Pulumi, a leader in infrastructure as code and platform engineering solutions, is announcing new capabilities designed to strengthen security, streamline automation, and offer greater control over cloud resources at scale. Each of these product enhancements further Pulumi’s mission to make cloud infrastructure management as secure, seamless, and efficient as possible, according to the company.
The first of these new features, Rotated Secrets, offers credential security automation for Pulumi ESC, the company's centralized secrets management and orchestration tool. Rotated secrets—as the name implies—rotates secrets with a two-secret strategy where only two secrets are valid at any time, ensuring availability during credential transition. Paired with complete auditing and tracking of the full history of credentials, when they were rotated, and who accessed them, Rotated Secrets helps minimize security risks while seamlessly integrating into existing workflows, noted Pulumi.
The Pulumi ESC GitHub Action further eliminates the challenges of static, long-lived secrets by allowing teams to inject secrets and configuration securely into GitHub Actions workflows. This helps mitigate the risk of credential leakage while simultaneously enhancing CI/CD pipelines.
Pulumi is also unveiling a new role-based access control (RBAC) system that delivers more fine-grained control over resource access. Centralizing control across all Pulumi Cloud products, Pulumi’s new RBAC allows organizations to define custom roles with specific permissions; apply these roles to users and teams; and control access to specific resources, such as IaC stacks, ESC environments, and Insights accounts.
Finally, Pulumi Insights—an intelligent cloud infrastructure management service—now offers policy as code (PaC) capabilities for discovered resources, simplifying the process of maintaining security and compliance at scale. The new PaC capabilities allows teams to automatically govern all cloud resources in their environments, writing policies once and applying them universally across IaC and discovered resources in AWS, Azure, OCI, and Kubernetes environments. This is accompanied by holistic visibility into policy violations through a new, dedicated dashboard, further strengthening compliance.
To learn more about Pulumi’s latest enhancements, please visit https://www.pulumi.com/.