https://pulumi.com logo
#general
Title
# general
l

late-journalist-61387

09/22/2023, 11:23 AM
I have a problem with AWS Secret manager secret, the problem is that when I do
pulumi down,
it will delete the secret, however in reality, it will not delete as Amazon schedule that for delete in 7 days, Now, the next time, I want to do
pulumi up
, I got this error:
Copy code
creating Secrets Manager Secret: ResourceExistsException: The operation failed because the secret *******  already exists.
what is the best solution, I do not want to use the random prefex for secret name, i want to make it static name
s

straight-cartoon-24485

09/22/2023, 11:36 AM
perhaps a dumb idea: try
pulumi up --refresh
on your subsequent update? and another equally bad idea: https://www.pulumi.com/docs/concepts/resources/dynamic-providers/ 🙂 to help you craft the logic around your underlying conditions that Pulumi isn't aware of
l

late-journalist-61387

09/22/2023, 11:37 AM
Also I do not wan to use recoveryWindowInDays: 0 as it is unsafe
I have used the
pulumi up --refresh
but not working
d

dry-keyboard-94795

09/22/2023, 11:48 AM
Is it going to be a common occurrence where a secret gets deleted, or just a side effect of refactoring? Probably best to clean it up by hand through the console/cli
l

late-journalist-61387

09/22/2023, 11:53 AM
now, it is common as by default the AWS secret go to schedule mode for 7 days, however I got an idea : check if the secret exist before, use that, otherwise create a new one> however I do not know how can I check if that Item exists before in typescript I am using the getSecretOutput with such secret name, but how can I check if that ix exist. here is the sample code https://gist.github.com/atazangene/f026e187ed163079fcfd1c0ee17e8c7e
but I do not think this way is good
d

dry-keyboard-94795

09/22/2023, 11:54 AM
are you expecting the secret to be deleted at some point?
l

late-journalist-61387

09/22/2023, 11:54 AM
no, I expect it will not delete
d

dry-keyboard-94795

09/22/2023, 11:54 AM
then there's no real need to try and handle it 🙂
l

late-journalist-61387

09/22/2023, 11:55 AM
so I should use
protect
option to avoid delete on
pulumi down
?
d

dry-keyboard-94795

09/22/2023, 11:58 AM
you're doing
pulumi down
then
pulumi up
; for infrastructure testing?
l

late-journalist-61387

09/22/2023, 11:59 AM
yes, exactly
d

dry-keyboard-94795

09/22/2023, 11:59 AM
Then you probably want to set the recovery window to 0, as you don't care about the secret. You can make it conditional for your UAT stack
l

late-journalist-61387

09/22/2023, 12:01 PM
perfect, I see
Thank you
59 Views