sparse-intern-71089
11/16/2022, 8:07 AMthousands-engineer-52020
11/16/2022, 10:31 AMassumerole = aws.Provider("aviatrixrole",
region="eu-west-1",
assume_role=aws.ProviderAssumeRoleArgs(role_arn="arn:aws:iam::1111111:role/myrole"))
site_bucket = s3.Bucket("s3-website-bucket",
website=s3.BucketWebsiteArgs(index_document="index.html"),
opts=pulumi.ResourceOptions(provider=assumerole))
brave-planet-10645
11/16/2022, 10:35 AMassumeRole
config setting you can use for default providers: https://www.pulumi.com/registry/packages/aws/installation-configuration/#configuration-optionsthousands-engineer-52020
11/16/2022, 10:42 AMstack.set_config("assumeRole.roleArn", auto.ConfigValue(value="arn:aws:iam::11111:role/myrole"))
doesn't work either. It still create my S3 bucket on my current accountbrave-planet-10645
11/16/2022, 10:45 AMstack.set_config("aws:assumeRole.roleArn", auto.ConfigValue(value="arn:aws:iam::11111:role/myrole"))
(note the aws
in front of the assumeRole
)thousands-engineer-52020
11/16/2022, 10:50 AMpulumi:pulumi:Stack inline_s3_project-dev running
aws:s3:Bucket s3-website-bucket error: could not validate provider configuration: 1 error occurred:
pulumi:pulumi:Stack inline_s3_project-dev
aws:s3:Bucket s3-website-bucket **failed** 1 error
Diagnostics:
aws:s3:Bucket (s3-website-bucket):
error: could not validate provider configuration: 1 error occurred:
* Invalid or unknown key
brave-planet-10645
11/16/2022, 10:51 AMaws
in front?thousands-engineer-52020
11/16/2022, 10:52 AMthousands-engineer-52020
11/16/2022, 10:53 AMstack.set_config("aws:assumeRole.roleArn", auto.ConfigValue(value="arn:aws:iam::11111768:role/myrole"))
it work great (but not on the proper account)brave-planet-10645
11/16/2022, 11:09 AMexternalId
and the sessionId
names in the config as well if you’re using assumeRole (not 100% sure on this, but worth a try) - that might be why you’re getting that error).brave-planet-10645
11/16/2022, 11:09 AMWithoutThis is because the provider is ignoring the settingit work great (but not on the proper account)stack.set_config("aws:assumeRole.roleArn", auto.ConfigValue(value="arn:aws:iam::11111768:role/myrole"))
brave-planet-10645
11/16/2022, 11:09 AMthousands-engineer-52020
11/16/2022, 2:15 PMbrave-planet-10645
11/16/2022, 2:16 PMaws
at the beginning? It’s expected: https://www.pulumi.com/docs/intro/concepts/config/#configuration-keysthousands-engineer-52020
11/16/2022, 2:50 PMaws:
in prefix, but pulumi crash when I set this config valueambitious-rocket-23091
11/16/2022, 7:52 PMstack.set_config(
"aws:assumeRole",
auto.ConfigValue(
json.dumps(
{
"roleArn": "arn:aws:iam::11111111111:role/myrole",
"sessionName": "session-assume-myrole",
}
)
),
)
I can't remember where I found this, but I did it this way and it worked.