diff --git a/themes/default/content/product/crossguard.md b/themes/default/content/product/crossguard.md index cc783674d19..0a35591b0e1 100644 --- a/themes/default/content/product/crossguard.md +++ b/themes/default/content/product/crossguard.md @@ -8,49 +8,42 @@ meta_image: "/images/product/policy-as-code.png" aliases: - /crossguard -overview: - titleTop: Intelligence - titleBottom: for Infrastructure as Code - description: | - Pulumi Insights is Intelligence for Infrastructure as Code. It adds advanced search, analytics, and AI to infrastructure as code. With Insights, you can gain unique insights into your company's cloud usage and trends and boost engineering productivity. - items: - - title: Gain Unique Insights - icon: eye - icon_color: purple - description: | - Analyze and dig into your organization’s cloud usage and trends. - - - title: Increase Productivity - icon: nodes - icon_color: yellow - description: | - Reduce lead time from ideation to delivery through Pulumi AI. - benefits: title: Benefits of Policy as Code items: - - icon: shield + - icon: code icon_color: yellow - title: Maintain consistent security - description: Guard against inconsistencies and misconfigurations that might lead to compromises in your organization’s security posture. - - icon: gavel + title: Familiar languages + description: Take advantage of well-known and well-understood programming languages like TypeScript and Python to author policies and apply them across multiple clouds, SaaS offerings and application platforms. + - icon: shield icon_color: salmon - title: Ensure compliance standards - description: Prevent deployments that don’t meet applicable regulatory and compliance standards. - - icon: lock + title: Ready-made policies + description: Pull from a library of ready-made policies that can be customized to your organization’s specific needs and goals. + - icon: gavel icon_color: purple - title: Enforce policies centrally + title: Consistent application + description: CrossGuard ensures consistent application of your policies and prevents new misconfigurations or inconsistencies from being introduced into your infrastructure. + +screenshot1: + items: + - title: Enforce policies centrally description: Set policy packs that enforce requirements across your entire organization. + - title: Maintain consistent security + description: Guard against inconsistencies and misconfigurations that might lead to compromises in your organization’s security posture. -screenshot: +screenshot2: + items: + - title: Ensure compliance standards + description: Prevent deployments that don’t meet applicable regulatory and compliance standards. + - title: Automate the decision-making process + description: Systematize the guidelines for infrastructure resources and eliminate the need for manual reviews. + +screenshot3: items: - title: Remediate policy violations description: Transform non-compliant resources to meet policy requirements before deployment. - - title: Version control your policies + - title: Gain all the benefits of version control for your policies description: Track revisions, collaborate on policy updates, roll back to earlier versions, and have full visibility on all changes. - - title: Automate the decision-making process - description: Systematize the guidelines for infrastructure resources and eliminate the need for manual reviews. ---- key_features_above: items: diff --git a/themes/default/layouts/page/crossguard.html b/themes/default/layouts/page/crossguard.html deleted file mode 100644 index 73dcfff252a..00000000000 --- a/themes/default/layouts/page/crossguard.html +++ /dev/null @@ -1,300 +0,0 @@ -{{ define "hero" }} - {{ partial "hero" (dict "title" "Policy as Code for Any Cloud") }} -{{ end }} - -{{ define "main" }} -
-
-

Pulumi CrossGuard

-

Enforce your organization's cloud governance — security, compliance, cost controls, and more.

-
- Try CrossGuard - Get a Demo -
-
-
- -
-
-

Features

-
-
-
- {{ partial "color-icon.html" (dict "icon" "shield" "icon_color" "violet") }} -
Any Policy
-

- Use off-the-shelf rules or define your own for security, cost, compliance, reliability best practices — just about anything. Use package managers - to share and reuse rules. -

-
-
-
-
- {{ partial "color-icon.html" (dict "icon" "clouds" "icon_color" "yellow") }} -
Any Cloud
-

- Govern application and infrastructure resources on any cloud, including AWS, Azure, Google Cloud, Kubernetes, and 150+ more infrastructure - providers. -

-
-
-
-
- {{ partial "color-icon.html" (dict "icon" "rocketship" "icon_color" "salmon") }} -
Familiar and Powerful
-

- Define custom policies using familiar languages like JavaScript and Python. Use great editors, test frameworks, libraries, and tools for productivity - and correctness. -

-
-
-
-
-
-
- {{ partial "color-icon.html" (dict "icon" "exchange" "icon_color" "blue") }} -
Flexible Enforcement
-

- Apply policies using coarse- or fine-grained controls. Target individual projects, manage organization-wide policies, or group projects for differences - in environments and regions. -

-
-
-
-
- {{ partial "color-icon.html" (dict "icon" "gear" "icon_color" "purple") }} -
Configurable
-

Define policies that can be configured at the point of application, including enforcement level, letting you vary behavior based on project needs.

