Is there any kind of limitation on aws authenticat...
# aws
Is there any kind of limitation on aws authentication which might cause me to see issues where using many providers would fail where specific providers are unable to "find aws token" but others, with identical configuration - just different defaultTags - be fine? Context: I create a new aws provider for resources under each "Service" (a component resource). Want to move to a stack per service soon but not prioritised.
Re-running after I let this
finish results in a success. Presumably because this provider is able to get created earlier. Hence I am asking if there is some limitation I'm unaware of
Any of them role-based access with MFA?
I'm also curious if you've explicitly defined the region
If the credentials are being sourced from an IAM Role on an Ec2/Fargate/Lambda instance, then you may be rate-limited by the AWS Metadata service, though I'm unsure if that applies in your case
Region is defined explicitly
{region: aws.config.requireRegion()}
and does require MFA
Real quick so I've got a bit more info to pass along to some of our internal folks: Are you only seeing this with specific commands (e.g.,
pulumi destroy
pulumi up
but not
pulumi refresh
), or is it happening with any command? Also, can you share a sample snippet of a working provider and a non-working one, if you can do that without sharing any sensitive data? I was rooting around in our issues, and I came across one where setting a
option in the provider code would set off that one provider, but I thought it was fixed: