Hi there! I've been studying Pulumi for my company...
# general
h
Hi there! I've been studying Pulumi for my company for a couple of weeks now. I have a security question concerning the encryptionsalt when using the passphrase secret provider. ➡️ Is it safe to commit the encryptionsalt? I read a couple of articles and I think I kinda understood the concept of salt in cryptography. But if I understood correctly, concerning Pulumi there is only one salt generated per password? If so, doesn't it negate the benefit of using salt if it's committed to the config file? I would be happy to discuss this to understand it better 🙂 thanks!
b
It is safe to commit the encryption salt 🙂
a
Can I provide the encryption salt from outside of the yaml file?