pulumi assume role aws

gistfile1.txt

    Exception: invocation of aws:route53/getZone:getZone returned an error: 1 error occurred:
    	* error configuring Terraform AWS Provider: IAM Role (arn:aws:iam::XXXXXXXXXXXX:role/PulumiRoute53) cannot be assumed.
    
    There are a number of possible causes of this - the most common are:
      * The credentials used in order to assume the role are invalid
      * The credentials do not have appropriate permission to assume the role
      * The role ARN is not valid
    
    Error: NoCredentialProviders: no valid providers in chain. Deprecated.
    	For verbose messaging see aws.Config.CredentialsChainVerboseErrors
    error: an unhandled error occurred: Program exited with non-zero exit code: 1

##### Provider #######
dns_provider = Provider(
    'route53_privileged',
    assume_role={
        'role_arn': PULUMI_ROUTE53_ASSUME_ROLE_ARN,
        'session_name': f'pulumi-{dt.utcnow().isoformat()}',
        'externalId': 'Cyclope',
    },
    region=PULUMI_ROUTE53_REGION,
)

######## Actual Code ###############
zone = route53.get_zone(name='my.domain.', opts=pulumi.ResourceOptions(provider=dns_provider))

pulumi.export('zone_id', zone.id)