No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

hello, I can't configure secrets provider Google KMS, it keeps saying
```Sorry, could not create stack 'dev': secrets (code=PermissionDenied): rpc error: code = PermissionDenied desc = Permission 'cloudkms.cryptoKeyVersions.useToEncrypt' denied on resource 'projects/&lt;proj&gt;/locations/us-central1/keyRings/&lt;keyring&gt;/cryptoKeys/&lt;key&gt;' (or it may not exist).```
I verified that access is OK, I can encrypt/decrypt with gcloud cli

Solved the issue. It's needed to set "Application Default Credentials" per <https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login> . Gcloud SDK cli uses different auth approach, that's why I was able to encrypt/decrypt with `gcloud kms ...`