No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Does anyone have any tips or tools on how to properly determine the permissions required to deploy a Pulumi stack? I’ve been using full admin when deploying just because it’s guaranteed to work, but it feels like it violates the principle of least privilege.

Obviously Pulumi needs the ability to create resources of (potentially) any type, and delete resources which it created. But it would be nice to find a role that prevented it from doing other potentially nefarious things, like destroying backups or logs.