Pulumi has introduced OpenID Connect (OIDC) Trust Relationships to enhance its authentication capabilities, which facilitates secure integration into ecosystems supporting OIDC. This feature addresses the "secret zero" challenge by allowing the exchange of a secure platform token for a short-term Pulumi token, thereby improving security and simplifying token management. OIDC Trust simplifies authentication through dynamic credential requests for Pulumi using OIDC providers and is compatible with popular CI/CD systems and cloud providers like GitHub, GitLab, AWS, and Azure. Policy controls in Pulumi Cloud enable setting policies to manage token exchanges based on issuer subject or additional claims, supporting complex authorization scenarios. The integration with Pulumi ESC offers a comprehensive solution for managing infrastructure, secrets, and configuration access. A demo illustrates using GitHub Actions to retrieve Pulumi credentials and list all Pulumi ESC Environments, showcasing the streamlined process facilitated by OIDC Trust Relationships.