sparse-intern-71089
05/18/2020, 6:07 PMfuture-barista-68134
05/18/2020, 6:32 PMfuture-barista-68134
05/18/2020, 6:35 PMgo-sdk
. See: https://www.pulumi.com/docs/intro/concepts/config/#aws-key-management-service-kms.
This is separate from the aws-profile
config value. That value is used for any resources in the stack itself.future-barista-68134
05/18/2020, 6:36 PMAWS_PROFILE=pa-prod
future-barista-68134
05/18/2020, 6:38 PMbest-lifeguard-91445
05/18/2020, 6:41 PMbest-lifeguard-91445
05/18/2020, 6:43 PMfuture-barista-68134
05/18/2020, 6:46 PMbest-lifeguard-91445
05/18/2020, 6:46 PMfuture-barista-68134
05/18/2020, 6:47 PMAWS_REGION=us-east-1
future-barista-68134
05/18/2020, 6:48 PMbest-lifeguard-91445
05/18/2020, 6:49 PMbest-lifeguard-91445
05/18/2020, 6:53 PMbest-lifeguard-91445
05/18/2020, 7:00 PMerror: getting secrets manager: secrets (code=Unknown): InvalidSignatureException: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
status code: 400, request id: 257a0c7f-303e-4a72-8ec8-a83bd6e19e9f
best-lifeguard-91445
05/18/2020, 7:04 PMbest-lifeguard-91445
05/18/2020, 7:09 PMbest-lifeguard-91445
05/18/2020, 7:13 PMlimited-rainbow-51650
05/18/2020, 7:13 PMprod-pa
where your command line mentions pa-prod
. Mismatch?best-lifeguard-91445
05/18/2020, 7:15 PMfuture-barista-68134
05/18/2020, 7:17 PMaws kms describe-key --key-id={{key-id}}
future-barista-68134
05/18/2020, 7:17 PMbest-lifeguard-91445
05/18/2020, 7:22 PMlimited-rainbow-51650
05/18/2020, 7:23 PMbest-lifeguard-91445
05/18/2020, 7:23 PMbest-lifeguard-91445
05/18/2020, 7:24 PMbest-lifeguard-91445
05/18/2020, 7:29 PMc:\Repos\pa\pa_infrastructure>pulumi up
error: getting secrets manager: secrets (code=Unknown): AccessDenied: User: arn:aws:iam::057043601195:user/pulumi-admin is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::057043601195:role/OrganizationAccountAccessRole
status code: 403, request id: d634ecf0-d009-48a4-8d23-37ca566e371f
limited-rainbow-51650
05/18/2020, 7:31 PMAWS_ACCESS_KEY_ID
and AWS_SECRET_ACCES_KEY
environment variables from the pa-prod
profile in CMD prompt, also unsetting AWS_PROFILE
?best-lifeguard-91445
05/18/2020, 7:35 PMlimited-rainbow-51650
05/18/2020, 7:37 PMbest-lifeguard-91445
05/18/2020, 7:48 PMbest-lifeguard-91445
05/18/2020, 9:17 PM