No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

You can use `pulumi.interpolate` for this use case. <https://www.pulumi.com/docs/intro/concepts/inputs-outputs/#outputs-and-strings>

something like
```pushEndpoint: pulumi.interpolate `<https://example.com/api/v2/logs?api-key=${apiKey}&amp;protocol=gcp>````

<@U025WUAUECC> Thanks!  That worked.  I have been trying this for a couple of hours and I could have sworn that I tried this method.

Does this work because the secret is decrypted  only one when the method is called versus being placed into a new string and then used later?

This works because the `pushEndpoint` property itself accepts outputs. An output can never be a plain value (string, bool, etc) but using apply (or interpolate in this case) you can construct a new output that fits your purpose.

Basically, you can only interrogate an output's underlying value in an apply, interpolate, etc.