No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hi, All.  Hopefully Quick Question:

Can one use a single Pulumi yaml file to store a shared secret across multiple stacks?  Or does the secret need to be defined in each stack yaml file?

Use an environment defined in pulumi cloud. 

Then you can import the environment into stacks 

You cannot use Pulumi.yaml for this, it doesn't support secrets (and it would be hard to get it to, since Pulumi-managed secrets are encrypted with a stack-specific key).
If Pulumi ESC isn't suitable for you, you can use any encryption library your chosen language supports, and store the encrypted value in a local file. However it's probably worth taking advantage of a vault of some kind so that the secret is available from any machine but not stored in your git repo (even encrypted).