terragrunt reference architecture s3 bucket permissions
We recently had our RA deployed and I am attempting to add users, but when running terragrunt apply I get an error: Remote state S3 bucket xxxx-us-east-1-tf-state does not exist or you don't have permissions to access it. Would you like Terragrunt to create it? (y/n) The bucket does exist. I've configured aws-vault and am able to authenticate using commands like: aws-vault exec dev --no-session -- aws sts get-caller-identity Is there a way to tell what role or user Terragrunt is assuming when executing these commands? --- <ins datetime="2022-12-14T23:58:19Z"> <p><a href="https://support.gruntwork.io/hc/requests/109728">Tracked in ticket #109728</a></p> </ins>
I think I figured out what happened here - I did not properly authenticate with the CLI. I needed to call: aws-vault exec security I think it would be helpful if this was called out in the documentation more explicitly, because the [documentation ](https://github.com/gruntwork-clients/infrastructure-live-campaign-sidekick/blob/main/docs/02-authenticate.md#authenticate-to-aws-via-the-cli) doesn't mention it. Incidentally, there is a small chronological error in the documentation in that section - it suggests running `aws-vault add security `before adding new profiles for each of the accounts to ~/.aws/config. I believe you need to add the profiles first. Otherwise the documentation is great, just leaving this behind in case anyone else encounters it.