This message was deleted.
# aws
s
This message was deleted.
b
or maybe even have it just be centralized config pulled in via the devops process? with an injector from SSM Parameter Store? Looks promising https://github.com/marketplace/actions/aws-parameter-store-injector
s
So you want global defaults and per-stack overrides?
l
You are not required to use Pulumi config for config. If you want global config, you can do that in the normal way for your toolchain and language.
You can use Pulumi config for the stack-specific stuff, and a different config tool for the global stuff.
Given that this is infrastructure, I find that 99% of global config should be hard-coded, and the remaining bits should go in a vault or vault-like container. For example, I find SSM parameters suit many of my use cases.
☝️ 1
b
I think what i was trying to verbalize is somewhat related to this thread (though not nearly as hostile as the OP, what in the world) https://pulumi-community.slack.com/archives/C84L4E3N1/p1663359958645139 I really like SSM Parameter Store implementation and I think it is exactly what we need after using it a few days. It was less of an explicit pulumi question i guess, more of a general thing, but i’ve found some pretty unique ways of thinking about infrastructure and solving problems through the pulumi community and docs that I previously wasn’t aware of. so figured i’d see what everybody here was doing for it thanks yall! appreciate it!
👍 1
s
Yeah, all IaC shares this problem. We should consider a blog post on it if one does not already exist.
👍 1