AWS_PROFILE=deepkeep-dev pulumi up
Previewing update (dev):
Type Name Plan
pulumi:pulumi:Stack dev-cluster-dev
+ └─ aws-iam:index:RoleForServiceAccountsEks aws-iam-example-role-for-service-accounts-eks create
+ ├─ aws:iam:Policy aws-iam-example-role-for-service-accounts-eks create
+ ├─ aws:iam:Role aws-iam-example-role-for-service-accounts-eks-role create
+ └─ aws:iam:RolePolicyAttachment aws-iam-example-role-for-service-accounts-eks create
Resources:
+ 4 to create
64 unchanged
Do you want to perform this update? yes
Updating (dev):
Type Name Status Info
pulumi:pulumi:Stack dev-cluster-dev **failed** 1 error
+ ├─ aws-iam:index:RoleForServiceAccountsEks aws-iam-example-role-for-service-accounts-eks created
+ │ ├─ aws:iam:Role aws-iam-example-role-for-service-accounts-eks-role created (2s)
+ │ ├─ aws:iam:Policy aws-iam-example-role-for-service-accounts-eks created (2s)
+ │ └─ aws:iam:RolePolicyAttachment aws-iam-example-role-for-service-accounts-eks created (1s)
└─ eks:index:Cluster dev
└─ aws:eks:Cluster dev-eksCluster
Diagnostics:
pulumi:pulumi:Stack (dev-cluster-dev):
error: Running program '/home/me/git/deepkeep/local-dev-env/aws/dev-cluster/' failed with an unhandled exception:
<ref *1> Error: failed to register new resource aws-iam-example-role-for-service-accounts-eks [aws-iam:index:RoleForServiceAccountsEks]: 2 UNKNOWN: marshaling properties: awaiting input property role: cannot marshal an input of type pulumi.StringOutput with element type string as a value of type pulumi.StringOutput
at Object.registerResource (/home/me/git/deepkeep/local-dev-env/aws/dev-cluster/node_modules/@pulumi/runtime/resource.ts:339:27)
at new Resource (/home/me/git/deepkeep/local-dev-env/aws/dev-cluster/node_modules/@pulumi/resource.ts:398:13)
at new ComponentResource (/home/me/git/deepkeep/local-dev-env/aws/dev-cluster/node_modules/@pulumi/resource.ts:891:9)
at new RoleForServiceAccountsEks (/home/me/git/deepkeep/local-dev-env/aws/dev-cluster/node_modules/@pulumi/roleForServiceAccountsEks.ts:98:9)
at Object.<anonymous> (/home/me/git/deepkeep/local-dev-env/aws/dev-cluster/index.ts:119:35)
at Module._compile (node:internal/modules/cjs/loader:1191:14)
at Module.m._compile (/home/me/git/deepkeep/local-dev-env/aws/dev-cluster/node_modules/ts-node/src/index.ts:439:23)
at Module._extensions..js (node:internal/modules/cjs/loader:1245:10)
at Object.require.extensions.<computed> [as .ts] (/home/me/git/deepkeep/local-dev-env/aws/dev-cluster/node_modules/ts-node/src/index.ts:442:12)
at Module.load (node:internal/modules/cjs/loader:1069:32) {
promise: Promise { <rejected> [Circular *1] }
}
Outputs:
devAdminK8sToken: [secret]
kubeconfigScript: [secret]
Resources:
+ 4 created
64 unchanged
Duration: 16s
Role is created but any other invocation of pulumi up fails instantly with the same exception
CLI
Version 3.58.0
Go Version go1.20.2
Go Compiler gc
Plugins
NAME VERSION
aws 5.32.0
aws 5.16.2
aws-iam 0.1.0
awsx 1.0.2
docker 3.6.1
eks 1.0.1
kubernetes 3.24.2
nodejs unknown
Host
OS ubuntu
Version 22.04
Arch x86_64
This project is written in nodejs: executable='/usr/bin/node' version='v16.19.1'
Current Stack: dev
TYPE URN
pulumi:pulumi:Stack urn:pulumi:dev::dev-cluster::pulumi:pulumi:Stack::dev-cluster-dev
eks:index:Cluster urn:pulumi:dev::dev-cluster::eks:index:Cluster::dev
eks:index:ServiceRole urn:pulumi:dev::dev-cluster::eks:index:Cluster$eks:index:ServiceRole::dev-instanceRole
pulumi:providers:aws urn:pulumi:dev::dev-cluster::pulumi:providers:aws::default_5_16_2
eks:index:ServiceRole urn:pulumi:dev::dev-cluster::eks:index:Cluster$eks:index:ServiceRole::dev-eksRole
pulumi:providers:awsx urn:pulumi:dev::dev-cluster::pulumi:providers:awsx::default_1_0_2
awsx:ec2:Vpc urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc::dev
pulumi:providers:eks urn:pulumi:dev::dev-cluster::pulumi:providers:eks::default
eks:index:RandomSuffix urn:pulumi:dev::dev-cluster::eks:index:Cluster$eks:index:RandomSuffix::dev-cfnStackName
pulumi:providers:aws-iam urn:pulumi:dev::dev-cluster::pulumi:providers:aws-iam::default_0_1_0
aws:iam/role:Role urn:pulumi:dev::dev-cluster::eks:index:Cluster$eks:index:ServiceRole$aws:iam/role:Role::dev-eksRole-role
aws:iam/role:Role urn:pulumi:dev::dev-cluster::eks:index:Cluster$eks:index:ServiceRole$aws:iam/role:Role::dev-instanceRole-role
aws-iam:index:RoleForServiceAccountsEks urn:pulumi:dev::dev-cluster::aws-iam:index:RoleForServiceAccountsEks::aws-iam-example-role-for-service-accounts-eks
pulumi:providers:aws urn:pulumi:dev::dev-cluster::pulumi:providers:aws::default