-
-
-
-
- {{ partial "color-icon.html" (dict "icon" "cycle" "icon_color" "violet") }} -
Automate and Integrate
-

- Automate governance using programmable libraries and REST APIs, easily integrating with external services such as web services, asset tracking - databases, pricing lists, and more. -

-
-
-
-
-
- -
-
-
-

Enterprise Compliance Enforcement

-
- Business Critical customers can enforce compliance and remediate non-compliance using Pulumi provided policies across your organization. -
-
-
-
- {{ partial "color-icon.html" (dict "icon" "shield" "icon_color" "violet") }} -
Compliance-ready Policies
-

- Choose from hundreds of policies for AWS, Azure, Google Cloud, and Kubernetes. Support for PCI DSS, ISO 27001, SOC 2, and CIS Benchmarks. -

-
-
-
-
- {{ partial "color-icon.html" (dict "icon" "shield" "icon_color" "violet") }} -
Server-side Enforcement
-

- Set policy packs that block prohibited deployments across your entire organization, preventing issues. -

-
-
-
-
- {{ partial "color-icon.html" (dict "icon" "shield" "icon_color" "violet") }} -
Remediation Policies
-

- Codify reactive solutions to compliance requirements by transforming non-compliant resources into compliant ones. -

-
-
-
-
- Start a free trial - Talk to a human -
-
-
-
- -
-
-

Policy as Code Scenarios

-

Accelerate your organization's delivery while still staying compliant

-
-
-
-

Security

-

Maintain security across all cloud infrastructure assets.

-
-{{ $code := `new PolicyPack("acmecorp-security", { - policies: [{ - name: "prohibited-public-internet", - description: "Reject public internet access.", - enforcementLevel: "mandatory", - validateResource: validateResourceOfType( - aws.ec2.SecurityGroup, - (sg, args, reportViolation) => { - const hasInternetAccess = sg.ingress.find( - rule => rule.cidrBlocks.includes("0.0.0.0/0") - ); - if (hasInternetAccess) { - reportViolation("Illegal internet access"); - } - }, - ), - }], -);` -}} - - {{ partial "code" (dict "code" $code "lang" "js") }} -
-

Prohibiting network access from the Internet.

-
-
-

Compliance

-

Meet, and stay meeting, compliance standards.

-
-{{ $code := `new PolicyPack("acmecorp-compliance", { - policies: [{ - name: "required-storage-region", - description: "Data must be stored in the US.", - enforcementLevel: "mandatory", - validateResource: validateResourceOfType( - aws.s3.Bucket, (bucket, args, reportViolation) => { - if (!bucket.region.startsWith("us-")) { - reportViolation("Non-US bucket detected"); - } - }, - ), - }], -);` -}} - - {{ partial "code" (dict "code" $code "lang" "js") }} -
-

Disallowing storage outside of specific regions.

-
-
-
-
-

Cost Controls

-

Ensure cost conscious deployments.

-
-{{ $code := `new PolicyPack("acmecorp-cost", { - policies: [{ - name: "required-cost-tags", - description: "Cost tags are required.", - enforcementLevel: "mandatory", - validateResource: (args, reportViolation) => { - if (isTaggable(args.type) && - !args.resource["tags"]["Cost Center"]) { - reportViolation("Resource missing tags"); - } - ), - }], -);` -}} - - {{ partial "code" (dict "code" $code "lang" "js") }} -
-

Requiring specific cost allocation tags.

-
-
-

Continuous Delivery

-

Catch policy violations before they escape using CI/CD.

- Policy as Code in CI/CD -

A live dashboard of organizational violations in Pulumi Cloud.

