Manage Pulumi Teams in Bulk with the New CLI Teams Flag

We’ve been hearing feedback from our customers that they need ways to manage permissions for their stacks at scale. Today we are announcing a --teams flag for pulumi stack init, which allows customers to assign Teams to stacks from the CLI. This flag offers a third programmatic method for assigning permissions, supplementing Pulumi Service REST API or the Pulumi Service Provider. Developers can now initialize their stacks with the right permissions directly from the CLI.

Here’s some background for any Pulumi newcomers. Pulumi projects consist of stacks, which are separate deployments of the same infrastructure. Stacks may also be configured with separate inputs. Organization admins can leverage RBAC to grant access permissions at the organization or Pulumi Teams levels. Pulumi Teams and RBAC are available for Enterprise and Business Critical customers.

Stacks are often created via the CLI with the pulumi stack init command. This command initializes a new stack. If you’re using the Pulumi Service as your backend, you can view your newly created stack in the Pulumi Service console. If your organization uses teams, you will want to give your teammates access to the stack.

With the release of Pulumi v3.59.0, developers can assign Pulumi Team access during stack creation. To do this, pass in the --teams flag followed by the team’s name. For instance:

pulumi stack init --teams Red

This saves time by eliminating context switching, allowing users to stay on task. Previously, the Service console was the most direct way to assign team access to a stack, meaning a trip to the browser before your teammates could access the stack. The --teams flag improves upon the process of managing stack permissions by removing this step.

Use the flag multiple times to assign access to multiple Pulumi Teams, as in:

pulumi stack init --teams Red --teams Blue

Currently, the feature always grants read and write access, the most commonly assigned permissions.

We implemented this feature as a direct result of feedback from daily users. Context switching can be expensive when you’re creating enough stacks. At Pulumi, we enable our users to squeak out as much productivity from our tooling as possible. We’re always happy to make ergonomic improvements. We look forward to continuing to raise the bar for cloud productivity.