https://pulumi.com logo
Title
p

plain-keyboard-29627

01/06/2023, 10:06 PM
Is there anything specific to be aware of when passing secrets to a Dynamic Resource Provider? I see the secrets are resolved when I use them in my
create
and
update
methods, but wanted to make sure they were safe (e.g. will be stored encrypted) to return as results. If I passed
config.requireSecret('mySecretKey')
as an argument to my provider, is it safe to set
outs
like this?
async update(id, olds, news) {
    await this.createOrUpdate(olds, news); // internal, implementation doesn't matter
    return { outs: news };
}
e

echoing-dinner-19531

01/07/2023, 12:36 PM
I don't think dynamic providers support secrets in that way. All the outputs will come back as unsecret regardless of the inputs. Probably worth raising an issue about this it's, yet another, something we should look at in the planned provider interface overhaul.