https://pulumi.com logo
Powered by
#typescript
Title
# typescript
r

refined-terabyte-65361

08/18/2021, 5:47 PM
Hello i am trying to create below resources but i am getting error
Copy code
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as awsx from "@pulumi/awsx";

// Create an AWS resource (S3 Bucket)
const bucketName = "cent-serv-logs";
const accessLogsBucket = new aws.s3.Bucket(`${bucketName}`, {
  bucket: `${bucketName}`,
});

const accessBucketPublicAccessBlock = new aws.s3.BucketPublicAccessBlock(
  "accessBucketPublicAccessBlock",
  {
    bucket: accessLogsBucket.id,
    blockPublicAcls: true,
    blockPublicPolicy: true,
    ignorePublicAcls: true,
    restrictPublicBuckets: true,
  }
);

const accessbucketPolicy = new aws.s3.BucketPolicy(
  `central-server-access-logs-policy`,
  {
    bucket: accessLogsBucket.bucket,
    policy: accessLogsBucket.bucket.apply(accessLogsBucketPolicy),
  }
);

function accessLogsBucketPolicy(bucketName: string) {
  return JSON.stringify({
    Version: "2012-10-17",
    Id: "AWSConsole-AccessLogs-Policy-16287xxxx",
    Statement: [
      {
        Sid: "AWSConsoleStmt-16xxxx",
        Effect: "Allow",
        Principal: {
          AWS: "arn:aws:iam::79787xxx:root",
        },
        Action: "s3:PutObject",
        Resource: `arn:aws:s3:::${bucketName}/*`,
      },
      {
        Sid: "AWSLogDeliveryWrite",
        Effect: "Allow",
        Principal: {
          Service: "<http://delivery.logs.amazonaws.com|delivery.logs.amazonaws.com>",
        },
        Action: "s3:PutObject",
        Resource: `arn:aws:s3:::${bucketName}/*`,
        Condition: {
          StringEquals: {
            "s3:x-amz-acl": "bucket-owner-full-control",
          },
        },
      },
      {
        Sid: "AWSLogDeliveryAclCheck",
        Effect: "Allow",
        Principal: {
          Service: "<http://delivery.logs.amazonaws.com|delivery.logs.amazonaws.com>",
        },
        Action: "s3:GetBucketAcl",
        Resource: `arn:aws:s3:::${bucketName}`,
      },
    ],
  });
}
error:
Copy code
error: 1 error occurred:
        * Error putting S3 policy: OperationAborted: A conflicting conditional operation is currently in progress against this resource. Please try again.
        status code: 409,
used example from here https://www.pulumi.com/docs/aws/s3/#create-an-aws-s3-resource-using-pulumiaws
b

billowy-army-68599

08/18/2021, 5:58 PM
dont hard code bucket names, use auto naming to avoid this
r

refined-terabyte-65361

08/18/2021, 6:00 PM
sure thanks let me try autonaming
4 Views
Powered by