This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Utilizing Structured Configuration Mixed with Secrets #7384
Labels
You can continue the conversation there. Go to discussion →
When using a structured config file, some of the entries are secrets. When pulling those specific JsonElements out of the collection, it would be nice to know if it
IsSecret
like you can do withPulumi.Output.IsSecret
My specific scenario, I'm reading in a structured config like below, flattening it out, looping through each entry, and storing the key/value pairs in AWS Parameter Store. What's missing is for me to be able to check which of the values is a secret so, I can store it in Parameter Store as
SecureString
, right now they are going in plain text.Pulumi.test.yaml
Here is the code where I pull the data out of the config, flatten it, and I'm writing it out to console for testing. NOTE: Both
config.RequireObject
andconfig.RequireSecretObject
work here. The difference being the latter returns a Pulumi.Output. Both end up working the same in my scenario, properly decrypting the secrets into Parameter Store, but showing them as `[secret]' when output to the console.GetFlat function returns a collection of flatten keys and their value ie:
AppSettings/CaptchaInfo/CaptchaSecret
Code for the looping and Parameter Store creation.
If I could pull IsSecret for each JsonElement in the object, I would be able to then utilize it.
Link to slack conversation: https://pulumi-community.slack.com/archives/C84L4E3N1/p1624971038131700
The text was updated successfully, but these errors were encountered: