Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@pulumi/pulumi
Advanced tools
@pulumi/pulumi is an infrastructure as code (IaC) tool that allows developers to define, deploy, and manage cloud infrastructure using familiar programming languages like JavaScript, TypeScript, Python, Go, and C#. It integrates with various cloud providers and services, enabling users to create, update, and manage cloud resources programmatically.
Defining Cloud Infrastructure
This feature allows you to define cloud infrastructure using code. In this example, an S3 bucket is created using the AWS provider.
const pulumi = require('@pulumi/pulumi');
const aws = require('@pulumi/aws');
const bucket = new aws.s3.Bucket('my-bucket');
exports.bucketName = bucket.id;
Managing Infrastructure State
Pulumi manages the state of your infrastructure, allowing you to respond to changes. This example sets up an event handler for when a new object is created in the S3 bucket.
const pulumi = require('@pulumi/pulumi');
const aws = require('@pulumi/aws');
const bucket = new aws.s3.Bucket('my-bucket');
bucket.onObjectCreated('onNewObject', async (event) => {
console.log('New object created:', event);
});
Multi-Cloud Deployments
Pulumi supports multi-cloud deployments, allowing you to manage resources across different cloud providers. This example shows how to create an S3 bucket in AWS and a storage account in Azure.
const pulumi = require('@pulumi/pulumi');
const aws = require('@pulumi/aws');
const azure = require('@pulumi/azure');
const awsBucket = new aws.s3.Bucket('aws-bucket');
const azureStorageAccount = new azure.storage.Account('azure-storage', {
resourceGroupName: 'my-resource-group',
accountTier: 'Standard',
accountReplicationType: 'LRS'
});
Terraform by HashiCorp is another popular IaC tool that allows you to define and provision infrastructure using a declarative configuration language. Unlike Pulumi, which uses general-purpose programming languages, Terraform uses its own domain-specific language (HCL). Terraform has a large ecosystem and strong community support.
The AWS Cloud Development Kit (CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. Similar to Pulumi, AWS CDK allows you to use familiar programming languages, but it is specific to AWS services.
The Serverless Framework is a tool for building and deploying serverless applications. It focuses on serverless architectures and supports multiple cloud providers. While it shares some similarities with Pulumi in terms of deployment and management, it is more specialized in serverless use cases.
The Pulumi Node.js SDK lets you write cloud programs in JavaScript.
Using npm:
$ npm install --save @pulumi/pulumi
Using yarn:
$ yarn add @pulumi/pulumi
This SDK is meant for use with the Pulumi CLI. Visit Pulumi's Download & Install to install the CLI.
For anybody who wants to build from source, here is how you do it.
This SDK uses Node.js and we support any of the Current, Active and Maintenance LTS versions. We support both NPM and Yarn for package management.
At the moment, we only support building on macOS and Linux, where standard GNU tools like make
are available.
To build the SDK, simply run make
from the root directory (where this README
lives, at sdk/nodejs/
from the repo's
root). This will build the code, run tests, and install the package and its supporting artifacts.
At the moment, for local development, we install everything into $HOME/.dev-pulumi
. You will want this on your $PATH
.
The tests will verify that everything works, but feel free to try running pulumi preview
and/or pulumi up
from
the examples/minimal/
directory. Remember to run tsc
first, since pulumi
expects JavaScript, not TypeScript.
FAQs
Pulumi's Node.js SDK
The npm package @pulumi/pulumi receives a total of 580,129 weekly downloads. As such, @pulumi/pulumi popularity was classified as popular.
We found that @pulumi/pulumi demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.