No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

You can use the autotag that Joe Duffy published, and change it to set the `protect` opt to true in prod.

Or you can change the privileges on the role that you assume to deploy prod, but that would be pretty tricky to get right.. you would want it to be able to delete some things (e.g. security group rules) and not other things (e.g. RDS instances).