Pulumi - IT Press Tour #48 Jan. 2023

Transcript

1. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved January 2023

2. 2 Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

3. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved 3 Pulumi’s

   mission is to democratize the cloud. FOUNDED 2017 in Seattle, WA FUNDING $57.5M (Series B) COMPANY 100 employees across 6 countries USERS 100,000+ users CUSTOMERS 1,500+ customers COMMUNITY 3,000+ OSS contributors GO TO MARKET Open Source + PLG SaaS

4. 4 Cloud Innovators Are Choosing Pulumi Pulumi Confidential. © 2022

   Pulumi. All Rights Reserved

5. 5 Timeline OSS Launch June 2018 SaaS & 1.0 September

   2019 SDLC April 2020 Cloud Engineering Platform April 2021 Founded March 2017 Universal IaC May 2022 $5M Series Seed $15M Series A $37.5M Series B Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

6. The Modern Cloud Changes Everything. Pulumi Confidential. © 2022 Pulumi.

   All Rights Reserved

7. …And Yet Has Changed Very Little. Pulumi Confidential. © 2022

   Pulumi. All Rights Reserved

8. Developers Treat the Cloud as an Afterthought. Infrastructure Teams Struggle

   with Solutions That Don’t Scale. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

9. 9 *2020 CNCF Survey wait up to one month for

   infrastructure access*

10. The Results are Insecure By-Construction. Pulumi Confidential. © 2022 Pulumi.

    All Rights Reserved

11. 11 Yesterday’s tools and practices don’t scale in the modern

    cloud era Scale comes in many forms • Architectures ◦ From 10s of services to 1,000s ◦ From 10s of environments to 1,000s • Code-bases ◦ From 10s of IaC LOCs to 100Ks ◦ From shipping quarterly to daily • Teams ◦ Increasing Size and agility ◦ From just ops to dev+ops ◦ Integrating security by-construction

12. 12 JOE DUFFY FOUNDER Joe ran Microsoft’s Developer Tools and

    Platform strategy, managed the languages and Visual Studio groups, took .NET open source, and invented key developer technologies. GitHub: joeduffy Twitter: @funcOfJoe LinkedIn: Joe Duffy ERIC RUDDER FOUNDER Eric was Microsoft EVP and Chief Technical Strategy Officer. He founded and scaled the Server and Tools Business to $10B+, and created the Visual Studio and .NET product lines. GitHub: ericrudder Twitter: @ericrudder LinkedIn: Eric Rudder Combined 35+ years building and scaling innovative, multi-billion dollar businesses at scale. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

13. 13 All Software is Cloud Software. All Developers are Cloud

    Developers. Infrastructure Enables Innovation. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

14. 14 Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

15. 15 Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

16. 16 Architecture SCM Team ← Build → ← Secure →

    ← Manage → Foundation Data Network Others IDEs Tools Packages ← Verify → ← Deploy → Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

17. 17 One Platform for Multi-Cloud • Standard Workflows Across Clouds

    ◦ Any Cloud - Public, Private, or Hybrid ◦ Any Persona - Developer, Infrastructure Expert, Security Engineer ◦ Standardize, while embracing what makes each cloud special • Integrate and Extend Existing Ecosystems ◦ Hundreds of partner integrations and packages ◦ Dozens of CI/CD systems to unify App and Infra delivery • Support Any Modern Cloud Workload – AND, not OR ◦ Serverless, Containers, Virtual Machines ◦ Build, Deploy, Manage, Secure using a consistent approach ◦ Eliminate custom integration of dozens of tools Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

18. 18 Empowered developers to move faster, and scaled 100s of

    Kubernetes clusters world-wide. Pulumi solves the multi-cloud problem in exactly the way I was looking for. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

19. 19 Central Cloud Engineering Platform Cloud Eng, Infra Experts Define

    consistent workloads, architectures, best practices. Infrastructure Experts IT, Ops, DevOps, SREs, Systems Engineers, Production Engineers Provision, automate, and manage infrastructure and operations. Developers Applications, Full Stack, Systems Engineers Build truly cloud native apps. Provision self-service cloud applications and infrastructure. Leverage the cloud to deliver new value-add capabilities and services. Security Teams Security Engineer, Security Architect, Compliance Experts, DevSecOps Secure the entire stack, ensure governance. Shift Left with Guardrails Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

