This message was deleted.
# general
s
This message was deleted.
1
w
You can do this today by using the AWS SDK to read secrets, then using
pulumi.secret
to ensure those values get encrypted in the state file. See https://blog.pulumi.com/managing-secrets-with-pulumi for details on the latter. Note that this is something that goes beyond what Terraform currently supports. We are also considering making some of this more first-class, so that you could pull configuration values directly from Secrets Managaer or other cloud secrets stores instead from Pulumi config. We’re tracking that in https://github.com/pulumi/pulumi/issues/1547. But it should be possible to do this already manually today.