New Pulumi Package Registry simplifies infrastructure-as-code

Get a free Techzine subscription!

Pulumi Corp. introduces a registry for sharing and downloading ready-to-use packages for both deploying and managing cloud applications in AWS, Azure, Google Cloud and the platforms of more than 50 other providers.

Pulumi is an infrastructure-as-code tool for approaching cloud resources with a familiar programming language. TypeScript, Python, JavaScript, Go and .NET languages are directly useable to manage infrastructures and applications across more than 50 supported cloud platforms.

The tool owes its existence to the challenges traditionally involved in deploying and managing applications in cloud platforms such as AWS and Azure. Provisioning the necessary resources, writing policies and stating dependencies regularly takes place via provider-specific solutions and programming languages. Tricky for developers working with a single cloud platform; hellish for developers working with multiple platforms.

Pulumi bridges the challenge with a versatile SDK. Code written in compatible languages is transformed to resonate with the platforms of more than 50 supported cloud providers.

Cloud applications and infrastructure are deployable via a command-line interface (CLI), Pulumi’s Automation API or CI/CD. The Automation API also enables the development of interfaces that allow end users to develop and deploy cloud applications and infrastructure.

Fresh registry

Now Pulumi introduces the Pulumi Registry. Past and future Pulumi code can be transformed and submitted, providing fellow developers with building blocks to quickly get started with the provisioning of resources in cloud platforms.

While it is perfectly possible to provision in cloud platforms without said packages, they provide a framework in which cloud platform-specific resources and components are already defined for usage in one of the programming languages supported by Pulumi.

Finally, the web pages in the new Pulumi Registry serve as a knowledge base, as exemplified by Pulumi’s presentation of its Kubernetes package. Listed at the top, you will find libraries that provide a springboard for managing clusters and rolling out cluster apps. Scrolling down, you will find an overview of all the other packages (often cloud platform-specific) and docs (e.g., best practices) relevant to using Pulumi as a Kubernetes management tool.

How secure can a framework be?

In 2020, Palo Alto responded to the use of IaC templates such as Pulumi’s packages by mentioning that cloud misconfigurations and vulnerabilities lurk when the ‘proper’ security tools and processes are missing throughout development.

Pulumi was not named in the statement or research. Nonetheless, we feel it is noteworthy that Pulumi is showing some form of care for the problem identified by Palo Alto. The only way to publish a package is by manual submission and a green light from Pulumi. The process of Pulumi’s review — and whether security plays a role therein — is unclear at the time of writing.

Tip: Use of serverless computing tripled over the past year