No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

tested described approach, all what I mentioned looks correct,
intermediate provider will work, but still would be grate in someone can share their experience :slightly_smiling_face:

Did you know you can specify an AWS profile for the state backend? <https://www.pulumi.com/docs/concepts/state/#aws-s3>

Similarly you can set it for the encryption provider - <https://www.pulumi.com/docs/concepts/secrets/#available-encryption-providers>

So the state and the KMS key can be in different accounts.

Cool, thanks, it will simplify the process