Policy packs can now reference Pulumi ESC environments for secrets and configuration, replacing hardcoded credentials with centralized, secure management.

The Pulumi blog provides developers with resources, tutorials, and best practices for infrastructure as code (IaC) and cloud-native development using Pulumi's open-source tools. Developers can learn about deploying and managing infrastructure using familiar programming languages such as JavaScript, TypeScript, Python, and Go. Additionally, the blog covers topics such as cloud architecture patterns, multi-cloud deployments, and serverless computing, enabling developers to build and deploy modern cloud applications with ease.

Pulumi

Pulumi policy packs can now reference Pulumi ESC (Environments, Secrets, and Configuration) environments, eliminating the need to hardcode credentials or configuration values in policy group configs. This enables centralized secrets management, environment-specific configuration (e.g., different thresholds for staging vs. production), dynamic credentials from cloud providers, and audit trails for credential access. The integration works by attaching an ESC environment to a policy pack within a policy group, making resolved values available at runtime via policyConfig or environment variables.

Policy Packs Can Now Access Pulumi ESC Environments