kind-motorcycle-43615
10/16/2023, 12:45 PMMyStack
) with AWS Resources (VPC, RDS…) in it. I can deploy these resources to AWS by running the Pulumi up command.
And also, I have a C# Pulumi Automation project too. In that Automation project, I get the Endpoint, Master username, and password from the RDS created by above mentioned project and I create a DB connection string. Using that connection string I connect to the RDS instance (with the help of System.Data.SqlClient.SqlConnection in C#) and create a new database and database user with read-only access.
Then I create a new connection string for that user. I want to store that connection string on AWS Secret Manager under the same stack (MyStack
). So, I followed the below way to do that.
var stack = await LocalWorkspace.SelectStackAsync(new LocalProgramArgs(stackName, workingDir));
var connectionString = $"Data Source={endpoint},{port};User ID={userName};Password={password};";
var program = PulumiFn.Create(async () =>
{
var secret = new Secret("MySecret", new SecretArgs
{
Name = "MySecret"
});
var secretVersion = new SecretVersion("MySecretVersion", new SecretVersionArgs
{
SecretId = secret.Id,
SecretString = connectionString
});
});
await stack.UpAsync(new UpOptions { Program = program });
But the problem is when I run stack.UpAsync() method, it deletes all previously created resources (VPC, Subnets, even RDS…) and only creates the new Secret and SecretVersion.
Is there a way to store the secret in AWS secret manager while keeping previously created resources?