diff --git a/content/blog/platform-engineering-pillars-1/index.md b/content/blog/platform-engineering-pillars-1/index.md
index 844e72b8c908..ad2678b9b02f 100644
--- a/content/blog/platform-engineering-pillars-1/index.md
+++ b/content/blog/platform-engineering-pillars-1/index.md
@@ -9,6 +9,7 @@ authors:
 tags:
     - platform-engineering
     - platform-engineering-pillars
+series: platform-engineering-pillars
 social:
     twitter: >
         Introducing our new series on Platform Engineering Pillars! Learn how to transform infrastructure chaos and developer friction into a streamlined development experience. Dive into the 6 essential capabilities every successful platform needs.
diff --git a/content/blog/platform-engineering-pillars-2/index.md b/content/blog/platform-engineering-pillars-2/index.md
index 90929cbb7c5b..d58c416f8477 100644
--- a/content/blog/platform-engineering-pillars-2/index.md
+++ b/content/blog/platform-engineering-pillars-2/index.md
@@ -9,6 +9,7 @@ authors:
 tags:
     - platform-engineering
     - platform-engineering-pillars
+series: platform-engineering-pillars
 social:
     twitter: >
             ️ Mastering Infrastructure Provisioning: the foundation of successful platform engineering! Learn how to eliminate bottlenecks, standardize with IaC, and create golden paths that empower developers while maintaining security and consistency. Stop fighting infrastructure chaos and start building platforms that scale.
diff --git a/content/blog/platform-engineering-pillars-3/index.md b/content/blog/platform-engineering-pillars-3/index.md
index b135fdd1276c..eaba79a779d7 100644
--- a/content/blog/platform-engineering-pillars-3/index.md
+++ b/content/blog/platform-engineering-pillars-3/index.md
@@ -9,6 +9,7 @@ authors:
 tags:
     - platform-engineering
     - platform-engineering-pillars
+series: platform-engineering-pillars
 social:
     twitter: >
             Self-Service Infrastructure: the key to scaling platform engineering! Learn how to break free from approval bottlenecks, implement modular abstractions, and create two-level architectures that empower developers while maintaining governance. Stop fighting manual processes and start building platforms that scale.
diff --git a/content/blog/platform-engineering-pillars-4/index.md b/content/blog/platform-engineering-pillars-4/index.md
index 04eacfcaad52..d934b81bfb41 100644
--- a/content/blog/platform-engineering-pillars-4/index.md
+++ b/content/blog/platform-engineering-pillars-4/index.md
@@ -9,6 +9,7 @@ authors:
 tags:
     - platform-engineering
     - platform-engineering-pillars
+series: platform-engineering-pillars
 social:
     twitter: >
             Developer Experience: the key to platform engineering success! Learn how to eliminate friction points, implement standardized templates, and build fast CI/CD pipelines that help developers achieve flow state and ship features faster.
diff --git a/content/blog/platform-engineering-pillars-5/index.md b/content/blog/platform-engineering-pillars-5/index.md
index d5612083bfe6..6e23050329a3 100644
--- a/content/blog/platform-engineering-pillars-5/index.md
+++ b/content/blog/platform-engineering-pillars-5/index.md
@@ -9,6 +9,7 @@ authors:
 tags:
     - platform-engineering
     - platform-engineering-pillars
+series: platform-engineering-pillars
 social:
     twitter: >
       Security doesn't have to be a roadblock! By embedding guardrails directly into your platform with policy-as-code, centralized secrets management, and identity-based authentication, you transform security from gatekeeper to enabler. Developers move faster WITH confidence, not despite security!
diff --git a/content/blog/platform-engineering-pillars-6/angry.png b/content/blog/platform-engineering-pillars-6/angry.png
new file mode 100644
index 000000000000..3ad111d7669e
Binary files /dev/null and b/content/blog/platform-engineering-pillars-6/angry.png differ
diff --git a/content/blog/platform-engineering-pillars-6/excited.png b/content/blog/platform-engineering-pillars-6/excited.png
new file mode 100644
index 000000000000..25b808c38188
Binary files /dev/null and b/content/blog/platform-engineering-pillars-6/excited.png differ
diff --git a/content/blog/platform-engineering-pillars-6/frustrated.png b/content/blog/platform-engineering-pillars-6/frustrated.png
new file mode 100644
index 000000000000..2f9d3ea830ca
Binary files /dev/null and b/content/blog/platform-engineering-pillars-6/frustrated.png differ
diff --git a/content/blog/platform-engineering-pillars-6/happy.png b/content/blog/platform-engineering-pillars-6/happy.png
new file mode 100644
index 000000000000..467e8b6f8601
Binary files /dev/null and b/content/blog/platform-engineering-pillars-6/happy.png differ
diff --git a/content/blog/platform-engineering-pillars-6/index.md b/content/blog/platform-engineering-pillars-6/index.md
new file mode 100644
index 000000000000..a32240d09011
--- /dev/null
+++ b/content/blog/platform-engineering-pillars-6/index.md
@@ -0,0 +1,237 @@
+---
+title: "Observability as a Developer Superpower"
+date: 2025-06-10
+draft: false
+summary: Engineering teams drown in observability tool sprawl, alert fatigue, and reactive debugging that turns 3AM incidents into hours-long fire drills. Learn how embedding observability into your platform with centralized service dashboards, actionable alerts, and built-in instrumentation transforms reactive firefighting into proactive innovation, enabling teams to resolve major incidents in minutes instead of hours.
