Integrations
Pulumi Policies integrates with leading security and compliance tools to provide comprehensive protection for your infrastructure as code. These integrations enable you to leverage specialized scanning capabilities and security insights alongside Pulumi’s native policy enforcement.
Third-party integrations
- Snyk Container Scanning - Scan container images for vulnerabilities using Snyk and enforce results as Pulumi policies.
- AWS Organizations Tag Policies - Validate that infrastructure resources have required tags by integrating with AWS Organizations tag policies.
CI/CD integration
Pulumi policies are enforced automatically when pulumi preview or pulumi up runs in CI/CD pipelines. For detailed guidance on integrating policy enforcement into your CI/CD workflows, including caching policy packs in GitHub Actions and enforcing policies in Google Cloud Build, see the CI/CD integration guide.
Thank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.