Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
a
able-island-19908
10/15/2021, 11:35 PMIs there a best-practice on how to determine the required permissions on the cloud provider provisioning account used by Pulumi?
e.g. I'm working through the AWS tutorial examples, and I'm finding myself guessing at the required permissions -- editing permissions on the service account as tasks fail.
I'm new to Pulumi, so I may be missing something obvious.
b
billowy-army-68599
10/16/2021, 2:23 AMiamlive works well with Pulumi:
https://github.com/iann0036/iamlive
a
able-island-19908
10/18/2021, 7:47 PMThis looks perfect!
I am able to run iamlive, in proxy mode, and capture permissions for AWS CLI commands. But the Pulumi command is throwing an error about the x509 cert being signed by an unknown authority.
This makes sense, since I'm MITM'ing myself. But is there an easy work-around?
Just found the solution.
iamlive~/.iamlive