No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Working this back a bit more by ssh'ing into CI, I see it's returning version 1 of the parameter when there is a version 2.

Why would pulumi return a parameter version that is not the latest?

Even after deleting the version 1 parameter, pulumi still returns the version 1 result :exploding_head: There must be some sort of caching coming into play...

dumb question, why not use pulumi set config --secret &lt;Your secret value&gt;?

OH, I see. The aws.ssm.getParameter call is ignoring the aws:profile set in the pulumi yaml file! The call is going to the wrong account.