abundant-dawn-11116
02/09/2023, 4:29 PMforbiddenAccountIds
work any differently?billowy-army-68599
02/09/2023, 4:48 PMabundant-dawn-11116
02/09/2023, 4:49 PMconfig:
aws:allowedAccountIds:
- XXXXXXXXXXX
to only allow deploys to the correct account.billowy-army-68599
02/09/2023, 4:50 PMabundant-dawn-11116
02/10/2023, 6:16 PMproviderByRegion[region] = new Pulumi.Aws.Provider($"aws-{region.Id()}", new Pulumi.Aws.ProviderArgs { Region = region.SystemName }, new CustomResourceOptions().WithAliases(new() { new Alias { Name = $"aws-{region.SystemName}" } }));
customOptionsByRegion[region] = new CustomResourceOptions() { Provider = providerByRegion[region], Parent = providerByRegion[region] };
vpcByRegion[region] = new Vpc($"{region.Id()}-vpc", new()
{
CidrBlock = CidrBlock.Cidr(),
EnableDnsHostnames = true,
EnableDnsSupport = true,
}, customOptionsByRegion[region]);
billowy-army-68599
02/10/2023, 8:24 PMabundant-dawn-11116
02/10/2023, 8:55 PMconfig:
aws:allowedAccountIds:
- XXXXXXXXXXX
aws-use1:allowedAccountIds:
- XXXXXXXXXXX
aws-euc1:allowedAccountIds:
- XXXXXXXXXXX
aws
alias? If I did that, would they all reference the same accounts in aws:allowedAccountIds
?providerByRegion[region] = new Pulumi.Aws.Provider($"aws-{region.Id()}", new Pulumi.Aws.ProviderArgs { Region = region.SystemName }, new CustomResourceOptions().WithAliases(new() { new Alias { Name = $"aws-{region.SystemName}" }, new Alias { Name = "aws" } }));
billowy-army-68599
02/10/2023, 10:14 PMabundant-dawn-11116
02/12/2023, 4:23 PMallowedAccountIds
setting directly to the provider?billowy-army-68599
02/12/2023, 4:26 PMPulumi.Aws.ProviderArgs
?
Another ProviderArg is allowedAccountIds
providerByRegion[region] = new Pulumi.Aws.Provider($"aws-{region.Id()}", new Pulumi.Aws.ProviderArgs { AllowedAccountIds = [ "11111111" ], Region = region.SystemName }, new CustomResourceOptions().WithAliases(new() { new Alias { Name = $"aws-{region.SystemName}" }, new Alias { Name = "aws" } }));
abundant-dawn-11116
02/12/2023, 4:33 PMvar config = new Pulumi.Config("aws");
var allowedAccountIds = config.RequireObject<List<string>>("allowedAccountIds");
providerByRegion[region] = new Pulumi.Aws.Provider($"aws-{region.Id()}", new Pulumi.Aws.ProviderArgs { AllowedAccountIds = allowedAccountIds, Region = region.SystemName }, new CustomResourceOptions().WithAliases(new() { new Alias { Name = $"aws-{region.SystemName}" } }));
billowy-army-68599
02/12/2023, 4:34 PMabundant-dawn-11116
02/12/2023, 4:35 PM