No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

We use SSO profiles locally and role assumption in our CI (GitLab CI). We don't have any issues with the activity pollution you mention in most of our apps, however there have been a couple where we dynamically create providers and that did cause pollution in the activity due to profile changes. To remedy this we added `ignoreChanges: [‘profile’]` to the provider resource we were creating. 

Hope this helps? 

We do something similar but our solution is to do the role assumption in ~/.AWS/config profiles. So long as our ultimate profiles have the same name in both cases, our source can be used unchanged.

Thanks both! Ill try both out later on :slightly_smiling_face: