No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

You can do local state and secrets. Our documentation and support for this is sadly not as good as for the service but improving local support is one of our goals for this quarter.

<https://www.pulumi.com/docs/reference/cli/pulumi_login/|pulumi login> has docs on how to login to use local state, either stored in a file or a s3 or other blob storage.
<https://www.pulumi.com/docs/reference/cli/pulumi_stack_init/|pulumi stack init> has docs on how to configure a stack to use other secrets providers, including just using a given password for symmetric encryption.

The main limitation with local state files currently is they don't understand "projects" so you end up having to namespace your state files by putting the project in the stack name, or having separate directories/buckets that you login to for different projects. This is _actively_ being worked on.

it is a single instance of a stack we deploy using the .com backend, so single project.

In the docs i saw passphrase as an encryption technique, but it was not explained anywhere, so i got scared :wink: