hi all, we’re trying to switch to AWS SSO but when...
# aws
hi all, we’re trying to switch to AWS SSO but when using Pulumi’s S3 backend, it keeps throwing
Copy code
SharedConfigErr: only one credential type may be specified per profile: source profile, credential source, credential process, web identity token, or sso
we have to use
for the SDK so I tried to create a separate profile for Pulumi:
Copy code
region = us-east-1
sso_start_url = <https://d-XXXX.awsapps.com/start>
sso_region = us-east-1
sso_account_id = XXXXAccountId
sso_role_name = XXXRole
but the backend doesn’t seem to respect
config form the stack, it only works if I specify it as an env variable
which isn’t very ergonomic for developers to manage separate profiles for the appand Pulumi. would love any pointers you have may
not sure if this is useful or not: https://github.com/pulumi/pulumi-aws/issues/1340
is for configuring the default AWS provider. Backends are created before Pulumi starts. Different configuration is used.
Afaik, the only way to configure the AWS backend is via "normal" AWS configuration: env vars, ~/.aws/credentials, etc.
You can't use
for this.
Hi, I have had the same experience, for the moment I’m using envrc to set up thr AWS_PROFILE but for CI/CD I will try to create an aws provider
AWS providers do not affect the backend at all.
Not related.