
Pulumi launches IDP to speed secure cloud infrastructure delivery
Pulumi IDP is built on the company's open-source infrastructure as code (IaC) technology and caters to organisations seeking to deliver cloud infrastructure at scale. According to Pulumi, the product allows engineering teams to move from initial ideas to cloud deployment within minutes, while embedding security, compliance, and organisational controls into the process.
The company stated that Pulumi IDP has been developed based on insights from a customer base of over 3,500 organisations and 350,000 users. Many customers have independently built internal developer platforms, leveraging Pulumi's IaC platform. Pulumi IDP aims to consolidate best practices from these implementations into a single, complete platform for software delivery with built-in security and governance.
James Forcier, Staff Software Engineer at CLEAR, commented on the platform's development, saying, "We've spent a lot of time building our internal developer platform. We moved from a lower-level Terraform and HCL-based interface to Pulumi, letting us use a custom, higher-level, and much simpler-to-use YAML schema we've defined. We've made cloud infrastructure really easy to use for our developers."
Gartner has predicted that 80% of large organisations will adopt internal developer platforms in the coming two years. Pulumi IDP seeks to balance a flexible approach that enables developer self-service with guardrails and structure provided by platform teams.
The platform allows teams to codify and enforce organisational best practices, publishing reusable infrastructure patterns as components, templates, and policies in a private organisation registry. This registry supports infrastructure definitions in TypeScript, Python, Go, C#, Java, or YAML, and includes features such as built-in documentation, search, semantic versioning, and usage tracking.
Developers, data scientists, and other users can use Pulumi IDP to provision and manage cloud infrastructure through multiple interfaces: a no-code user interface, low-code YAML-based CI/CD pipelines, infrastructure as code in their preferred language, or via a REST API. Projects can be grouped into 'Services', which serve as logical containers for infrastructure, configuration, secrets, documentation, and observability dashboards. Example use cases for Services include web applications, microservices, Jupyter notebooks, and data pipelines.
Pulumi IDP also addresses ongoing operational needs, supporting activities such as drift and policy detection, remediation of non-compliant infrastructure, auditing of outdated components, and change management during version upgrades. The platform features approval workflows to maintain organisational oversight and a new visual import tool for onboarding existing infrastructure into Pulumi management.
An advanced identity and access management system underpins Pulumi IDP, providing least-privilege access via custom roles, permissions, fine-grained access controls, and integration with SAML/SSO identity providers. These security features extend Pulumi's existing enterprise security foundation to support compliance requirements.
Pulumi IDP is available both as a managed SaaS offering and a self-hosted solution for organisations with complex compliance needs. It integrates with other Pulumi enterprise capabilities including Pulumi Copilot for AI-driven infrastructure management, Pulumi Deployments for workflow automation, Pulumi CrossGuard for policy enforcement, alongside a unified REST API and extensible data model.
Joe Duffy, Co-Founder and Chief Executive Officer of Pulumi, outlined the platform's value proposition: "CTOs, CIOs, and engineering leaders tell us that the pace of innovation is faster than ever. To succeed, developers must move fast – without breaking things. Pulumi IDP is the cloud infrastructure platform modern teams have been asking for: infrastructure-first, multi-cloud, immensely powerful and flexible, with built-in security and full visibility and controls. It turns the cloud into a competitive advantage."
Supporting perspectives from industry partners reflect the importance of visibility and standard workflows across internal developer platforms. Zachary Cook, Senior Manager of DevOps at Modivcare, remarked, "By integrating Pulumi Policy as Code with Insights Account Scanning and our developer portal, we're achieving the holy grail for Platform Engineering: instant visibility and governance over legacy infrastructure that isn't yet defined in IaC, while also accelerating our path to production for new cloud-native projects."
Justin Cormack, Chief Technology Officer at Docker, highlighted synergies between the companies: "Docker makes software supply chains more secure by standardising build, packaging, and shipping containerised applications - core to any modern internal developer platform. Pulumi complements this by enabling platform teams to define secure, reusable infrastructure patterns. Golden paths are incredibly important to our customers, and we're excited that Pulumi makes it easier to create and adopt them. Together, Docker and Pulumi help teams streamline developer workflows and accelerate delivery from code to cloud."
Pulumi IDP is now in public preview and is free to use for Pulumi customers and community members. General availability and additional enterprise pricing are expected later in the year.

