salmon-account-7457210/11/2019, 5:43 AM
calm-table-9320410/11/2019, 3:09 PM
salmon-account-7457210/11/2019, 3:34 PM
, where I may have different lab environments regionally. So I named the stack
, after the AWS region where it is being deployed. I'm consistently getting an error that doesn't make sense (S3 access permissions). I can't replicate the S3 access permissions error with a different project.
colossal-beach-4752710/11/2019, 3:35 PM
would be considered valid. I would guess that the S3 access permission error is somehow related to the way the AWS resources are getting created. Can you share the specific permission error?
salmon-account-7457210/11/2019, 3:42 PM
I'm using S3 to store the Pulumi stack/state information, and I have some cross-account permissions applied to the S3 bucket. Other projects work fine with this configuration, but this project reports the above error. I'm also trying to determine if this is related to Pulumi 1.3.0.
error: failed to load checkpoint: blob (code=Unknown): AccessDenied: Access Denied status code: 403, request id: 330331D05850796F, host id: ErSNbu6pMMplveK/evfAlQkzVsbxya8ROQA2e6yt0PlKUI5cLqsFbYdTX0A1xaXmrbMOaBOq+Wk=
colossal-beach-4752710/11/2019, 3:43 PM
the stack just fine. 2. You edit Pulumi.yaml and change the
field (i.e. change the project name) 3. You run
and get that error Is that what you are seeing?
salmon-account-7457210/11/2019, 3:44 PM
, I've received the error above from the very beginning.
colossal-beach-4752710/11/2019, 3:47 PM
is part of the stack’s identity (at least for the Pulumi Service, and not when using the local backend.) So if you make changes to Pulumi.yaml, it can lead to errors where the stack you are referring to isn’t found. I am not 100% sure the behavior when using the S3 filestate backend. But it could be the case that you need to run
first, since that 403 could be that the S3 bucket it is trying to read the checkpoint file from doesn’t exist or something.
salmon-account-7457210/11/2019, 3:49 PM
, I can see that the checkpoint file (found at
aws s3 ls
) does exist, FWIW. I'll try
and see if that helps, though.
) and then running
aws s3 rm
prompted for creation of a new stack, which I again named
and it seems to work. I'm not really sure what was going on, but it does prompt another question that I'll ask separately.
colossal-beach-4752710/11/2019, 3:52 PM
salmon-account-7457210/11/2019, 3:53 PM