+meta_desc: Transform observability into a developer superpower with unified visibility, AI-powered insights, and actionable alerts embedded in your platform.
+meta_image: meta.png
+authors:
+    - adam-gordon-bell
+tags:
+    - platform-engineering
+    - platform-engineering-pillars
+series: platform-engineering-pillars
+social:
+    twitter: >
+      Stop drowning in observability data! 🌊 Transform tool sprawl & alert fatigue into a developer SUPERPOWER with centralized service dashboards, actionable alerts, and built-in instrumentation. From 3AM pages to 3-minute resolutions: that's the power of platform-embedded observability! 🚀
+    linkedin: >
+      Observability becomes a DEVELOPER SUPERPOWER when embedded as a platform feature! 🔧 Instead of drowning in disconnected dashboards and noisy alerts, teams gain immediate clarity and actionable insights.
+
+      🔥 The Challenge:
+      - Tool sprawl across metrics, logs, and traces
+      - Alert fatigue from context-free notifications  
+      - Reactive debugging instead of proactive prevention
+      - Manual instrumentation gaps in new services
+
+      ✨ The Platform Solution:
+      - Centralized service dashboards with health badges & owner info
+      - Actionable alerts with root-cause analysis & next steps
+      - Built-in observability via service templates & CI/CD
+      - AI-powered troubleshooting with natural language queries
+
+      Real impact? Turn 3AM fire drills into 3-minute resolutions. Teams spend less time hunting through data and more time building innovative features.
+
+      Ready to make observability your competitive advantage? Discover the platform engineering approach!
+---
+<span style="width: 225px; float: right; margin-left: 20px;">
+<span style="text-align:center">
+    <img src="frustrated.png" width="200px" alt="frustrated expression">
+    <figcaption>
+    <i>Frustratedly trying to figure out what's actually happening</i>
+    </figcaption>
+</span>
+</span>
+
+In previous articles in this series, we’ve shown how [platform engineering](/blog/tag/platform-engineering-pillars/) turns infrastructure chaos into consistency, gives teams self-service tools, smooths developer workflows, and bakes security into the platform. Each pillar builds on the last. Together, they create an internal developer platform that cuts friction and speeds innovation.
+
+Even so, teams still face a big challenge: seeing what’s really happening. Whether things go wrong or run smoothly, engineering teams need clear, actionable insights into their systems. Without observability, you end up guessing, reacting slowly, and hunting through scattered data.
+
+This article shows how observability can be a superpower, giving teams the visibility, insights, and confidence to build better software. Embedding observability into your platform lets teams spot, understand, and fix problems fast, turning reactive firefighting into proactive innovation.
+
+## The Problem: Data Overload Without Insights
+
+Teams drown in metrics, logs, and traces but lack useful insights. In practice, this shows up in three common friction points:
+
+- **Tool sprawl:** Teams use separate tools for metrics, logs, and traces. They waste time flipping between dashboards and stitching data together.
+
+- **Alert fatigue:** Teams get hit with noisy, context-free alerts. With no clear priority or context, key alerts get lost, causing missed issues or slow responses.
+
+- **Reactive debugging:** Troubleshooting turns into a late-night fire drill. Teams spend hours digging through logs and metrics after users have already noticed the problem.
+
+When observability is limited to post-mortems and fragmented dashboards, your team wastes time reacting instead of preventing problems, and innovation grinds to a halt.
+
+## The Solution: Observability as an Engineering Superpower
+
+<span style="width: 225px; float: left; margin-right: 20px;">
+<span style="text-align:center">
+    <img src="tired.png" width="200px" alt="tired expression">
+    <figcaption>
+    <i>Exhausted from hours of reactive debugging when the problem could have been caught earlier</i>
+    </figcaption>
+</span>
+</span>
+
+The solution isn’t just about bolting on more monitoring tools. it’s about baking visibility, context, and guidance into your platform. To do this, embrace three key principles:
+
+- **Centralized Service Dashboards & Service List**
+Surface every running service (or database, function, etc.) in one “Services” portal, complete with health badges (CPU, error rate), on-call owner info, and one-click links to that service’s metrics, logs, and traces. By unifying all telemetry behind a single service card, you eliminate context-switching and help engineers find exactly what they need in seconds, not minutes.
