Security News
PyPI Now Supports iOS and Android Wheels for Mobile Python Development
PyPI now supports iOS and Android wheels, making it easier for Python developers to distribute mobile packages.
By Sarah Gooding - Feb 12, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@pulumi/policy
Advanced tools
Pulumi Policy SDK
Overview
Define and manage policy for cloud resources deployed through Pulumi.
Policy rules run during pulumi preview and pulumi up, asserting that cloud resource definitions
comply with the policy immediately before they are created or updated. Policies may optionally define
remediations that automatically fix policy violations rather than issue warnings.
During preview, every rule is run on every resource, and policy violations are batched up
into a final report. During the update, the first policy violation will halt the deployment.
Policy violations can have enforcement levels that are advisory, which results in a printed
warning, or mandatory, which results in an error after pulumi preview or pulumi up completes.
The enforcement level remediate is stronger than both and enables automatic remediations.
Getting Started
Please see Get Started with Policy as Code to get started authoring and enforcing policies.
Documentation
For additional documentation, guides, best practices, and FAQs, see Policy as Code.
Examples
Looking for examples? Please refer to the examples repo.
Languages
Policies can be written in TypeScript/JavaScript (Node.js) or Python and can be applied to Pulumi stacks written in any language.
| Language | Status | |
|---|---|---|
 | TypeScript | Stable |
 | JavaScript | Stable |
 | Python | Preview |
 | .NET | Coming Soon |
 | Go | Coming Soon |
FAQs
A framework for writing policy as code
The npm package @pulumi/policy receives a total of 30,868 weekly downloads. As such, @pulumi/policy popularity was classified as popular.
We found that @pulumi/policy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 19 Jun 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Create React App Officially Deprecated Amid React 19 Compatibility Issues
Create React App is officially deprecated due to React 19 issues and lack of maintenance—developers should switch to Vite or other modern alternatives.
By Sarah Gooding - Feb 11, 2025
Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025