gorgeous-minister-41131
06/02/2021, 7:13 PMbillowy-army-68599
06/02/2021, 8:00 PMaws:profile
configuration key using pulumi config set aws:profile
and that becomes the default for all resources. You could then use AWS_PROFILE
as an env var for the aws_kmsbored-activity-40468
06/03/2021, 3:20 AMgorgeous-minister-41131
06/10/2021, 2:04 AMaws:profile
. It’s possible I had hit a bug, so I could give it another try. Thanks!bored-activity-40468
06/10/2021, 2:32 PMgorgeous-minister-41131
06/10/2021, 7:52 PMaws:profile
to use the default aws provider’s aws profile, and set $AWS_PROFILE
in the environment prior to invoking pulumi with a different profile that has actual access to the CMK. 👍 Thanks @billowy-army-68599. Perhaps a suggestion is a variable like aws:kms_profile
in the stack would be handy, so that users of the stack do not have to remember to always set that KMS/CMK profile for decrypting the stack contents? not sure if that’s on the roadmap…