No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Is it ok to commit Pulumi.[stackname].yaml to git when using AWS KMS for secrets encryption? It has an `encryptedkey` line in there which I’m assuming is the encryption salt which is encrypted using the kms key?

yes, that’s my understand at least. Assuming you’re using the `--secret` option when setting the config value

Yes - that’s right. This file is safe to check in as long as you are using —secret for any sensitive configuration, and it is recommended to to so for any “long-lived” stacks. 

Thanks! I guess it’s sort of covered here already: <https://www.pulumi.com/docs/intro/concepts/project/#stack-settings-file>