aws:iam/rolePolicyAttachment:RolePolicyAttachment urn:pulumi:dev::dev-cluster::eks:index:Cluster$eks:index:ServiceRole$aws:iam/rolePolicyAttachment:RolePolicyAttachment::dev-eksRole-4b490823
aws:iam/rolePolicyAttachment:RolePolicyAttachment urn:pulumi:dev::dev-cluster::eks:index:Cluster$eks:index:ServiceRole$aws:iam/rolePolicyAttachment:RolePolicyAttachment::dev-instanceRole-03516f97
aws:iam/rolePolicyAttachment:RolePolicyAttachment urn:pulumi:dev::dev-cluster::eks:index:Cluster$eks:index:ServiceRole$aws:iam/rolePolicyAttachment:RolePolicyAttachment::dev-instanceRole-e1b295bd
aws:iam/rolePolicyAttachment:RolePolicyAttachment urn:pulumi:dev::dev-cluster::eks:index:Cluster$eks:index:ServiceRole$aws:iam/rolePolicyAttachment:RolePolicyAttachment::dev-instanceRole-3eb088f2
aws:ec2/vpc:Vpc urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc::dev
aws:ec2/subnet:Subnet urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet::dev-private-3
aws:ec2/internetGateway:InternetGateway urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/internetGateway:InternetGateway::dev
aws:ec2/subnet:Subnet urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet::dev-public-1
aws:ec2/subnet:Subnet urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet::dev-private-1
aws:ec2/subnet:Subnet urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet::dev-public-2
aws:ec2/subnet:Subnet urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet::dev-private-2
aws:ec2/subnet:Subnet urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet::dev-public-3
aws:iam/instanceProfile:InstanceProfile urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:iam/instanceProfile:InstanceProfile::dev-instanceProfile
aws:ec2/routeTable:RouteTable urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable::dev-private-3
aws:ec2/routeTable:RouteTable urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable::dev-public-1
aws:ec2/eip:Eip urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/eip:Eip::dev-1
aws:ec2/routeTable:RouteTable urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable::dev-private-1
aws:ec2/routeTable:RouteTable urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable::dev-public-2
aws:ec2/eip:Eip urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/eip:Eip::dev-2
aws:ec2/routeTable:RouteTable urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable::dev-private-2
aws:ec2/eip:Eip urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/eip:Eip::dev-3
aws:ec2/routeTable:RouteTable urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable::dev-public-3
aws:ec2/routeTableAssociation:RouteTableAssociation urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/routeTableAssociation:RouteTableAssociation::dev-private-3
aws:ec2/routeTableAssociation:RouteTableAssociation urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/routeTableAssociation:RouteTableAssociation::dev-public-1
aws:ec2/route:Route urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/route:Route::dev-public-1
aws:ec2/natGateway:NatGateway urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/natGateway:NatGateway::dev-1
aws:ec2/routeTableAssociation:RouteTableAssociation urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/routeTableAssociation:RouteTableAssociation::dev-private-1
aws:ec2/routeTableAssociation:RouteTableAssociation urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/routeTableAssociation:RouteTableAssociation::dev-public-2
aws:ec2/route:Route urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/route:Route::dev-public-2
aws:ec2/natGateway:NatGateway urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/natGateway:NatGateway::dev-2
aws:ec2/routeTableAssociation:RouteTableAssociation urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/routeTableAssociation:RouteTableAssociation::dev-private-2
aws:ec2/natGateway:NatGateway urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/natGateway:NatGateway::dev-3
aws:ec2/route:Route urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/route:Route::dev-public-3
aws:ec2/routeTableAssociation:RouteTableAssociation urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/routeTableAssociation:RouteTableAssociation::dev-public-3
aws:ec2/route:Route urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/route:Route::dev-private-1
aws:ec2/route:Route urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/route:Route::dev-private-2
