https://pulumi.com logo
Title
h

happy-pencil-75222

05/16/2023, 11:40 AM
Hi there! I've been studying Pulumi for my company for a couple of weeks now. I have a security question concerning the encryptionsalt when using the passphrase secret provider. ➡️ Is it safe to commit the encryptionsalt? I read a couple of articles and I think I kinda understood the concept of salt in cryptography. But if I understood correctly, concerning Pulumi there is only one salt generated per password? If so, doesn't it negate the benefit of using salt if it's committed to the config file? I would be happy to discuss this to understand it better 🙂 thanks!
b

billowy-army-68599

05/16/2023, 2:47 PM
It is safe to commit the encryption salt 🙂
a

able-camera-57198

05/25/2023, 12:38 PM
Can I provide the encryption salt from outside of the yaml file?