Open benlucasbeggars opened 1 year ago
Cheers :)
This impacted me on the ts nodjs version, when I use SSO setup(the only one that has beein impacted by it). ItΒ΄s a part of the cloudfront distribution template, so quite important.
// Use a synced folder to manage the files of the website.
const bucketFolder = new synced_folder.S3BucketFolder("bucket-folder", {
path: path,
bucketName: bucket.bucket,
acl: "public-read",
}, { dependsOn: [ownershipControls, publicAccessBlock] });
β projecta git:(main) β pulumi up <aws:foundations-dev-FullAccess>
Enter your passphrase to unlock config/secrets
(set PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE to remember):
Enter your passphrase to unlock config/secrets
Previewing update (foundations-dev):
Type Name Plan Info
+ pulumi:pulumi:Stack publishercopy-foundations-dev create 2 errors
+ ββ aws:s3:Bucket bucket create
+ ββ aws:s3:BucketOwnershipControls ownership-controls create
+ ββ aws:s3:BucketPublicAccessBlock public-access-block create
+ ββ aws:cloudfront:Distribution cdn create
+ ββ synced-folder:index:S3BucketFolder bucket-folder create
ββ aws:s3:BucketObject error.html 1 error
Diagnostics:
aws:s3:BucketObject (error.html):
error: unable to validate AWS credentials.
Details: loading configuration: profile "foundations-dev-FullAccess" is configured to use SSO but is missing required configuration: sso_region, sso_start_url
Make sure you have:
β’ Set your AWS region, e.g. `pulumi config set aws:region us-west-2`
β’ Configured your AWS credentials as per https://pulumi.io/install/aws.html
You can also set these via cli using `aws configure`.
pulumi:pulumi:Stack (publishercopy-foundations-dev):
error: Error: invocation of aws:index/getRegion:getRegion returned an error: unable to validate AWS credentials.
Details: loading configuration: profile "foundations-dev-FullAccess" is configured to use SSO but is missing required configuration: sso_region, sso_start_url
Make sure you have:
β’ Set your AWS region, e.g. `pulumi config set aws:region us-west-2`
β’ Configured your AWS credentials as per https://pulumi.io/install/aws.html
You can also set these via cli using `aws configure`.
at Object.callback (/snapshot/pulumi-resource-synced-folder/node_modules/@pulumi/pulumi/runtime/invoke.js:161:33)
at Object.onReceiveStatus (/snapshot/pulumi-resource-synced-folder/node_modules/@grpc/grpc-js/src/client.ts:338:26)
at Object.onReceiveStatus (/snapshot/pulumi-resource-synced-folder/node_modules/@grpc/grpc-js/src/client-interceptors.ts:426:34)
at Object.onReceiveStatus (/snapshot/pulumi-resource-synced-folder/node_modules/@grpc/grpc-js/src/client-interceptors.ts:389:48)
at /snapshot/pulumi-resource-synced-folder/node_modules/@grpc/grpc-js/src/call-stream.ts:276:24
at processTicksAndRejections (node:internal/process/task_queues:78:11)
error: Error: failed to register new resource bucket-folder [synced-folder:index:S3BucketFolder]: 2 UNKNOWN: invocation of aws:index/getRegion:getRegion returned an error: unable to validate AWS credentials.
Details: loading configuration: profile "foundations-dev-FullAccess" is configured to use SSO but is missing required configuration: sso_region, sso_start_url
Make sure you have:
β’ Set your AWS region, e.g. `pulumi config set aws:region us-west-2`
β’ Configured your AWS credentials as per https://pulumi.io/install/aws.html
You can also set these via cli using `aws configure`.
at Object.registerResource (/Users/thomas@comp.com/work/pulumi/pulumi-foundations/publishercopy/node_modules/@pulumi/runtime/resource.ts:439:27)
at new Resource (/Users/thomas@comp.com/work/pulumi/pulumi-foundations/publishercopy/node_modules/@pulumi/resource.ts:507:13)
at new ComponentResource (/Users/thomas@comp.com/work/pulumi/pulumi-foundations/publishercopy/node_modules/@pulumi/resource.ts:1011:9)
at new S3BucketFolder (/Users/thomas@comp.com.com/work/pulumi/pulumi-foundations/publishercopy/node_modules/@pulumi/s3bucketFolder.ts:50:9)
at Object.<anonymous> (/Users/thomas@comp.com.com/work/pulumi/pulumi-foundations/publishercopy/index.ts:34:22)
at Module._compile (node:internal/modules/cjs/loader:1108:14)
at Module.m._compile (/Users/thomas@comp.com.com/work/pulumi/pulumi-foundations/publishercopy/node_modules/ts-node/src/index.ts:439:23)
at Module._extensions..js (node:internal/modules/cjs/loader:1137:10)
at Object.require.extensions.<computed> [as .ts] (/Users/thomas@comp.com.com/work/pulumi/pulumi-foundations/publishercopy/node_modules/ts-node/src/index.ts:442:12)
at Module.load (node:internal/modules/cjs/loader:988:32)
Outputs:
cdnHostname : output<string>
cdnURL : output<string>
originHostname: output<string>
originURL : output<string>
Hello! I am also experiencing this issue.
Basically, following the Pulumi's AWS Static Website instruction doesn't work if you use aws configure sso
and aws sso login
to manage AWS credentials, which looks like a preferred way nowadays to avoid storing long-term credentials locally (e.g. see here).
The error output is exactly the same as for Dill-Dall above (except for project and profile names).
Have just found out that updating the version of @pulumi/synced-folder
from 0.0.9 to 0.11.1 fixes the issue for me.
Made a pull request to update the template for AWS Static Website (TypeScript): https://github.com/pulumi/templates/pull/742
Hello!
Issue details
When running pulumi up using pulumi_synced_folder.S3BucketFolder and aws configure sso, the underlying command is not able to run, could we have the stack configuration aws:profile added on to the end of the aws s3 command such as
aws s3 sync \"./builds/server/files\" \"s3://server-dev2/pulumi/\" --acl \"private\" --region \"eu-west-1\" --delete --only-show-error --profile aws-profile-name
Affected area/feature