No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

<@U022EUAS93M> if you init a stack using
`pulumi stack init --secrets-provider="<gcpkms://projects/>&lt;p&gt;/locations/&lt;l&gt;/keyRings/&lt;r&gt;/cryptoKeys/&lt;k&gt;"`

then set the config value using `pulumi config set --secret` it'll set the value in your stack config

and it'll be encrypted, so you can check it in

Ah. Indeed. I can encrypt a value with pulumi without granting permissions to the cloud Pulumi stack (even with a local stack) and then just copy the encrypted value to another file. Just tested that. Works fine. Thanks!