No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I've been playing with the client VPN stuff, and it seems like the features aren't really flushed out. You can create a client vpn, and associate it with a subnet, but you can't assign the security groups, manage the routes, or the authorization. Does that sound right? If so, it's better than nothing, but could be better.

Does it make sense to do a ticket for something like that, or is this a "wait for upstream to have better support"

or is there a way to do arbitrary aws cli commands for gaps?

&gt; Does it make sense to do a ticket for something like that, or is this a "wait for upstream to have better support"

In general, things like this would need to be addressed up-stream.  We're happy to help drive visibility and potentially contribute to PRs - but I'd suggest first making sure there are tracking issues opened in the upstream repos.

&gt; or is there a way to do arbitrary aws cli commands for gaps?

Does CloudFormation have sufficient support?  <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnendpoint.html>

If so, you can use <https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/cloudformation/#Stack> to deploy a single (or couple) resources using CloudFormation from within Pulumi.

Else - you can also build a dynamic provider that wraps calls to `aws` calls for the CRUD operations.   This is a little more work for sure - but possible and very flexible.  <https://github.com/pulumi/examples/blob/master/azure-ts-dynamicresource/cdnCustomDomain.ts> is a complete example of this sort of thing.

All of that is spectacular information. Thank you!