https://pulumi.com logo
Powered by
Title
a

agreeable-ram-97887

08/04/2021, 12:18 PM
is there a way to allow for 
pulumi preview
on a project which requires a CipherKey (in my case, used to encrypt user passwords), but where the one invoking 
preview
does not have access to the Key?
I am trying to set-up an automated CICD pipeline where my colleagues can help develop pulumi projects, and where they can see the 
preview
diff in their merge/pull requests. But of course only the admins should do 
pulumi up
in the end, and should be able to decrypt secret info
As far as I’m aware, the cipher key is only used to store AWS-generated security keys (which Pulumi will store, but will not use for state comparison), so having access to the Kye shouldn’t in pricipal be needed to do a 
preview
🤷
3 Views
#generalJoin Slack
Powered by