https://pulumi.com logo
Powered by
Title
p

prehistoric-kite-30979

03/08/2022, 5:43 PM
Hi all, I’m trying to use the new local Command provider to create an AWS profile which I can then consume in the aws provider. However, I keep getting errors…
export function Aws(
    name: string,
    args: AwsOptionsArgs,
    opts?: CustomResourceOptions,
    providerOptions?: ProviderOptions,
): AwsOptions {
    const { accountId, accessKey, secretKey, roleArn } = awsCredentials()
    const profile = new AwsProfile({
        accountId,
        accessKey,
        secretKey,
        roleArn,
        region: args.region,
    })
    const provider = new aws.Provider(
        name,
        {
            profile: profile.name,
            region: args.region, // Even though its set in the profile, Pulumi requires it.
            // allowedAccountIds: [accountId],
        },
        { ...providerOptions, dependsOn: [profile] },
    )

    return {
        ...opts,
        region: args.region,
        accountId,
        provider,
        profile: profile.name,
    }
}

export class AwsProfile extends local.Command {
    readonly name: string
    constructor(args: ProfileArgs) {
        const name = `pulumi-automation-${pulumi.getProject()}-${pulumi.getStack()}`
        super(name, {
            create:
                `aws configure set aws_access_key_id ${args.accessKey} --profile ${name} &&` +
                `aws configure set aws_secret_access_key ${args.secretKey} --profile ${name} &&` +
                `aws configure set role_arn ${args.roleArn} --profile ${name} &&` +
                `aws configure set region ${args.region} --profile ${name} &&` +
                `aws configure set role_session_name pulumi-${
                    username.sync() || 'unknown'
                } --profile ${name} &&` +
                `aws configure set duration_seconds ${60 * 60} --profile ${name} &&` +
                `aws configure set source_profile ${name} --profile ${name}`,
            // Always trigger, its idempotent.
            triggers: [Date.now()],
        })
        this.name = name
    }
}
pulumi:pulumi:Stack hosted-controlplanes-eks-azure.workshop.aws-east running error: Unhandled exception: Error: invocation of aws:index/getAvailabilityZones:getAvailabilityZones returned an error: invoking aws:index/getAvailabilityZones:getAvailabilityZones: 1 error occurred:
it looks like the profile is configured correctly looking through the ~/.aws/* files
and the ordering looks correct in the stack update
am I doing anything obviously wrong here?
If I use the profile via the CLI its fine
i.e. 
aws ec2 --profile <same-name> describe-availability-zones
14 Views
#awsJoin Slack
Powered by