Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
r
refined-terabyte-65361
08/18/2021, 5:47 PMHello
i am trying to create below resources but i am getting error
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as awsx from "@pulumi/awsx";
// Create an AWS resource (S3 Bucket)
const bucketName = "cent-serv-logs";
const accessLogsBucket = new aws.s3.Bucket(`${bucketName}`, {
bucket: `${bucketName}`,
});
const accessBucketPublicAccessBlock = new aws.s3.BucketPublicAccessBlock(
"accessBucketPublicAccessBlock",
{
bucket: accessLogsBucket.id,
blockPublicAcls: true,
blockPublicPolicy: true,
ignorePublicAcls: true,
restrictPublicBuckets: true,
}
);
const accessbucketPolicy = new aws.s3.BucketPolicy(
`central-server-access-logs-policy`,
{
bucket: accessLogsBucket.bucket,
policy: accessLogsBucket.bucket.apply(accessLogsBucketPolicy),
}
);
function accessLogsBucketPolicy(bucketName: string) {
return JSON.stringify({
Version: "2012-10-17",
Id: "AWSConsole-AccessLogs-Policy-16287xxxx",
Statement: [
{
Sid: "AWSConsoleStmt-16xxxx",
Effect: "Allow",
Principal: {
AWS: "arn:aws:iam::79787xxx:root",
},
Action: "s3:PutObject",
Resource: `arn:aws:s3:::${bucketName}/*`,
},
{
Sid: "AWSLogDeliveryWrite",
Effect: "Allow",
Principal: {
Service: "<http://delivery.logs.amazonaws.com|delivery.logs.amazonaws.com>",
},
Action: "s3:PutObject",
Resource: `arn:aws:s3:::${bucketName}/*`,
Condition: {
StringEquals: {
"s3:x-amz-acl": "bucket-owner-full-control",
},
},
},
{
Sid: "AWSLogDeliveryAclCheck",
Effect: "Allow",
Principal: {
Service: "<http://delivery.logs.amazonaws.com|delivery.logs.amazonaws.com>",
},
Action: "s3:GetBucketAcl",
Resource: `arn:aws:s3:::${bucketName}`,
},
],
});
}error: 1 error occurred:
* Error putting S3 policy: OperationAborted: A conflicting conditional operation is currently in progress against this resource. Please try again.
status code: 409,b
billowy-army-68599
08/18/2021, 5:58 PMyour bucket is queued for deletion, see: https://aws.amazon.com/premiumsupport/knowledge-center/s3-conflicting-conditional-operation/
dont hard code bucket names, use auto naming to avoid this
r
refined-terabyte-65361
08/18/2021, 6:00 PMsure thanks
let me try autonaming