https://www.lunasec.io logo
#general
Title
# general
f

Forrest Allison

05/09/2022, 8:32 PM
DEV_USER= can be anything I believe, we just use that as a way to disambiguate resources I think
c

Cameron Smart

05/09/2022, 8:38 PM
This is what I get when I run that command
Copy code
[cameron@ThePad bsl]$ DEV_USER=cameron yarn run dev:cdk:deploy
(node:36499) [MODULE_NOT_FOUND] Error: @types/node tried to access events (a peer dependency) but it isn't provided by its ancestors; this makes the require call ambiguous and unsound.
(Use `node --trace-warnings ...` to show where the warning was created)
(node:36499) [MODULE_NOT_FOUND] Error: @types/node tried to access util (a peer dependency) but it isn't provided by its ancestors; this makes the require call ambiguous and unsound.
(node:36499) [MODULE_NOT_FOUND] Error: @types/node tried to access url (a peer dependency) but it isn't provided by its ancestors; this makes the require call ambiguous and unsound.
(node:36499) [MODULE_NOT_FOUND] Error: @types/node tried to access tty. While this module is usually interpreted as a Node builtin, your resolver is running inside a non-Node resolution context where such builtins are ignored. Since tty isn't otherwise declared in @types/node's dependencies, this makes the require call ambiguous and unsound.
(node:36499) [MODULE_NOT_FOUND] Error: @types/node tried to access querystring (a peer dependency) but it isn't provided by its ancestors; this makes the require call ambiguous and unsound.

✨  Synthesis time: 3.76s

Could not assume arn:aws:iam::134071937287:role/cdk-hnb659fds-lookup-role-134071937287-us-west-2, proceeding anyway.
(To get rid of this warning, please upgrade to bootstrap version >= 8)

NOTICES

19836	AWS CDK v1 entering maintenance mode soon

	Overview: AWS CDK v1 is entering maintenance mode on June 1, 2022.
	          Migrate to AWS CDK v2 to continue to get the latest features
	          and fixes!

	Affected versions: framework: 1.*, cli: 1.*

	More information at: <https://github.com/aws/aws-cdk/issues/19836>


If you don't want to see a notice anymore, use "cdk acknowledge <id>". For example, "cdk acknowledge 19836".
Need to perform AWS calls for account 134071937287, but no credentials have been configured
I think I have the AWS config setup correct.
But that last line makes me think I did something wrong in the config and am associated with the wrong account, or I need credentials for that account.
I think I did the aws part wrong. I am going to research that more and make sure it works first
f

Forrest Allison

05/09/2022, 8:46 PM
yeah you should have a credentials file on disk
Copy code
cat ~/.aws/credentials
anyway you are on the right path
if you can use the aws cli you can use the cdk
you could try using the cli to go make a bucket
same stuff
uses the same configs
c

Cameron Smart

05/09/2022, 8:49 PM
Ah, I just made the credentials manually, I never actually installed the aws cli
I'll continue putting the errors I encounter in here and come back and collect them later, maybe. Now, I am at
Copy code
Could not assume role in target account using current credentials (which are for account 862989225104) Roles may not be assumed by root accounts. . Please make sure that this role exists in the account. If it doesn't exist, (re)-bootstrap the environment with the right '--trust', using the latest version of the CDK CLI.
Which seems to indicate I should not do this on a root account (which I am).
I think?
ya, I just need to create an IAM user
@Forrest Allison I think I am stuck on this one
Copy code
Could not assume role in target account using current credentials (which are for account 862989225104) User: arn:aws:iam::862989225104:user/cameron is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::134071937287:role/cdk-hnb659fds-deploy-role-134071937287-us-west-2 . Please make sure that this role exists in the account. If it doesn't exist, (re)-bootstrap the environment with the right '--trust', using the latest version of the CDK CLI.
I think I am missing roles in the aws IAM account I created, but I am not sure which ones to add
f

Forrest Allison

05/09/2022, 9:40 PM
thats extremely likely
you need to create buckets and sqs queues so start there
im pretty AWS ignorant
its also 100% possible to create that stuff manually using the CLI or even the console GUI
just harder
but I did it with the GUI once before we had the CDK stuff
So you could always try that. Youll find tutorials online for how to connect an SQS queue to a bucket using a console. Definitely involved some json config editing in the GUI but it did work
c

Cameron Smart

05/09/2022, 9:45 PM
I have the permission for s3 and sqs.
I was able to create the s3 bucket from the cli
the keyword in the error seems to be
sts:AssumeRole
I think I need to connect a role to the account
7 Views