This message was deleted.
# general
s
This message was deleted.
m
In the
opts
for the resource declaration:
Copy code
{ additionalSecretOutputs: ["secretString"] },
b
Oh thanks for your answer.
But it didn't work : Pulumi code :
Copy code
aws.secretsmanager.SecretVersion(
f"aws_secretversion_{secret_name}",
secret_id=secret.id,            secret_string=json.dumps(secret_value),             opts=ResourceOptions(additional_secret_outputs=["secretString"]))
(I've tried with "secret_string" instead of secretString, same situation) Pulumi preview :
Copy code
aws:secretsmanager/secretVersion:SecretVersion: (create)
        [urn=urn:pulumi:dev::snowflake::aws:secretsmanager/secretVersion:SecretVersion::aws_secretversion_snowflake/user/dev_usr_finops_api]
        [provider=urn:pulumi:dev::snowflake::pulumi:providers:aws::default_4_38_1::04da6b54-80e4-46f7-96ec-b56ff0331ba9]
        secretId    : output<string>
        secretString: (json) {
            password         : "3BY,&LwsG__\\=)0/MUch[Te=J)zh[5"
            username         : "TEST"
        }
Am i missing something ?
e
That looks like a bug, can you raise an issue at github.com/pulumi/pulumi so we can track that? Setting additional secret outputs should be sufficient to get that masked as [secret]
👍 1
b
Thanks @echoing-dinner-19531, I opened an issue : https://github.com/pulumi/pulumi/issues/9581