Providers
Reference catalog of the login and secrets/configuration provider plugins shipped with Pulumi ESC. All providers are invoked through fn::open::<name>. For an introduction to how providers work — when they run and how they fit into the evaluation flow — see Providers.
Login providers
Issue short-lived credentials for downstream services. Prefer OpenID Connect over static keys where supported; see OIDC setup for per-provider trust configuration.
| Provider | Description |
|---|---|
| aws-login | Log in to AWS using OIDC or static credentials. |
| azure-login | Log in to Azure using OIDC or static credentials. |
| doppler-login | Log in to Doppler using OIDC. |
| gcp-login | Log in to Google Cloud using OIDC or static credentials. |
| gh-login | Log in to GitHub using app credentials. |
| infisical-login | Log in to Infisical using OIDC or static credentials. |
| snowflake-login | Authenticate to Snowflake using OIDC. |
| vault-login | Log in to HashiCorp Vault using OIDC or static credentials. |
Secrets and configuration providers
Dynamically import values from an external system of record into your environment.
| Provider | Description |
|---|---|
| 1password-secrets | Import secrets from 1Password. |
| aws-parameter-store | Import parameters from AWS Systems Manager Parameter Store. |
| aws-secrets | Import secrets from AWS Secrets Manager. |
| azure-secrets | Import secrets from Azure Key Vault. |
| doppler-secrets | Import secrets from Doppler. |
| gcp-secrets | Import secrets from Google Cloud Secret Manager. |
| infisical-secrets | Import secrets from Infisical. |
| vault-secrets | Import secrets from HashiCorp Vault. |
| external | Import secrets from a custom service adapter. |
Infrastructure as code providers
Import the outputs of an existing Pulumi stack or Terraform state file into your environment.
| Provider | Description |
|---|---|
| pulumi-stacks | Import outputs from a Pulumi stack (includes Terraform state stored in Pulumi Cloud). |
| terraform-state | Import outputs from a Terraform state file in S3 or Terraform Cloud. |
Thank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.