Announcing Doppler Providers for Pulumi ESC: Dynamic Login and Dynamic Secrets

Robert Harris Robert Harris
Announcing Doppler Providers for Pulumi ESC: Dynamic Login and Dynamic Secrets

We are excited to announce support for Doppler within Pulumi ESC! Pulumi ESC centralizes secrets and configuration management, providing a unified source of truth across your environments. With the addition of Doppler, a popular secrets management platform, ESC further extends its ecosystem, enabling seamless and secure access to secrets stored across diverse systems.

Read more →

Most Effective Infrastructure as Code (IaC) Tools

Asaf Ashirov Asaf Ashirov Isaac Harris Isaac Harris

Infrastructure as Code (IaC) has evolved beyond simple automation into a fundamental shift toward applying software engineering practices to infrastructure management. In 2025, leading organizations aren’t just provisioning infrastructure—they’re treating it as software, complete with testing, version control, code reviews, and continuous integration.

As infrastructure complexity grows, teams increasingly seek approaches that provide the same developer productivity tools they use for application development. While template-based and domain-specific language approaches serve many use cases effectively, teams with complex requirements or programming backgrounds often find that general-purpose programming languages offer advantages in testing, abstraction, and collaboration.

This comprehensive guide examines the most effective infrastructure as code tools available today, providing detailed analysis of core IaC platforms, complementary tools, and related technologies through the lens of software engineering best practices. Whether you’re starting fresh with IaC or evaluating alternatives to overcome limitations in your current toolchain, we’ll help you navigate this complex landscape and choose solutions that truly bring software engineering to infrastructure.

Read more →

AWS RDS - Blue/Green Deployments for Low-Downtime Updates

Elisabeth Lichtie Elisabeth Lichtie
AWS RDS - Blue/Green Deployments for Low-Downtime Updates

AWS RDS supports blue/green deployments to support database maintainence. In a blue/green deployment, you have one production (blue) and one staging (green) database. You can safely make changes to the green instance without affecting production and promote it to be the main instance. When you enable blue/green updates, Pulumi will temporarily set up a blue/green deployment for the duration of the update to minimize downtime.

Read more →

New: Use Terraform Modules in Pulumi Without Conversion

Anton Tayanovskyy Anton Tayanovskyy
New: Use Terraform Modules in Pulumi Without Conversion

Today, we’re excited to announce a major advancement in Pulumi’s mission to make modern infrastructure as code accessible to every developer: direct support for executing Terraform modules. This new capability addresses one of the most significant challenges our users face when migrating from Terraform to Pulumi—complex projects with extensive module dependencies.

Read more →

Adding PostgreSQL State Backend Support to Pulumi: A Community Contribution Journey

Matan Baruch Matan Baruch
Adding PostgreSQL State Backend Support to Pulumi: A Community Contribution Journey

When managing infrastructure as code at scale, reliable state storage is essential. Pulumi Cloud provides a fully managed, secure, and scalable solution out of the box. For teams that choose to build and maintain their own backend, Pulumi now offers support for PostgreSQL as a DIY state storage option—though this requires additional operational overhead and careful consideration around performance, security, and maintenance.

Read more →

Bring Your Own Keys With Pulumi ESC

Pablo Terradillos Pablo Terradillos Boris Schlosser Boris Schlosser
Bring Your Own Keys With Pulumi ESC

Today we’re excited to launch support for Customer-Managed Keys (CMKs) in Pulumi ESC. This feature gives your organization full control over how your secrets and state are encrypted — empowering you to meet the most demanding compliance requirements like HIPAA, GDPR, and FedRAMP, all while maintaining the ease-of-use that Pulumi is known for.

Read more →

Governance as an Enabler: Scaling Safely and Confidently

Adam Gordon Bell Adam Gordon Bell
Governance as an Enabler: Scaling Safely and Confidently

In previous articles in this series, we’ve explored how platform engineering transforms infrastructure chaos into consistent provisioning, empowers engineering teams through self-service infrastructure, optimizes workflows, embeds security directly into your platform, and provides observability as a superpower. Each pillar builds upon the previous ones, creating a cohesive foundation that accelerates innovation and productivity.

But as your platform scales, new challenges inevitably emerge. You’ve empowered engineering teams with self-service infrastructure, streamlined workflows, and embedded security directly into your platform. But as your platform scales, new challenges emerge: How do you ensure consistency, compliance, and cost control without slowing your teams down?

Read more →

Observability as a Developer Superpower

Adam Gordon Bell Adam Gordon Bell
Observability as a Developer Superpower

Engineering teams drown in observability tool sprawl, alert fatigue, and reactive debugging that turns 3AM incidents into hours-long fire drills. Learn how embedding observability into your platform with centralized service dashboards, actionable alerts, and built-in instrumentation transforms reactive firefighting into proactive innovation, enabling teams to resolve major incidents in minutes instead of hours.

Read more →

Announcing Pulumi Identity and Access Management (IAM)

Announcing Pulumi Identity and Access Management (IAM)

Cloud development is accelerating at an unprecedented pace, fueled by AI and the relentless drive for innovation. But this incredible speed demands unwavering trust in your security posture. How do you empower teams to deploy rapidly and frequently without opening doors to risk or violating compliance mandates? Today, we’re thrilled to answer that critical challenge by introducing Pulumi Identity and Access Management (IAM) – a foundational new capability designed to embed robust, granular security directly into your cloud development lifecycle, enabling you to innovate both quickly and safely with Pulumi. Pulumi IAM provides the unified framework for fine-grained authorization needed to confidently manage modern cloud infrastructure and applications across the entire Pulumi Cloud platform.

Read more →

From Configuration Chaos to Programming Languages

Daniel Ward Daniel Ward Adam Gordon Bell Adam Gordon Bell
From Configuration Chaos to Programming Languages

Infrastructure teams struggle with growing YAML configurations and CloudFormation templates that take hours to understand and deploy. Daniel Ward, Microsoft MVP and consultant, shares proven strategies for transitioning teams to programming languages like those supported by Pulumi, including the 10% rule for change management and viral adoption techniques.

Read more →