No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hi all, has anyone used Pulumi to setup an AWS account vending machine? i.e. an automated way for teams to create and manage AWS accounts themselves for the components they own
I've had a quick look at AWS Control Tower, and org-formation, but I'd prefer to do this with Pulumi

i haven't seen this so far, but it should be possible, as it's been done with terraform

one thing I will say is that the AWS Org deletion API doesn't work very well with IaC, so spinning things up should be easy, tearing them down is another thing..

yeah, I think org-formation doesn't actually support deleting, which maybe makes sense in terms of wanting to be more careful with it

for a fun read on that topic, check out <https://onecloudplease.com/blog/automating-aws-account-deletion>

Wow :see_no_evil: didn't realise it was so complicated to do it the manual way, and slightly scary that you can actually automate those things

not doing full creation of the account via pulumi, but doing a lot of foundational stuff after creation (like adding cross account roles from a pipeline account, standing up privileged gitlab runners, granting users access