20. 20 Pulumi - Infrastructure as Code Every cloud. 80+ public,

    private, and hybrid clouds, including AWS, Azure, Google, Kubernetes. Every language. Support for all the top cloud languages, scaling up from simple to complex use cases. Every architecture. One standard workflow for containers, serverless, managed services, with VMs in the mix too. Every cloud resource. Seamlessly adopt IaC no matter where you’re coming from, TF, CFN, ARM, or manual. Every builder. The first platform for developers and infra experts alike, enabling Cloud Engineering at scale. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

21. 21 Great Languages + IaC — Better Together + On

    the shoulders of our INDUSTRY’S FAVORITE LANGUAGES Belts and suspenders of DECLARATIVE INFRASTRUCTURE AS CODE • Expressive • Familiar and User Friendly • IDEs & Great Productivity • Abstraction, Sharing, Reuse • Testing, Linters • Huge Communities with Widespread Adoption and Education • Preview Changes • CI/CD of Apps & Infra • Full Cloud Resource Lifetime • History of All Changes • Rich, Automated Workflows • Enforce Security, Compliance, Cost Policies and Best Practices

22. 22 Open Source Meets Enterprise SaaS • Pulumi is open

    source! ◦ Entire SDK Apache-2.0 license (CLI, libraries, resource providers) ◦ Fast-growing community: 13K stars, 2.7K contributors, 40K pull requests • Pulumi Service SaaS designed to work perfectly with it ◦ Similar to how Git and GitHub go hand in hand ◦ Reliable and secure state store, concurrency control ◦ Security, policies and identity ◦ Collaboration and project/stack management at scale • Pulumi Service delivers best Security, Reliability, and Ease-of-Use ◦ Identity, SAML/SSO, RBAC, Audit Logs, Policy Enforcement, Webhooks, More ◦ Multi-tenanted, SOC 2 compliant SaaS used by Global 2K – or Self-Host anywhere (even airgapped) ◦ Advanced Support Options with Pulumi Service (SLAs, Slack, Training, Workshops, etc) Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

23. 23 From Building Blocks to Architectures FOUNDATION PROVIDERS Building blocks

    for all clouds and their resources BEST PRACTICES FRAMEWORKS Complete modern, multi-cloud best practices architectures PRODUCTIVITY CONTROL PATTERNS LIBRARIES Cloud-specific libraries for common patterns and practices. 80+ more Containers Serverless Infrastructure PULUMI PACKAGES Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

24. 24 From Manual Steps And Markup… Pulumi Confidential. © 2022

    Pulumi. All Rights Reserved

25. 25 …To Built-In Best Practices Pulumi Confidential. © 2022 Pulumi.

    All Rights Reserved

26. 26 Pulumi Architecture Templates Baseline blueprints for the industry’s most

    common cloud architectures Get started with the most common infrastructure as code projects with built-in best practices • AWS, Microsoft Azure, Google Cloud, Kubernetes • Containerized microservices, serverless applications, static websites, virtual machines, base networking layers, managed Kubernetes clusters. • Any language - TypeScript, Python, Go, C#, Java, YAML, etc. Available from Pulumi CLI or SaaS console • Better together with Pulumi Deployments Private template repositories coming soon! New

27. 27 Demo Let’s Spin up an AWS ECS Fargate Service

28. 28 Total Visibility and Control PULUMI CONFIDENTIAL Pulumi Confidential. ©

    2022 Pulumi. All Rights Reserved

29. 29 Federated Identity and Group Management Single sign-on with SAML

    • Control access to Pulumi organizations through your central identity provider (IdP) • Enlightened support for Azure ActiveDirectory, G Suite, Okta, and others, with support for any SAML 2.0 provider Automatic Group Synchronization • Use RBAC Teams you’ve already set up • Synchronize IdP users and groups with Pulumi (e.g., revoke access when someone leaves the company) Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

