No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hi. I have some code that stores API tokens in AWS SSM. During a pulumi update, I issue a call to SSM to get the secret value using `aws.ssm.getParameter`. The response is wrapped like so `pulumi.output(resp).apply(r =&gt; r.value)`. I am seeing a weird behavior. I have changed the value of my SSM parameter, and pulumi is still returning the old value. Even weirder is that the old value is only returned on the CI and not when I run on my local machine. Any pointers on what is going on?

Working this back a bit more by ssh'ing into CI, I see it's returning version 1 of the parameter when there is a version 2.

Why would pulumi return a parameter version that is not the latest?

Even after deleting the version 1 parameter, pulumi still returns the version 1 result :exploding_head: There must be some sort of caching coming into play...

dumb question, why not use pulumi set config --secret &lt;Your secret value&gt;?

OH, I see. The aws.ssm.getParameter call is ignoring the aws:profile set in the pulumi yaml file! The call is going to the wrong account.