Add Boost Insurance case study#20232
Conversation
Adds a case study describing how Boost Insurance built a self-service developer platform with Pulumi's Automation API, Deployments/TTL stacks, and ESC to provision isolated, time-limited database environments in the cloud — eliminating production data on developer laptops and the associated breach risk. Content adapted from the Boost Insurance customer story; placeholder links resolved to canonical Pulumi doc paths and the light-background Boost logo reused. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
Your site preview for commit a39709c is ready! 🎉 http://www-testing-pulumi-docs-origin-pr-20232-a39709cb.s3-website.us-west-2.amazonaws.com |
- Tighten description, exec summary, and Pulumi feature narrative - Normalize em-dash spacing - Replace blog-style "Get started" CTA with a customer-focused "Conclusion" section to match the other case studies Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Pre-merge Review — Last updated 2026-07-13T20:23:05ZTip Summary: This PR adds a new customer case study, Review confidence:
Investigation log
🔍 Verification trail54 claims extracted · 33 verified · 18 unverifiable · 0 contradicted
🚨 Outstanding in this PRNo outstanding issues in this PR.
|
💡 Pre-existing issues in touched files (optional)No pre-existing issues in touched files. ✅ Resolved since last reviewNo items resolved since the last review. 📜 Review history
Need a re-review? Want to dispute a finding? Mention |
|
|
||
| ## The business challenge {#the-challenge} | ||
|
|
||
| Boost Insurance operates in one of the most heavily regulated industries in the United States. |
There was a problem hiding this comment.
Should technically be one line per paragraph for nice diffing purposes IMO, but it's a customer story and it doesn't matter that much.
| allow_long_title: true | ||
| description: | | ||
| Boost Insurance built a self-service platform with Pulumi that provisions ephemeral, time-bound environments in the cloud, eliminating the risk of storing production data on developer machine. | ||
| meta_desc: Boost Insurance eliminated production data on developer laptops by building a self-service platform with Pulumi, reducing breach risk and saving developer time. |
There was a problem hiding this comment.
We might want to use the phrases "regulatory compliance" (and also, if applicable - not sure - "data residency") as prominently as possible.
| "Someone goes and steals a developer's laptop — we now have a reportable breach," said Richard Genthner, CISO at Boost Insurance. "We have to report not only to our partners, but to the state of New York, all 50 states, and the federal government. We have to notify every single person that's ever had a policy with us. It becomes a massive problem." | ||
|
|
||
| Boost has developers working remotely across multiple countries, and some partner contracts | ||
| explicitly require that data never leaves the United States. The existing tooling — StrongDM for |
There was a problem hiding this comment.
We may not want to call out StrongDM by name here since they are not a direct competitor of ours.
| The [Automation API](/docs/iac/concepts/automation-api/) is the foundation. Rather than shelling | ||
| out to `pulumi up`, Boost's Go application embeds Pulumi as a library, programmatically creating |
There was a problem hiding this comment.
Given that this is a customer story, we might want to make this a little less technical and talk more about what capabilities it enables, which is what we get at in the next sentence.
| and all of its resources, no cron jobs or manual cleanup required. This is what ensures that | ||
| isolated environments don't accumulate cost or become a security liability. |
There was a problem hiding this comment.
Again, suggest leading with the capabilities (cost, security) rather than the technical details.
| provisioning and destroying environments. This eliminates long-lived service account keys and | ||
| keeps the credential lifecycle fully automated. |
| [Pulumi Cloud](/docs/pulumi-cloud/) ties it all together with centralized visibility into every | ||
| active environment, with stacks, resources, and update history in one place. For a regulated insurance |
|
|
||
| ## Conclusion {#conclusion} | ||
|
|
||
| By building on Pulumi's Automation API, Pulumi Deployments, and Pulumi ESC, Boost turned a serious |
There was a problem hiding this comment.
| By building on Pulumi's Automation API, Pulumi Deployments, and Pulumi ESC, Boost turned a serious | |
| By building on Pulumi's infrastructure platform, Boost turned a serious |
| compliance liability into a self-service capability its developers actually enjoy using. Production | ||
| data stays inside Boost's controlled GCP infrastructure, isolated environments spin up in about 15 | ||
| minutes and tear themselves down on schedule, and the audit trail regulators require is captured | ||
| automatically — all without a ticket queue for the platform team. |
There was a problem hiding this comment.
| automatically — all without a ticket queue for the platform team. | |
| automatically — all without needing to file a request to the platform team. |
Adds a new customer story at
/case-studies/boost-insurance/describing how Boost Insurance built a self-service developer platform with Pulumi that provisions isolated, time-limited database environments entirely in the cloud — eliminating production data on developer laptops and the multi-state breach risk that came with it.Closes https://github.com/pulumi/marketing/issues/1775.