This message was deleted.
# general
s
This message was deleted.
s
Sometimes this is necessary, but in general you want to try to avoid imperative operations whenever you can. This is really one of those things, though, where sometimes you have to in order to make things work.
l
A solution I've used on more than one occasion is to trigger a separate application based on an important change, and keep all the imperative logic in a single imperative solution. For example, we trigger our app migration app any time our Pulumi program creates a new AMI. The app does things like send API calls (to the auth service to pause logins), kick off a database migration, archives and flushes the app audit logs, restarts the auth service and starts the app in the new AMI. So we don't have to do any of those things directly from our Pulumi app.