+
+- **Actionable Alerts and Insights**
+Replace vague, noisy notifications with context-rich, prioritized alerts that include severity, correlated root-cause data, and recommended next steps (“Database latency jumped 200% since last deploy: rollback or scale up replicas”). Group and surface only the most critical issues first to reduce alert fatigue and speed up resolution.
+
+- **Embedding Observability into Engineering Workflows**
+Ship every new microservice with built-in logging, metrics, and tracing by including those hooks in your platform’s service templates and CI/CD pipelines. When instrumentation is automatic, “oops, I forgot to add a span” moments disappear, and teams gain immediate visibility into performance and errors from day one.
+
+When observability becomes a superpower, engineering teams gain the visibility and insights they need to confidently build, deploy, and operate software. Instead of drowning in data, they proactively identify and resolve issues, optimize performance, and innovate with confidence.
+
+### A. Centralized Service Dashboards & Service List
+
+<span style="width: 225px; float: right; margin-left: 20px;">
+<span style="text-align:center">
+    <img src="learning.png" width="200px" alt="learning expression">
+    <figcaption>
+    <i>Reading the Service Catalog</i>
+    </figcaption>
+</span>
+</span>
+
+Imagine you’re paged at 2 AM because “OrderService” is failing, but you don’t know where to look. Metrics live in Grafana, logs are in Elasticsearch, traces in Jaeger, and you still have to hunt down who’s on call. You spend precious minutes clicking through multiple UIs and Slack channels just to figure out who owns the service and where its telemetry lives.
+
+A centralized service list solves this by surfacing every running microservice (or database, or function) in one place. In your platform’s web portal, you land on a “Services” page that shows OrderService alongside CPU and error‐rate badges, an on-call owner, and links to its real-time dashboard, filtered logs, and trace waterfall. No matter which team spun it up, you know exactly where to click: metrics, logs, traces, deployment history, and contact info all live behind a single service card.
+
+By embedding a service list into your platform, you eliminate context switching and reduce onboarding friction. If a service isn’t listed, it isn’t properly instrumented, so gaps stand out immediately. In practice, this “one‐pane‐of‐glass” approach means engineers spend seconds finding the right dashboard and the right person, instead of minutes piecing together fragments across disconnected tools.
+
+### B. Actionable Alerts and Insights: Reducing Noise and Accelerating Response
+
+<span style="width: 225px; float: left; margin-right: 20px;">
+<span style="text-align:center">
+    <img src="angry.png" width="200px" alt="locked-in expression">
+    <figcaption>
+    <i>Digging through alert noise</i>
+    </figcaption>
+</span>
+</span>
+
+It’s 4 AM and your phone buzzes with three simultaneous alerts, each with vague descriptions like "High CPU usage detected" or "Error rate increased." Without clear context or recommended actions, you must manually investigate each alert, digging through logs and metrics to determine severity and root cause. This manual triage process is slow, frustrating, and error-prone, increasing the risk of missing critical issues or delaying resolution.
+
+Engineering teams often face a constant barrage of alerts, many of which lack clear context, severity, or actionable next steps. This flood of noisy, ambiguous notifications creates alert fatigue, causing your team to overlook critical issues or waste valuable time investigating false positives.
+
+A platform approach should focus on actionable metrics. Instead of vague notifications, clearly state the issue ("Database latency increased by 200%"), provide relevant context ("Latency spike correlated with recent deployment"), and suggest immediate actions ("Rollback recent deployment or scale database resources"). Additionally, alerts are automatically grouped and prioritized based on severity and impact, ensuring you focus on the most critical issues first.
+
+By holistically approaching alerts and insights, you significantly reduce alert fatigue and noise, accelerate incident response and resolution, and empower engineering teams with greater confidence and autonomy. Your team spends less time manually triaging alerts and more time proactively resolving issues, improving reliability, productivity, and overall team satisfaction.
+
+### C. Embedding Observability into Engineering Workflows: Visibility from Day One
+
+<span style="width: 225px; float: right; margin-left: 20px;">
+<span style="text-align:center">
+    <img src="sleepy.png" width="200px" alt="sleepy expression">
+    <figcaption>
+    <i>At 2 AM, where are the logs for this service.</i>
+    </figcaption>
+</span>
+</span>
+
+You’ve just deployed a brand-new microservice to production, only to discover performance issues or unexpected behavior. Sure, you should remember to add tracing, logging, and metrics by hand, but in practice, things slip through the cracks. It isn’t until real-world traffic hits that you realize you forgot to instrument X or Y, and now you’re scrambling to retroactively add code, redeploy, and wait for data to appear, delaying resolution and frustrating your team.
