This message was deleted.
# general
s
This message was deleted.
w
From your notes - sounds like you indeed don’t have permission to read these files in S3 - and I would expect Pulumi needs to read them to list details of the stacks. I don’t know precisely what to suggest without seeing all the policies you have applied to these buckets - but it does not sound like there is anything particularly Pulumi specific here. Unfortunately, cross-account bucket policy configuration in AWS is frequently very confusing.
b
So typically in this situation one would apply a condition to the bucket policy that requires bucket-owner-full-control, but Pulumi barfs at that.
The bucket policies are just global access delegated to the sub-accounts. It seems to be an object-level problem.
w
but Pulumi barfs at that
Are you saying that you can download the contents of a file with a set of credentials, but cannot see it with
pulumi stack ls
?
b
I'm saying that I can't upload to a bucket with an ACL restriction.
Which is why we don't have them
And which appears related, though I'm not yet certain, to having the bucket owner account unable to find the stack.