No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

It's the _result_ property, which is a secret output. You can pass it to another Pulumi resource that requires an input. If you want to see it on the command like, you export it in the normal way, then call `pulumi stack --show-secrets`

ah that flag is what I didn't know thanks

The Pulumi app / service? Don't know, never tried :thinking_face:

Yeah the hosted pulumi app/service, in there now and it doesn't seem so

<@U032UPNB1T8> it can’t - the Service doesn’t have access to your encryption keys that the secret is encrypted with.

<@U0220CGL4P5> hm, I never setup encryption keys––where would those be coming from?

CleanShot 2022-02-14 at 17.29.50@2x.png

You've got the default one based on your login then.

my login to... pulumi? Or is this AWS based?

You can set up an explicit secrets provider at the project level, but the default is to use the Pulumi backend, the Service.

Login to Pulumi - the Pulumi service is your encryption provider.

I'm logged in

```❯ p login
Logged in to <http://pulumi.com|pulumi.com> as jasonkuhrt (<https://app.pulumi.com/jasonkuhrt>)```

How is this supposed to work in a team setting?

Generally you should use an organization. The secret manager can be at that level.

Stacks are per account, so using a personal account for deploying makes things very hard to managed in a team context.

<https://www.pulumi.com/docs/intro/concepts/secrets/>

Ok, I am using an org (trial) already so that's one step

so everyone that has access to the org can work with the secrets IIUC?