Get started with Pulumi and AWS
Configure access to AWS
Pulumi’s CLI needs access to your AWS account to manage cloud resources.
If you’ve already installed and configured the AWS CLI, Pulumi will respect and use your configuration settings.
You must use an IAM user account that has programmatic access with rights to deploy and manage S3 buckets.
Testing access
To test that your AWS access is configured properly, run:
$ aws sts get-caller-identity
> aws sts get-caller-identity
If your AWS user ID, account, and ARN are printed, you are good to go. If not, read on:
{
"UserId": "BXO3165...ZP36NYY5FOU:my-session",
"Account": "9263...9123",
"Arn": "arn:aws:sts::9263...9123:assumed-role/.../my-session"
}
Alternative approaches
If you don’t have the AWS CLI installed, or you plan on using Pulumi in a CI/CD pipeline, retrieve your access key ID and secret access key and then set the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables on your workstation:
$ export AWS_ACCESS_KEY_ID="<YOUR_ACCESS_KEY_ID>"
$ export AWS_SECRET_ACCESS_KEY="<YOUR_SECRET_ACCESS_KEY>"
> $env:AWS_ACCESS_KEY_ID = "<YOUR_ACCESS_KEY_ID>"
> $env:AWS_SECRET_ACCESS_KEY = "<YOUR_SECRET_ACCESS_KEY>"
You may optionally use AWS profiles if your configuration requires them:
$ export AWS_PROFILE="<YOUR_PROFILE_NAME>"
> $env:AWS_PROFILE = "<YOUR_PROFILE_NAME>"
For detailed information on Pulumi’s use of AWS credentials, see AWS Setup.
Thank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.
