Secrets & Configuration | Pulumi Docs

Skip to main content

Docs Registry Pulumi Neo Slack 25.3K Contact us Sign in Dashboard Get started

On this page

Secrets Integrations

Integrate with popular secrets stores to pull and synchronize secrets and configuration data, including AWS Secrets Manager, Azure Key Vault, GCP Secret Manager, HashiCorp Vault, and 1Password.

AWS Secrets Manager

Azure Key Vault

GCP Secret Manager

HashiCorp Vault

Languages & SDKs

Use the ESC SDKs to retrieve environment values from your application workloads at runtime and to manage environments programmatically. To consume an environment from a Pulumi IaC program, use config instead.

Operations

Manage secrets

Store, retrieve, and organize secrets in ESC environments.

Run commands with esc run

Inject environment values into any command or script.

Use ESC with Pulumi IaC

Consume environments from a Pulumi program.

Compose environments

Import environments to share configuration across teams.

Capabilities

ESC CLI

Command-line interface for managing environments, secrets, and configuration.

Login providers

Issue short-lived OIDC credentials for AWS, Azure, GCP, GitHub, and more.

Secrets providers

Dynamically import secrets from external stores into your environment.

Webhooks

Automate processes with environment event webhooks.

Resources

Concepts

Understand core ESC concepts including environments, sources, targets, and composition.

Environments

Reference for the ESC YAML syntax, imports, versioning, and webhooks.

Guides

Use ESC with Docker, direnv, GitHub Actions, Kubernetes, Cloudflare, and Pulumi IaC.

Languages & SDKs

Manage ESC programmatically from .NET, Go, JavaScript, and Python.

Have questions?

For questions or feedback, reach out on community Slack, GitHub, or contact support.