This message was deleted.

sparse-intern-71089

05/23/2023, 12:11 PM

This message was deleted.

billowy-needle-66127

05/23/2023, 4:31 PM

Just run

pulumi stack change-secrets-provider passphrase

again and it will prompt for the current passphrase and then a new passphrase. You have to run it on every stack in the project though.

bland-address-49163

05/23/2023, 4:33 PM

Thanks! Unfortunately I don’t have that password. When playing around with that stack I didn’t save it, because I thought its only used in the config.yml. I thought just reverting that would be fine. Unfortunately it seems the salt or some kind of derived key is stored in the state stored in the pulumi backend as well

billowy-needle-66127

05/23/2023, 4:37 PM

Ah, if you don't know the current passphrase that is more difficult. If you have access to the state file (i.e. you're using the local backend or an s3/azure backend) you could potentially remove the secrets provider config from the

~/.pulumi/stacks/<stack>.json

file, but I don't know what implications that has.

bland-address-49163

05/23/2023, 4:38 PM

Unfortunately I am using the pulumi cloud backend.

bland-address-49163

05/23/2023, 4:38 PM

I mean, destroying it is just fine. I’m just curious what would be necessary if that happened with prod

181 Views

Open in Slack

Previous Next

Pulumi Community

No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.