Pulumi ESC (Environments, Secrets, and Configuration)

Pulumi ESC is a centralized service for managing environments, secrets, and configuration across cloud infrastructure and applications.

What is ESC?

ESC enables teams to:

• Centralize secrets and configuration in one secure location
• Compose environments by importing and layering configuration
• Generate dynamic credentials via OIDC for AWS, Azure, GCP
• Integrate external secret stores (AWS Secrets Manager, Azure Key Vault, Vault, 1Password)
• Version and audit all configuration changes
• Control access with fine-grained RBAC

Essential CLI Commands