Introducing the Centralized Policy Violations Page: Streamlined Compliance Management

Meagan Cojocar Meagan Cojocar
Introducing the Centralized Policy Violations Page: Streamlined Compliance Management

We’re excited to introduce a new centralized Policy Violations destination in Pulumi Cloud to simplify policy management and compliance. This powerful addition provides a comprehensive view of all policy violations across your organization, helping you maintain visibility and control over your infrastructure.

Pulumi’s Policy as Code (PaC) feature, CrossGuard, allows you to define and enforce policies for your infrastructure using familiar programming languages. By integrating these policies directly into your infrastructure code, you can automate compliance checks, gate deployments to ensure security best practices, and maintain governance across all your providers.

Read more →

Kubernetes-native Option for Pulumi Deployments Customer-Managed Agents

Levi Blackstone Levi Blackstone Meagan Cojocar Meagan Cojocar
Kubernetes-native Option for Pulumi Deployments Customer-Managed Agents

We are excited to announce the availability of Kubernetes-native support for Pulumi Deployments Customer-Managed Agents, further enhancing the flexibility and control over your infrastructure deployments. This new feature allows you to self-host deployment agents within your Kubernetes environment, bringing the same power and flexibility of Pulumi-hosted deployments to isolated environments.

Customer Managed Agents: Flexibility and Control

Customer Managed Agents, announced earlier this year, allow you to self-host deployment agents, delivering the power and flexibility of Pulumi Deployments within your own infrastructure. Here’s how you can benefit:

Read more →

Pulumi Patterns and Practices Platform (P3): A reference architecture for large-scale organizations

Troy Howard Troy Howard
Pulumi Patterns and Practices Platform (P3): A reference architecture for large-scale organizations

Infrastructure management is all fun and games until you find yourself scrolling through 1000+ resources in your AWS console. Worse, when one rogue product team wants to use Azure and your data team wants to be on GCP, you’re ARM wrestling in Azure and watching your economies of scale tip the wrong direction as you’re copy-pasting CloudFormation templates into yet another git repo. This. Needs. To. Be. A. Platform!

Read more →

Pulumi in a Cloud Native World

Engin Diri Engin Diri
Pulumi in a Cloud Native World

In today’s complex digital landscape, organizations are increasingly turning to platform engineering to optimise their software delivery processes and maximize efficiency. The growing complexity of modern applications, coupled with the need for rapid, secure, and scalable deployments, has created a pressing demand for robust Internal Developer Platforms (IDPs).

IDPs are a key component of modern platform engineering strategies. An IDP is a self-service layer that sits on top of an organization’s infrastructure, abstracting away complexity and providing developers with the tools and environments they need to build, test, and deploy applications efficiently.

Read more →

Platform Engineering: Cloud-Native, Maturity Models, and Platforms as Products

Sara Huddleston Sara Huddleston
Platform Engineering: Cloud-Native, Maturity Models, and Platforms as Products

The Platform Engineering & DevOps in-person series launched in Berlin with two great speakers. This blog article is an overview of Dominik Kress’s talk, “What the Heck is the CNCF Platform Working Group? Answers from a Member!” in which he discussed Cloud-Native Platforms, The Platform Maturity Model, and approaching Platforms as Products.

In this article, you’ll learn more about platform engineering and how to get involved with the CNCF Platform Working Group. Make sure to check our Pulumi User Groups (PUGs) to find a meetup near you.

Read more →

Why Switch to Pulumi for Infrastructure as Code?

Aaron Kao Aaron Kao
Why Switch to Pulumi for Infrastructure as Code?

The cloud promised to revolutionize your business.

Faster innovation. Lower costs. Unlimited scalability.

But for many companies, that promise remains frustratingly out of reach. Instead of accelerating product development, infrastructure has become a bottleneck. You and your team (DevOps, platform, or infrastructure engineering teams) are bogged down by:

  • Clunky tools and manual processes
  • Provisioning a simple test environment takes days
  • Rolling out updates across regions takes weeks
  • The combinations of modern cloud architectures seems infinite

You know there has to be a better way. A way to truly harness the power of the cloud and turn it into your competitive advantage.

Read more →

Introducing Resource Transforms: Enhancing Flexibility for Packaged Component Resources

Fraser Waters Fraser Waters Justin Van Patten Justin Van Patten
Introducing Resource Transforms: Enhancing Flexibility for Packaged Component Resources

Pulumi has supported a Transformations system for a number of years now. This has proved to be a powerful and flexible escape hatch for modifying resource properties and options across your entire program. For example, you could use Transformations to automatically apply tags to all taggable resources in your program, including the children of component resources.

However, there is one major limitation with the existing Transformations system: it isn’t able to transform the children of packaged component resources, such as those in awsx and eks. This limitation is due to the fact that packaged component resources are created in a separate provider process and Transformations only work with resources created in your program’s process.

To address this limitation we’re introducing a new system called Transforms, which works with all resources, including packaged component resources and their children. The new Transforms system is intended to fully replace the old Transformations system (we plan to deprecate the old system in the future).

Read more →

Platform Engineering & DevOps Series Kickoff Announcement

Sara Huddleston Sara Huddleston
Platform Engineering & DevOps Series Kickoff Announcement

We are excited to announce the kickoff of the Platform Engineering & DevOps Series, which will run from July 16 to October 31. This series will feature in-person events across various cities, including Berlin, London, Paris, Sydney, Boston, San Francisco, Seattle, Austin, Denver, and NYC. For those unable to attend an in-person event, we encourage you to participate in a virtual DevOps & Platform Engineering workshop.

Read more →

Pulumi vs HCL: Understanding the Language Differences in Infrastructure as Code

Engin Diri Engin Diri
Pulumi vs HCL: Understanding the Language Differences in Infrastructure as Code

The Java Language Architect at Oracle, Brian Goetz, author of Java Concurrency in Practice, has commented how declarative languages can be a double-edged sword:

brian-goetz-tweet

HashiCorp’s infrastructure as code solution, Terraform, uses a domain-specific language (DSL) to declare cloud resources. Pulumi’s infrastructure as code solution, on the other hand, lets you choose from any number of modern languages – C#, Java, JavaScript, Go, Python, or TypeScript – or the industry-standard markup language YAML, to declare cloud resources. Although both Terraform and Pulumi are declarative infrastructure as code engines at their core, this fundamentally different approach to expression languages has significant consequences.

Read more →