Is anyone using `pulumi login` with s3 Need some help

Question

bland-eye-59969 · Answer

I ran `pulumi login <s3 bucket name>` Logged in successfully But when I tried to create new project using `pulumi new aws python y` it gives me IO error `error could not create stack An IO error occurred during the current operation blob code=Unknown AccessDenied Access Denied status code 403 `

bland-eye-59969 · Answer

I traced the code and seems like coming from here <https github com pulumi pulumi blob 5e1c4d31c6b04852628ddd1a3a6f1d293e0301bc cmd util go L127 L133>

cool-egg-852 · Answer

Do you have permissions to write to the bucket via the default credentials configured for the aws sdk

bland-eye-59969 · Answer

Yes I do We used to upload multiple files in the same bucket

calm-greece-42329 · Answer

i dont use `pulumi login` when using s3 now that you can configure the bucket location in your `Pulumi yaml`

calm-greece-42329 · Answer

aside from not being able to set the bucket region in the yaml file it works very well

bland-eye-59969 · Answer

I found the root cause of access denied We have requirement in our org to pass encryption while uploading objects to s3 I just tried creating new bucket which does not require encryption and pulumi login worked for that bucket So how can I pass `server side encryption` while running `pulumi login <s3 bucketname>`

calm-greece-42329 · Answer

support should probably be added along with region and maybe some other options like was done in <https github com pulumi pulumi pull 2813>

calm-greece-42329 · Answer

i was hoping it would be an easy thing to change but the configuration is passed around as a url string in a few places so providing more metadata isn t possible without a larger refactoring

bland-eye-59969 · Answer

yeah I don t know if they have this in their backlog items or not

bland-eye-59969 · Answer

< white balloon 205> Any ETA on planning to support passing sever side encryption for s3 pulumi login