No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

what’s the use case for this? doesn’t pulumi already encrypt the outputs of <https://www.pulumi.com/registry/packages/tls/api-docs/privatekey/>?

Hello <@U03GWP93ZD1>. The output is more generally encrypted for the sake of obfuscation when using the outputs. The use-case here is a cert-manager controller that uses the key as a registration authority, and by design is using an encrypted RSA key protected by a passphrase. This would be a resource such as `PrivateKey` with an additional argument of `passphrase` is what I would expect, but that does not seem to be implemented.

This means the controller is expecting the Certificate PEM, encrypted RSA key PEM, and passphrase for decrypting the RSA.