Is there a general way to have an API key that isn't tied to a specific person? I'm guessing I need to hand that off to our corporate email tools?
Create a shared email address or group mailbox, put its creds in a vault, create a Pulumi user for this "service account", create an API token for this user, and use that in our various pipelines and monitoring tools?
This uses up a seat in our license, which is a bit of a downside...
Feature request: organisations can make API tokens too!