+
+If your platform’s service templates already include all the necessary logging, metrics gathering, and tracing out of the box, it makes life a lot easier. Embedding observability into those templates and engineering workflows ensures every new microservice ships with built-in instrumentation.
+
+This proactive approach reduces “oops, I forgot” moments, accelerates troubleshooting, and increases team productivity and satisfaction, ultimately improving the reliability and quality of your software.
+
+## Real-World Example: Observability Superpower in Action
+
+<span style="width: 225px; float: left; margin-right: 20px;">
+<span style="text-align:center">
+    <img src="excited.png" width="200px" alt="excited expression">
+    <figcaption>
+    <i>Applying an Actional Metric</i>
+    </figcaption>
+</span>
+</span>
+
+At 3:15 AM, your pagerduty alert goes off: “CheckoutService latency spiked 150%.” You log into your platform’s Services portal and immediately see CheckoutService highlighted with a red latency badge and Todd Rivera listed as the on-call owner. Rather than scouring multiple dashboards, you click its service card to jump straight to the metrics, logs, and trace views.
+
+The alert itself is remarkably precise: “CheckoutService latency rose 150% at 3:10 AM following the v2.3.1 deployment. PaymentGatewayService upstream error rate jumped from 0.2% to 2.3%. Recommendation: rollback v2.3.1 or scale PaymentGateway pods. Contact Todd Rivera.” Instantly, you know where the problem lies, which upstream service is impacted, and what the next step should be.
+In the trace waterfall, you spot a 200 ms delay on CheckoutService calls to PaymentGateway. The logs, automatically instrumented by your service template, filter to TimeoutException entries all timestamped at 3:10 AM. Opening the “Ask Platform” AI widget, you type, “Why did CheckoutService latency spike at 3:10 AM?” The AI responds: “Likely cause: v2.3.1 added index idx_created_at to PaymentGateway’s transactions table, causing an 80 ms delay per request. Rollback v2.3.1 or patch queries to remove the new index.”
+
+Armed with this precise diagnosis, you open a rollback pull request and, after Todd's ok, deploy it within minutes.
+
+CheckoutService latency and PaymentGateway errors immediately return to baseline. By moving from alert to resolution entirely within the platform (thanks to built-in instrumentation, actionable alerts, and AI-driven analysis, you’ve squashed a major incident before most users ever noticed.
+{{% notes %}}
+
+## Metrics: Measuring Observability Enablement
+
+To ensure your observability practices truly empower engineering teams, it's essential to track clear, actionable metrics. These metrics help you understand the effectiveness of your observability tools and processes, identify areas for improvement, and demonstrate the tangible impact observability has on your organization.
+
+Key metrics to measure observability enablement include:
+
+- **Mean Time to Detection (MTTD)**:  
+  How quickly are issues identified after they occur? Effective observability should significantly reduce the time it takes to detect problems, enabling faster responses and minimizing user impact.
+
+- **Mean Time to Resolution (MTTR)**:  
+  How quickly are issues resolved once detected? With clear, actionable insights and unified observability, your teams should resolve issues faster, reducing downtime and improving reliability.
+
+- **Engineering Team Satisfaction with Observability Tools**:  
+  Regularly survey your teams to gauge their satisfaction with observability tools and workflows. Higher satisfaction indicates that observability is effectively embedded into engineering workflows, reducing friction and increasing productivity.
+
+- **Adoption Rate of Observability Tools and Dashboards**:  
+  Track how widely observability tools and dashboards are adopted across teams. Increased adoption indicates that your teams find these tools valuable, intuitive, and helpful in their daily work.
+
+- **Reduction in Alert Noise and False Positives**:  
+  Measure the volume and accuracy of alerts over time. Effective observability should reduce noisy, irrelevant alerts, ensuring your teams focus on meaningful, actionable notifications.
+
+Tracking these metrics helps you continuously improve your observability practices, ensuring they remain effective and empowering. By regularly reviewing and acting on these insights, you can proactively enhance team productivity, reliability, and overall satisfaction.
+
+{{% /notes %}}
+
+## Pulumi and Observability Enablement
+
+<span style="width: 225px; float: right; margin-left: 20px;">
+<span style="text-align:center">
+    <img src="new-idea.png" width="200px" alt="new-idea expression">
+    <figcaption>
+    <i>Platform insights</i>
+    </figcaption>
+</span>
+</span>
+
+Pulumi’s platform features let you explore observability without bolting on extra tools. Key Pulumi features that enable observability include:
+
+- **Pulumi Insights**:  
+  Provides unified visibility and powerful search across all your cloud resources. Your teams can quickly discover, explore, and understand their infrastructure, eliminating manual searches and reducing cognitive load.
+- **Centralized Service List**:
+  Pulumi IDP’s Services portal gives you a single place to register each microservice, database, or cloud resource and link to its dashboards, logs, and traces.
