I've been doing overall automation and continuous deployment for over a decade, but it wasn't until I discovered Pulumi that I went all-in for the infrastructure part. As a developer I prefer to use code when I can compared to yaml or something else. The reason I prefer it is because it does give me more trust, if you are using a strongly typed version of pulumi like typescript, and faster feedback since you get answers back directly during compilation.
Having things in code also makes it possible to run "patch jobs" for resources in process instead of having to run that code outside of the actual provisioning. This is great for the rare occasions when there might be a missing option in the SDK, which have happened one time over three years with the Azure AD provider.
I would argue that most companies do need a tool like pulumi, since the pure cloud tools are limited to just that cloud provider. If you are a larger company you also want to automate things like kubernetes, GitHub, Opsgenie and other services out there and Pulumi has support for a lot of them.
Pulumi automation is also another feature that we have used to build a self-service application where anyone can "order" different resources through a simple UI and then the application would create them using Pulumi in a compliant manner.
Lastly I would also like to highlight how Pulumi deals with configuration and secrets. How you both store secure configuration in Pulumi and also share outputs between different deployments in Pulumi is a killer feature that have simplified a lot of work for us. I often use Pulumi just to deal with configuration for smaller things where I'm testing things out since it is much more secure than copying a file around. Storing secrets in the Pulumi configuration also makes it very easy to get new user app running by creating a small script that reads the config and sets appropriate environment variables to get going.
If there is one infra structure as code tool I would recommend it is Pulumi!
Report
4 views