sparse-intern-71089
06/27/2019, 1:37 AMwhite-balloon-205
pulumi.secret
to ensure those values get encrypted in the state file.
See https://blog.pulumi.com/managing-secrets-with-pulumi for details on the latter. Note that this is something that goes beyond what Terraform currently supports.
We are also considering making some of this more first-class, so that you could pull configuration values directly from Secrets Managaer or other cloud secrets stores instead from Pulumi config. We’re tracking that in
https://github.com/pulumi/pulumi/issues/1547. But it should be possible to do this already manually today.