gifted-gigabyte-5385910/25/2023, 6:53 AM
Also, what's the best practice for storing credentials? E.g. I want to add AWS credentials into my pulumi project that uses ESC and Deployments, how do I do this? I could encrypt them, using
but then these are added into the stack files. Whereas normally we'd use AWS credentials that are in our local environment (per user).
pulumi config set --secret
limited-rainbow-5165010/25/2023, 1:55 PM
provider to fetch short lived credentials:
Access to environments can also be controlled using Pulumi Cloud's role based access. If people have access to an environment via Pulumi Cloud, they no longer need to have per user AWS credentials setup. Complement this with our new
CLI, and you can run any CLI tool with proper shortlived credentials.
Let me know if you have any further questions.
lemon-agent-2770710/25/2023, 10:30 PM
in to a project, run
and ESC automatically acquires short term credentials for you. It is quite magical, and more secure as you don't have to worry about copy/pasting static or long lived creds.
gifted-gigabyte-5385910/26/2023, 2:55 AM