https://pulumi.com logo
Title
f

future-window-78560

03/18/2022, 5:50 AM
Hey everyone! I am supposed to create a GCP bucket with private access (through pulumi), as per docs https://www.pulumi.com/registry/packages/gcp/api-docs/storage/bucket/#create there is an attribute public_access_prevention to support but pulumi gives an error on its implementation: • TypeError: _internal_init() got an unexpected keyword argument 'public_access_prevention'
p

prehistoric-activity-61023

03/18/2022, 8:56 AM
can you paste the full code where you’re creating a bucket?
Additionally, please paste the output of:
pip freeze | grep pulumi
run from venv associated with Pulumi project.
f

future-window-78560

03/18/2022, 11:53 AM
bucket = gcp.storage.Bucket("flytebucket",
 public_access_prevention=True,
)
On pip freeze | grep pulumi
p

prehistoric-activity-61023

03/18/2022, 2:48 PM
you have no
pulumi-gcp
visible in
pip freeze
output - that’s weird
the code itself looks good (assuming you have proper GCP setup with default location, project etc. it should work)
I asked about
pip freeze
to check what version of
pulumi-gcp
you’re trying to use. Are you sure you listed the correct venv?
f

future-window-78560

03/20/2022, 4:31 PM
Hey @prehistoric-activity-61023 yes there was pulumi-gcp version issue. I have updated the version. It does not anymore say that --> got an unexpected keyword argument 'public_access_prevention' Now the error is different. If I am writing bool value: True it says--> error: 1 error occurred: * updating urn😛ulumi:flytetest::flyte-spark::gcp:storage/bucket😛rivatebucket: 1 error occurred: * googleapi: Error 400: Invalid value for: 1 is not a valid value, invalid If I am giving str value: "True" the error is--> Invalid value for: True is not a valid value, invalid The code is this: static = gcp.storage.Bucket("privatebucket", location="us-central1", public_access_prevention=True ) Pulumi versions are attached.
p

prehistoric-activity-61023

03/21/2022, 11:32 AM
Yeah, not it makes sense at least 🙂 (I first wanted to get rid of “wtf class error”, now we can talk about details).
I saw in the type hints that it expects
str
instead of
bool
but it was unrelated to the issue you had before. Let me see what it accepts.
Even if a bucket does not have public access prevention explicitly enforced in its settings, it might still inherit public access prevention, which occurs if the organization policy constraint
storage.publicAccessPrevention
is set on the project, folder, or organization that the bucket exists within. For this reason, the bucket state can only be set to
enforced
or
inherited
.
try passing
"enforced"