https://pulumi.com logo
#getting-started
Title
# getting-started
c

cuddly-jewelry-42389

01/14/2024, 5:42 AM
I've split my pulumi program into two parts: "base", where I create a new AWS account including a new user in our organization and "actual" where I create the resources. base has the access key ID and secret access key as output. I'm importing base as a StackReference in "actual" and want to configure the default aws provider with these credentials. Is this possible?
c

cuddly-computer-18851

01/14/2024, 6:18 AM
I'm not 100% if its possible or not, but you definitely should not pass around AWS creds like this.
c

cuddly-jewelry-42389

01/14/2024, 6:21 AM
Can you elaborate? Pulumi prides itself with secrets as a first class citizen - why not use them?
(but even if "base" would store them in a key vault from where "actual" reads them, the question remains the same: How to configure the default / implicit provider at runtime?)
s

salmon-account-74572

01/16/2024, 11:09 PM
I believe you'll need to create an explicit provider in order to do what you're seeking.