1. Docs
  2. Pulumi ESC
  3. Environments

Environments

    Pulumi ESC (Environments, Secrets, and Configuration) lets you define collections of configuration settings and secrets called environments and use them in any application or service. Environments are YAML documents composed of static key-value pairs, programmatic expressions, dynamically retrieved values from supported providers including all major clouds through OpenID Connect (OIDC), and other Pulumi ESC environments.

    Environments are accessible with the standalone esc CLI, the pulumi CLI, the Pulumi SDK, and the Pulumi Cloud console and REST API, and you can have as many environments as you need. Pulumi ESC is a service of Pulumi Cloud and is currently in public preview.

    Environments are YAML documents composed of static key-value pairs, programmatic expressions, dynamically retrieved values from supported providers including all major clouds through OpenID Connect (OIDC), and other Pulumi ESC environments.

    The following example shows a Pulumi ESC environment which dynamically pulls values from AWS OIDC and AWS Secrets Manager, as well as setting environment-specific configuration and overriding inherited configuration.

    # imports allow you to compose other pre-existing environments
    imports:
      # AWS creds via OIDC
      - aws-production
      # stripe API keys imported from vault
      - stripe-production
      # keys for signing docker images via AWS Secrets Manager
      - docker-signing-production
    values:
      # environment-specific configuration
      desiredInstanceCount: 8
      # overriding imports
      aws:region: us-west-2
    

    Getting started with Pulumi ESC

    Begin your journey with Pulumi ESC through a hands-on, self-paced tutorial.

      PulumiUP 2024. Watch On Demand.