https://pulumi.com logo
#python
Title
# python
f

famous-salesmen-28835

03/05/2020, 6:18 AM
Copy code
class pulumi_aws.s3.Bucket(resource_name, opts=None, acceleration_status=None, acl=None, arn=None, bucket=None, bucket_prefix=None, cors_rules=None, force_destroy=None, hosted_zone_id=None, lifecycle_rules=None, loggings=None, object_lock_configuration=None, policy=None, region=None, replication_configuration=None, request_payer=None, server_side_encryption_configuration=None, tags=None, versioning=None, website=None, website_domain=None, website_endpoint=None, __props__=None, __name__=None, __opts__=None)
In this if I pass resource_name as "mybucket" then it create s3 bucket with name "mybucket-677282" is it any way to create bucket with my bucket only. Or any one can suggest me this have policy field so if I pass policy in that "resource" needs the ARN of bucket which is not created with a single call how I can create bucket with attached policy
g

gentle-diamond-70147

03/05/2020, 6:25 AM
If you pass
bucket='mybucket'
, it will create the bucket with that exact name. This is due to the auto-naming functionality in Pulumi - https://www.pulumi.com/docs/troubleshooting/faq/#why-do-resource-names-have-random-hex-character-suffixes.
f

famous-salesmen-28835

03/05/2020, 6:29 AM
Copy code
bucket (pulumi.Input[str]) – The ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.
So is it same thing?
g

gentle-diamond-70147

03/05/2020, 6:41 AM
That is the correct parameter, yes, but I think that is the incorrect description of the parameter. Unfortunately, I think the docs are incorrect due to https://github.com/pulumi/pulumi-terraform-bridge/issues/15.
f

famous-salesmen-28835

03/05/2020, 6:47 AM
yes you are correct it worked for me. But still facing issue with that policy is not getting attached
Copy code
+  pulumi:pulumi:Stack pulumi-test-pulumi-test create 
 +  aws:s3:Bucket mytestbucketkmltest1 create 
 +  aws:cloudtrail:Trail cloudtrailcustom create 
 +  pulumi:pulumi:Stack pulumi-test-pulumi-test create 
 
Resources:
    + 3 to create

Updating (pulumi-test):

 +  pulumi:pulumi:Stack pulumi-test-pulumi-test creating 
 +  aws:s3:Bucket mytestbucketkmltest1 creating 
@ updating......
 +  aws:s3:Bucket mytestbucketkmltest1 creating error: 1 error occurred:
 +  aws:s3:Bucket mytestbucketkmltest1 **creating failed** error: 1 error occurred:
 +  pulumi:pulumi:Stack pulumi-test-pulumi-test creating error: update failed
 +  pulumi:pulumi:Stack pulumi-test-pulumi-test **creating failed** 1 error
 
Diagnostics:
  pulumi:pulumi:Stack (pulumi-test-pulumi-test):
    error: update failed
 
  aws:s3:Bucket (mytestbucketkmltest1):
    error: 1 error occurred:
    \t* creating urn:pulumi:pulumi-test::pulumi-test::aws:s3/bucket:Bucket::mytestbucketkmltest1: Error putting S3 policy: MalformedPolicy: Action does not apply to any resource(s) in statement
    \tstatus code: 400, request id: 01F99BF61DE24C8E, host id: 0ePA/tuvm+rtqEsXdyVF4ZoVGkeGs/wFYWbYN+Cvphq6+wAg78XkfMye7n7wa6hiyUQZtDfzzQs=
 
Resources:
    + 1 created

Duration: 1m11s
If you have any option please let me know
g

gentle-diamond-70147

03/05/2020, 6:51 AM
Can you share your full code?
f

famous-salesmen-28835

03/05/2020, 6:55 AM
Copy code
resource_name = "mytestbucket111111",
policy = {
  "Version": "2012-10-17",
  "Statement": [
      {
          "Sid": "<sid>",
          "Resource": "arn:aws:s3:::mytestbucket111111/*",
          "Effect": "Allow",
          "Principal": {
              "Service": "<http://cloudtrail.amazonaws.com|cloudtrail.amazonaws.com>"
          },
          "Action": "s3:GetBucketAcl"
      },
      {
          "Sid": "<SID>",
          "Effect": "Allow",
          "Resource": "arn:aws:s3:::mytestbucket111111/*",
          "Principal": {
              "Service": "<http://cloudtrail.amazonaws.com|cloudtrail.amazonaws.com>"
          },
          "Action": "s3:PutObject",
          "Condition": {
              "StringEquals": {
                  "s3:x-amz-acl": "bucket-owner-full-control"
              }
          }
      }
  ]
}
obj = pulumi_aws
resp = obj.s3.Bucket(resource_name, bucket=resource_name, policy=policy)
g

gentle-diamond-70147

03/05/2020, 7:44 AM
I think this is an error in your policy. Here's a similar policy that works - https://github.com/pulumi/examples/blob/clstokes/aws-console-notif/aws-go-console-slack-notification/main.go#L114-L133.
f

famous-salesmen-28835

03/18/2020, 3:49 AM
Thanks that worked