Managing AWS Credentials on CI/CD

Chris Smith Chris Smith Sophia Parafina Sophia Parafina
Managing AWS Credentials on CI/CD

Continuous delivery requires providing highly sensitive credentials to your deployment pipeline. Understanding the risks, mitigations, and best practices for handling those credentials can be difficult. In this guide, we describe the best practices for providing AWS credentials to a CI/CD system and to securely automate updating your cloud infrastructure using Pulumi.

Read more →

An Update on our Roadmap

Joe Duffy Joe Duffy
An Update on our Roadmap

2020 is off to a big start for us! The .NET and Go SDKs are now more idiomatic and easier to use, Policy as Code is ready for prime-time, and many other useful features and foundational improvements have been released. I’d like to take a moment to highlight these improvements and ask for feedback — we want to make sure these new features work great for you!

Read more →

Pulumi Service Improvements, February 2020

Chris Smith Chris Smith
Pulumi Service Improvements, February 2020

We’ve been hard at work making it easier to manage stacks, permissions, and organizations in the Pulumi Service. Adding new features like first-class support for stack tags, deep links into CI/CD providers, and downloadable checkpoint files.

In this post, we showcase what’s new!

Read more →

Modern Cloud Infrastructure in Go - The Road to 2.0

Evan Boyle Evan Boyle
Modern Cloud Infrastructure in Go - The Road to 2.0

Here at Pulumi, everyone on our engineering team is a Gopher. Go has quickly become the “language of the cloud,” and so when we chose to build our open-source pulumi/pulumi engine and SaaS backend, we chose Go. As such, we are very excited to welcome Go to the family of supported infrastructure as code languages as part of Pulumi 2.0.

What is Pulumi?

Go has become the lingua franca of cloud-native infrastructure development. From projects like Docker, to Kubernetes, the community has embraced Go. The result is an ecosystem rich in tooling and packages designed for systems and cloud engineering.

Read more →

Scheduling Serverless

Cyrus Najmabadi Cyrus Najmabadi
Scheduling Serverless

Scheduling events has long been an essential part of automation; many tasks need to run at specific times or intervals. You could be checking StackOverflow for new questions every 20 minutes or compiling a report that is emailed every other Friday at 4:00 pm. Today, many of these tasks can be efficiently accomplished in the cloud. While each cloud has its flavor of scheduled functions, this post steps you through an example using AWS CloudWatch with the help of Pulumi.

Read more →

Auditing Your Organization's Infrastructure as Code Activity

Sean Holung Sean Holung
Auditing Your Organization's Infrastructure as Code Activity

We are excited to announce the release of Audit Logs on Pulumi for Enterprise organizations. Audit logs enable you to track the activity of users within an organization. They attempt to answer what a user did, when they did it and where. They help answer these questions by recording user actions.

Pulumi’s audit logs allow you to account for the activity your users are taking within your organization. These logs are available to organizations with an Enterprise level subscription. The logs are immutable and and record all user actions. Auditing makes the activity of members in an organization attributable. The logs capture the UNIX timestamp of the event, the user who invoked the action, the event that took place, and the source IP of the call the user made.

Read more →

Manage Any Infrastructure with Policy as Code

Sophia Parafina Sophia Parafina
Manage Any Infrastructure with Policy as Code

In an earlier article, we introduced examples of Policy as Code to prevent two of the most common causes of data breaches. Policies are the guardrails of infrastructure. They control access, set limits, and manage how infrastructure operates. In many systems, policies are created by clicking on a GUI, making it difficult to replicate or version. Pulumi implements policy by writing it in Typescript, which ensures that you can write policies using software development practices such as automated testing, deployment, and version control.

Read more →

Intro to AWS Serverless Step Functions

Sophia Parafina Sophia Parafina
Intro to AWS Serverless Step Functions

AWS Step Functions lets you build applications by connecting AWS services. Daisy-chaining steps into a workflow simplifies application development by creating a state machine diagram which shows how services are connected to each other in your application. We’ll go into the details of creating a lambda function, IAM roles and policies, and creating a workflow. Once we have the example deployed, we’ll walk through the process of adding another function and step to the workflow. Included in the walkthrough is a discussion of one of the aspects of the Pulumi programming model. The goal of this article is to provide a foundation for building your application using serverless workflows.

Read more →