No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Yes, Pulumi can do this with "refresh", but `pulumi` does not refresh automatically.

You can instruct pulumi to do a refresh with `pulumi refresh` or the `--refresh` flag on the `up`, `preview`, etc. commands.

<https://www.pulumi.com/docs/reference/cli/pulumi_refresh/>

Ohhh why have I not discovered this on my own? thanks!

I could still do more for cloudformation however, like trigger a drift detection , show the drift result, and eventually rollback the drifted changes

You can run `pulumi refresh --expect-no-changes` which will return an error if drift is detected, so you can build your own scripting around that.

Also, the Pulumi Automation SDK can help make that scripting more programmatic. More on that is at <https://www.pulumi.com/blog/tag/automation-api/>.

What I meant is that pulumi won't consider a "drifted" cloudformation template as needing an update

the drift applies to *the cloudformation template's ressources*, not the template itself

so a cloudformation template will report "drift detected" in AWS console, but pulumi will consider that it doesn't need refreshing (in other words: --expect-no-changes reports no changes)

since the cloudformation ressource itself didn't change, pulumi is right (nobody changed *the template*)

but that's not as useful as it could be to a user

Ah, I see. Well... it is just _code_, so you can call the cloudformation API to do the drift detection alongside your Automation SDK code if that makes sense for your workflow.

yeah, that's probably what we'll end up doing. Or gradually switch ressources to be created by pulumi directly instead of having a middle layer of cloudformation

&gt; Or gradually switch ressources to be created by pulumi directly instead of having a middle layer of cloudformation
Highly recommend this. :joy:

(Disclaimer: I work at Pulumi. I'm biased obviously.)

My colleagues are ex-AWS so I have some legwork to do first. But since I'm a big fan of the "it's just code" aspect it should be relatively easy to show the benefits. Also, the automation API is going to be saving us a lot of time.