Sophia Parafina

Sophia Parafina

Managing AWS Credentials on CI/CD

Managing AWS Credentials on CI/CD

Continuous delivery requires providing highly sensitive credentials to your deployment pipeline. Understanding the risks, mitigations, and best practices for handling those credentials can be difficult. In this guide, we describe the best practices for providing AWS credentials to a CI/CD system and to securely automate updating your cloud infrastructure using Pulumi.

Read more →

Manage Any Infrastructure with Policy as Code

Manage Any Infrastructure with Policy as Code

In an earlier article, we introduced examples of Policy as Code to prevent two of the most common causes of data breaches. Policies are the guardrails of infrastructure. They control access, set limits, and manage how infrastructure operates. In many systems, policies are created by clicking on a GUI, making it difficult to replicate or version. Pulumi implements policy by writing it in Typescript, which ensures that you can write policies using software development practices such as automated testing, deployment, and version control.

Read more →

Intro to AWS Serverless Step Functions

Intro to AWS Serverless Step Functions

AWS Step Functions lets you build applications by connecting AWS services. Daisy-chaining steps into a workflow simplifies application development by creating a state machine diagram which shows how services are connected to each other in your application. We’ll go into the details of creating a lambda function, IAM roles and policies, and creating a workflow. Once we have the example deployed, we’ll walk through the process of adding another function and step to the workflow. Included in the walkthrough is a discussion of one of the aspects of the Pulumi programming model. The goal of this article is to provide a foundation for building your application using serverless workflows.

Read more →

Getting Started With PaC

Getting Started With PaC

Modern applications have brought many benefits and improvements, including the ability to scale and rapid iterations to update software. However, this has come at the cost of complexity. Modern infrastructure is composed of many resources that require detailed configuration to work correctly and securely. Even managed solutions from cloud service providers need additional configuration to ensure that services are secure and free of defects. Cloud providers, such as AWS, do allow you to create policies to ensure that applications are secure, but they are specific to resources that are already deployed. A significant benefit of Policy as Code is the ability to verify and spot problems before deploying your infrastructure.

Read more →

Pulumi Sweeps into KubeCon

Pulumi Sweeps into KubeCon

We had a fantastic time at KubeCon in San Diego. At the event, the Pulumi team released two technology previews: Pulumi Crosswalk for Kubernetes and Pulumi Query for Kubernetes. Crosswalk for Kubernetes is a set of common patterns compiled in playbooks. These patterns reduce the complex Kubernetes API syntax by providing trusted defaults with idiomatic Kubernetes. Checkout a quick introduction to Crosswalk for Kubernetes in this blog post. Sara Novotny defined observability as “the ability to ask of your system and learn from it” during her keynote with Liz Fong-Jones.

Read more →

Inside Crosswalk for Kubernetes

Inside Crosswalk for Kubernetes

Running Kubernetes in production can be challenging. This past year, Pulumi has collected common patterns of usage informed by best practices for provisioning Kubernetes infrastructure and running containerized applications. We call this Pulumi Crosswalk for Kubernetes: a collection of playbooks and libraries to help you to successfully configure, deploy, and manage Kubernetes in a way that works for teams in production. Kubernetes is Vast and Complex Kubernetes is the standard multi-cloud platform for modern containerized applications.

Read more →

Infrastructure as Code with .NET and Pulumi

Infrastructure as Code with .NET and Pulumi

With the release of Pulumi for .NET preview, we’ve open the doors to infrastructure as code to even more developers and operators. Millions of .NET developers can now use their favorite languages and open source ecosystems to build modern, cloud native applications. We’ve added support for C#, F#, and Visual Basic. Because .NET Core is available on Windows, Linux, and macOS, you have a choice of platforms to use. You can create cloud resources by writing Microsoft .

Read more →

Three Infrastructure as Code Blog Posts You Should Read

Three Infrastructure as Code Blog Posts You Should Read

We are always excited when people join the Infrastructure as Code community and write about their experiences. Pulumi can be used for a range of common tasks such as standardizing VPC builds, building VSphere virtual machines, or deploying your infrastructure from a CI/CD pipeline. Whether it’s TypeScript, JavaScript, or Python you can build your infrastructure with your language and tools of choice. Here are three new blog posts that show how to use Pulumi with code examples to perform these tasks.

Read more →

Continuous Delivery on Octopus Deploy using Pulumi

Continuous Delivery on Octopus Deploy using Pulumi

Continuous delivery is about making changes in your application and getting them into production securely, quickly, and consistently. Pulumi’s infrastructure as code approach uses source code to model cloud resources, making it ideal for continuous delivery. Your infrastructure code can share the same process as your application code including running unit and integration tests, performing code reviews via Pull Requests, and examining your infrastructure using linters or static analysis tools. Like your application, your cloud infrastructure can be validated and tested before deploying to production.

Read more →