This message was deleted Pulumi Community #general

Join Slack

This message was deleted.

# general

sparse-intern-71089

10/11/2019, 5:43 AM

This message was deleted.

calm-table-93204

10/11/2019, 3:09 PM

I believe stack and project names are limited to alphanumeric characters, underscores, hyphens and dots. Is there something specific that you think you may be running into?

salmon-account-74572

10/11/2019, 3:34 PM

Yes. I have a project named

lab

, where I may have different lab environments regionally. So I named the stack

us-west-2

, after the AWS region where it is being deployed. I'm consistently getting an error that doesn't make sense (S3 access permissions). I can't replicate the S3 access permissions error with a different project.

colossal-beach-47527

10/11/2019, 3:35 PM

There are restrictions on Pulumi stack and project names, but both

lab

and

us-west-2

would be considered valid. I would guess that the S3 access permission error is somehow related to the way the AWS resources are getting created. Can you share the specific permission error?

salmon-account-74572

10/11/2019, 3:42 PM

Here's the error:

Copy code

error: failed to load checkpoint: blob (code=Unknown): AccessDenied: Access Denied
	status code: 403, request id: 330331D05850796F, host id: ErSNbu6pMMplveK/evfAlQkzVsbxya8ROQA2e6yt0PlKUI5cLqsFbYdTX0A1xaXmrbMOaBOq+Wk=

I'm using S3 to store the Pulumi stack/state information, and I have some cross-account permissions applied to the S3 bucket. Other projects work fine with this configuration, but this project reports the above error. I'm also trying to determine if this is related to Pulumi 1.3.0.

colossal-beach-47527

10/11/2019, 3:43 PM

I think I know the issue. Let me see if I understand what you are doing: 1. You can

pulumi up

the stack just fine. 2. You edit Pulumi.yaml and change the

name

field (i.e. change the project name) 3. You run

pulumi up

and get that error Is that what you are seeing?

salmon-account-74572

10/11/2019, 3:44 PM

Nope. I have never been able to run

pulumi up

, I've received the error above from the very beginning.

colossal-beach-47527

10/11/2019, 3:47 PM

So the thing to be aware of is that the “project name” from

Pulumi.yaml

is part of the stack’s identity (at least for the Pulumi Service, and not when using the local backend.) So if you make changes to Pulumi.yaml, it can lead to errors where the stack you are referring to isn’t found. I am not 100% sure the behavior when using the S3 filestate backend. But it could be the case that you need to run

stack init

first, since that 403 could be that the S3 bucket it is trying to read the checkpoint file from doesn’t exist or something.

salmon-account-74572

10/11/2019, 3:49 PM

Using

aws s3 ls

, I can see that the checkpoint file (found at

.pulumi/stacks/us-west-2.json

) does exist, FWIW. I'll try

stack init

and see if that helps, though.

salmon-account-74572

10/11/2019, 3:51 PM

Deleting the checkpoint file (using

aws s3 rm

) and then running

pulumi up

prompted for creation of a new stack, which I again named

us-west-2

and it seems to work. I'm not really sure what was going on, but it does prompt another question that I'll ask separately.

colossal-beach-47527

10/11/2019, 3:52 PM

It wouldn’t surprise me if there was some subtle bug here, as the mechanics of “the currently selected stack” and the “file state backend” are kinda complicated. So if you can reproduce this, please do file a bug. (And sorry for the trouble!)

salmon-account-74572

10/11/2019, 3:53 PM

Will do. (And no worries!)

Open in Slack

Previous Next