Is it a bug/regression or something else? I also saw in the docs somewhere that the config key was called

aws-native:profile

now, or something? Is this related to the problem?

And now when I am trying to find the source of what I just claimed – like decent person – but can only find the one saying `aws:profile`: https://www.pulumi.com/registry/packages/aws/installation-configuration/

So maybe it was an earlier version of this page

There might be another way to configure the secrets via the backend: configuration in Pulumi.yaml, but I don't know about that. I've always just used the env vars for backend configuration.

When deploying production I never used the env variables and the GitHub action also creates a profile in

~/.aws/credentials

, so the GitHub Action also works without the env variables. So I'm confused as to what you mean with "aws:profile won't ever work with backends". 🤔 If I've declared something weird in my rewrite of the stack that causes this I'd like to identify it. Other than that the config should be the same regarding AWS itself.

Configuration of the backend is completely separate from configuration of the provider that puts resources into the cloud.

And just to clarify, the

aws:ecs:Service (backend):

refers to our service called

backend

in pulumi, and part of what I'm up to right now is implementing a naming convention for all Pulumi resources so as to not be able to confuse them between envs, if one were to accidentally run this with incorrect AWS credentials.

backend

used to be the name for our ECS Cluster, Fargate Service, Docker Image and much more. Now it's going to follow

<service>-<env>-<aws-resource-type>

instead.

Anyway, being honest, the explanation that configuring the backend of Pulumi is separate from configuring the provider that runs the resource migrations is fuzzy to me, since I have not changed anything about how I connect to AWS and only actually changed names of my resources and whatnot. So if this is the case, how do I debug it? How do I fix it? I've only seen resources referring to how to run commands that locally affect my

Pulumi-<stack>.yml

files. Or using

aws configure

, which is a different CLI altogether, or the env variables as mentioned earlier.

I found an issue (or development decision.. not sure) a few days ago where providers were not working when

aws:profile

was set correctly, but they were working when

AWS_PROFILE

was set correctly. It turns out that

aws:profile

isn't used by default when you're creating your own AWS provider. Are you doing that? If you are, then can you try setting

profile: new pulumi.Config("aws").require("profile")

?

So to me it felt like a bug, because I hadn't touched anything regarding this part of the pulumi stack file