No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hi.

I'm not sure to understand the value of having this many ssh keys. The management overhead is going to be a nightmare. Instead you could use signed SSH keys for your team and Pulumi which would greatly reduce your number of keys.

The gist is all your servers/vps know the ssh key "certificate authority" and implicitly trust a user/pulumi connection when presented with a correctly signed SSH key.

Netflix did something on this few years ago and the project is called "Bless". Users/Pulumi only get short-lived SSH keys.

it's worth pointing out at this stage: Pulumi's support for managing things at the operating system layer comes as an artifact of a mechanism called dynamic providers - these providers were not originally designed for OS management, although it is possible.

We generally recommend handing over operating system provisioning to another configuraiton management tool like puppet or ansible

thanks, appreciate your insights. lm research more on this.