No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hey, I’m currently looking into migrating our GCP stuff over when I noticed the “everything including the secret data is stored in plain text” warning in <https://www.pulumi.com/registry/packages/gcp/api-docs/secretmanager/secretversion/|https://www.pulumi.com/registry/packages/gcp/api-docs/secretmanager/secretversion/>. What implications does that have? Is it safe to use?

This is an unfortunate quirk of the way we produce these particular docs. This provider is based on the Terraform provider, which does have this issue, as is documented here: <https://github.com/hashicorp/terraform-provider-google-beta/blob/0af9b04b0d8b2db64ea947b900b2ed76bdef465e/website/docs/r/secret_manager_secret_version.html.markdown?plain=1#L26-L28|https://github.com/hashicorp/terraform-provider-google-beta/blob/0af9b04b0d8b2db64[…]site/docs/r/secret_manager_secret_version.html.markdown?plain=1>

Because we build our docs from theirs, we inherit things like this -- but in our case, this isn't how it works; secret data is stored as cyphertext. You can verify this by creating a simple GCP project, pasting an example from the doc you linked, and exporting the state with `pulumi stack export`.

Filed this to get it corrected. Thanks for pointing it out! <https://github.com/pulumi/registry/issues/2956>