https://pulumi.com logo
#general
Title
# general
a

agreeable-ram-97887

08/04/2021, 12:18 PM
is there a way to allow for
pulumi preview
on a project which requires a CipherKey (in my case, used to encrypt user passwords), but where the one invoking
preview
does not have access to the Key?
I am trying to set-up an automated CICD pipeline where my colleagues can help develop pulumi projects, and where they can see the
preview
diff in their merge/pull requests. But of course only the admins should do
pulumi up
in the end, and should be able to decrypt secret info
As far as I’m aware, the cipher key is only used to store AWS-generated security keys (which Pulumi will store, but will not use for state comparison), so having access to the Kye shouldn’t in pricipal be needed to do a
preview
🤷
3 Views