Hi! Can anybody explain how to properly use pulumi with AWS?
I installed pulumi and awscli
I have pulumi config:
"""An AWS Python Pulumi program"""
import pulumi
from pulumi_aws import s3
# Create an AWS resource (S3 Bucket)
bucket = s3.Bucket('my-bucket')
# Export the name of the bucket
pulumi.export('bucket_name', bucket.id)
and call:
$ pulumi up --debug
Previewing update (dev)
View in Browser (Ctrl+O): https://app.pulumi.com/dshibanov/quickstart/dev/previews/93a7b0f6-7d58-455d-a38a-1ee202f2a676
Type Name Plan Info
+ pulumi:pulumi:Stack quickstart-dev create 22 debugs
└─ pulumi:providers:aws default_6_13_2 1 error
Diagnostics:
pulumi:providers:aws (default_6_13_2):
error: rpc error: code = Unknown desc = unable to validate AWS credentials.
Details: No valid credential sources found. Please see https://www.pulumi.com/registry/packages/aws/installation-configuration/
for more information about providing credentials.
Error: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, request canceled, context deadline exceeded
Make sure you have set your AWS region, e.g. `pulumi config set aws:region us-west-2`.
NEW: You can use Pulumi ESC to set up dynamic credentials with AWS OIDC to ensure the correct and valid credentials are used.
Learn more: https://www.pulumi.com/registry/packages/aws/installation-configuration/#dynamically-generate-credentials
pulumi:pulumi:Stack (quickstart-dev):
debug: registering resource: ty=pulumi:pulumi:Stack, name=quickstart-dev, custom=False, remote=False
debug: registering resource: ty=aws:s3/bucket:Bucket, name=my-bucket, custom=True, remote=False
debug: Waiting for outstanding RPCs to complete
debug: RPCs successfully completed
debug: Waiting for 33 outstanding tasks to complete
debug: beginning rpc register resource
debug: beginning rpc register resource
debug: beginning rpc register resource outputs
debug: resource registration prepared: ty=pulumi:pulumi:Stack, name=quickstart-dev
debug: resource registration successful: ty=pulumi:pulumi:Stack, urn=urn:pulumi:dev::quickstart::pulumi:pulumi:Stack::quickstart-dev
debug: resource registration prepared: ty=aws:s3/bucket:Bucket, name=my-bucket
debug: pulumi-aws: starting to validate credentials. Disable this by AWS_SKIP_CREDENTIALS_VALIDATION or skipCredentialsValidation option
debug: pulumi-aws: error validating credentials: unable to validate AWS credentials.
debug: Details: No valid credential sources found. Please see https://www.pulumi.com/registry/packages/aws/installation-configuration/
debug: for more information about providing credentials.
debug:
debug: Error: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, request canceled, context deadline exceeded
debug:
debug: Make sure you have set your AWS region, e.g. `pulumi config set aws:region us-west-2`.
debug:
debug: NEW: You can use Pulumi ESC to set up dynamic credentials with AWS OIDC to ensure the correct and valid credentials are used.
debug: Learn more: https://www.pulumi.com/registry/packages/aws/installation-configuration/#dynamically-generate-credentials
What's wrong and how to fix it?
I have an idea that it is somehow connected to [debug: Details: No valid credential sources found. ]
How I can check validity of credentials by awscli, list them maybe?