Pulumi Access Token

Bridgecrew Policy ID: BC_GIT_60
Chekov Check ID: CKV_SECRET_60
Severity: LOW

Pulumi Access Token


Pulumi is a modern infrastructure as code platform. It leverages existing programming languages—TypeScript, JavaScript, Python, Go, .NET, Java, and markup languages like YAML—and their native ecosystem to interact with cloud resources through the Pulumi SDK. A downloadable CLI, runtime, libraries, and a hosted service work together to deliver a robust way of provisioning, updating, and managing cloud infrastructure.

Organization Access Tokens provide Enterprise and Business Critical customers the opportunity to manage resources and stack operations for their organization independent of a single-user account.

Fix - Buildtime


  1. From the organization’s homepage, follow the same steps as for a Personal Access Token:
  2. Navigate to Settings > Access Tokens.
  3. Choose Delete token from the action menu. You will be prompted in a dialog to confirm your choice.
  4. If you choose to delete a token, its access will immediately be revoked and all further operations using it will fail as unauthorized.