No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

The role-based access controls of the Pulumi Console could help here - <https://www.pulumi.com/docs/intro/console/collaboration/stack-permissions/>. If you give a user READ instead of WRITE then they can see the stack details but not make any changes or destroy it.

Alternatively, you can mark resources with `protect: true` to prevent them from being destroyed - <https://www.pulumi.com/docs/intro/concepts/programming-model/#protect>. You could use a stack transformation (with `registerStackTransformation`) to mark _all_ resources as protected - <https://www.pulumi.com/docs/intro/concepts/programming-model/#protect>.

The low-tech solution is to remove the sensitive stack yaml file from source control. Keep it in a separate repo or secure doc manager.

The stack permissions is what I was looking for.  Thankyou