Rotate credentials for external services
Pulumi ESC Rotators are ESC functions that enable you to rotate various credentials both automatically and manually for a number of supported services. Rotated credentials are stored in your ESC Environments, allowing you to easily and securely use them from anywhere. Some of the rotators require you to deploy Rotation Connectors in order to rotate credentials inside private networks.
To learn how to set up and use each rotator, follow the links below. All rotators use login providers for authorization, with the most secure way being OpenID Connect (OIDC) login providers. Learn more about how to configure them in OpenID Connect Pulumi Cloud documentation.
| Rotator | Required connector | Description |
|---|---|---|
| aws-iam | None | The aws-iam rotator enables you to rotate access credentials for an AWS IAM User. |
| mysql | aws-lambda(in private networks only) | The mysql rotator enables you to rotate user credentials for a MySQL database in your Environment. |
| postgres | aws-lambda(in private networks only) | The postgres rotator enables you to rotate user credentials for a PostgreSQL database in your Environment. |
Thank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.
