https://pulumi.com logo
Join Slack
Powered by
Is there an in-depth analysis available that compa...
# aws
f
Is there an in-depth analysis available that compares Pulumi with CDK?
b
@freezing-umbrella-5483 depends on your definition of "in-depth" but this compares CDK with pulumi https://www.pulumi.com/docs/intro/vs/cloud-template-transpilers/
f
Thanks, but I don't think that can fit any imaginable definition of "in-depth" 🙂 I'm looking for an analysis with real-world implications, preferably from someone who has used both in production.
The link is superficial at best and misleading at worst. For example:
Troposphere and CDK compile down to YAML and are therefore limited in what they can express. The Pulumi engine understands general-purpose language patterns, dependencies between objects, and therefore delivers a better overall experience. Pulumi also supports going beyond what you can express in YAML, such as building and publishing a Docker container image, authoring serverless functions in code, automating packaging and versioning of code, and so on.
Only someone who has never used CDK could have honestly written this. CDK can do all of this, it's not limited to YAML. Custom resources and docker bundling are a thing.
Pulumi integrates with a number of CI/CD providers and source control systems (SCMs) out of the box, for easy continuous delivery with systems you might already be using.
Although CloudFormation can be used in this manner, it requires manual configuration, and is designed to work best with AWS’s own CodeBuild/Pipeline products.
It doesn't require any manual configuration.
Pulumi integrates with your identity provider—including GitHub, GitLab, Atlassian, or any SAML/SSO 2.0 provider (such as Azure Active Directory, Google G Suite, or Okta)—for auditing and access controls using your existing enterprise systems of record. AWS CloudFormation can be manually integrated with those systems with greater effort.
How does it integrate? I can set up SSO on AWS completely as code with Pulumi?
b
appreciate the feedback, I'm not sure I'm in a position to engage with a confrontational tone at this moment due to being at AWS re:invent. If you'd like to see anything in particular added, or something that we can do to help you understand the differences, we'd be happy to address it to address a few points:
it's not limited to YAML
I don't think it's phrased in a way that claims cdk is limited to yaml, the point is made that CDK "compile down" to a cloudformation template (ie the cdk synthesize command) which limits the possibilites
How does it integrate? I can set up SSO on AWS completely as code with Pulumi?
this is referring to authentication on the state storage: https://www.pulumi.com/docs/guides/saml/
f
I don't think it's phrased in a way that claims cdk is limited to yaml, the point is made that CDK "compile down" to a cloudformation template (ie the cdk synthesize command) which limits the possibilites
This is not true. Besides compiling down to YAML, it also builds docker images, uploads them to image registries, uploads assets to S3, etc.
b
Troposphere and CDK compile down to YAML to create resources in AWS
if that's a more accurate sentence, we're happy to update it
f
The entire point is misleading - the CDK is not limited in that regard at all. Its capabilities are not limited by YAML, as mentioned. It can also use user-defined custom resources - those use your own arbitrary code to create/update/delete resources, and are not compiled down to YAML.
b
okay
f
If you'd like to see anything in particular added
I'd just like to see an in-depth comparison with real-world examples, made by someone who's used both. The biggest appeal of CDK is the L2 constructs that take care of the all the boilerplate and infers all the necessary dependencies, least privilege policies, etc. I'm wondering what Pulumi offers in this regard, if anything. Or is it just an equivalent of CDK's bare L1 constructs.
this is referring to authentication on the state storage:
...which also requires manual integration, just like CDK.
All of the above leave a bad impression. I was hoping someone from the community would know about an independent analysis that would be frank, that's why I posted here.
Also wondering about Pulumi's answer to CDK Pipelines, which take care of pretty much everything when creating CI/CD pipelines.
@billowy-army-68599 I'd like to apologize if I came across as confrontational - that was not my intent, but I do see how my tone could have been more neutral. This was because, frankly, I took a bit of offense to the suggestion that the mentioned link can be considered in-depth, and because it's obviously biased and not factually correct. But the reason I asked the question is not to bash on Pulumi. Quite the contrary - I have a bunch of experience with CDK, but none with Pulumi, and I would love to learn it, and maybe switch to it down the line (because of multi-cloud capabilities), but I just need to understand the differences properly, without marketing pitches.
g
Pulumi has clearly been the frontrunner for bringing software languages and practises into IaC. I have been a happy user for quite some time. The big cloud providers has seen the light and are starting to catch up. At the same time Pulumi is moving towards the more sustainable native providers. This changes the landscape quite a bit. It is no longer about declarative vs imperative infrastructure coding.
f
@gorgeous-egg-70058 does this mean you have worked with CDK and are able to answer the questions posed above?
g
I have only played around with CDK. I have used Pulumi with AWS quite a bit. I do not have the experience to talk about the difference between the two.
f
@billowy-army-68599 would you be open to correcting the incorrect information on the comparison page? I can help out or point to specific resources that confirm the error.
b
based on the way these interactions have gone, I'm no longer engaging in this thread. feel free to open github issues for anything
f
@billowy-army-68599 interesting, alright
Open in Slack
PreviousNext
Powered by