No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hi all, Im using infra-secrets.enc.yaml file for storage of secretes like principal Id,db password etc. using sops mechanism with azure key vault, I have encrypted the file. How can I use it in my main.py ..to fetch the secrets in decrypted form by each component resource during deployment?

<https://www.pulumi.com/learn/building-with-pulumi/secrets/|https://www.pulumi.com/learn/building-with-pulumi/secrets/>

I have used sops for this . Can you explain me how can I approach?

You start the py code like this config = pulumi.Config()
#...

mongo_username = config.require("mongo_username")
mongo_password = config.require_secret("mongo_password")

Ok but I have many secrets to be stored..if all secrets stored in one pulumi.dev.yaml file it doesn't become complex ? And also I have all my variables there only

Ok you can use stacks and configuring secrets feature by pulumi take reference from here <https://www.pulumi.com/blog/managing-secrets-with-pulumi/|https://www.pulumi.com/blog/managing-secrets-with-pulumi/>