pulumi-hugo-cn/themes/default/content/solutions/shared-services-platforms.md

---
title: Shared Services Platforms
meta_desc: Learn how Pulumi can help you build and manage a Shard Services Platform that allows application developers to self-service their infrastructure environments.

type: page
layout: solutions-use-case

overview:
    title: Building self-service infrastructure environments
    image: /images/solutions/shared-services-platform/ssp-main-diagram.svg
    description: |
        A Shared Services Platform (aka Internal Developer Portal or Infrastructure Platform) is an internal company service that allows application developers to self-service infrastructure environments. SSPs are an extremely common amongst companies that have reached a certain size where they want to share common infrastructure and automate the provisioning of infrastructure for the development teams. Kubernetes (K8s) is becoming the de facto control plane for modern clouds, and it is frequently employed to power these internal platforms. The goal of a SSP is to increase developer velocity while maintaining centralized control over security, networking, compliance, and costs. Pulumi makes it easy to model and provision the SSP control plane as well as automate the provisioning of the data plane stacks.

benefits:
    title: Why Shared Services Platforms?
    benefits:
      title: Benefits
      items:
        - title: Centralized control
          icon: code
          icon_color: yellow
          description: |
            Companies maintain centralized control over security, networking, compliance, and costs.

        - title: Direct infrastructure access
          icon: global
          icon_color: yellow
          description: |
            Developers can directly access and deploy to infrastructure (e.g., K8s clusters or cloud resources) without contacting operations/cluster managers.

        - title: Start easily
          icon: puzzle
          icon_color: yellow
          description: |
            Developers can get started easily and do not have to adapt their workflows.

    help:
      title: How Pulumi helps
      items:
        - title: Languages you love
          icon: rocketship
          icon_color: salmon
          description: |
            Pulumi allows infrastructure or platform engineering teams to use the programming languages they already use for modeling their infrastructure. They can take advantage of all the existing testing tools, IDE plugins that are standard to their programming languages.

        - title: Build on any cloud
          icon: gear
          icon_color: salmon
          description: |
            Pulumi can provision any resource available in the K8s API. Pulumi supports all new resources and features in the K8s API on the same day as the release. Pulumi allows K8s users novel forms of cluster management and app workload deployments.

        - title: Programmable guardrails
          icon: eye
          icon_color: salmon
          description: |
            Pulumi also enables “policy as code”, which allows the platform team to enforce cost, security, and best practices across all infrastructure.

        - title: Reusable components
          icon: team
          icon_color: salmon
          description: |
            Pulumi makes creating reusable and modular components easy which allows repeatable infrastructure building blocks to be templatized and easily reused.

diagrams:
    title: Kubernetes Platform Reference Architecture

    items:
        - title: 1. Define your goals
          image: /images/solutions/shared-services-platform/diagram-one.svg
          content: |
            Define your business goals you want to achieve by building a K8s platform. Your goals will determine what features to include or not include in your platform.

        - title: 2. Define the platform
          image: /images/solutions/shared-services-platform/diagram-two.svg
          content: |
            A good starting point for your internal Kubernetes platform is to use just a single environment that reflects the environment of your production system best. You want to first define the common infrastructure components/resources that will be shared across the platform and by all the developers (end users). Then you want to define the infrastructure components/resources that are configured and managed by the developer. Finally define the boundary between the platform space and end user space, which is how the developer will access the shared resources (e.g., via StackReference).

        - title: 3. Define how developers consume the platform
          image: /images/solutions/shared-services-platform/diagram-three.svg
          content: |
            Define how developers will interact with the platform. You may want to give them a self-service portal where they can pick and choose their infrastructure, a GitOps workflow, or developers just interact with a CI/CD pipeline directly.

        - title: 4. Build the components, blueprints, & pipelines
          image: /images/solutions/shared-services-platform/diagram-four.svg
          content: |
            Write code for the shared platform components first. Then write code for the application components that can be selected and used by developers. These application components will have the logic to retrieve credentials or connect to the shared resources in the platform.

        - title: 5. Define the guardrails & policies
          image: /images/solutions/shared-services-platform/diagram-five.svg
          content: |
            Use Pulumi CrossGuard to define cost guardrails and security policies. CrossGuard can also be used to enforce general best practices (e.g., closing ports) or best practices specific to your business (e.g., regional locality requirements).

customer_logos:
  title: Organizations building shared services platforms with Pulumi
  logos:
    - name: mercedes-benz
      link: /case-studies/mercedes-benz
    - name: snowflake
      link: /case-studies/snowflake
    - name: lemonade
      link: /case-studies/lemonade

get_started:
    title: Getting started

    get_started:
        title: Talk with customer engineering
        description: |
          Schedule some time with our customer engineering team, and we will help you plan and build your shared services platform.
        cta_text: Schedule now
---
Add reference architecture pages (#613) * Add mock for shared services page * Address some early feedback and add diagrams * Update content and layout fixes * Update layout name * Add two more ref architecture pages * Update page copy * Address feedback * Update solutions page * Address more feedback * fix colors and shadows in diagrams Signed-off-by: susanev <susan.ra.evans@gmail.com> * more diagram fixes Signed-off-by: susanev <susan.ra.evans@gmail.com> * Apply suggestions from code review Co-authored-by: susan evans <susan.ra.evans@gmail.com> * Address feedback Co-authored-by: susanev <susan.ra.evans@gmail.com> 2021-09-30 16:05:00 -07:00			`---`
			`title: Shared Services Platforms`
			`meta_desc: Learn how Pulumi can help you build and manage a Shard Services Platform that allows application developers to self-service their infrastructure environments.`

