This message was deleted.
# python
s
This message was deleted.
g
If you pass
bucket='mybucket'
, it will create the bucket with that exact name. This is due to the auto-naming functionality in Pulumi - https://www.pulumi.com/docs/troubleshooting/faq/#why-do-resource-names-have-random-hex-character-suffixes.
f
Copy code
bucket (pulumi.Input[str]) – The ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.
So is it same thing?
g
That is the correct parameter, yes, but I think that is the incorrect description of the parameter. Unfortunately, I think the docs are incorrect due to https://github.com/pulumi/pulumi-terraform-bridge/issues/15.
f
yes you are correct it worked for me. But still facing issue with that policy is not getting attached
Copy code
+  pulumi:pulumi:Stack pulumi-test-pulumi-test create 
 +  aws:s3:Bucket mytestbucketkmltest1 create 
 +  aws:cloudtrail:Trail cloudtrailcustom create 
 +  pulumi:pulumi:Stack pulumi-test-pulumi-test create 
 
Resources:
    + 3 to create

Updating (pulumi-test):

 +  pulumi:pulumi:Stack pulumi-test-pulumi-test creating 
 +  aws:s3:Bucket mytestbucketkmltest1 creating 
@ updating......
 +  aws:s3:Bucket mytestbucketkmltest1 creating error: 1 error occurred:
 +  aws:s3:Bucket mytestbucketkmltest1 **creating failed** error: 1 error occurred:
 +  pulumi:pulumi:Stack pulumi-test-pulumi-test creating error: update failed
 +  pulumi:pulumi:Stack pulumi-test-pulumi-test **creating failed** 1 error
 
Diagnostics:
  pulumi:pulumi:Stack (pulumi-test-pulumi-test):
    error: update failed
 
  aws:s3:Bucket (mytestbucketkmltest1):
    error: 1 error occurred:
    \t* creating urn:pulumi:pulumi-test::pulumi-test::aws:s3/bucket:Bucket::mytestbucketkmltest1: Error putting S3 policy: MalformedPolicy: Action does not apply to any resource(s) in statement
    \tstatus code: 400, request id: 01F99BF61DE24C8E, host id: 0ePA/tuvm+rtqEsXdyVF4ZoVGkeGs/wFYWbYN+Cvphq6+wAg78XkfMye7n7wa6hiyUQZtDfzzQs=
 
Resources:
    + 1 created

Duration: 1m11s
If you have any option please let me know
g
Can you share your full code?
f
Copy code
resource_name = "mytestbucket111111",
policy = {
  "Version": "2012-10-17",
  "Statement": [
      {
          "Sid": "<sid>",
          "Resource": "arn:aws:s3:::mytestbucket111111/*",
          "Effect": "Allow",
          "Principal": {
              "Service": "<http://cloudtrail.amazonaws.com|cloudtrail.amazonaws.com>"
          },
          "Action": "s3:GetBucketAcl"
      },
      {
          "Sid": "<SID>",
          "Effect": "Allow",
          "Resource": "arn:aws:s3:::mytestbucket111111/*",
          "Principal": {
              "Service": "<http://cloudtrail.amazonaws.com|cloudtrail.amazonaws.com>"
          },
          "Action": "s3:PutObject",
          "Condition": {
              "StringEquals": {
                  "s3:x-amz-acl": "bucket-owner-full-control"
              }
          }
      }
  ]
}
obj = pulumi_aws
resp = obj.s3.Bucket(resource_name, bucket=resource_name, policy=policy)
g
I think this is an error in your policy. Here's a similar policy that works - https://github.com/pulumi/examples/blob/clstokes/aws-console-notif/aws-go-console-slack-notification/main.go#L114-L133.
f
Thanks that worked