No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

$Env:ARM_SUBSCRIPTION_ID = $subscriptionId
$Env:ARM_TENANT_ID = $tenantId;
$Env:ARM_CLIENT_ID = $pulumiClientId;
$Env:ARM_CLIENT_SECRET = $pulumiPassword;
$Env:PULUMI_CONFIG_PASSPHRASE = $pulumiConfigPassword;

Also the Config Passphrase seems only for  Secrets I created, not for secrets which set on the azure resources. I found cleartext Azure SQL Admin Passoword, and cleartext connectionnStrings to Blob Storage.

yeah sorry ignore hte last line i meant to just spam the ARM_ ones which control how terraform interacts with the azure api

we've had the same issue with secrets going into state and came to the same conclusion that it was better secured on our own terms