Hey folks, Need help understanding if this is a bu...
# python
Hey folks, Need help understanding if this is a bug or a feature: I have a schema very similar to the boilerplate. I’m trying to return the S3 bucket as an output of my Component Resource, but any values I have encrypted in the bucket are returned in plaintext. Here’s an example output:
Copy code
        acceleration_status                 : [secret]
        bucket                              : {
            acceleration_status                 : "Suspended"
            acl                                 : "private"
When I return the encrypted acceleration_status as it’s own output - it stays encrypted. But when I return it as a field within the bucket object - it gets decrypted.
This is how I’m returning the output:
Copy code
self.outputs = {"bucket": bucket, "acceleration_status": bucket.acceleration_status}
so pulumi_aws returns the encrypted acceleration_status (i passed it into pulumi_aws through
). It stays encrypted if it’s a separate output but gets decrypted if I return the whole bucket object.
ok more updates, i checked with RDS databases. When I provision an RDS database through pulumi_aws, it encrypts the password in the output. When I provision the same database using a Component Resource and return the database object as a whoke, it decrypts the password and returns it in plaintext