This message was deleted.
# general
s
This message was deleted.
w
You can create a
new aws.secretsmanager.Secret
and then use AWS APIs on secrets manager to decrypt secrets when needed. This will manages secrets at a different level than Pulumi's config system secrets.
a
Thanks for the input. Thing is that Pulumi's config secrets aren't really secret as they are plain text env vars on the lambdas.
So having access to secretsmanager is a big win