			`type: page`
			`layout: solutions-use-case`

			`overview:`
			`title: Building self-service infrastructure environments`
			`image: /images/solutions/shared-services-platform/ssp-main-diagram.svg`
			`description: \|`
			A Shared Services Platform (aka Internal Developer Portal or Infrastructure Platform) is an internal company service that allows application developers to self-service infrastructure environments. SSPs are an extremely common amongst companies that have reached a certain size where they want to share common infrastructure and automate the provisioning of infrastructure for the development teams. Kubernetes (K8s) is becoming the de facto control plane for modern clouds, and it is frequently employed to power these internal platforms. The goal of a SSP is to increase developer velocity while maintaining centralized control over security, networking, compliance, and costs. Pulumi makes it easy to model and provision the SSP control plane as well as automate the provisioning of the data plane stacks.

			`benefits:`
			`title: Why Shared Services Platforms?`
			`benefits:`
			`title: Benefits`
			`items:`
			`- title: Centralized control`
			`icon: code`
			`icon_color: yellow`
			`description: \|`
			`Companies maintain centralized control over security, networking, compliance, and costs.`

			`- title: Direct infrastructure access`
			`icon: global`
			`icon_color: yellow`
			`description: \|`
			`Developers can directly access and deploy to infrastructure (e.g., K8s clusters or cloud resources) without contacting operations/cluster managers.`

			`- title: Start easily`
			`icon: puzzle`
			`icon_color: yellow`
			`description: \|`
			`Developers can get started easily and do not have to adapt their workflows.`

			`help:`
			`title: How Pulumi helps`
			`items:`
			`- title: Languages you love`
			`icon: rocketship`
			`icon_color: salmon`
			`description: \|`
			`Pulumi allows infrastructure or platform engineering teams to use the programming languages they already use for modeling their infrastructure. They can take advantage of all the existing testing tools, IDE plugins that are standard to their programming languages.`

			`- title: Build on any cloud`
			`icon: gear`
			`icon_color: salmon`
			`description: \|`
			`Pulumi can provision any resource available in the K8s API. Pulumi supports all new resources and features in the K8s API on the same day as the release. Pulumi allows K8s users novel forms of cluster management and app workload deployments.`

			`- title: Programmable guardrails`
			`icon: eye`
			`icon_color: salmon`
			`description: \|`
			`Pulumi also enables “policy as code”, which allows the platform team to enforce cost, security, and best practices across all infrastructure.`

			`- title: Reusable components`
			`icon: team`
			`icon_color: salmon`
			`description: \|`
			`Pulumi makes creating reusable and modular components easy which allows repeatable infrastructure building blocks to be templatized and easily reused.`

			`diagrams:`
			`title: Kubernetes Platform Reference Architecture`

			`items:`
			`- title: 1. Define your goals`
			`image: /images/solutions/shared-services-platform/diagram-one.svg`
			`content: \|`
			`Define your business goals you want to achieve by building a K8s platform. Your goals will determine what features to include or not include in your platform.`

			`- title: 2. Define the platform`
			`image: /images/solutions/shared-services-platform/diagram-two.svg`
			`content: \|`
			A good starting point for your internal Kubernetes platform is to use just a single environment that reflects the environment of your production system best. You want to first define the common infrastructure components/resources that will be shared across the platform and by all the developers (end users). Then you want to define the infrastructure components/resources that are configured and managed by the developer. Finally define the boundary between the platform space and end user space, which is how the developer will access the shared resources (e.g., via StackReference).

			`- title: 3. Define how developers consume the platform`
			`image: /images/solutions/shared-services-platform/diagram-three.svg`
			`content: \|`
			`Define how developers will interact with the platform. You may want to give them a self-service portal where they can pick and choose their infrastructure, a GitOps workflow, or developers just interact with a CI/CD pipeline directly.`

			`- title: 4. Build the components, blueprints, & pipelines`
			`image: /images/solutions/shared-services-platform/diagram-four.svg`
			`content: \|`
			`Write code for the shared platform components first. Then write code for the application components that can be selected and used by developers. These application components will have the logic to retrieve credentials or connect to the shared resources in the platform.`

			`- title: 5. Define the guardrails & policies`
			`image: /images/solutions/shared-services-platform/diagram-five.svg`
			`content: \|`
			`Use Pulumi CrossGuard to define cost guardrails and security policies. CrossGuard can also be used to enforce general best practices (e.g., closing ports) or best practices specific to your business (e.g., regional locality requirements).`

			`customer_logos:`
			`title: Organizations building shared services platforms with Pulumi`
			`logos:`
			`- name: mercedes-benz`
			`link: /case-studies/mercedes-benz`
			`- name: snowflake`
			`link: /case-studies/snowflake`
			`- name: lemonade`
			`link: /case-studies/lemonade`

			`get_started:`
			`title: Getting started`

			`get_started:`
			`title: Talk with customer engineering`
			`description: \|`
			`Schedule some time with our customer engineering team, and we will help you plan and build your shared services platform.`
			`cta_text: Schedule now`
			`---`