Pulumi ESC (Environments, Secrets, Configuration)
Centralized secrets and configuration environments consumed by Pulumi stacks.
15 guides available
Related Tags
Showing 12 of 15 guides (page 1 of 2)
Build a AWS landing zone with Pulumi
Stand up the foundational AWS network, identity, key, and audit-logging resources downstream Pulumi projects share. Ships a reusable component, a single stack, and a Pulumi ESC environment other projects import by name.
Build a Azure landing zone with Pulumi
Stand up the foundational Azure network, identity, key, and audit-logging resources downstream Pulumi projects share. Ships a reusable component, a single stack, and a Pulumi ESC environment other projects import by name.
Build a Cloud Landing Zone
Give every other Pulumi project in your cloud account a consistent, pre-built foundation (shared network, identity, key store, audit logs) so downstream stacks adopt it by name instead of rebuilding it every time.
Build a GCP landing zone with Pulumi
Stand up the foundational GCP network, identity, key, and audit-logging resources downstream Pulumi projects share. Ships a reusable component, a single stack, and a Pulumi ESC environment other projects import by name.
Deploy a serverless React + Postgres blueprint on AWS with Pulumi
Ship a React SPA plus a serverless API that queries Aurora Serverless v2 for PostgreSQL behind Amazon CloudFront on AWS. Consumes the Pulumi landing-zone stack for network and secret wiring, and exports the public site URL downstream projects can reuse.
Deploy a serverless React + Postgres blueprint on Azure with Pulumi
Ship a React SPA plus a serverless API that queries Azure Database for PostgreSQL Flexible Server behind Azure Front Door Standard on Azure. Consumes the Pulumi landing-zone stack for network and secret wiring, and exports the public site URL downstream projects can reuse.
Deploy a serverless React + Postgres blueprint on GCP with Pulumi
Ship a React SPA plus a serverless API that queries Cloud SQL for PostgreSQL behind Google Cloud CDN in front of a global external HTTPS load balancer on GCP. Consumes the Pulumi landing-zone stack for network and secret wiring, and exports the public site URL downstream projects can reuse.
Promote Pulumi stacks with CI/CD
Build a promotion pipeline that previews pull requests, deploys dev and staging on merge, and keeps production behind an explicit approval or deployment trigger.
Promote Pulumi stacks with GitHub Actions
Preview pull requests, promote dev and staging changes, and keep production behind approval using GitHub Actions with OIDC and Pulumi ESC-oriented configuration.
Promote Pulumi stacks with Pulumi Deployments
Preview pull requests, promote dev and staging changes, and keep production behind approval using Pulumi Deployments with OIDC and Pulumi ESC-oriented configuration.
Run an opinionated AKS cluster with Pulumi
Provision an opinionated AKS cluster on the Pulumi landing-zone network, preinstall External Secrets Operator plus Application Gateway for Containers and Node Auto Provisioning (NAP) through a reusable component, and export a kubeconfig downstream workloads can consume.
Run an opinionated Amazon EKS cluster with Pulumi
Provision an opinionated Amazon EKS cluster on the Pulumi landing-zone network, preinstall External Secrets Operator plus AWS Load Balancer Controller and Karpenter through a reusable component, and export a kubeconfig downstream workloads can consume.