Hi I have some code that stores API tokens in AWS SSM During

Question

Hi I have some code that stores API tokens in AWS SSM During a pulumi update I issue a call to SSM to get the secret value using `aws ssm getParameter` The response is wrapped like so `pulumi output resp apply r = gt r value ` I am seeing a weird behavior I have changed the value of my SSM parameter and pulumi is still returning the old value Even weirder is that the old value is only returned on the CI and not when I run on my local machine Any pointers on what is going on

full-dress-10026 · Answer

Working this back a bit more by ssh ing into CI I see it s returning version 1 of the parameter when there is a version 2

full-dress-10026 · Answer

Why would pulumi return a parameter version that is not the latest

full-dress-10026 · Answer

Even after deleting the version 1 parameter pulumi still returns the version 1 result exploding head There must be some sort of caching coming into play

quick-airport-30353 · Answer

dumb question why not use pulumi set config secret lt Your secret value gt

full-dress-10026 · Answer

OH I see The aws ssm getParameter call is ignoring the aws profile set in the pulumi yaml file The call is going to the wrong account