Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provider property allowedAccountIDs strips leading 0 #4897

Open
aureq opened this issue Dec 10, 2024 · 1 comment
Open

Provider property allowedAccountIDs strips leading 0 #4897

aureq opened this issue Dec 10, 2024 · 1 comment
Assignees
@corymhall
Labels
kind/bug Some behavior is incorrect or out of spec resolution/wont-fix This issue won't be fixed

Comments

@aureq
Copy link
Member

aureq commented Dec 10, 2024

Describe what happened

Seems related to #2806

I have a simple stack configuration file in which I set a list of allowed AWS Account IDs.
It appears the leading zero of the AWS Account number is stripped which leads to a preview failure.

This is my Pulumi.prod.yaml which creates the issue.

config:
  aws:allowedAccountIds:
    - 0528XXXXYYYY

Using " around the account number seems to force the value to be interpreted as strings.

config:
  aws:allowedAccountIds:
    - "0528XXXXYYYY"

Sample program

n/a

Log output

Previewing update (prod)

View in Browser (Ctrl+O): https://app.pulumi.com/menfin-demo/platform-infra/prod/previews/e43597b5-e4bf-4832-9082-2ef78f340cae

     Type                              Name                          Plan       Info
 +   pulumi:pulumi:Stack               platform-infra-prod           create     
     └─ aws:iam:OpenIdConnectProvider  platform-infra-oidc-provider             1 error

Diagnostics:
  aws:iam:OpenIdConnectProvider (platform-infra-oidc-provider):
    error: 1 error occurred:
        * AWS account ID not allowed: 0528XXXXYYYY

Affected Resource(s)

No response

Output of pulumi about

CLI          
Version      3.142.0
Go Version   go1.23.3
Go Compiler  gc

Plugins
KIND      NAME    VERSION
resource  aws     6.64.0
language  nodejs  unknown

Host     
OS       debian
Version  12.8
Arch     x86_64

This project is written in nodejs: executable='/usr/local/bin/node' version='v22.11.0'

Current Stack: menfin-demo/platform-infra/prod

Found no resources associated with prod

Found no pending operations associated with prod

Backend        
Name           pulumi.com
URL            https://app.pulumi.com/aureq
User           aureq
Organizations  aureq, team-ce, menfin-demo, menfin, menfin-team, demo
Token type     personal

Dependencies:
NAME            VERSION
@types/node     18.19.67
typescript      5.7.2
@pulumi/aws     6.64.0
@pulumi/pulumi  3.142.0

Pulumi locates its logs in /tmp by default

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
@aureq aureq added kind/bug Some behavior is incorrect or out of spec needs-triage Needs attention from the triage team labels Dec 10, 2024
@corymhall
Copy link
Contributor

@aureq this is due to the underlying behavior of yaml which will interpret 0123 as the integer 123. The recommendation is to quote these values to ensure they are read as strings.

For reference pulumi/pulumi#11518

@corymhall corymhall added resolution/wont-fix This issue won't be fixed and removed needs-triage Needs attention from the triage team labels Dec 10, 2024
@corymhall corymhall self-assigned this Dec 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@corymhall corymhall

Labels
kind/bug Some behavior is incorrect or out of spec resolution/wont-fix This issue won't be fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aureq @corymhall