Home / Companies / Pulumi / Blog / Post Details
Content Deep Dive

How to Manage Secrets with Pulumi

Blog post from Pulumi

Post Details
Company
Date Published
Author
Matt Ellis
Word Count
1,982
Company Posts That Month
10
Language
English
Hacker News Points
-
Post removed?
No
Summary

Pulumi has introduced enhanced features for managing secrets with its latest 0.17.12 release, focusing on providing users with greater control over encryption within Pulumi deployments. The release includes automatic tracking of secret values throughout a Pulumi program to ensure they remain encrypted in the state file, regardless of usage, as well as a new option for custom client-side encryption, allowing users to manage their encryption keys independently of the Pulumi backend. These advancements address concerns from users who seek more control over encryption and security compliance, enabling them to use Pulumi's cloud infrastructure management with increased confidence. Pulumi allows secrets to be handled securely through its Output<T> feature, which marks data as secret, ensuring its encryption and preventing leaks. The introduction of passphrase-based encryption gives users further flexibility by allowing them to encrypt secrets locally, using a derived key, rather than relying on Pulumi's managed keys, with future plans to support AWS KMS, Azure KeyVault, and GCP KMS for encryption.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Secrets Management 36 170 21 17 +278%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.