This message was deleted.

I'm currently reading through the slack history to see if someone's asked this before 😎

This is a great question. The one option you didn’t list to consider - which may or may not work depending on how you work with your clients - is to have separate Pulumi organizations for each client, and have yourself as a member of each org, and the individual clients in their corresponding orgs. That probably provides the cleanest isolation, most control and feature set. It’s relatively easy to work across multiple organizations in the Pulumi Console (I work across 3 orgs every day). If that option doesn’t work - then either of your other options are certainly possible. We’ve seen many teams use a mode like this for allowing clients (whether internal or external) to have independent copies of some infrastructure - frequently deployed across different accounts. The answer likely ultimately depends most on how you want to arrange access to these stacks for your clients.

Thank you so much for your thoughtful reply! I've opened an inquiry with sales to discuss Pulumi Enterprise. I'll definitely stay active in this channel as regardless of adopting Pulumi Enterprise, I'm planning on adopting Pulumi for deploying IT infrastructure for our Biotech clients. If you ever want to discuss that market that I'm not sure many Pulumi users are in, let me know. Thank you again!