+- **Pulumi Co-Pilot**:  
+  Delivers AI-powered troubleshooting and insights directly within your workflows. Your teams can ask natural-language questions about their infrastructure (such as "What infrastructure changed yesterday?") and receive immediate, actionable answers.
+- **Built-In Instrumentation via IDP Components**:  
+  When you author components and templates in Pulumi IDP, you can bake in standard logging, metrics, and tracing hooks. Every service spun up from those templates ships with consistent instrumentation on day one.
+
+With Pulumi, observability can become an integrated part of your platform, accelerating innovation, improving reliability, and empowering engineering teams to confidently build, deploy, and operate software.
+
+## Conclusion: Observability as a Platform Feature
+
+<span style="width: 225px; float: left; margin-right: 20px;">
+<span style="text-align:center">
+    <img src="happy.png" width="200px" alt="happy expression">
+    <figcaption>
+    <i>Happy resolving an incident in minutes.</i>
+    </figcaption>
+</span>
+</span>
+
+Observability isn’t just about plugging in more tools. It’s about baking-in consistent instrumentation, measurement, and context so every engineer (platform, DevOps/SRE, or application) knows exactly where to look and how to act.
+
+1. **Service-Templates with Built-In Telemetry**
+   By providing service templates that already include logging, metrics gathering, and tracing, you eliminate “Oops, I forgot to instrument X” moments. Every new microservice inherits a standard setup, so you never have to retroactively add code or scramble when traffic first hits production.
+
+2. **Consistent Service Dashboards & Centralized Service List**
+   Instead of hunting across eight different dashboards, engineers always start from a single “Service List” page. From there, one click takes them to that service’s metrics overview, log stream, or trace waterfall. This unified entry point reduces cognitive load and cuts straight to “Where’s the problem?”
+
+3. **Measuring Alert Quality and Actionability**
+   A truly mature platform doesn’t just send alerts. It tracks whether those alerts are helpful or noise. By measuring “ratio of actionable alerts vs. false positives,” you continuously fine-tune thresholds and eliminate alert fatigue. The result? Engineers trust their notifications and respond faster to real incidents.
+
+4. **AI-Driven Context and Natural-Language Troubleshooting**
+   On top of unified telemetry and alert quality metrics, AI can instantly correlate recent deployments, configuration changes, and error spikes. Engineers can ask, “Why did latency jump at 3 AM?” or “What changed in production last night?” in plain English, and the platform provides a clear, context-enriched answer. This additional layer turns reactive firefighting into proactive problem prevention.
+
+When you combine these elements (components and templates, a single service dashboard, alert quality measurement, and AI/natural-language querying), you transform observability into a genuine superpower. Issues are spotted, triaged, and fixed before customers even notice.
+
+Next time, we’ll dive into the final pillar, Platform Governance, showing how to enforce policy, manage costs, and keep your platform secure and compliant as it scales.
diff --git a/content/blog/platform-engineering-pillars-6/learning.png b/content/blog/platform-engineering-pillars-6/learning.png
new file mode 100644
index 000000000000..75f09f807227
Binary files /dev/null and b/content/blog/platform-engineering-pillars-6/learning.png differ
diff --git a/content/blog/platform-engineering-pillars-6/meta.png b/content/blog/platform-engineering-pillars-6/meta.png
new file mode 100644
index 000000000000..4fa3a23bf172
Binary files /dev/null and b/content/blog/platform-engineering-pillars-6/meta.png differ
diff --git a/content/blog/platform-engineering-pillars-6/new-idea.png b/content/blog/platform-engineering-pillars-6/new-idea.png
new file mode 100644
index 000000000000..35fbd6a8fbf8
Binary files /dev/null and b/content/blog/platform-engineering-pillars-6/new-idea.png differ
diff --git a/content/blog/platform-engineering-pillars-6/sleepy.png b/content/blog/platform-engineering-pillars-6/sleepy.png
new file mode 100644
index 000000000000..70791aa27fb9
Binary files /dev/null and b/content/blog/platform-engineering-pillars-6/sleepy.png differ
diff --git a/content/blog/platform-engineering-pillars-6/sprites.png b/content/blog/platform-engineering-pillars-6/sprites.png
new file mode 100644
index 000000000000..6681b6ef4426
Binary files /dev/null and b/content/blog/platform-engineering-pillars-6/sprites.png differ
diff --git a/content/blog/platform-engineering-pillars-6/tired.png b/content/blog/platform-engineering-pillars-6/tired.png
new file mode 100644
index 000000000000..23a484ac76cc
Binary files /dev/null and b/content/blog/platform-engineering-pillars-6/tired.png differ
diff --git a/content/blog/platform-engineering-pillars-7/blocked.png b/content/blog/platform-engineering-pillars-7/blocked.png
new file mode 100644
index 000000000000..5a6f870df5c4
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/blocked.png differ
diff --git a/content/blog/platform-engineering-pillars-7/confident.png b/content/blog/platform-engineering-pillars-7/confident.png
new file mode 100644
