Is there some way to create a resource when running pulumi u

Question

Is there some way to create a resource when running pulumi up but then destroy it when pulumi up is finished e g to open a firewall

salmon-account-74572 · Answer

The Command provider would be one way If the firewall vendor has a provider then that would be another way of course

echoing-oil-42947 · Answer

Yeah I ve been working with the command provider

echoing-oil-42947 · Answer

I ended up just going with 2 command resources and manual dependency declarations

salmon-account-74572 · Answer

If the firewall has an API you could choose to potentially interact with their API directly from whatever language you re using

salmon-account-74572 · Answer

If not well the Command provider is probably the only option

echoing-oil-42947 · Answer

It s a RouterOS Firewall so SSH is pretty ergonomic

salmon-account-74572 · Answer

Fair enough

echoing-oil-42947 · Answer

As a slightly related question is there a way to get something more helpful than Process failed with exit code 1 when an ssh remote command fails

salmon-account-74572 · Answer

Unfortunately no not AFAIK

brave-motorcycle-67487 · Answer

Depending on what exactly needs to happen it may be easier to do that externally to pulumi We generally run pulumi from Github Actions and there s a step that comes before the pulumi run that sets up a vpn connection if I needed to open and close a firewall hole I would probably write a little shell or python script that does that and wraps pulumi in the middle

echoing-oil-42947 · Answer

That s probably a better idea than what I have running

echoing-oil-42947 · Answer

I ve also considered some sort of stack automation the issue is that all of the credentials are in pulumi configuration and I don t really want to move them if I can avoid it