No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I am following the strategy for enforcing resource tagging (<https://www.pulumi.com/blog/automatically-enforcing-aws-resource-tagging-policies/>) and one of those tags is the git commit hash. When a resource is updated I want the tag to be updated to the current commit hash but I don’t want a new commit to cause a change to the tag of every resource. Is this possible?
I want something like a transformer that only applies when there is some other change.

what you're doing is quite unusual, what is the the real benefit of putting git commit hashes in resource tags?

It’s not that unusual. We do it for binary artifacts all the time. We used to do the same back in the days of Puppet deployments. It is for tracing back from a resource to the code that created it.