Pulumi has introduced a brand new product referred to as Pulumi ESC, aimed toward simplifying the control of secrets and techniques and configuration in cloud infrastructure and programs.
It addresses the demanding situations of dealing with secrets and techniques and configuration at scale throughout quite a lot of cloud environments. Pulumi ESC permits groups to assemble secrets and techniques and configurations from a couple of resources, and get them organized into hierarchical collections referred to as “environments.”
It then makes use of them throughout other infrastructure and alertness services and products. It may be used along Pulumi IaC for streamlined configuration control or independently to regulate secrets and techniques and configuration for any venture.
Pulumi ESC tackles not unusual configuration and secrets and techniques control demanding situations with a number of key design ideas by way of permitting customers to outline environments that include secrets and techniques and configurations, providing integrations with secrets and techniques saved in quite a lot of suppliers like AWS Secrets and techniques Supervisor, Vault, Azure OIDC, devour from anyplace features, and a lot more.
Pulumi ESC is to be had lately in preview by way of the brand new esc CLI, as a part of Pulumi Cloud, by way of the Pulumi Cloud REST API, and has direct integration with Pulumi IaC stack configuration and new pulumi env instructions.
It additionally helps dynamically pulling secrets and techniques and configuration from different resources of fact, together with AWS OIDC, AWS Secrets and techniques Supervisor, Azure OIDC, Azure KeyVault, Google Cloud OIDC, Google Secrets and techniques Supervisor, HashiCorp Vault, and Pulumi IaC Stack References – with many extra resources like 1Password coming quickly.
The creators of Pulumi ESC goal so as to add application-level SDKs, the power to sync configuration to exterior techniques, a dynamic configuration supplier ecosystem, and versioning necessities within the coming months, in step with this blog post.