index 000000000000..5cdbf66b986a
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/confident.png differ
diff --git a/content/blog/platform-engineering-pillars-7/confused.png b/content/blog/platform-engineering-pillars-7/confused.png
new file mode 100644
index 000000000000..6dc6da6159e0
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/confused.png differ
diff --git a/content/blog/platform-engineering-pillars-7/empowered.png b/content/blog/platform-engineering-pillars-7/empowered.png
new file mode 100644
index 000000000000..bea7b61b79e4
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/empowered.png differ
diff --git a/content/blog/platform-engineering-pillars-7/frustrated.png b/content/blog/platform-engineering-pillars-7/frustrated.png
new file mode 100644
index 000000000000..d58fbad42b86
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/frustrated.png differ
diff --git a/content/blog/platform-engineering-pillars-7/governance-sprites-cropped.png b/content/blog/platform-engineering-pillars-7/governance-sprites-cropped.png
new file mode 100644
index 000000000000..98818028603a
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/governance-sprites-cropped.png differ
diff --git a/content/blog/platform-engineering-pillars-7/index.md b/content/blog/platform-engineering-pillars-7/index.md
new file mode 100644
index 000000000000..93aa86ac9281
--- /dev/null
+++ b/content/blog/platform-engineering-pillars-7/index.md
@@ -0,0 +1,233 @@
+---
+title: "Governance as an Enabler: Scaling Safely and Confidently"
+date: 2025-06-17
+draft: false
+meta_desc: Transform governance from manual bureaucracy into an automated enabler by embedding policy-as-code, RBAC, and automated controls directly into your platform.
+meta_image: meta.png
+authors:
+    - adam-gordon-bell
+tags:
+    - platform-engineering
+    - platform-engineering-pillars
+series: platform-engineering-pillars
+social:
+    twitter: >
+      Governance doesn't have to be bureaucratic red tape! Transform it into an automated ENABLER by embedding policy-as-code, RBAC & automated controls directly into your platform. Scale safely & confidently while preserving team autonomy and speed! 🚀
+    linkedin: >
+      Governance as an ENABLER, not a bottleneck! 🔒 Transform compliance and control from manual bureaucracy into automated, built-in capabilities that scale with your platform.
+
+      🚨 The Problem:
+      - Manual compliance checks slowing deployments
+      - Unpredictable cloud costs from resource sprawl
+      - Reduced team autonomy from red tape
+      - Increased compliance risks from human error
+
+      💡 The Solution:
+      Embed governance directly into your platform with:
+
+      - Policy-as-Code for automated compliance
+      - RBAC for granular, automated permissions
+      - Built-in audit logs and drift detection
+      - Automated cost controls and resource lifecycle
+
+      The result? Engineering teams gain autonomy within clear guardrails. Operations teams maintain visibility and control. Your organization scales safely without sacrificing speed or innovation.
+
+      Ready to make governance your competitive advantage? See how in our latest platform engineering pillar!
+---
+
+In previous articles in this series, we've explored how [platform engineering](/blog/tag/platform-engineering-pillars/) transforms infrastructure chaos into consistent provisioning, empowers engineering teams through self-service infrastructure, optimizes workflows, embeds security directly into your platform, and provides observability as a superpower. Each pillar builds upon the previous ones, creating a cohesive foundation that accelerates innovation and productivity.
+
+But as your platform scales, new challenges inevitably emerge. You've empowered engineering teams with self-service infrastructure, streamlined workflows, and embedded security directly into your platform. But as your platform scales, new challenges emerge: How do you ensure consistency, compliance, and cost control without slowing your teams down?
+
+In this article, we'll explore how Platform Engineering transforms governance from a manual, bureaucratic process into an automated, built-in enabler, helping your organization scale safely and confidently. By embedding governance directly into your platform, you can maintain control, ensure compliance, and manage costs effectively, all while preserving the autonomy and speed your engineering teams have come to expect.
+
+## The Problem: Governance as a Manual Bottleneck
+
+<span style="width: 225px; float: right; margin-left: 20px;">
+<span style="text-align:center">
+    <img src="frustrated.png" width="200px" alt="frustrated expression">
+    <figcaption>
+    <i>Dealing with manual compliance checks and red tape</i>
+    </figcaption>
+</span>
+</span>
+
+With increased team autonomy and self-service capabilities, how do you ensure consistency, compliance, and cost control across your entire organization?
+
+Governance often feels like a necessary evil: manual, bureaucratic, and slow. Application teams see it as red tape, while operations teams struggle to maintain control. Manual compliance checks, lengthy audits, and unclear or inconsistent policies create friction and frustration. Teams may bypass governance processes entirely, leading to shadow IT, inconsistent resource configurations, and hidden risks.