30. 30 Enforce organizational policies: • Security • Compliance • Cost

    and Budgets • Best Practices Flexible ways to enforce: • On-demand • Recurring with scheduled reports and webhooks • Gated deployments 100s of out-of-the-box checks, fully and easily extensible, to enforce industry best practices in addition to your team’s. PULUMI CONFIDENTIAL Multi-Cloud Policy as Code ENFORCE SECURITY, COMPLIANCE, COST, AND OTHER GUARDRAILS Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

31. 31 Secrets Management Built-in encrypted secrets management • KMS-encrypted deployment-time

    state • Deep engine understanding ensures secrets don’t leak Easy to use • Automatically encrypt sensitive configuration $ pulumi config set --secret dbPassword 2u%^JAEf*L6.?2}G • Use built-in Pulumi KMS or integrate with leading providers KMS Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

32. 32 Automation API Use IaC as a library, not just

    a CLI. Enables advanced automation: • Orchestrate complex rollouts (multi-region, blue/green, canaries, etc.) • Self-service portals • Custom tools and frameworks Enterprises use Automation API to build internal platforms. SaaS companies use Automation API to offer cloud service provisioning as part of their product. User CI/CD Cloud Your Web Service Pulumi Automation API Your CLI Pulumi Automation API Your Ops Workflow Pulumi Automation API

33. 33 Automation API Users Do More with Less Organizations using

    Automation API manage more than 10X the cloud infrastructure resources per engineer, scaling to meet business needs

34. 34 Built SaaS product for managed Cockroach Labs databases. Scales

    with Kubernetes across many clouds. Over 200x resources per engineer compared to the average traditional IaC user. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

35. 35 Pulumi Deployments Click to Deploy enables users to deploy

    without code changes • Perform deployments – environment updates, config changes, drift detection, and other maintenance tasks – from the Pulumi UI • Service support for viewing and interacting with deployments, including logs, deployment history, full integration with identity and policy Git Push to Deploy adopts a Git-style workflow for infrastructure releases • Merge code to trigger an automatic deployment workflow • Use code reviews to see infrastructure changes before a deployment is made • Great with GitHub at launch, upcoming support for GitLab, Altlassian BitBucket, and others Remote Deployments in the Automation API, deepening the 10X increase in productivity • Bring the same ability to manage more with less to the server • Move custom infrastructure tasks to the server- drift detection, self-serve portals, and more Underlying REST API exposes the full power of a deployments-as-a service capabilities • Enables custom workflows that run on Pulumi’s Cloud, with free tier of compute • Don’t worry about needing to configure CI/CD, deployment activities “just work” automatically • Underlying workflow engine built on top of the Automation API itself! A new Deployments-as-a-Service technology

36. 36 Advanced Compliance Needs • Multi-tenanted SaaS is secure ◦

    Well-architected and validated by AWS ◦ PCI and HIPAA customers ◦ SOC 2 Type II audit available ◦ Many Fortune 500 customer using SaaS • Self-hosted Edition for more control ◦ Host anywhere, including ▪ Behind the firewall ▪ In airgapped environments w/ no Internet access ◦ Customers using in GovCloud and FedRAMP

37. 37 Self-Hosted Pulumi Service Available in Business Critical Edition Run

    Anywhere: On-premises or in-cloud, including air-gapped environments Full control of data: Store data in a database and encrypted object store within your own network Air-gapped communications: Does not communicate outside of your private network, including to pulumi.com Federated identity & group mgmt: Integrate with your preferred identity provider and manage permissions Free 30 Day Trial

38. 38 Continuous Verification and Delivery Guided experience: Configure CI/CD workflows

    and pipelines for over a dozen CI/CD providers. Unify applications and infrastructure: Orchestrate deployments that span these, making at-scale deployments much easier. Continuous verification: Run infrastructure tests, policy checks, and more, during your inner CI/CD loop. Integrate with source control: Get full end to end visibility of pull requests, approvals, and commits. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

39. 39 Universal Migration • Translate existing infrastructure into Pulumi programs

    • Convert from Terraform, AWS CloudFormation, Azure Resource Manager, or Kubernetes YAML to your favorite language • Import existing infrastructure no matter how it’s been provisioned and generate code in your favorite language $ pulumi import aws:ec2:Instance test i-085d780737c600c7e test = aws.ec2.Instance("test", ami="ami-082b5a644766e0e6f", associate_public_ip_address=True, availability_zone="us-west-2c", … Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

40. 40 Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

41. 41 PULUMI CONFIDENTIAL

42. 42 Pulumi Confidential. © 2022 Pulumi. All Rights Reserved Developer

    Love

43. 43 “I am blown away by the power of Pulumi.

