Obscure error message 'Bucket named 'bucket-name' exists, but not in account [object Object]. Wrong account?'
See original GitHub issueWhen running CDK deploy trying to deploy assets in preexisting CDK buckets, created by the bootstrap process without the necessary s3:getBucketLocation permission, the deployment fails with a message like Obscure error message ‘Bucket named ‘bucket-name’ exists, but not in account [object Object]. Wrong account?’ Notice that the bucket does exist in the account, it’s just a permission issue.
Reproduction Steps
Theoretical yet, but it should happen when trying to make a deploy to an account which already contains the assets being deployed in S3 from a previous bootstrap (at least there’s where we saw it happening).
It’s very likely that this can be reproduce by doing the same as in https://github.com/aws/aws-cdk/issues/4039, but only removing the s3:getBucketLocation permission.
Error Log
'Bucket named 'bucket-name' exists, but not in account [object Object]. Wrong account?'
Environment
- CLI Version :
- **Framework Version: 1.1.0
- **OS : Linux x64
- **Language : English
Other
Checking the code in https://github.com/aws/aws-cdk/blob/a75f711aea3dac83c6feec885b7df9b14a39486e/packages/cdk-assets/lib/private/handlers/files.ts you can see that when there is a permissions error, this message will be shown. Also, account is sent as an object and it stringifies into [objest Object]
This is 🐛 Bug Report
Issue Analytics
- State:
- Created 4 years ago
- Reactions:29
- Comments:16 (7 by maintainers)
Top GitHub Comments
I can confirm the error is related to a lack of permissions as @pmarrone mentioned. I had a task definition complaining about the same problem. The policy below worked for my situation.
Any update on this? I am still getting the same error, I even updated the bucket policy as below:: { “Version”: “2012-10-17”, “Id”: “AccessControl”, “Statement”: [ { “Sid”: “UpdateBucketPolicy”, “Effect”: “Allow”, “Principal”: { “AWS”: “arn:aws:iam::{…acount id…}:root” }, “Action”: "s3:", “Resource”: [ “arn:aws:s3:::bucketnamefordemo”, “arn:aws:s3:::bucketnamefordemo/” ] } ] }