aws:ec2/route:Route urn:pulumi:dev::dev-cluster::awsx:ec2:Vpc$aws:ec2/vpc:Vpc$aws:ec2/subnet:Subnet$aws:ec2/routeTable:RouteTable$aws:ec2/route:Route::dev-private-3
pulumi:providers:pulumi urn:pulumi:dev::dev-cluster::pulumi:providers:pulumi::default
aws:ec2/securityGroup:SecurityGroup urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:ec2/securityGroup:SecurityGroup::dev-eksClusterSecurityGroup
aws:ec2/securityGroupRule:SecurityGroupRule urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:ec2/securityGroupRule:SecurityGroupRule::dev-eksClusterInternetEgressRule
aws:eks/cluster:Cluster urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:eks/cluster:Cluster::dev-eksCluster
aws:ec2/securityGroup:SecurityGroup urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:ec2/securityGroup:SecurityGroup::dev-nodeSecurityGroup
aws:iam/openIdConnectProvider:OpenIdConnectProvider urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:iam/openIdConnectProvider:OpenIdConnectProvider::dev-oidcProvider
aws:ec2/securityGroupRule:SecurityGroupRule urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:ec2/securityGroupRule:SecurityGroupRule::dev-eksNodeClusterIngressRule
aws:ec2/securityGroupRule:SecurityGroupRule urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:ec2/securityGroupRule:SecurityGroupRule::dev-eksClusterIngressRule
aws:ec2/securityGroupRule:SecurityGroupRule urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:ec2/securityGroupRule:SecurityGroupRule::dev-eksNodeIngressRule
aws:ec2/securityGroupRule:SecurityGroupRule urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:ec2/securityGroupRule:SecurityGroupRule::dev-eksNodeInternetEgressRule
aws:ec2/securityGroupRule:SecurityGroupRule urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:ec2/securityGroupRule:SecurityGroupRule::dev-eksExtApiServerClusterIngressRule
eks:index:VpcCni urn:pulumi:dev::dev-cluster::eks:index:Cluster$eks:index:VpcCni::dev-vpc-cni
pulumi:providers:kubernetes urn:pulumi:dev::dev-cluster::eks:index:Cluster$pulumi:providers:kubernetes::dev-eks-k8s
kubernetes:core/v1:ConfigMap urn:pulumi:dev::dev-cluster::eks:index:Cluster$kubernetes:core/v1:ConfigMap::dev-nodeAccess
aws:iam/policy:Policy urn:pulumi:dev::dev-cluster::aws-iam:index:RoleForServiceAccountsEks$aws:iam/policy:Policy::aws-iam-example-role-for-service-accounts-eks
aws:iam/role:Role urn:pulumi:dev::dev-cluster::aws-iam:index:RoleForServiceAccountsEks$aws:iam/role:Role::aws-iam-example-role-for-service-accounts-eks-role
aws:ec2/launchConfiguration:LaunchConfiguration urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:ec2/launchConfiguration:LaunchConfiguration::dev-nodeLaunchConfiguration
aws:cloudformation/stack:Stack urn:pulumi:dev::dev-cluster::eks:index:Cluster$aws:cloudformation/stack:Stack::dev-nodes
aws:iam/rolePolicyAttachment:RolePolicyAttachment urn:pulumi:dev::dev-cluster::aws-iam:index:RoleForServiceAccountsEks$aws:iam/rolePolicyAttachment:RolePolicyAttachment::aws-iam-example-role-for-service-accounts-eks
pulumi:providers:kubernetes urn:pulumi:dev::dev-cluster::eks:index:Cluster$pulumi:providers:kubernetes::dev-provider
kubernetes:core/v1:ServiceAccount urn:pulumi:dev::dev-cluster::kubernetes:core/v1:ServiceAccount::dev-admin
kubernetes:core/v1:Secret urn:pulumi:dev::dev-cluster::kubernetes:core/v1:Secret::dev-admin-token
kubernetes:rbac.authorization.k8s.io/v1:ClusterRoleBinding urn:pulumi:dev::dev-cluster::kubernetes:rbac.authorization.k8s.io/v1:ClusterRoleBinding::dev-admin
Found no pending operations associated with dev
Backend
Name hengroen
URL s3://pulimi-state-deepkeep-431370296018-eu-central-1?profile=deepkeep-dev
User me
Organizations
Dependencies:
NAME VERSION
@pulumi/aws 5.32.0
@pulumi/aws-iam 0.1.0
@pulumi/awsx 1.0.2
@pulumi/eks 1.0.1
@pulumi/pulumi 3.58.0
typescript 4.9.5
@types/node 16.18.18
@typescript-eslint/eslint-plugin 5.56.0
@typescript-eslint/parser 5.56.0
eslint 8.36.0
eslint-config-prettier 8.8.0
eslint-plugin-prettier 4.2.1
prettier 2.8.6
Pulumi locates its logs in /tmp by default
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
What happened?
Deployment of RoleForServiceAccountsEks fails. I copied example code from documentation:
This is the output of
pulumi up
:Role is created but any other invocation of
pulumi up
fails instantly with the same exceptionExpected Behavior
no errors
Steps to reproduce
try example from https://www.pulumi.com/registry/packages/aws-iam/ with RoleForServiceAccountsEks
Output of
pulumi about
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).