No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

is there a way to allow for `pulumi preview`  on a project which requires a CipherKey (in my case, used to encrypt user passwords), but where the one invoking `preview` does not have access to the Key?

I am trying to set-up an automated CICD pipeline where my colleagues can help develop pulumi projects, and where they can see the `preview` diff in their merge/pull requests. But of course only the admins should do `pulumi up`  in the end, and should be able to decrypt secret info

As far as I’m aware, the cipher key is only used to store AWS-generated security keys (which Pulumi will store, but will not use for state comparison), so having access to the Kye shouldn’t in pricipal be needed to do a `preview`  :shrug: