No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

`get_caller_identity`  has an optional `opts`  param, I believe you can explicitly set the provider there

actually do you want to do anything in the `ci-cd` account?
Or should all actions/calls be performed in the `target` account?

In my case, all actions should be performed in the `target` account. I’d just like to have the build machine in `ci-cd` to use `AssumeRole` to assume a cross-account admin role in the `target` account.

And then, I’d like to be able to resolve the `target` account ID in code.

`AssumeRole` is all taken care of in the CD tool itself. Once Pulumi build starts running, I don’t need any context switching.

well if `pulumi_aws.get_caller_identity().account_id` is returning the `ci-cd` account id then I think the assume role might not be working?

might want to try setting the pulumi aws `assumeRole` setting: <https://www.pulumi.com/registry/packages/aws/installation-configuration/>

Let me confirm it’s working as I understand it. Thanks for feedback.

I’ve confirmed it was indeed an issue with `AssumeRole` in the CD tool. Using the `aws:assumeRole` config settings worked like a charm. Thanks!