No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

when i read a pulumi config, that is an object, an some key, is a secret:
Is there a way to know or differentiate the secret?

ie:

```pulumi.stack.yml
config:
  proj:data:
    services:
      foo: bar
      priv:
        secure: AAABAB+T(...)sEmx8=

__main__.py
import pulumi

conf = pulumi_config.require_object("data")```
This conf, is a dict, but pulumi correctly recognizes that inside there is a secret. if i print it shows:
`{'foo': 'bar', 'priv': '[secret]'}`

So i want to iterate over this dic, and do something on the secrets, but i'm not sure how to know. python thinks it is a str.

```print(conf["services"]["priv"])
print(type(conf["services"]["priv"]))

[secret]
&lt;class 'str'&gt;```

Can you try `require_secret_object`? <https://www.pulumi.com/docs/reference/pkg/python/pulumi/#pulumi.Config.require_secret_object:~:text=require_secret_object(key%3A%20str)%20%E2%86%92%20pulumi.output.Output%5BAny%5D|Link>

I noticed that, and i can require the whole `conf`  as a secret object. But if i do that, i cant iterate over it, and all keys say true to `.is_secret()`

Hmm yeah something here doesn’t look right. Can you open up an issue summarizing what you’re seeing with a repro? 