Pulumi ESC, now generally-available, centralizes secrets and configuration management to safeguard enterprises’ most sensitive information Pulumi Insights 2.0, in preview, delivers instant cloud visibility, compliance, and controls with an asset inventory, policies, and remediations for nearly 200 cloud and SaaS providers
At the fourth annual PulumiUP conference, Pulumi announced two new security products, Pulumi ESC and Pulumi Insights, expanding its comprehensive platform to automate, secure, and manage cloud infrastructure everywhere. Pulumi also announced The Intelligent Cloud, its vision for AI-powered cloud infrastructure:
“Pulumi’s exciting new Intelligent Cloud vision reimagines cloud automation, security, and management in an AI-first era,” said S. Somasegar, Managing Director at Madrona Ventures. “Today’s launch builds on Pulumi’s flagship infrastructure as code technology, harnesses the latest advances in generative AI and programming languages, and tackles new security and compliance use cases. With 3,000 customers and growing every day, Pulumi has truly become a trusted partner for all things cloud at the most innovative enterprises in the world.”
Pulumi now offers three products:
- Pulumi IaC (Infrastructure as Code): Productive cloud automation of applications and infrastructure using open source infrastructure as code in any programming language, including Python, Go, TypeScript, .NET, and Java. Pulumi IaC automates the entire cloud infrastructure lifecycle, delivering superior time to market. Unity, Doordash, and Snowflake recently reported greater than 80% faster time going from code to the cloud.
- Pulumi ESC (Environments, Secrets, and Configuration): Automatic cloud security with centralized secrets management that appeals to engineers. Group, secure, tag, and version related secrets and configuration with the concept of environments. ESC makes security best-practices, like dynamic, short-lived credentials, the default. ESC integrates with other popular secret stores, including 1Password, AWS, Azure, Google Cloud, and HashiCorp Vault, delivering a unified workflow and pane of glass into all secrets. ESC works well for infrastructure automation, but is intended for any workload that requires configuration and secrets, including applications and Kubernetes workloads. ESC provides Free, Team, Enterprise, and Business Critical editions, for teams of all sizes.
- Pulumi Insights: Intelligent cloud management delivers a complete cloud asset inventory, with search, analytics, and AI over the cloud, including resources not provisioned by Pulumi IaC such as AWS CloudFormation, Microsoft ARM, HashiCorp Terraform, or even cloud consoles and SDKs. Visualize resource relationships using graphs and pivot tables that surface explicit and automatically inferred dependencies. Pulumi Insights automatically detects security, compliance, and misconfiguration issues with automated remediation, powered by Pulumi CrossGuard. Pulumi Insights can also bring resources under IaC control with the click of a button and in any language. Pulumi Insights is designed to be extensible, with third-party integrations for Snyk and Kubecost already in development.
All Pulumi products support nearly 200 public, private, hybrid, and SaaS clouds, including AWS, Azure, Google Cloud, Kubernetes, Cloudflare, Datadog, Snowflake, and more. They also share access to the foundational pillars of Pulumi Cloud functionality, including: Pulumi Copilot, Pulumi’s generative AI cloud management assistant; Pulumi CrossGuard, its policy as code engine, with flexible compliance support for HITRUST, PCI DSS, and more; Pulumi Deployments, Pulumi’s cloud deployment workflow capability, which can orchestrate sophisticated cloud changes; as well as its common data, REST API, and security models.
Also Read:Â Cloud and AI: Data management and data protection are primary pain points for CIOs and CISOs
“Today is a massive day for Pulumi and our amazing customers,” said Joe Duffy, Co-Founder and CEO of Pulumi, “and marks our evolution into a trusted partner for all things cloud and infrastructure. Pulumi IaC, our flagship open source technology has gained incredible market traction, and powers our entire platform – but Pulumi ESC and Pulumi Insights solve new and pressing security concerns, making security built-in. We’ve tackled them with the trademark Pulumi aesthetic and point-of-view bringing powerful, programmable building blocks that engineers love. We look forward to the amazing things people build with these new products.”
Pulumi made these announcements at PulumiUP, its annual conference for the Pulumi community. PulumiUP featured speakers from BMW, JPMorgan, Wiz, Dagger, AWS, Google Cloud, Docker, SAP, Avanade, and more, who shared insights on building and scaling cloud systems using Pulumi, Platform Engineering, AI, and security best-practices.
To get started with today’s launches:
- https://pulumi.com/blog/pulumi-esc-ga to learn more about ESC GA
- https://pulumi.com/blog/pulumi-insights-2Â to learn more and join the Insights 2.0 wait-list
- https://pulumi.com/blog/pulumi-up-2024Â to learn more about everything in this launch
Supporting Quotes
“Pulumi ESC has been a lifesaver for us,” said Jk Jensen, Team Lead at Mysten Labs. “It’s nice to throw everything behind an ESC environment and eliminate one-off granting/IAM permissions and other issues related to static credentials. It gives us peace of mind knowing that we can grant permissions quickly and revoke easily limiting blast radius for any access.”
“With Pulumi ESC, our developers get dynamic AWS and Azure credentials on-demand; that removes the need for long-lived tokens and enhances security. Onboarding new developers is quick and secure, with no more manually filling in .env templates, since a common ESC dev environment with RBAC is all we need. The integration with the Pulumi SDKs is a huge productivity boost, and allows us to integrate secrets seamlessly across all of our development workflows.” states Liam White, Platform Lead at Tetrate.
“With Pulumi ESC, our developers get dynamic AWS/GCP credentials on-demand; that removes the need for long-lived tokens and enhances security. ESC allows for Pulumi programs to share secure credentials and access secrets in their given cloud environments. ESC is a great configuration and secrets management sharing tool to allow for a DRY (Don’t Repeat Yourself) approach to development,” says Richard Genthner, Lead DevOps Engineer at Boost Insurance.
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]