I’d like to see more best practices docs. One item I just bumped into - we export whole pulumi objects from each stack for convenience when reviewing what the config is/was in the pulumi console. Is this a bad practice? security concern?

Have the same question.

the fact that this info shows up in our

ci

logs during a sanity check phase

pulumi preview --diff

as well as our ci’s deploy console makes it an attack vector - if it is a security concern