No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hi everyone!

 In my solution I have 2 stacks, *shared* and *compute*, compute depended on shared one.
 Shared one create NSG group in Azure and compute one adds some rules in NSG that was created by shared stack.

The problem is that if I try to run pulumi up on shared stack it will remove NSG rules that were defined by compute stack. Does Pulumi have some mechanism that I can use to mark some resources as created by other stack, so shared doesn’t delete those resources?

For the shared NSG, are you using the `SecurityRule` resource, or the `securityRules` input on the NSG itself?

In shared stack I am creating `NetworkSecurityGroup` and inside of it I am specifying list of `SecurityRuleArgs` that relevant at that point in time. In compute stack I am creating `SecurityRule` with reference to NSQ that was created in Shared stack.

If I get you correctly you suggest separate creating NSQ and rules for it in shared stack?

just needs a change in the `shared` stack so that instead of using `SecurityRuleArgs` inline, you specify them the same way as your `compute` stack with `SecurityRule` resources.

Specifying them inline makes it "authoritative", so clobbers any rules specified externally

That make sense, thank you for nice advice:+1: