This message was deleted.
# general
s
This message was deleted.
p
FWIW, I did a cursory search of the
@pulumi/pulumi
github issues for something like this, but didn’t find anything that quite matched my issue.
l
The usual (and Pulumi-supported) way of doing this would be to assume a role that does allow deleting everything, and adding the protect opt to all resources.
Then to destroy a stack, you need to remove all protect opts,
pulumi up
,
pulumi destroy
. The protection is there almost all the time, and "easily" removed when needed.
If you change the provider (which is what changing the assumeRole propery does, kinda), then you have to expect things like removing all resources with the 1st (version of the) provider, and adding them all again with the 2nd (version of the) provider, in order to destroy the stack. Which is absolutely not what you want.
g
Paul's suggestion is a good one, but we should have a github issue tracking this too. @prehistoric-london-9917 would you mind opening one?
p
Sure @gentle-diamond-70147: I’ll open one.
Is
pulumi/pulumi
the right repo? Or should it be
pulumi/aws
since this (afaik) is provider specific?
l
I'd go with pulumi/aws.
👍 1
p