Deploy to AWS with Pulumi - IAM policies is a guessing game

New to both Pulumi and activepieces. I’m finding that I keep having to update the activepieces deployment on Pulumi to see in the error messages which permissions are missing from the Pulumi ESC role I created on AWS IAM.

I started with the AWS managed ECS full access permission, then found a couple missing EC2 actions, so added the EC2 full access permission, now just encountered that an RDS action is missing.

Maybe I’m missing something obvious, but when using the deploy with pulumi install option, I don’t see anyway to know ahead of time what permissions will be needed. Would be great if a custom AWS IAM policy could be provided that covers all the necessary permissions.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.