# aws


10/16/2023, 12:45 PM
Hi all đź‘‹ I have a Pulumi C# project that has a stack (
) with AWS Resources (VPC, RDS…) in it. I can deploy these resources to AWS by running the Pulumi up command. And also, I have a C# Pulumi Automation project too. In that Automation project, I get the Endpoint, Master username, and password from the RDS created by above mentioned project and I create a DB connection string. Using that connection string I connect to the RDS instance (with the help of System.Data.SqlClient.SqlConnection in C#) and create a new database and database user with read-only access. Then I create a new connection string for that user. I want to store that connection string on AWS Secret Manager under the same stack (
). So, I followed the below way to do that.
Copy code
var stack = await LocalWorkspace.SelectStackAsync(new LocalProgramArgs(stackName, workingDir));
var connectionString = $"Data Source={endpoint},{port};User ID={userName};Password={password};";

var program = PulumiFn.Create(async () =>
    var secret = new Secret("MySecret", new SecretArgs
        Name = "MySecret"
    var secretVersion = new SecretVersion("MySecretVersion", new SecretVersionArgs
        SecretId = secret.Id,
        SecretString = connectionString

await stack.UpAsync(new UpOptions { Program = program });
But the problem is when I run stack.UpAsync() method, it deletes all previously created resources (VPC, Subnets, even RDS…) and only creates the new Secret and SecretVersion. Is there a way to store the secret in AWS secret manager while keeping previously created resources?