HI team, I need some help with the below issue:

➜   pulumi stack init test --secrets-provider="<gcpkms://projects/****/locations/global/keyRings/********/cryptoKeys/*****>"
Created stack 'test'
error: secrets (code=PermissionDenied): rpc error: code = PermissionDenied desc = Permission 'cloudkms.cryptoKeyVersions.useToEncrypt' denied on resource 'projects/prj-83923-s-orbit-8935/locations/global/keyRings/*****/cryptoKeys/******' (or it may not exist).
➜

I created the KMS ring and key manually in the console, and added my email in the permissions with KMS admin, and using the same email with gcloud auth on cmd line. ------------------ Not sure what is missing, but i really need some help here fixing this, thanks.

wrong thread sorry...

@gentle-advantage-80069 this is a permissions issue on your side, if you can't read/write to the KMS key with your current credentials, Pulumi won't be able to either