https://pulumi.com logo
Join Slack
Powered by
is that somehow possible to use separate AWS crede...
# general
b
is that somehow possible to use separate AWS credentials for Pulumi S3 state file access and for 'pulumi up' command? I've thought that 'pulumi login s3://...' actually logins to AWS account but it doesn't seem to be the case
in other words I expected this to work:
export AWS_PROFILE=profile1
pulumi login s3://pulumi-state
export AWS_PROFILE=profile2
pulumi up
s3 bucket is only accessible via profile1 (parent AWS account), while I want to create resources inside profile2 (a different AWS account)
w
The one way you could accomplish this today is to set the profile for your program via config instead of relying on the ambient 
AWS_PROFILE
. That's a generally good practice to isolate your programs/stacks from ambient credentials that might need to change over time for other tools (or in this case, 
pulumi login
). I believe it is not possible to specify 
AWS_PROFILE
configuration explicitly for 
pulumi login s3://
yet today.
b
to set the profile for your program via config
could you please tell me how to do that?
w
pulumi config set aws:profile profilename
See: https://pulumi.io/reference/clouds/aws/#configuration
b
from the example here https://pulumi.io/reference/clouds/aws/setup/ I've assumed that using AWS_PROFILE is the recommended way
w
Yes - it looks like the docs on that page could be improved to note that either 
AWS_PROFILE
or the 
profile
config setting can be used.
b
thanks a lot, will try to use the config settings
Open in Slack
PreviousNext
Powered by