-
-
-
- -
-
-
-
-
-

- Pulumi supercharged our whole organization by letting us create reusable building blocks that developers can leverage to provision new resources and - enforce organizational policies for logging, permissions, resource tagging and security. This has empowered our developer teams to self-provision - resources and ship new capabilities faster without having to wait for the infrastructure team to deploy new resources on their behalf. -

-
-
-

Igor Shapiro

-

Principal Engineer

-
-
- {{ partial "customer-logo.html" (dict "logo" "lemonade") }} -
-
-
- Learn More -
-
-
- -
-
-

- CrossGuard gives us the ability to prevent undesired and insecure resources from being deployed to any environment. It also allows us to block the deployment of certain resource SKUs that may incur unnecessary expense. -

-
-
-

Dennis Sauvé

-

DevOps Engineer

-
-
- {{ partial "customer-logo.html" (dict "logo" "washington-trust") }} -
-
-
- Learn More -
-
-
- -
-
-

- With Pulumi CrossGuard we can provide reusable infrastructure components to our application teams and ensure that their implementations adhere to - company standards. -

-
-
-

Fernando Carlietti

-

Lead DevOps Engineer

-
-
- {{ partial "customer-logo.html" (dict "logo" "credijusto") }} -
-
-
- Learn More -
-
-
-
-
-
- -
-
-
- -

Getting Started with Policy as Code

-
- Get started with CrossGuard -
-
-
-
-{{ end }} diff --git a/themes/default/layouts/product/crossguard.html b/themes/default/layouts/product/crossguard.html index ef8d6a55e79..41632c64490 100644 --- a/themes/default/layouts/product/crossguard.html +++ b/themes/default/layouts/product/crossguard.html @@ -8,7 +8,7 @@

Pulumi CrossGuard

-

Pulumi's Policy as Code Engine

+

Policy as Code for Any Cloud

{{ end }} @@ -21,7 +21,7 @@

“Shift Left” policy enforcement and standards remediation

- Programmatic policy enforcement and remediation are key to scaling securely and efficiently because inconsistent infrastructure could lead to compromise. Pulumi CrossGuard offers centralized policy enforcement and remediation as an integrated component of Pulumi’s infrastructure as code platform. Take advantage of well-known and well-understood programming languages like TypeScript and Python to author policies and apply them across multiple clouds, SaaS offerings and application platforms. Pull from a library of ready-made policies that can be customized to your organization’s specific needs and goals. CrossGuard ensures consistent application of your policies and prevents new misconfigurations or inconsistencies from being introduced into your infrastructure. + Programmatic policy enforcement and remediation are key to scaling securely and efficiently because inconsistent infrastructure could lead to compromise. Pulumi CrossGuard offers centralized policy enforcement and remediation as an integrated component of Pulumi’s infrastructure as code platform.

Get Started @@ -53,16 +53,57 @@
{{ $item.title }}
-
+

Centrally Manage Policy Compliance

-
+
screenshot of Pulumi CrossGuard management console
-
- {{ range $item := .Params.screenshot.items }} +
+ {{ range $item := .Params.screenshot1.items }} +
+
+
{{ $item.title }}
+
+
+

{{ $item.description }}

+
+
+ {{ end }} +
+
+
+ +
+
+
+ {{ range $item := .Params.screenshot2.items }} +
+
+
{{ $item.title }}
+
+
+

{{ $item.description }}

+
+
+ {{ end }} +
+
+ screenshot of Pulumi CrossGuard management console +
+
+
+ + +
+
+
+ screenshot of Pulumi CrossGuard management console +
+
+ {{ range $item := .Params.screenshot3.items }}
{{ $item.title }}
diff --git a/themes/default/static/images/product/crossguard-new-policy.png b/themes/default/static/images/product/crossguard-new-policy.png new file mode 100644 index 00000000000..37c3c912d66 Binary files /dev/null and b/themes/default/static/images/product/crossguard-new-policy.png differ diff --git a/themes/default/static/images/product/crossguard-remediation-policy.png b/themes/default/static/images/product/crossguard-remediation-policy.png new file mode 100644 index 00000000000..e4e7c83b721 Binary files /dev/null and b/themes/default/static/images/product/crossguard-remediation-policy.png differ