    It is truly amazing and I love how it empowers all engineers to make infra part of their inner loop. Being able to work in a programming language that you are familiar with and not have to learn something completely different really helps. It’s also a really fun way of getting familiar with the cloud provider services.” VGW is an Enterprise customer. Developer love drives the entire funnel, not just open source community. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

44. 44 Pulumi Confidential. © 2022 Pulumi. All Rights Reserved Community

    Momentum >3.2K Contributors >30K Issues >47K Pull Requests 15K Stars Community Growth Leads to Revenue

45. 45 Rich Partner Ecosystem Pulumi Confidential. © 2022 Pulumi. All

    Rights Reserved

46. 46 Customer Adoption Accelerating Pulumi Confidential. © 2022 Pulumi. All

    Rights Reserved

47. 47 “Our team quickly and easily built a repeatable pipeline

    that deploys development environments for more than 100 team members worldwide. The benefits of working in languages we know can’t be overstated. That just made moving to the Pulumi Cloud Engineering Platform an obvious choice for the team.” Reduced developers’ time spent on maintenance by 50%

48. 48 Pulumi Confidential. © 2022 Pulumi. All Rights Reserved How

    customers are innovating with Pulumi Tame modern cloud complexity Simple to manage Kubernetes on AWS, Azure, and Google 98% reduction in lines of infrastructure code Reduce risk through automation >50% reduction in time spent on cloud maintenance 10x faster deployments and more frequent testing Accelerate development velocity Shortened time-to-market from weeks to days 100% of developers use IaC leading to faster velocity Better guardrails for reliability and security Developers can self-service approved infrastructure Automatically enforce policies for security and compliance

49. 49 Resources Under Management 📈 Each is a live cloud

    resource managed by the Pulumi SaaS. Pulumi Confidential. © 2022 Pulumi. All Rights Reserved

50. 50 Pulumi Confidential. © 2022 Pulumi. All Rights Reserved Named

    IaC Product to Watch in 2023 Pulumi, with 198% YoY growth in use in software development projects, has sharply outgrown Hashicorp Terraform (45%) and AWS CDK (43%). Report also cited: • Pulumi’s strengths in native Kubernetes and Helm support • Continuous compliance • Increased developer productivity and consistency across languages and clouds Sharp growth in: • Hacker News posts • Community Slack membership • Reddit posts • Stackoverflow questions • Python Library downloads • Developer activity on GitHub • GitHub stars. “Pulumi makes ‘shifting left’ easy to implement while at the same time increasing developer productivity. The platform enables organizations to unify DevOps pipelines independently of cloud, application type, product team, or development language. Providing a high level of standardization and operational control while at the same time enhancing application developer productivity was the core factor for selecting Pulumi as the IaC Product to Watch in 2022/23.”

51. 51 Pulumi Confidential. © 2022 Pulumi. All Rights Reserved Why

    Pulumi is Poised to Win For the Entire Team Developers and infrastructure experts alike Standard Multi-Cloud Workflow Public, private, or hybrid Developer Love and Productivity Use your favorite languages and tools - have fun! Real Sharing and Reuse Easily capture best practices in reusable assets Embrace Truly Cloud Native Architectures Containers, serverless, managed services, VMs Scale with Complexity & Business Needs From 10s to 100s or even 1,000s of resources and environments Ship Faster with Confidence Do in hours what used to take weeks 1 2 3 4 5 6 7

52. 52 @PulumiCorp github.com/pulumi PulumiTV slack.pulumi.com Pulumi Confidential. © 2022 Pulumi.

    All Rights Reserved