Hi everyone, I have a problem that happens to manage multiple environments that belong to different accounts with pulumi. I want to ask everyone. I currently have a production environment on an AWS old account. It’s half created manually and half via pulumi. I plan to deploy another staging environment in a new AWS account dedicated to the tester for testing purposes. The staging and production environments belong to the Amazon cloud but are different accounts. My goal is to best manage both environments with the same pulumi codes. I envision doing this:

For those resources manually created in the production environment, I first generate the code through

pulumi import

. Then, I use the same code but a different state to create resources, and this new state is connected to my new staging environment.

I did some tests and had the following doubts and uncertainties:

I found that these import codes contain

ARN

attributes, and

ARN

is bound to account information, but even so, most resources can still be created successfully without making any changes, except for S3 buckets, for s3 buckets, I need to modify the bucket name property.

I’m not sure that for these import codes which attributes I can modify without affecting the original prod environment, and which attributes I mustn’t modify. (I want one set of code to fit both environments)

I have no idea. Is my plan suitable, and is there a better official one?