Officialv1.0.03 scenarios
Pulumi
Pulumi stack guidance for aliasing, protection, and stateful replacement risks.
deploywhisper skill install pulumi
How to use this skill
1. Install it locally
Use the install command above from any DeployWhisper app checkout that has the installer enabled.
2. Run analysis on matching artifacts
This skill activates when files or content patterns below are detected during analysis.
3. Verify behavior
Published registry data currently includes 3 deterministic scenarios for this skill.
Metadata
Author
DeployWhisper
Version
1.0.0
License
MIT
Scenarios
3
Tags
Triggers
- Pulumi.yaml
- Pulumi.dev.yaml
- Pulumi.prod.yaml
Content patterns
- pulumi config
- @pulumi/
Guidance excerpt
Critical risk patterns
- Resource renames without aliases force replacements and can recreate live infrastructure unexpectedly = HIGH
- Turning `protect` off on databases, buckets, or queues removes a key deletion backstop = HIGH
- Promoting secret config into plain-text stack values leaks sensitive data into state and logs = CRITICAL
- Preview output can miss provider-computed replacements, so review replacement plans conservatively = MEDIUM
Review cues
- Look for alias coverage, stack-secret handling, and protection changes before approving Pulumi updates.
- Prefer deterministic roll-forward or rollback steps over hand-wavy remediation notes.