Bitbucket Cloud Meets Pulumi Cloud
Pulumi Cloud has added Bitbucket Cloud as a first‑class version‑control integration, joining GitHub, GitLab and Azure DevOps. Teams can connect a Bitbucket workspace to a Pulumi stack and trigger infrastructure deployments on every push, with path filters and secret management handled inside Pulumi. Pull requests automatically generate infrastructure previews and AI‑powered change summaries, eliminating the need for an external CI/CD pipeline. The integration supports personal OAuth for all plans and workspace tokens for Premium customers, and a new project wizard streamlines stack scaffolding directly from Bitbucket repositories.
Scan AWS GovCloud and More Partitions with Pulumi Insights
Pulumi Insights has expanded its account‑scanning capability to cover every AWS partition, including GovCloud (US), ISO, ISO‑B, ISO‑F, ISO‑E, European Sovereign Cloud, and China. The service now offers the same AI‑assisted resource discovery and cross‑account search that commercial AWS accounts...
Superpowers, GSD, and GSTACK: Picking the Right Framework for Your Coding Agent
Three open‑source frameworks—Superpowers, GSD, and GSTACK—address recurring failures of AI coding agents such as context rot, missing tests, and scope drift. Superpowers enforces a strict test‑driven development cycle, GSD prevents context overload by using per‑phase orchestrators, and GSTACK introduces role‑based...
Introducing Bun as a Runtime for Pulumi
Pulumi now supports Bun as a full runtime for TypeScript projects, letting users set `runtime: bun` in Pulumi.yaml and execute programs without Node.js. Bun offers native TypeScript execution, dramatically faster package installs, and near‑complete Node.js API compatibility. The capability ships...
Introducing the Pulumi Policy Analyze Command for Existing Stacks
Pulumi has added the pulumi policy analyze command, letting users run policy packs against an existing stack’s state without executing the Pulumi program or invoking cloud providers. The tool provides instant, side‑effect‑free validation, cutting the traditional preview‑or‑up loop to a simple analysis...
Introducing Read-Only Mode for Pulumi Neo
Pulumi has added a read‑only mode to its Neo AI‑driven infrastructure assistant, allowing the tool to analyze, preview, and generate pull requests without executing any changes. Users can select this mode when creating a Neo task, capping permissions to read‑only...
Neo Plan Mode: Iterate Before You Execute
Pulumi has launched Plan Mode for its Neo AI infrastructure assistant, creating a dedicated planning workflow before any code is executed. The new mode guides users through discovery, synthesis, refinement, and approval stages, ensuring a clear, documented plan. It is...
How We Eliminated Long-Lived CI Secrets Across 70+ Repos
Pulumi eliminated long‑lived CI secrets across more than 70 repositories by swapping static GitHub secrets for short‑lived, OIDC‑driven credentials via Pulumi ESC. The new flow exchanges a GitHub‑issued JWT for a Pulumi access token, which then opens an ESC environment...
Pulumi IAM Expands: Manage Access at Scale with Tags, Roles, and Teams
Pulumi has added three major IAM capabilities—tag‑based access control, team role assignments, and user role assignments—to its existing custom‑role framework. Tag rules let permissions be granted automatically when stacks, environments, or accounts carry matching tags, eliminating manual selection. Teams can...
From Kubernetes Gatekeeper to Full-Stack Governance with OPA
Pulumi has released version 1.1.0 of its pulumi-policy-opa plugin, making OPA/Rego a stable, first‑class policy language alongside TypeScript and Python. The update introduces full feature parity, including resource‑level and stack‑level policies, configurable enforcement levels, and metadata annotations. A key addition...
Lock Down Values in Pulumi ESC with Fn::final
Pulumi introduced the fn::final built‑in function for its Environments, Secrets, and Configuration (ESC) service. The function lets users flag configuration values as final, preventing child environments from overriding them. When an override is attempted, ESC emits a warning and retains...
New: Previous Provider Version Docs in Pulumi Registry
Pulumi has added a version selector to its Registry, letting users view API documentation for previous major releases of first‑party providers. The dropdown displays the current version plus the latest releases of the two prior major versions, eliminating the need...
Pulumi Cloud Now Supports Google Sign-In
Pulumi Cloud now lets users log in with Google accounts, adding a first‑class identity provider alongside GitHub, GitLab and Atlassian. New users can click “Sign in with Google” on the signup page, while existing accounts can link a Google identity...
Now GA: Up to 20x Faster Pulumi Operations for Everyone
Pulumi has moved its journaling performance enhancement to general availability, making it the default for all Pulumi Cloud operations when using CLI version 3.225.0 or later. The change replaces full‑snapshot state saves with incremental journaling, enabling parallel updates and delivering up to...
Now in Public Beta: Store Terraform State in Pulumi Cloud
Pulumi Cloud has launched a public‑beta Terraform state backend, letting teams point their Terraform or OpenTofu CLI at Pulumi Cloud without altering HCL. The service stores state encrypted, provides automatic locking, versioned history, RBAC and audit policies, and surfaces the...