Channels
pulumi-ai
package-authoring
pulumi-cdk
oracle-cloud-infrastructure
learn-pulumi-events
linen
registry
built-with-pulumi
pulumi-cloud
contribex
testingtesting321
hacktoberfest
cloudengineering
yaml
pulumi-crosscode
content-share
finops
multi-language-hackathon
office-hours
workshops
blog-posts
localstack
welcome
gitlab
pulumi-kubernetes-operator
jobs
aws
pulumi-deployments
dotnet
golang
announcements
java
pulumiverse
python
install
getting-started
cloudengineering-support
testingtesting123
hackathon-03-19-2020
typescript
google-cloud
contribute
azure
kubernetes
docs
automation-api
status
general
Title
g
great-analyst-59265
09/23/2020, 9:12 AMis it possible to store the Azure client secret as an encrypted value in the Pulumi state file?
b
better-rainbow-14549
09/23/2020, 12:50 PMthere's an "additionalSecretOutputs" or something property you can apply to each resource, that should do it
👍 2
g
great-analyst-59265
09/24/2020, 2:51 PMI was using the default Azure provider "pulumi😛roviders:azure::default_3_19_0". As I understand I have to create a custom Azure provider and specify the values as Pulumi secret:
import { clientId, clientSecret, environment, subscriptionId, tenantId } from "@pulumi/azure/config";
import { interpolate, secret } from "@pulumi/pulumi";
import { Provider } from "@pulumi/azure";
export const azProvider = new Provider("az-provider", {
clientId: secret(interpolate`${clientId}`),
clientSecret: secret(interpolate`${clientSecret}`),
environment: secret(interpolate`${environment}`),
subscriptionId: secret(interpolate`${subscriptionId}`),
tenantId: secret(interpolate`${tenantId}`),
});