search

pulumi / pulumi-aws-static-website

Apache License 2.0
11 stars 5 forks source link

error: unable to validate AWS AccessKeyID and/or SecretAccessKey #8

Open wizardfiction opened 2 years ago

wizardfiction commented 2 years ago

What happened?

I am trying to use the new aws-static-website package in a new pulumi stack. When running pulumi up, I get the following error:

 aws:s3:Bucket (website-content):
    error: unable to validate AWS AccessKeyID and/or SecretAccessKey - see https://pulumi.io/install/aws.html for details on configuration

My AWS credentials are configured at ~/.aws/credentials.

Steps to reproduce

  1. Run pulumi new. Select aws-typecript.

  2. npm install @pulumi/aws-static-website

  3. Update index.ts to the following:

import * as staticwebsite from "@pulumi/aws-static-website"

const adminSite = new staticwebsite.Website("cfx-admin", {
    sitePath: "../dist",
});

export const url = adminSite.websiteURL;
  1. Run pulumi up

Expected Behavior

I expected pulumi up to create the resources required for my minimal static website.

Actual Behavior

I was greeted with an error with AWS access keys: 

 aws:s3:Bucket (website-content):
    error: unable to validate AWS AccessKeyID and/or SecretAccessKey - see https://pulumi.io/install/aws.html for details on configuration

Versions used

CLI
Version      3.36.0
Go Version   go1.17.11
Go Compiler  gc

Plugins
NAME                VERSION
aws                 5.10.0
aws-static-website  0.0.4
docker              3.2.0
nodejs              unknown

Host
OS       darwin
Version  12.2.1
Arch     arm64

This project is written in nodejs: executable='/Users/wizardfiction/.nvm/versions/node/v17.8.0/bin/node' version='v17.8.0'

Backend
Name           pulumi.com
URL            https://app.pulumi.com/wizardfiction
User           wizardfiction
Organizations  wizardfiction, coinfx

Dependencies:
NAME                        VERSION
@pulumi/aws-static-website  0.0.4
@pulumi/aws                 5.10.0
@pulumi/awsx                0.40.0
@pulumi/pulumi              3.36.0
@types/node                 14.18.22

Pulumi locates its logs in /var/folders/jt/lm78h2zs7nx68kdbwwjn3wk00000gn/T/ by default
warning: Failed to get information about the current stack: No current stack

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

sean1588 commented 2 years ago

@wizardfiction, thanks for filing this issue. We also noticed this recently when testing we tested this out on m1 machines, which looks to be what you are also using. We will look into this more to get this resolved. In theory, it should be able to use your configuration in ~/.aws/credentials - just out of curiosity, did you happen to try setting the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables to see if it would take those?

wizardfiction commented 2 years ago

@sean1588 Yes, exporting the envvars does indeed work. This means we won't have issues in CI/CD (Github Actions runner), but I do like the convenience of testing things from my M1.

wizardfiction commented 2 years ago

This package rocks btw 💪

sean1588 commented 2 years ago

thanks @wizardfiction! Glad it is working well for you otherwise!

Quick question for you... so only way I was able to repro the cred validation error you were seeing was by removing a default region from the ~/.aws/credentials profile and also making sure AWS_REGION env var was not set. When those values were set, I was able to run pulumi up successfully using a profile configured in ~/.aws/credentials. Do you happen to have either of these values set? It is possible some other issue may be going on and maybe the CLI is swallowing up that error and just printing the invalid creds message. I will continue to look into it.

wizardfiction commented 2 years ago

@sean1588 I have region configured in my ~/.aws/config file but not in my credentials file. I believe it is intended to go in the config file, as aws configure set region <REGION> updates the config file.

Adding AWS_REGION env var did not help.

sean1588 commented 1 year ago

@wizardfiction this was likely due to an issue with the pulumi cli and not the component itself. There have been some updates made there around these errors as others were also running into them when using other components as well. You can try again with the latest version of the pulumi CLI and see if that solves your issue.