Today, we are officially launching Organization Access Tokens! This will allow Enterprise and Business Critical customers to create access tokens for their org detached from the concept of a user.
We’ve
heard you loud and clear. Having the concept of a “machine account”, or organization-managed access to resources is something that would make the dev process a lot easier. Rather than forcing a single user to be a point of failure in your infrastructure pipelines, Organization Access Tokens are managed by your org’s administrators and have write access to all of your org’s stacks. You can now easily broker access for GitHub Actions and the Pulumi Automation API to Pulumi regardless of your current org memberships.
Any organization admin can view, create, and delete tokens in the organization. This is particularly useful for customers who use SAML/SSO and may have trouble creating dedicated bot user accounts in their corporate identity directories. You can read all about it in the
Organization Tokens launch blog post.
We’re excited to deliver one of the most requested features from the community,. To enhance the benefits provided by this feature, we are investigating access token scoping and would love to hear your feedback. As always, please feel free to submit feature requests and bug reports to
https://github.com/pulumi/service-requests