Posts Tagged Features

Using Terraform Remote State with Pulumi

While some people coming to Pulumi are entirely new to Infrastructure as Code, increasingly teams are moving from other tools - whether cloud-specific in the form of CloudFormation or ARM Templates, or cloud-agnostic tools such as Terraform. In these organizations, new infrastructure provisioned with Pulumi must co-exist with existing resources provisioned with other tools, and often by different teams. For example, it’s common to see an application team deploying into a VPC owned and managed by a network operations team.

Pulumi supports this kind of workflow natively using the StackReference type from the Pulumi SDK. Integration with the most popular cloud-specific tools have been supported by Pulumi since the earliest days:

We recently added similar support for reading the outputs of a Terraform state file - both from local .tfstate files, and from all of the remote state backends supported by Terraform. This is exposed via the terraform.state.RemoteStateReference type in the @pulumi/terraform NPM package.

Read more →

Managing Secrets with Pulumi

We’ve had a 1st class concept of encrypted secrets configuration ever since first releasing Pulumi. Customers have told us they love having such a simple and easy way to ensure safe management of tokens, database passwords, and more. Since launching, however, we’ve also heard that you’d like more control over encryption and to see this protection expanded to cover not just configuration, but all of the secret data within their Pulumi deployments.

To support this, we’ve added two new features to Pulumi in our latest 0.17.12 release:

  • Automatic tracking of secret values throughout a Pulumi program to ensure that all such values are always encrypted in the resulting state, no matter how they are used.
  • A new option to use custom client-side encryption, instead of the default of using the Pulumi backend for encryption, to have full control over the secrets encryption and decryption.

Together, these features provide you with complete control over how secrets are managed within Pulumi deployments. We have worked with customers with advanced security and compliance needs while developing this feature, enabling them to use our online hosted SaaS with even greater confidence.

Read more →

Getting Started on Google Cloud Platform with Pulumi

Getting Started on Google Cloud Platform with Pulumi

Google Cloud is one of the most exciting cloud platforms available today, with a breadth of powerful infrastructure services from Google Container Engine (GKE) and Google Cloud Functions to Cloud Firestore and Cloud Spanner.

Pulumi is the most productive tooling available today for teams building cloud applications and infrastructure, in your favorite languages. Add them together, and teams can easily take maximum advantage of Google Cloud Platform’s rich features, productively, with a combined platform that makes it easy to collaborate, share, and reuse.

Read more →

Unified Logs with pulumi logs

Unified Logs with pulumi logs

Pulumi makes developing and deploying rich serverless and container-based applications a breeze. But how do you monitor and observe those applications while they are being developed and once they are deployed? There are many great answers: from the built-in capabilities of the underlying cloud services (Lambda, ECS, Kubernetes, and more), to great 3rd party solutions like IOpipe and Epsagon which we highlighted recently on this blog.

The Pulumi CLI provides another way to do logging, without requiring the additional setup of these existing solutions and seamlessly integrated into your Pulumi development workflow. The pulumi logs command provides a great first place to start for understanding your Pulumi application’s behavior. Especially during development, this command provides direct insight into the behavior of your application, bringing together logs across all of the different forms of compute you are using - from code running in serverless functions to containers to VMs.

Let’s take a quick look at pulumi logs and some of the ways it can be used as part of the inner loop of your Pulumi development.

Read more →

Announcing Support for Email-based Identities

Announcing Support for Email-based Identities

We have been hard at work the past few months providing our users with more ways to connect to Pulumi. Here are some our past announcements related to identities: Support for Atlassian identity Connecting multiple identities to an existing Pulumi account Support for GitLab identity Today, we are pleased to announce that we are launching support for email-based identities. You no longer need to use a social identity to sign-up for an account on Pulumi.

Read more →

Pulumi now supports Atlassian Identity

Pulumi now supports Atlassian Identity

Today we added support for yet another developer favorite product, Atlassian Bitbucket. You can now sign-up for a Pulumi account with an Atlassian identity. This also means you can connect your Atlassian identity with an existing Pulumi account.

This work follows on from the support for GitLab identity and also the ability to connect identities, eliminating the need for users to create multiple accounts on Pulumi.

This helps users with repos across the major version control systems to seamlessly import their GitHub Organizations and GitLab Groups - and now Atlassian Bitbucket Teams - into a single Pulumi account. Of course, you don’t need to connect identities. You can always create separate account for each of your identities, if that’s what you want to do.

Read more →