DEVOPSdigest

Pulumi announced improvements including major updates to the EKS provider supporting Amazon Linux 2023 and Security Groups for pods, the release of Pulumi Kubernetes Operator 2.0 with dedicated workspace pods, Pulumi ESC integration with External Secrets Operator, and a new Kubernetes-native deployment agent for enhanced security and scalability.

These updates, alongside improvements to Helm Chart resources, enhanced await logic, and better CustomResource support through crd2pulumi, strengthens Pulumi's commitment to providing developers with robust, enterprise-grade tools for managing Kubernetes infrastructure.

"Pulumi's deep integration with the CNCF ecosystem underscores our commitment to modern cloud infrastructure management," says Eric Rudder, co-founder of Pulumi. "Our approach of embracing the great work done by open-source communities, using the most popular programming languages and enhancing these efforts with enterprise-grade security and scalability features, enables organizations to manage infrastructure at incredible scale. Working closely with the CNCF and supporting the entire cloud-native stack, we're not just building tools – we're advancing the entire community towards a more efficient, secure, and collaborative future."

With Pulumi Infrastructure as Code (IaC), teams can program both their cloud infrastructure and Kubernetes resources using familiar, general-purpose programming languages, enhanced by generative AI capabilities. For instance, setting up managed Kubernetes services like Amazon EKS can be accomplished with just a single line of code: cluster = eks.Cluster("my-cluster").

The latest Pulumi EKS v3 provider brings several important improvements. It now supports Amazon Linux 2023 and Bottlerocket Operating Systems, while adding enhanced security features including EKS Security Groups for Pods and Network Policies. The provider also streamlines various Kubernetes networking features by integrating them directly with EKS.

For teams looking to implement GitOps workflows, the Pulumi Kubernetes Operator has been updated to version 2. This new version introduces dedicated "workspace" pods for each stack, providing teams with greater isolation between workloads, improved scalability, and more granular access control over their infrastructure resources.

Poor secrets management creates critical security risks through static and sprawling secrets and configurations. Pulumi Environments, Secrets, and Configuration (ESC) solves this by centralizing secrets management and orchestration. Through native integration with Kubernetes' External Secrets Operator (ESO), Pulumi ESC now securely injects secrets directly as environment variables into Kubernetes applications, making secure secrets management seamless and foolproof.

Pulumi Insights provides unified search, compliance remediation, and visualization capabilities for all infrastructure resources – whether they were provisioned through Pulumi, Kubernetes YAML, Terraform, or cloud consoles. With the AI-powered Pulumi Copilot, teams can now discover cost savings, run compliance checks, and debug deployments across their entire infrastructure simply by asking questions in natural language.