gifted-gigabyte-5385911/14/2023, 2:54 AM
gifted-gigabyte-5385911/15/2023, 5:13 AM
lemon-agent-2770711/16/2023, 12:57 AM
gifted-gigabyte-5385911/16/2023, 3:34 AM
file daily. And sharing account access between colleagues.
• Also, the issue of safely and securely granting pulumi access to the account in CI/CD. I don't like creating a service IAM account and creating a long-lived secret key.
I'm hoping that using ESC, I can use Pulumi in CI/CD with temporary credentials.
As a side benefit, I'm hoping to use ESC with the 'esc run' feature to quickly switch between environments, and avoid needing to save multiple credentials for multiple AWS accounts on my workstation. but still getting my head around how to do that.
Really cool tool
One thing we'll have to work out is how to properly delegate access to and in pulumi now since being a member of our Pulumi org basically gives open access to any AWS account we have...
james.tuson@MAC app % esc run shopify-dev -- aws s3 ls
2023-11-30 11:07:19 apiapp-xx
2023-11-30 14:13:55 apiapp-xx
2023-11-17 12:30:50 apifrontend-xx
2023-11-16 12:35:47 frontend-app-xxx
lemon-agent-2770712/01/2023, 5:32 AM