Announcing Team Access Tokens for the Pulumi Service

Pulumi has introduced Team Access Tokens, expanding on the previously launched Organization Access Tokens, to meet customer demand and feedback for more refined access control. These new tokens allow Organization and Team Admins to create access tokens specifically scoped to a Pulumi Team, enhancing role-based access controls for stacks. The feature is available to customers using the Enterprise and Business Critical editions of the Pulumi Service, enabling fine-grained permissions through identity provider integrations. Team Access Tokens are designed for more precise access management, offering less privilege than Organization Access Tokens and more specific access than Personal Access Tokens. Snowflake, a Pulumi customer, has expressed enthusiasm for the new feature, indicating it will aid in managing Pulumi stacks at scale by adhering to the principle of least privilege. The tokens facilitate secure programmatic access for CI/CD tools and automated processes, offering an efficient solution for enterprise customers using SSO/SAML/SCIM. The feature is now available for all eligible customers, including those on a 14-day trial.