salmon-account-74572
10/11/2019, 5:43 AMcalm-table-93204
10/11/2019, 3:09 PMsalmon-account-74572
10/11/2019, 3:34 PMlab
, where I may have different lab environments regionally. So I named the stack us-west-2
, after the AWS region where it is being deployed. I'm consistently getting an error that doesn't make sense (S3 access permissions). I can't replicate the S3 access permissions error with a different project.colossal-beach-47527
10/11/2019, 3:35 PMlab
and us-west-2
would be considered valid.
I would guess that the S3 access permission error is somehow related to the way the AWS resources are getting created. Can you share the specific permission error?salmon-account-74572
10/11/2019, 3:42 PMerror: failed to load checkpoint: blob (code=Unknown): AccessDenied: Access Denied
status code: 403, request id: 330331D05850796F, host id: ErSNbu6pMMplveK/evfAlQkzVsbxya8ROQA2e6yt0PlKUI5cLqsFbYdTX0A1xaXmrbMOaBOq+Wk=
I'm using S3 to store the Pulumi stack/state information, and I have some cross-account permissions applied to the S3 bucket. Other projects work fine with this configuration, but this project reports the above error. I'm also trying to determine if this is related to Pulumi 1.3.0.colossal-beach-47527
10/11/2019, 3:43 PMpulumi up
the stack just fine.
2. You edit Pulumi.yaml and change the name
field (i.e. change the project name)
3. You run pulumi up
and get that error
Is that what you are seeing?salmon-account-74572
10/11/2019, 3:44 PMpulumi up
, I've received the error above from the very beginning.colossal-beach-47527
10/11/2019, 3:47 PMPulumi.yaml
is part of the stack’s identity (at least for the Pulumi Service, and not when using the local backend.) So if you make changes to Pulumi.yaml, it can lead to errors where the stack you are referring to isn’t found.
I am not 100% sure the behavior when using the S3 filestate backend. But it could be the case that you need to run stack init
first, since that 403 could be that the S3 bucket it is trying to read the checkpoint file from doesn’t exist or something.salmon-account-74572
10/11/2019, 3:49 PMaws s3 ls
, I can see that the checkpoint file (found at .pulumi/stacks/us-west-2.json
) does exist, FWIW. I'll try stack init
and see if that helps, though.aws s3 rm
) and then running pulumi up
prompted for creation of a new stack, which I again named us-west-2
and it seems to work. I'm not really sure what was going on, but it does prompt another question that I'll ask separately.colossal-beach-47527
10/11/2019, 3:52 PMsalmon-account-74572
10/11/2019, 3:53 PM