Hi Jonathan! Yes, if you want to do a rollback, release pipelines would be the best. To be more specific, you could use an older build artifact to create a new release. How you create the artifact is a bit more specific to how you have structured your app. To Pulumi when deploying a lambda it only knows the current state, so if you were to re-deploy an older version of your lambda, we should pick-up the diff automatically. Of course, when you have other core infrastructure updates (for example, pricing tier change for a service, scaling settings etc.) combined with lambda code changes, it’ll be a bit tricky to rollback both. You should try and create artifacts based on what sort of rollback strategy you would like to have.
Note that the Pulumi Task Extension can be used with Release Pipelines as well. Also, I am curious, when you say “lambda”, are you deploying AWS lambda functions using Az DevOps or are you referring to Az Functions.