+
+The consequences of manual, bureaucratic governance are clear:
+
+- **Increased compliance risks and audit failures:** Without automated enforcement, compliance becomes reactive and error-prone, increasing the likelihood of regulatory violations and audit findings.
+- **Unpredictable cloud costs and budget overruns:** Without clear guardrails, self-service infrastructure can lead to resource sprawl, wasted resources, and unexpected cloud bills.
+- **Reduced team autonomy and slower innovation:** Manual governance processes reintroduce bottlenecks, slowing down deployments and undermining the agility your platform was designed to achieve.
+
+## The Solution: Embedding Governance into Your Platform
+
+<span style="width: 225px; float: left; margin-right: 20px;">
+<span style="text-align:center">
+    <img src="satisfied.png" width="200px" alt="satisfied expression">
+    <figcaption>
+    <i>Successfully scaling safely with embedded governance</i>
+    </figcaption>
+</span>
+</span>
+
+Governance should live inside your platform, not off to the side as a separate process. To make that happen, build these four capabilities into your IDP:
+
+- **Policy-as-Code for Automated Compliance:** Declare rules (like approved regions or required tags) as code. The platform enforces them whenever infrastructure is created or updated, so compliance happens automatically.
+
+- **Platform-Level RBAC for Permission Boundaries:** Decide who can act on projects, stacks, and templates before any cloud credentials run. This early check prevents unauthorized requests from ever reaching cloud provider.
+
+- **Audit Logs and Drift Detection for Real-Time Visibility:** Record every deployment, who ran it, and what changed. Continuously compare live infrastructure to the desired state in code. If someone bypasses approved processes, the platform flags it and alerts the team.
+
+- **Resource Lifecycle and Deployment Controls:** Automatically retire idle environments after a set time (Resource TTLs) so forgotten test clusters don’t rack up bills. Also if needed, gate production changes behind lightweight approval workflows. Routine dev or staging updates roll out instantly, but high impact production changes wait until a reviewer signs off.
+
+Let’s dive into each of these.
+
+### A. Policy-as-Code for Compliance and Operational Standards: Automating Trust and Consistency
+
+An engineering team is ready to launch a new service. They’ve tested it and everything looks good, until the deployment fails. Not because of a bug. Because it’s targeting an unapproved cloud region.
+
+Now they’re stuck. A compliance review kicks off. Slack threads fly. A ticket gets filed. What should’ve been a smooth release turns into a delay, all because of a policy someone missed.
+
+Policy-as-code prevents this.
+
+When teams deploy something that breaks the rules (like using an unapproved region), the platform blocks it automatically. The error shows up right away, with a clear message. Nothing gets provisioned, and nobody has to file a ticket.
+
+If you’re already using intent-based componentes (“I need a Java service with Kafka and PostgreSQL”), most details are handled for you: tags, regions, naming. But people still override things. That’s why policy-as-code matters.
+
+Think of it as a safety net. A menu of componentes handle the defaults. Policies catch anything that slips through. Together, they keep your platform consistent without slowing anyone down.
+
+### B. Role-Based Access Control (RBAC): Balancing Autonomy and Control
+
+<span style="width: 225px; float: right; margin-left: 20px;">
+<span style="text-align:center">
+    <img src="blocked.png" width="200px" alt="blocked expression">
+    <figcaption>
+    <i>Stopped by lengthy approval processes</i>
+    </figcaption>
+</span>
+</span>
+
+As your platform grows, managing permissions manually gets messy. If an engineer needs to fix a production issue but doesn’t have access, they file a ticket and wait, sometimes for days. Give developers too many rights, and they might change production by accident. Both options slow teams down and increase risk.
+
+The fix is an RBAC model built into your platform. First, the platform decides who can deploy, who can publish components, and who can manage templates. This check runs before any cloud credentials are used, so invalid requests get blocked early. Second, the cloud IAM layer controls which API calls are allowed, like creating an EC2 instance or updating a database.
+
+This pairs well with a two-level intent-based approach. Teams describe what they need (“I want a Python Lambda with an SQS queue”), and the platform enforces access only for users with the right scopes. Everyone gets just enough access to do their job, no more, no less.
+
+A Platform with RBAC makes permissions clear, reduces mistakes, and keeps everything auditable. Devs move fast, spinning up resources as needed, while strong guardrails stay in place. The result is a scalable, least-privilege model that balances autonomy and control, so your organization can grow safely.
+
+### C. Auditability, Traceability, and Drift Detection: Ensuring Visibility and Trust
+
+<span style="width: 225px; float: left; margin-right: 20px;">
+<span style="text-align:center">
+    <img src="stressed.png" width="200px" alt="stressed expression">
+    <figcaption>
+    <i>Anxious about audit failures and compliance risks</i>
+    </figcaption>
+</span>
+</span>
+
+An ops engineer spots a production database misbehaving. A quick check shows someone changed its configuration outside the approved workflow. Without an audit trail or drift detection, the team scrambles to figure out who made the change and when. Meanwhile, the incorrect setting stays active, posing a security and compliance risk. No one can fix it without guessing.
