it

best-xylophone-83824

08/19/2019, 4:14 PM

(just guessing, never used TF reference)

thankful-optician-22583

08/19/2019, 5:48 PM

It seems this object

Copy code

S3RemoteStateReferenceArgs

does not contain

Copy code

acl

as in the actual terraform documentation.

thankful-optician-22583

08/19/2019, 5:49 PM

Copy code

terraform {
  backend "s3" {
    region         = "us-east-1"
    bucket         = "XXXXXXXXXXXXXXXX"
    key            = "XXXXXXXXXXXXXXX"
    dynamodb_table = "XXXXXXXXXXXXXXX"
    acl            = "bucket-owner-read"
    role_arn       = "XXXXXXXXXXXXX"
  }
}

7 Views

Open in Slack

Previous Next