Yesterday AWS announced an exciting new feature — the AWS Identity and Access Management (IAM) Access Analyzer — a service powered by automated reasoning that detects potentially-insecure access to your AWS resources, including S3 Buckets, SQS Queues, Lambdas, and more. At the same time, Pulumi announced a new policy as code solution, CrossGuard, that validates policies at deployment time. The question is: Can IAM Access Analyzer and Pulumi CrossGuard be combined to get the best of both solutions? The answer is Yes!

Read more →

Over the past few months, we have been hard at work on Pulumi CrossGuard, a Policy as Code solution. Using CrossGuard, you can express flexible business and security rules using code. CrossGuard enables organization administrators to enforce these policies across their organization or just on specific stacks. CrossGuard allows you to verify or enforce custom policies on changes before they are applied to your resources. CrossGuard is 100% open source and available to all users of Pulumi, including the Individual Edition. Advanced organization-wide policy management features are available to Enterprise customers.

Read more →

Today we’ve published Pulumi’s 2.0 roadmap. 2.0 is the next major phase in Pulumi’s journey, and will include better productivity through languages, libraries, and tools, in addition to advanced features for teams in production. And, though we are excited to share our own thoughts, more than anything else, we’d love to hear your feedback to help make sure it’s right.

Since releasing Pulumi 1.0 in September, we have heard loud and clear that you appreciate the commitment to compatibility, as well as the completeness and stability of the platform, and we have been hard at work making sure we honor those promises.

Read more →

A big part of our vision with Pulumi is to bring application developers and infrastructure teams closer together in the cloud. That includes both providing infrastructure teams with better software engineering tools, as well as providing developers with easier access to cloud infrastructure. We are often inspired by looking at great software engineering experiences in other development stacks and applying them to the cloud infrastructure space. Whether it be general-purpose languages and rich IDEs, testing and package management, or components and rich APIs, at Pulumi, we’ve repeatedly applied successful development tools and practices to the challenges of building and scaling modern cloud infrastructure.

Read more →

We had a fantastic time at KubeCon in San Diego. At the event, the Pulumi team released two technology previews: Pulumi Crosswalk for Kubernetes and Pulumi Query for Kubernetes.

Crosswalk for Kubernetes is a set of common patterns compiled in playbooks. These patterns reduce the complex Kubernetes API syntax by providing trusted defaults with idiomatic Kubernetes. Checkout a quick introduction to Crosswalk for Kubernetes in this blog post.

Sara Novotny defined observability as “the ability to ask of your system and learn from it” during her keynote with Liz Fong-Jones. Query for Kubernetes enables observability programmatically by exposing resource processes through either batch or streaming queries. Learn more about Query for Kubernetes in our blog post.

Read more →

Running Kubernetes in production can be challenging. This past year, Pulumi has collected common patterns of usage informed by best practices for provisioning Kubernetes infrastructure and running containerized applications. We call this Pulumi Crosswalk for Kubernetes: a collection of playbooks and libraries to help you to successfully configure, deploy, and manage Kubernetes in a way that works for teams in production.

Kubernetes is Vast and Complex

Read more →

We often need answers to simple questions about Kubernetes resources. Questions like:

• How many distinct versions of MySQL are running in my cluster?
• Which Pods are scheduled on nodes with high memory pressure?
• Which Pods are publicly exposed to the internet via a load-balanced Service?

Each of these questions would normally be answered by invoking kubectl multiple times to list resources of each type, and manually parsing the output to join it together into a single report.

Read more →

Today we announced Pulumi Crosswalk for Kubernetes, a collection of open source tools, libraries, and playbooks to help developers and operators work together to bring Kubernetes into their organizations. They capture the lessons we learned this past year working with organizations to go from zero to Kubernetes in production for their infrastructure and application workloads. By releasing these as open source, we hope to help everybody be more successful with their Kubernetes projects — as we have learned through experience, it isn’t easy going!

Read more →

Kubernetes provides a rich, standards-based API that works across cloud and on-premise infrastructure. However, many of the API fields are deeply nested and require users to specify the same values redundantly across different resources. While this explicit specification is necessary for Kubernetes to operate, this often leads users to copy-paste existing code to manage the boilerplate.

Today, as part of our Crosswalk for Kubernetes announcement, we’re introducing the Kubernetes Extensions (kx) library for Pulumi. kx is designed to simplify the declaration of Kubernetes resources, and make the API easier for everyone to use.

Read more →

With the release of Pulumi for .NET preview, we’ve open the doors to infrastructure as code to even more developers and operators. Millions of .NET developers can now use their favorite languages and open source ecosystems to build modern, cloud native applications. We’ve added support for C#, F#, and Visual Basic. Because .NET Core is available on Windows, Linux, and macOS, you have a choice of platforms to use.

You can create cloud resources by writing Microsoft .NET Core programs to build and deploy cloud resources to a wide variety of clouds, including Azure, AWS, GCP and more. On Azure, you can manage resources like AKS Clusters, Functions, Azure App Services, Virtual Machines, Cosmos DBs, KeyVaults, and much, much more. Let’s take a first look at Pulumi for .NET by deploying an application on Azure.

Read more →