No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

essentially we have `aws:profile` which sets the default profile used for the stack’s AWS provider, under the hood… but there’s no say, `aws:profile-secrets` or such equivalent. So unless one is able to grant permission to the KMS from the default profile utilized by a stack, or use a custom resource provider for aws _all over their code_, there’s no easy way it seems, to instruct pulumi to only say use *fooprofile* for JUST the stack secrets, but nothing else.