sparse-intern-71089
10/12/2020, 7:06 AMlittle-cartoon-10569
10/12/2020, 7:18 PMThis backend requires setting the environment variables AZURE_STORAGE_ACCOUNT and either AZURE_STORAGE_KEY or AZURE_STORAGE_SAS_TOKEN.For AWS:
Also see AWS Session for configuring credentials for this backend.So essentially: only the default session and credentials are used. You can configure any profile and assume any role in the main pulumi program, but the backend uses the normal SDK method of authorizing via env var creds.
wet-noon-14291
10/13/2020, 7:22 AM--secrets-provider
when I initialize the stack, and that seems to be using my logged in user. How do I use a service provider account for that? Do I need to sign in with the service principal?little-cartoon-10569
10/13/2020, 6:22 PMIf you have previously configured the AWS CLI, the same credentials will be used. These can also be overridden using the standard AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables.So that's the same as the backend provider, and different from the resource (main Pulumi project) provider.