https://pulumi.com logo
#getting-started
Title
# getting-started
n

numerous-insurance-47628

11/12/2023, 8:33 AM
Hi all, Im using infra-secrets.enc.yaml file for storage of secretes like principal Id,db password etc. using sops mechanism with azure key vault, I have encrypted the file. How can I use it in my main.py ..to fetch the secrets in decrypted form by each component resource during deployment?
b
n

numerous-insurance-47628

11/12/2023, 8:37 AM
I have used sops for this . Can you explain me how can I approach?
b

breezy-laptop-42679

11/12/2023, 8:40 AM
You start the py code like this config = pulumi.Config() #... mongo_username = config.require("mongo_username") mongo_password = config.require_secret("mongo_password")
And use config.require(“varnams”)
n

numerous-insurance-47628

11/12/2023, 8:44 AM
Ok but I have many secrets to be stored..if all secrets stored in one pulumi.dev.yaml file it doesn't become complex ? And also I have all my variables there only
b

breezy-laptop-42679

11/12/2023, 8:48 AM
Ok you can use stacks and configuring secrets feature by pulumi take reference from here https://www.pulumi.com/blog/managing-secrets-with-pulumi/