Pulumi today added a Business Critical edition of its Cloud Engineering Platform that provides large enterprises with additional security and compliance features, premium 24×7 support, training, professional services and a self-hosting option.
In addition, the company announced that Pulumi Enterprise and Business Critical editions are now available via the online marketplace run by Amazon Web Services (AWS), with future availability on other marketplaces planned.
The Cloud Engineering Platform from Pulumi enables DevOps teams to use Pulumi Packages to create reusable components for automating IT infrastructure provisioning. Those can be embedded within workflows and applications using an application programming interface (API) that Pulumi has exposed. IT teams can define a Pulumi Package in the programing language of their choice.
Aaron Kao, vice president of marketing for Pulumi, said the Cloud Engineering Platform from Pulumi provides an alternative to managing infrastructure-as-code (IaC) that can be centrally managed more easily than open source tools like Terraform.
Pulumi reported that adoption has accelerated across enterprises around the world with more than one million downloads per month. The company claimed it has seen 350% year-over-year growth of its enterprise customers, such as Mercedes-Benz, in the last 12 months.
IT organizations in general are looking to bring some order to chaotic provisioning processes to avoid misconfigurations that often result in, for example, a developer leaving a port open; that open port leaves a vulnerability through which data can be exfiltrated.
As organizations focus more on software supply chains in the wake of recent high-profile breaches, it’s only a matter of time before more questions arise about how cloud infrastructure is being provisioned. Much of the concerns organizations already have about cloud security don’t stem from the platforms themselves. Rather, it’s the processes employed to provision infrastructure under a shared cloud security responsibility model that results in so many vulnerabilities. Developers often assume the cloud service provider is securing configurations, only to discover later that it was their own responsibility to validate those configurations. Security teams, meanwhile, can’t keep pace with the rate at which cloud infrastructure resources are being provisioned.
Centralizing infrastructure management is especially important as the number of cloud platforms IT organizations manage continues to expand and the rate at which applications are built and deployed shows no sign of slowing, noted Kao.
It’s not clear whether development or IT operations teams will ultimately wind up managing the provisioning of infrastructure. Pulumi is making a case for a platform that enables those teams to more closely collaborate within the context of a set of policies and DevSecOps best practices that the IT organization defines.
It may be a while before the bulk of enterprise IT organizations are able to exercise the political will to regain control over IaC provisioning. However, in the absence of guardrails that allow IT organizations to make sure infrastructure is properly configured, it’s only a matter of time before tougher questions are asked about how software supply chains are managed.