8163e55c7f
* try and fix suport 403s Signed-off-by: susanev <susan.ra.evans@gmail.com> * fix Signed-off-by: susanev<susan.ra.evans@gmail.com> --------- Signed-off-by: susanev <susan.ra.evans@gmail.com>
89 lines
5.0 KiB
Markdown
89 lines
5.0 KiB
Markdown
---
|
||
title: Pulumi Security
|
||
meta_desc: A summary of security topics and how they relate to the Pulumi platform.
|
||
layout: security
|
||
---
|
||
|
||
Pulumi takes security and privacy matters very seriously. We appreciate that our customers and users place a high degree of confidence and trust in our products and services and we strive to meet those expectations.
|
||
|
||
## Pulumi Service Security
|
||
|
||
<!-- markdownlint-disable url -->
|
||
Pulumi Service, our managed service for using Pulumi open source, is multi-tenanted and runs within an AWS Virtual Private Cloud (VPC), whose only Internet-addressable endpoints are https://api.pulumi.com or https://app.pulumi.com. All communications between Pulumi clients and the server are encrypted using TLS. Pulumi is SOC 2 Type II certified.
|
||
<!-- markdownlint-enable url -->
|
||
|
||
For more details on Pulumi’s product architecture and security practices, please read our [security whitepaper](/security/pulumi-cloud-security-whitepaper.pdf) (last updated October 24, 2022).
|
||
|
||
## Vulnerability Reporting
|
||
|
||
If you believe you’ve discovered a potential vulnerability in Pulumi’s security, please contact us at [security@pulumi.com](mailto:security@pulumi.com). For non-critical matters please file an issue with [Pulumi support](https://support.pulumi.com/).
|
||
|
||
When reporting a potential vulnerability, please include as much of the following information as possible.
|
||
|
||
* A description of the vulnerability
|
||
* The impacted software or service and its version
|
||
* Proof-of-concept code and/or detailed steps to reproduce
|
||
|
||
## Secure Communications
|
||
|
||
If you're a security researcher and you believe that you have found a security issue within any of our services, email the details of your findings to [security@pulumi.com](mailto:security@pulumi.com). Use PGP to protect the message by using our public PGP key.
|
||
|
||
```
|
||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||
|
||
mQINBF16mUgBEADCPyLVKy1pv0cFI6YWfMeRHZG1PmTQSs8g/roqoD+ESETLqBQ3
|
||
q8HW1v0yJqYhbTuZjox39+e47/0LJhBE0GXwCER6xASw7sqGlZ2wzmrS0SYKXyS8
|
||
ilzKcQmhM6wOLf/AzK+caWjdtm0netvhoeB8DYtJxxcMZwlT+iHVjqh1YOIRnAAl
|
||
o44LXuxRUqIz89M8eplRmHNi4BpvAjLbnR4Jg+D1up19K5K793dI15zAf5msEUmS
|
||
2KQ4OON8ZvNkdkOcd+hMKk5yclAicfHL9ocKF9V2Tm7xzKP+xQBN9QMHvcVJ3XLj
|
||
HbR/cICWkur9lmr5pQkLUF44aN891d+8j2uIgMHIyv7dz3cae6tWP5L/qZyaBUKG
|
||
W2Af4+ef8ybUVRIJdjchsANNdGF4lVz7VtUdcrsPhJ/O6NmS+3zb26Mk2OnG455P
|
||
uBdtdRVVaHsoLgJ69O2sSBYYKAQbRZtAXxvzVyX0lajOy/iUSR7icdlzI9n9c0Gh
|
||
F/2cflOf4CWX81r0R/z2ntF/npuFYgJYKQIejEkDprCWXlkifKgV1jDkQfqqpdTq
|
||