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles


Techday NZ
18-07-2025
- Techday NZ
AWS brings vibe coding to the Enterprise with spec-driven Kiro IDE tool
AWS has introduced Kiro, an "agentic IDE" designed to bridge the gap between the excitement of prompt-based prototyping and the practical demands of production software. According to Kiro product lead Nikhil Swaminathan, the tool aims to bring structure, rigour and automation to the modern, AI-powered coding process. Swaminathan describes the appeal of recent AI tools, saying, "Prompt, prompt, prompt, and you have a working application. It's fun and feels like magic. But getting it to production requires more." He outlines the typical stumbling blocks: "What assumptions did the model make when building it? What edge-cases did it cover? How did it handle errors? Requirements are fuzzy and you can't tell if the application meets them." Kiro is designed to solve these problems by introducing what its creators call "spec-driven development." As the team puts it, "Kiro is great at 'vibe coding' but goes way beyond that - Kiro's strength is getting those prototypes into production systems with features such as specs and hooks." Swaminathan explains how it works: "Start with a prompt: 'Add a review system for products.' Kiro translates this into a set of user stories with EARS-style acceptance criteria." He says Kiro then generates artefacts including "a data-flow diagram, TypeScript interfaces, a database schema, and API definitions." The system's approach includes automatically specifying essential features for each user story. Swaminathan writes, "Kiro automatically includes requirements like mobile responsiveness, accessibility, loading states, and tests in the spec." Tasks are then "sequenced correctly and connected to requirements." Importantly, the specs remain in sync as the code evolves. Swaminathan notes, "Developers can author code and ask Kiro to update specs or manually update specs to refresh tasks. This solves the common problem where developers stop updating original artifacts during implementation." To automate repetitive work, Kiro introduces "agent hooks." These are "event-driven automations" that "trigger based on events like file saves or deletions." As Swaminathan puts it, "When you save a React component, hooks update the test file. When you modify API endpoints, hooks refresh README files. When you're ready to commit, security hooks scan for leaked credentials." He describes the benefit: "It's like having an experienced developer catching things you miss or completing boilerplate tasks." These hooks are also collaborative by design. Swaminathan explains, "Once this hook is committed to Git, it enforces the coding standard across my entire team - whenever anyone adds a new component, the agent automatically validates it against the guidelines." Kiro is built on top of Code OSS, meaning it is "compatible with existing VS Code settings and Open VSX plugins." It supports "Model Context Protocol (MCP)," agentic chat, and multiple context providers, including "files, URLs and document uploads." Looking ahead, Swaminathan and AWS VP of Developer Experience & Agents Deepak Singh set out an ambitious vision for Kiro. They write, "We want to tackle the root causes of pain in software development - clarity of design, alignment with requirements, technical debt, code reviews, and knowledge sharing." Kiro is available in a preview release for Mac, Windows and Linux, supporting most programming languages. Swaminathan invites developers to experience its approach: "We invite you to try Kiro and share feedback. We're just getting started, and your input will help shape the future of agentic development." By combining the "magic" of AI-powered coding with structured specs and event-driven automation, Kiro is positioning itself as a tool for developers seeking to move quickly without sacrificing discipline or reliability.


Techday NZ
18-07-2025
- Techday NZ
AWS brings vibe coding to the Enterpise with spec-driven Kiro IDE tool
AWS has introduced Kiro, an "agentic IDE" designed to bridge the gap between the excitement of prompt-based prototyping and the practical demands of production software. According to Kiro product lead Nikhil Swaminathan, the tool aims to bring structure, rigour and automation to the modern, AI-powered coding process. Swaminathan describes the appeal of recent AI tools, saying, "Prompt, prompt, prompt, and you have a working application. It's fun and feels like magic. But getting it to production requires more." He outlines the typical stumbling blocks: "What assumptions did the model make when building it? What edge-cases did it cover? How did it handle errors? Requirements are fuzzy and you can't tell if the application meets them." Kiro is designed to solve these problems by introducing what its creators call "spec-driven development." As the team puts it, "Kiro is great at 'vibe coding' but goes way beyond that - Kiro's strength is getting those prototypes into production systems with features such as specs and hooks." Swaminathan explains how it works: "Start with a prompt: 'Add a review system for products.' Kiro translates this into a set of user stories with EARS-style acceptance criteria." He says Kiro then generates artefacts including "a data-flow diagram, TypeScript interfaces, a database schema, and API definitions." The system's approach includes automatically specifying essential features for each user story. Swaminathan writes, "Kiro automatically includes requirements like mobile responsiveness, accessibility, loading states, and tests in the spec." Tasks are then "sequenced correctly and connected to requirements." Importantly, the specs remain in sync as the code evolves. Swaminathan notes, "Developers can author code and ask Kiro to update specs or manually update specs to refresh tasks. This solves the common problem where developers stop updating original artifacts during implementation." To automate repetitive work, Kiro introduces "agent hooks." These are "event-driven automations" that "trigger based on events like file saves or deletions." As Swaminathan puts it, "When you save a React component, hooks update the test file. When you modify API endpoints, hooks refresh README files. When you're ready to commit, security hooks scan for leaked credentials." He describes the benefit: "It's like having an experienced developer catching things you miss or completing boilerplate tasks." These hooks are also collaborative by design. Swaminathan explains, "Once this hook is committed to Git, it enforces the coding standard across my entire team - whenever anyone adds a new component, the agent automatically validates it against the guidelines." Kiro is built on top of Code OSS, meaning it is "compatible with existing VS Code settings and Open VSX plugins." It supports "Model Context Protocol (MCP)," agentic chat, and multiple context providers, including "files, URLs and document uploads." Looking ahead, Swaminathan and AWS VP of Developer Experience & Agents Deepak Singh set out an ambitious vision for Kiro. They write, "We want to tackle the root causes of pain in software development - clarity of design, alignment with requirements, technical debt, code reviews, and knowledge sharing." Kiro is available in a preview release for Mac, Windows and Linux, supporting most programming languages. Swaminathan invites developers to experience its approach: "We invite you to try Kiro and share feedback. We're just getting started, and your input will help shape the future of agentic development." By combining the "magic" of AI-powered coding with structured specs and event-driven automation, Kiro is positioning itself as a tool for developers seeking to move quickly without sacrificing discipline or reliability.


