I m looking for a way for developers to add secrets to a sta

Question

I m looking for a way for developers to add secrets to a stack config file e g Pulumi foo yaml without having access to the state `pulumi config set` requires that you be logged in and while you can do a local login that makes it unaware of which stacks exist so it prompts you to create the stack Is there any way to reduce this operational overhead and just have a file based approach

white-balloon-205 · Answer

The default secrets provider uses the Pulumi service and thus you must be logged in to the Pulumi service to add encrypted secrets But you can use another secrets provider if you want with different credentials like KMS Vault etc See <https www pulumi com docs intro concepts config configuring secrets encryption|https www pulumi com docs intro concepts config configuring secrets encryption>