Channels
pulumi-ai
package-authoring
pulumi-cdk
oracle-cloud-infrastructure
learn-pulumi-events
linen
registry
built-with-pulumi
pulumi-cloud
contribex
testingtesting321
hacktoberfest
cloudengineering
yaml
pulumi-crosscode
content-share
finops
multi-language-hackathon
office-hours
workshops
blog-posts
localstack
welcome
gitlab
pulumi-kubernetes-operator
jobs
aws
pulumi-deployments
dotnet
golang
announcements
java
pulumiverse
python
install
getting-started
cloudengineering-support
testingtesting123
hackathon-03-19-2020
typescript
google-cloud
contribute
azure
kubernetes
docs
automation-api
status
general
Title
f
freezing-umbrella-5483
11/30/2021, 6:34 PMIs there an in-depth analysis available that compares Pulumi with CDK?
b
billowy-army-68599
11/30/2021, 7:12 PM@freezing-umbrella-5483 depends on your definition of "in-depth" but this compares CDK with pulumi
https://www.pulumi.com/docs/intro/vs/cloud-template-transpilers/
f
freezing-umbrella-5483
11/30/2021, 7:14 PMThanks, but I don't think that can fit any imaginable definition of "in-depth" 🙂 I'm looking for an analysis with real-world implications, preferably from someone who has used both in production.
The link is superficial at best and misleading at worst. For example:
Troposphere and CDK compile down to YAML and are therefore limited in what they can express. The Pulumi engine understands general-purpose language patterns, dependencies between objects, and therefore delivers a better overall experience. Pulumi also supports going beyond what you can express in YAML, such as building and publishing a Docker container image, authoring serverless functions in code, automating packaging and versioning of code, and so on.Only someone who has never used CDK could have honestly written this. CDK can do all of this, it's not limited to YAML. Custom resources and docker bundling are a thing.
Pulumi integrates with a number of CI/CD providers and source control systems (SCMs) out of the box, for easy continuous delivery with systems you might already be using.
Although CloudFormation can be used in this manner, it requires manual configuration, and is designed to work best with AWS’s own CodeBuild/Pipeline products.It doesn't require any manual configuration.
Pulumi integrates with your identity provider—including GitHub, GitLab, Atlassian, or any SAML/SSO 2.0 provider (such as Azure Active Directory, Google G Suite, or Okta)—for auditing and access controls using your existing enterprise systems of record. AWS CloudFormation can be manually integrated with those systems with greater effort.How does it integrate? I can set up SSO on AWS completely as code with Pulumi?
b
billowy-army-68599
11/30/2021, 7:30 PMappreciate the feedback, I'm not sure I'm in a position to engage with a confrontational tone at this moment due to being at AWS re:invent. If you'd like to see anything in particular added, or something that we can do to help you understand the differences, we'd be happy to address it
to address a few points:
it's not limited to YAMLI don't think it's phrased in a way that claims cdk is limited to yaml, the point is made that CDK "compile down" to a cloudformation template (ie the cdk synthesize command) which limits the possibilites
How does it integrate? I can set up SSO on AWS completely as code with Pulumi?this is referring to authentication on the state storage: https://www.pulumi.com/docs/guides/saml/
f
freezing-umbrella-5483
11/30/2021, 7:32 PMI don't think it's phrased in a way that claims cdk is limited to yaml, the point is made that CDK "compile down" to a cloudformation template (ie the cdk synthesize command) which limits the possibilitesThis is not true. Besides compiling down to YAML, it also builds docker images, uploads them to image registries, uploads assets to S3, etc.
b
billowy-army-68599
11/30/2021, 7:33 PMTroposphere and CDK compile down to YAML to create resources in AWSif that's a more accurate sentence, we're happy to update it
f
freezing-umbrella-5483
11/30/2021, 7:34 PMThe entire point is misleading - the CDK is not limited in that regard at all. Its capabilities are not limited by YAML, as mentioned. It can also use user-defined custom resources - those use your own arbitrary code to create/update/delete resources, and are not compiled down to YAML.
b
billowy-army-68599
11/30/2021, 7:35 PMokay
f
freezing-umbrella-5483
11/30/2021, 7:36 PMIf you'd like to see anything in particular addedI'd just like to see an in-depth comparison with real-world examples, made by someone who's used both. The biggest appeal of CDK is the L2 constructs that take care of the all the boilerplate and infers all the necessary dependencies, least privilege policies, etc. I'm wondering what Pulumi offers in this regard, if anything. Or is it just an equivalent of CDK's bare L1 constructs.
this is referring to authentication on the state storage:...which also requires manual integration, just like CDK.
All of the above leave a bad impression. I was hoping someone from the community would know about an independent analysis that would be frank, that's why I posted here.
Also wondering about Pulumi's answer to CDK Pipelines, which take care of pretty much everything when creating CI/CD pipelines.
@billowy-army-68599 I'd like to apologize if I came across as confrontational - that was not my intent, but I do see how my tone could have been more neutral. This was because, frankly, I took a bit of offense to the suggestion that the mentioned link can be considered in-depth, and because it's obviously biased and not factually correct.
But the reason I asked the question is not to bash on Pulumi. Quite the contrary - I have a bunch of experience with CDK, but none with Pulumi, and I would love to learn it, and maybe switch to it down the line (because of multi-cloud capabilities), but I just need to understand the differences properly, without marketing pitches.
g
gorgeous-egg-70058
12/03/2021, 9:47 PMPulumi has clearly been the frontrunner for bringing software languages and practises into IaC. I have been a happy user for quite some time.
The big cloud providers has seen the light and are starting to catch up. At the same time Pulumi is moving towards the more sustainable native providers. This changes the landscape quite a bit. It is no longer about declarative vs imperative infrastructure coding.
f
freezing-umbrella-5483
12/05/2021, 8:32 AM@gorgeous-egg-70058 does this mean you have worked with CDK and are able to answer the questions posed above?
g
gorgeous-egg-70058
12/05/2021, 3:02 PMI have only played around with CDK. I have used Pulumi with AWS quite a bit. I do not have the experience to talk about the difference between the two.
f
freezing-umbrella-5483
12/15/2021, 4:27 PM@billowy-army-68599 would you be open to correcting the incorrect information on the comparison page? I can help out or point to specific resources that confirm the error.
b
billowy-army-68599
12/15/2021, 4:53 PMbased on the way these interactions have gone, I'm no longer engaging in this thread. feel free to open github issues for anything
f
freezing-umbrella-5483
12/15/2021, 4:54 PM@billowy-army-68599 interesting, alright