Techday NZ
16-07-2025
- Techday NZ
Fortinet named SASE leader by Gartner, eyes USD $28.5 billion market
Fortinet has been recognised as a Leader in the 2025 Gartner Magic Quadrant for Secure Access Service Edge (SASE) Platforms and ranked first in the Secure Branch Network Modernisation use case in the associated Gartner Critical Capabilities for SASE Platforms report. The designation in the Magic Quadrant report marks a significant acknowledgement for Fortinet in the cybersecurity sector, as SASE platforms continue to play a central role in network security strategies across various industries. The evaluation from Gartner is of particular note to enterprise customers seeking solutions that unify networking and security functions. Market recognition Fortinet regards this latest recognition as supporting its strategic vision to bring together advanced secure software-defined wide area network (SD‐WAN), universal zero trust network access (ZTNA), and artificial intelligence (AI)-enabled threat protection within a single platform. Nirav Shah, Senior Vice President, Products and Solutions at Fortinet, stated: "We are honoured to be recognised as a Leader in the 2025 Gartner Magic Quadrant for SASE Platforms and believe this recognition validates our commitment to organic innovation - building a unified, AI-powered platform that spans all secure access service edge (SASE) use cases. We believe being positioned in the Leaders quadrant in the 2025 Gartner Magic Quadrant for SASE Platforms affirms our strategy of blending proven secure SD‐WAN, universal ZTNA, and AI‐powered threat protection under a single operating system, FortiOS, and one licence for added simplicity and faster return on investment." The company said this recognition follows its recent achievements, which include being acknowledged as a Leader in the 2024 Gartner Magic Quadrant for SD‐WAN for the fifth year in a row, and being named as a Customers' Choice in the 2024 and 2025 Gartner Peer Insights for key segments, including Security Service Edge (SSE), SD-WAN, and ZTNA. Unified approach Fortinet's Unified SASE offering is built on FortiOS, aiming to supply consistent security measures and user experiences across campuses, cloud environments, and remote workforces. The platform is designed for centralised management with a single console and agent, which Fortinet argues reduces complexity and streamlines both policy enforcement and deployment. According to the company, the unified approach incorporates over 160 points of presence globally and utilises a simplified licensing model. Fortinet emphasises monthly product updates, including AI-driven security workflows, as essential to maintaining protection against evolving threats. Branch modernisation The report's ranking in the Secure Branch Network Modernisation use case highlights Fortinet's capability to help clients upgrade from legacy branch network infrastructures. This includes facilitating the transition away from multiprotocol label switching to higher performance branch experiences. Fortinet claims that organisations benefit from faster, simpler site deployments using zero-touch provisioning and centralised management, supporting quicker scaling with less operational overhead. The company said its focus on converging networking and security at the network edge allows IT departments to deliver secure, scalable connectivity solutions. This integration is designed to help reduce costs while providing flexibility in branch modernisation. Growing market Fortinet's ongoing investment in SASE infrastructure and partner enablement positions the company to address demand in a sector which, according to Gartner forecasts, could exceed USD $28.5 billion by 2028. The company's offerings also aim to address regulatory requirements around data sovereignty, which are central concerns in industries such as finance, healthcare, and government. Fortinet was acknowledged for its broader performance in the cybersecurity market, being recognised in 11 separate Magic Quadrant reports spanning both security and networking. The press release noted: "Fortinet was recognised in 11 different Magic Quadrant reports including being named an Honorable Mention in Magic Quadrant for Data Centre Switching, for Access Management, and for Privileged Access Management." In addition to the recognition for SASE and SD-WAN, the company stated it remains the only provider named as a Customer's Choice across all three core SASE segments - SD-WAN, SSE, and ZTNA - on Gartner Peer Insights. Fortinet believes this further validates its strategy to unify networking and security through its Security Fabric platform.