Hi,does anyone know how can I resolve value from SSM parameter in pulumi? We have bunch of secrets stored in SSM and I do not want to move them out.

If you don't want to use AWS SDK code, you can use `Parameter.get()`: https://www.pulumi.com/docs/reference/pkg/aws/ssm/parameter/#look-up

Thanks, that's what I learned myself yesterday as well, I need to try it out. One more question about

<Resource>.Get

method (I'll probably test it myself) - but I wonder how expensive it is, I mean how many times does it call AWS API or if it's just once and then the value is cached in state file or so.

Values are stored in the state file and marked read-only, so if you change them they don't show in the preview or up. I would imagine that they are fetched each time Pulumi is run.

Thanks, that's what I was after. I was curious how many times the values are fetched. It makes sense they'd be fetched once at the start and then stored.

Note that if you

get()

the same resource in multiple stacks, then the API calls will be made once per stack.

That's good to keep in mind, fortunately I do not need to call for many resources yet!