https://pulumi.com logo
#general
Title
# general
m

many-spring-73557

07/12/2022, 6:15 PM
I want to make sure that we’re running commands on a stack against the correct AWS account. My first approach is to use
aws.getCallerIdentity({})
to get the accountId and compare it, but that’s not possible:
Copy code
const accountId = await aws.getCallerIdentity({}).then(current => current.accountId);

if((pulumi.getStack() == "prod" && accountId != "512302493601") || (pulumi.getStack() != "prod" && accountId != "497659568814")) {
  process.exit(1);
}
(
await
can only be used against an async function). I also tried
await aws.getCallerIdentity({})
and got the same result. Any suggestions? I want to add a little safeguard so we don’t inadvertently run stack commands against the wrong account.
f

flat-laptop-90489

07/12/2022, 6:27 PM
AWS provider option include an allowed and blocked list of account IDs
m

many-spring-73557

07/12/2022, 6:32 PM
awesome, this does the trick:
Copy code
config:
  aws:allowed_account_ids:
    - 512302493601
thank you so much!
f

flat-laptop-90489

07/12/2022, 6:33 PM
👍
3 Views