https://pulumi.com logo
Title
t

thankful-coat-47937

03/17/2022, 5:45 PM
hi all, is there a list of permissions
pulumi preview
requires in various cloud providers? use case is running
pulumi preview
on feature branches but not having the env have "full admin" to execute the actual changes
e

echoing-dinner-19531

03/17/2022, 5:55 PM
It depends on the provider. Many don't really do network operations on preview so they just need an account for initial configuration to pass.
t

thankful-coat-47937

03/17/2022, 6:02 PM
oh interesting - what about for AWS?
i am basically following the example here https://www.pulumi.com/docs/guides/continuous-delivery/gitlab-ci/ but you can see it has a "preview" branch that only runs on merge requests, which is what I'm guessing how "preview" is supposed to be used
e

echoing-dinner-19531

03/17/2022, 6:23 PM
aws-native or aws?
aws-native doesn't do cloud operations during preview. So I think it will just do an account existence check at configure time. aws depends on what terraform does, which I don't think it does any cloud operations but haven't checked. Most of preview is just diffing based on the values of things in the state file.
t

thankful-coat-47937

03/17/2022, 6:45 PM
ok let me give it a shot
i'm using crosswalk here, not sure if that's aws-native or aws
e

echoing-dinner-19531

03/17/2022, 9:26 PM
I think that's aws