https://pulumi.com logo
Title
c

curved-kitchen-24115

02/17/2023, 10:27 PM
Is there a way to cause a resource in pulumi to be generated each time another resource requests it? As opposed to being stored permanently I’d like it to be fresh each time it’s needed. The specific use case is the generation of a temporary authorization key for a SaaS product (tailscale). The auth key allows the target ec2 node to connect to the platform. It’s considered a one use token. I’m often recreating this ec2 instance as I make changes to it. I’d like the auth key to be generated each time the ec2 instance is recreated. As it currently stands the key is being created and stored in state, and then referenced thereafter. This key expires after 5 minutes, and I start getting errors related to using an old key.
@pulumi/tailscale/TailnetKey
is the specific resource I’d like to not store / recompute on each reference.
I can see how this may not be supported due to causing churn in state.
b

billions-xylophone-85957

02/18/2023, 1:29 PM
you probably can utilise something from
random
with
keepers
set to e.g. current timestamp. Like, create a
random.RandomUuid
resource (which will be recreated every time the timestamp of the pulumi run changes - which means every
up
) and have your
TailnetKey
either be a child of that UUID or depend on it. wdyt?
c

curved-kitchen-24115

02/20/2023, 9:36 PM
I'm not familiar with those two packages, but from what you describe I can see how it would work. Thanks for the suggestion! I actually ended up going a different route; though it's not necessarily what I'll stick to going forward. I ended up making the key reusable and having a longer shelf life. The prior settings had been my preferred production settings; and I was forcing myself to use them in a development context which was unnecessarily painful.