CFafqwVhpuH0nPaAItaRWyhig/rDkBKaEo1c6bQpmtiUtSAysi2wLKl+Fcs3H6QG
|
||
58/QogfQxcA0SDICGdKeT3dk/5U6qPCvJU/bZBEHJk0wzQ3IqocM9JFU1wARAQAB
|
||
tB1QdWx1bWkgVGVhbSA8dGVhbUBwdWx1bWkuY29tPokCVAQTAQgAPhYhBMu4nB58
|
||
v6pZbLnlFlR1Bin0/5VZBQJdeplIAhsDBQkHhh+ABQsJCAcCBhUKCQgLAgQWAgMB
|
||
Ah4BAheAAAoJEFR1Bin0/5VZMGQP/35Ty7CKBon3exbgrWforVxnVRszkN02A9N8
|
||
H8mV+Y0SniaKvN5MCLTMtQWDmvfsIZNBvdH+EnnL4554R7ApJNMp6EzTMkHrpQby
|
||
x+6M6rk0x/tdVEI6aQmjUIXWWY9O6nJ3BcHGg5kVQc5qXFeFdOT+KNVgiUt9MzxM
|
||
Eupik9/UNtkJ9hgMAV3ZwmHopO91X6uYTiX+fxpaH24wIRon9NmlVzsb6CYbq2N3
|
||
ShRJ0l4/HkiA4CqtWykWCGF0UtySOYvRTAvkNS/rXu4ZETfux8HZ2pneB9+D+3Wu
|
||
ej4NH2lsNdL1VdiZm8AJkWsLhONsC0b6X9iymsEfexOpaTksouQOudzq1ghv0LMI
|
||
XS85H7TIdm5OQ3g3ew3JwUGyOM1jhAvIGCiBbl1c6RG43Wir+ceSgCZlc0N0NX1B
|
||
zcU7OidYGKTf3HWMYIvuM+NZUcoBZ/1ejQlKgKe5gRyq5yYz4jblWJFW+HQO0zgT
|
||
qr4vymZcm2HMz80BI2o424xP63ofctsVkGmLoXvN0H+ZacDn4Q/C8d0cJAPgryTa
|
||
gCPdnxfxuFQw44Mk0hYYCPLK8moEsZtOw0UGLzWvk8dM5zFRHdTxOdzO9rrZEkqm
|
||
tDTj8Ycxo2rkuMU8HyTaUHZY6QFbjGMJ0m6Mh7uO/4jLyXBiKwc1dv3Nr31lG4hp
|
||
4akixk7WuQINBF16mUgBEACq2Z/3L87QiiIWbBgvSb14phznDwSWMZ9HPduimamV
|
||
paS7te1spxsavyV3xBoMYcD/fxcM/tEJotF2OP5H6kWe0PDyNbYkv4cb4hoN2b78
|
||
JlKCD40PHg8ZsoUFywmWxRl3Uer5lcaqACysxcSALyr7ryhTbjaLr6s4OZjAgNTW
|
||
orsD8TSyk4czeEJsYqV8Au+sU+zZpQmz3IzA43fUfdy47c0aQLqiSuj1ymTpJGeN
|
||
4tuxicT0eQEiO68ySMVAfuOAJzYIcTTiasN+YS6nwe8l84iwv8bSA9aAntAjasl6
|
||
UYz2YwodZRX3thWcNh1jwlS9naPA87pfy5azcjyPstqcu/KgDCvVJa2OAxdKTQOS
|
||
NbFY/GNxUCVBSEJUAMuO/danNOTQsR+FWCsfbZegazdDUTjAsNZdWgZ4DIBNcErX
|
||
WlaY3JNjLc8dNVTMdsxpHu8J4cTEQpxXDdpxXe7DMg1QtjaBNHTMbGMweuCypPOt
|
||
J96Il8SI37XBlfxAoehZHJVDABTfg5ieCmXhlfmHez7Ow5J6wI9RlNydLTa+THIk
|
||
9xJG6InlZNWFfSAx4QLsOgTeoLMjEdF6MiOuV6Iipf6nt56uJohuFHzE/NAs1+pP
|
||
Vts5rIHnnG4OOAg7X9ZzUZY6RFXrjZn5om6dhhL6KTDm+TBF+xbJZ1cGmOWZnfEl
|
||
jwARAQABiQI8BBgBCAAmFiEEy7icHny/qllsueUWVHUGKfT/lVkFAl16mUgCGwwF
|
||
CQeGH4AACgkQVHUGKfT/lVnY2A/7Btm4qKmwwpFKV683+WsTYs4P++SxO8kO7L53
|
||
xYqqEzPLSqKS1YAnTivkYREe6A/8B6v3rDH4/btg0PLZ8qJIesH55NViTKD/9OC9
|
||
S8j87/FHh3AQP2PFBR7zMO8ny6MBZLZ7PPYzyl92RlScGA8KC/D5N4X+ULrpihxM
|
||
y1xmRd7hkih5JRL3kBvxIso8LWDBhzh/FjWQJuVV7ZGYETi7Nksq2tzwne50nVqS
|
||
/EBojCQF8yCjIEs8NPdha1aGcNiwtasbWOARvN77PukgIdMa7WoG0cTEbpDGVMtB
|
||
uLyZ51xGjIa3gCxBfCg9ktMYOGa5fu5BIi9BJrFaLd4eXIoQq60h4P3zMexu0sfh
|
||
aVg5btUTy/Ufe/zVQkl/TwFRWmpcORPcB4upuFuB39GOhD+De4UCVWvRvoIww+IM
|
||
aS4oYmsrS83MnTI4kN3+xEiRJaXF4Y4LB4VwJDArZiz00aDiJQJpH94VvZbKgWSX
|
||
qd1vZIcFE7Vh0Mvx9KSyyhSx5AOO43UXC1GlG7lTvZN70yqFukcMPKjWgC6MjAQm
|
||
Ska9hJu+9cKvItwYz2D5sacdA+3KJTI8MY8kgXDgQjVt3Rs1AoQ3ftd1UsWIfwQ5
|
||
5MkOj4N82OHZHDs3r545Kp7Wrs2ubyq87OBg0C2x8zIncaSWtSkPT/GQGy1nvF4b
|
||
8KpnpD4=
|
||
=+A0k
|
||
-----END PGP PUBLIC KEY BLOCK-----
|
||
```
|
||
|
||
## Public Notifications
|
||
|
||
Public security notifications are posted in the **#announcements** channel of the [Pulumi Community on Slack](https://slack.pulumi.com/).
|