02/17/2023, 10:27 PM
Is there a way to cause a resource in pulumi to be generated each time another resource requests it? As opposed to being stored permanently I’d like it to be fresh each time it’s needed. The specific use case is the generation of a temporary authorization key for a SaaS product (tailscale). The auth key allows the target ec2 node to connect to the platform. It’s considered a one use token. I’m often recreating this ec2 instance as I make changes to it. I’d like the auth key to be generated each time the ec2 instance is recreated. As it currently stands the key is being created and stored in state, and then referenced thereafter. This key expires after 5 minutes, and I start getting errors related to using an old key.
is the specific resource I’d like to not store / recompute on each reference.
I can see how this may not be supported due to causing churn in state.


02/18/2023, 1:29 PM
you probably can utilise something from
set to e.g. current timestamp. Like, create a
resource (which will be recreated every time the timestamp of the pulumi run changes - which means every
) and have your
either be a child of that UUID or depend on it. wdyt?


02/20/2023, 9:36 PM
I'm not familiar with those two packages, but from what you describe I can see how it would work. Thanks for the suggestion! I actually ended up going a different route; though it's not necessarily what I'll stick to going forward. I ended up making the key reusable and having a longer shelf life. The prior settings had been my preferred production settings; and I was forcing myself to use them in a development context which was unnecessarily painful.