1. How to ensure secretVersion execution after secretsSync completes?


    Assuming you are using AWS Secrets Manager, you need to create and manage versions of your secret by using aws.secretsmanager.Secret to create the secret and aws.secretsmanager.SecretVersion to manage its versions. The completion of the latter implies that a new secret version is available.

    Here is a example on how to create a secret and its version in TypeScript:

    import * as pulumi from "@pulumi/pulumi"; import * as aws from "@pulumi/aws"; // Create a new secret const mySecret = new aws.secretsmanager.Secret("mySecret", {}); // Create a new version of the secret const secretVersion = new aws.secretsmanager.SecretVersion("secretVersion", { secretId: mySecret.id, secretString: "mySecretString", });

    In the code above:

    1. We first create an AWS Secrets Manager secret named mySecret using aws.secretsmanager.Secret.
    2. Then, we create a new version of this secret using aws.secretsmanager.SecretVersion, we pass mySecret.id to secretId property which indicates the secret we want to add a new version to, and we also provide the secret string mySecretString that represents the value of this version of the secret.

    This will ensure that your aws.secretsmanager.SecretVersion execution (or creation in this context) happens after the creation of your aws.secretsmanager.Secret resource completes, hence implying that your secretsSync (which I assumed to be the aws.secretsmanager.Secret resource creation) has completed.

    You can refer to aws.secretsmanager.Secret and aws.secretsmanager.SecretVersion documentation for more details.