I wanted to echo some of what other folks have commented on with respect to using Pulumi without the requirement of the service (despite assurances around encryption). I was excited to use it in place of CloudFormation for my day job but veered off once I realized this was the case. Being able to use it without the service would be a welcome officially supported feature.

Just want to ensure that your concerns are the same as the previous conversation - what's the specific blocker for you in this case? (We need to publish some security FAQ for sure!)

Basically, ensuring that any data doesn't leak to a third party. I think having the option to use Pulumi without interacting with the service or perhaps an internally hosted version of the service would be good

We will always have a way to use Pulumi without the service in the picture. It'll definitely mean loss of some key features that just using the service makes possible -- one thing we prefer over Terraform (things work in a team environment out of the box without needing to manually set up state/lock management) -- but we definitely understand some folks want more control. @bitter-oil-46081 is working on a FAQ page as this has come up a few times now, and he will reply back with it with more details on how to get this going.

Awesome. Thanks guys