https://pulumi.com logo
Title
d

damp-painting-47843

11/14/2022, 2:33 PM
Does pulumi destroy use the index.ts file? I’m creating a certification validation and thinking about whether I have to guard it somehow.
Also, how do I make sure that the certificate validation isn’t created at every update? Basically, I just want the cert to be validated on create and not run any other time.
e

echoing-dinner-19531

11/14/2022, 2:52 PM
destroy
doesn't run the user program, that might change at some point in the future. If you want to make sure the cert isn't created on each update I'd suggest looking at dynamic providers: https://www.pulumi.com/docs/intro/concepts/resources/dynamic-providers/
d

damp-painting-47843

11/14/2022, 3:17 PM
I think the cert would be fine, in that it’s a resource with an associated state so it won’t be recreated. It’s the validation that concerns me. In that it’s a resource I think should be temporary, i.e. the resource should only exist as long as needed for ACM to validate the ACM) and then deleted. Is a dynamic providers the only way to do that?
e

echoing-dinner-19531

11/14/2022, 3:20 PM
even dynamic resources doesn't quite do that, I've thought about temporary resources (that is resources that only live for the duration of the deployment, or less) and there's probably some things we could do but we don't have anything to support that yet.
d

damp-painting-47843

11/14/2022, 3:22 PM
Understood. Is the general best practice when it comes to validation is to just leave the records there as evidence of previous validation?
e

echoing-dinner-19531

11/14/2022, 3:22 PM
that would probably work
d

damp-painting-47843

11/14/2022, 3:23 PM
Or, I guess just check if the certs state is valid.
If the certificate is valid no need to validate.
Oh. I can’t do that because apparently it breaks the ability to preview.