hundreds-coat-1565706/12/2019, 2:32 PM
narrow-area-1146006/12/2019, 2:34 PM
hundreds-coat-1565706/12/2019, 2:36 PM
CLI - typically your CI/CD or deployment systems (or developer desktops). These credentials are used to talk to AWS, but never passed to Pulumi. The Pulumi console manages storage of the state file used to keep track of what resources are under management. Any secrets that may end up there (inputs or outputs to individual resources) can be fully encrypted as needed per the post @narrow-area-11460 references.
narrow-area-1146006/12/2019, 2:44 PM
hundreds-coat-1565706/12/2019, 2:45 PM
narrow-area-1146006/12/2019, 2:51 PM