I’m having a new issue when running my Github Actions with Pulumi (Image Attached) I haven’t seen this before. Do I need to configure my Deployment in Pulumi UI to include ENVs for AWS? The Github Action was working fine just yesterday without these variables
06/10/2023, 9:20 PM
Yes, Pulumi Deployments can read credentials from two sources (both within deployment settings):
1. You can put credentials in environment variables and mark them as secret
2. You can configure OIDC for AWS https://www.pulumi.com/docs/pulumi-cloud/deployments/oidc/aws/
I'd definitely recommend (2). It's what we do internally for all of our Deployments at Pulumi. Only takes ~15 minutes to set up the first time within AWS and then all of your deployments can use temporary, scoped credentials. Definitely a security best practice.
Thank you! This is very helpful. I’m a Co-Founder of a startup and I need to spin up/down many AWS environments for out testing and Pulumi has made it a breeze. Once we get some more paying customers looking forward to upgrading to a Pulumi license of some sort (I still need to take a closer look at the offering)
06/10/2023, 10:26 PM
Sounds like a great use case for pulumi and pulumi deployments. Keep an eye out, we have a feature coming soon that will enable you to automatically spin up new environments when you open a PR - might be useful for testing/development scenarios like yours.
As for the pricing, we have a free startup offer that gives you access to the core features of the Pulumi Cloud. You can email firstname.lastname@example.org or I can put you in touch with someone directly if you’re ever interested in getting set up with that.