gifted-gigabyte-53859
10/25/2023, 6:53 AMconfig:
section)?
Also, what's the best practice for storing credentials? E.g. I want to add AWS credentials into my pulumi project that uses ESC and Deployments, how do I do this? I could encrypt them, using pulumi config set --secret
but then these are added into the stack files. Whereas normally we'd use AWS credentials that are in our local environment (per user).gifted-gigabyte-53859
10/25/2023, 7:06 AMlimited-rainbow-51650
10/25/2023, 1:55 PMaws-login
provider to fetch short lived credentials:
https://www.pulumi.com/docs/pulumi-cloud/esc/providers/aws-login/
Access to environments can also be controlled using Pulumi Cloud's role based access. If people have access to an environment via Pulumi Cloud, they no longer need to have per user AWS credentials setup. Complement this with our new esc
CLI, and you can run any CLI tool with proper shortlived credentials.
https://www.pulumi.com/docs/esc-cli/
Let me know if you have any further questions.lemon-agent-27707
10/25/2023, 10:30 PMcd
in to a project, run pulumi up
and ESC automatically acquires short term credentials for you. It is quite magical, and more secure as you don't have to worry about copy/pasting static or long lived creds.gifted-gigabyte-53859
10/26/2023, 2:55 AM