Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provider for Pulumi short-lived access tokens #344

Open
automagic opened this issue Jun 25, 2024 · 1 comment
Open

Provider for Pulumi short-lived access tokens #344

automagic opened this issue Jun 25, 2024 · 1 comment
Labels
kind/enhancement Improvements or new features

Comments

@automagic
Copy link

Hello!

  • Vote on this issue by adding a 👍 reaction
  • If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

With the upcoming support of short-lived Pulumi access tokens, an ESC provider could be used to generate these tokens for use with Pulumi stacks, command shell environments, applications, automation, CI/CD pipelines, etc. An example use-case could be pulumi privilege escalation or de-escalation controlled by ESC and Team RBAC.

Example:

values:
  pulumi:
      fn::open::pulumi-access-token:
          type: team
          team: foo
          duration: 1h
  environmentVariables:
     PULUMI_ACCESS_TOKEN: ${pulumi.accessToken}

Affected area/feature

ESC Providers
@automagic automagic added kind/enhancement Improvements or new features needs-triage Needs attention from the triage team labels Jun 25, 2024
@cleverguy25 cleverguy25 removed the needs-triage Needs attention from the triage team label Jun 26, 2024
@cleverguy25
Copy link
Collaborator

This is a really interesting idea, we will discuss it in the team for a future provider.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement Improvements or new features
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@automagic @cleverguy25