+
+A platform with audit logs records every action: who deployed, when, and what changed. Drift detection watches live infrastructure and compares it to the desired state in code. If someone bypasses the workflow (say, editing a database setting in the console), the platform flags it and alerts:
+“User Alice changed max_connections on prod-db-01 at 3:42 PM, which no longer matches the expected state.”
+Now the team can pinpoint the change, talk to the right person, and revert or update the code, restoring consistency in minutes, not hours.
+
+Together, audit logs and drift detection give you real-time visibility into every change. You stop playing detective. You see who did what, when, and how it deviated from code, all in one place. That transparency speeds audits, catches unauthorized changes fast, and builds trust across teams. With automatic traces of every change, your platform scales without surprises.
+
+### D. Resource Lifecycle and Deployment Controls: Scaling Responsibly and Safely
+
+An engineer spins up a test environment, then walks away. Another pushes a change straight to production without review. The abandoned test cluster runs up cloud costs; the unreviewed prod tweak risks an outage. Without automation, both lead to wasted spend and stressful cleanups.
+
+A modern platform handles this with **ephemeral environments where possible** and **approval gates where it matters**.
+
+In dev and staging, engineers can move quickly. They can create test or preview environments, often tied to users or pull requests, that shut down automatically after a set time. TTL rules keep things tidy without manual cleanup.
+
+Production, by contrast, is gated. High-impact changes, like modifying a database schema or adjusting a load balancer, require approval. Before anything is provisioned, sign-off is required. Every approval (or denial) is logged: who, when, and why.
+
+This setup keeps development fast and flexible, while making production changes deliberate and auditable. Your platform stays clean, cost-effective, and safe without getting in the way.
+
+<span style="width: 225px; float: right; margin-left: 20px;">
+<span style="text-align:center">
+    <img src="overwhelmed.png" width="200px" alt="overwhelmed expression">
+    <figcaption>
+    <i>Drowning in resource sprawl and unexpected costs</i>
+    </figcaption>
+</span>
+</span>
+
+## Real-World Example: Governance Enablement in Action
+
+An engineering team opens a pull request for a new customer-facing service. The platform spins up a preview environment using a template with secure defaults, pre-approved modules, and policy checks. CI runs tests and policy checks in preview (names, regions, encryption, compliance) so the team catches issues early. If a rule fails (say, an unencrypted database), the PR fails before it reaches main. After the PR merges to main, it deploys to production, confident all policy validations have passed.
+
+Idle QA environments shut down after 48 hours, so forgotten clusters don’t rack up bills. Sensitive production changes, like updating a load balancer or altering a critical schema, are carefully reviewed via pull request. Once approved, the platform deploys automatically and logs every action. Drift detection flags console edits, letting the team revert or update code in minutes.
+
+Result: Governance becomes an invisible safety net. Engineers move fast, knowing policy-as-code, RBAC, TTL cleanup, approval gates, and change tracking catch mistakes. Ops stays in control without firefighting or chasing orphan resources. The platform scales safely, balancing freedom with built-in guardrails.
+
+{{% notes %}}
+
+## Metrics: Measuring Governance Enablement
+
+To ensure your governance practices truly empower your organization, it's essential to track clear, actionable metrics. These metrics help you understand the effectiveness of your governance processes, identify areas for improvement, and ensure governance remains frictionless and enabling:
+
+- **Time Spent on Manual Compliance Checks and Audits**:  
+  Measure how much time your teams spend manually verifying compliance or performing audits. Effective governance automation should significantly reduce this overhead, freeing teams to focus on higher-value tasks.
+
+- **Number of Compliance Violations or Audit Findings**:  
+  Track how frequently compliance violations or audit issues occur. Effective governance should reduce these incidents, demonstrating that automated policies and guardrails are working as intended.
+
+- **Cloud Cost Predictability and Budget Adherence**:  
+  Monitor how accurately your cloud spending aligns with forecasts and budgets. Good governance practices, such as automated tagging, resource lifecycle management, and cost controls, should improve predictability and reduce unexpected cost overruns.
+
+- **Engineering Team Satisfaction with Governance Processes**:  
+  Regularly survey engineering teams to gauge their satisfaction with governance processes. High satisfaction indicates that governance is enabling rather than hindering their workflows.
+
+Tracking these metrics helps you continuously improve your platform's governance practices, ensuring they remain effective and frictionless.
+
+{{% /notes %}}
+
+<span style="width: 225px; float: left; margin-right: 20px;">
+<span style="text-align:center">
+    <img src="confident.png" width="200px" alt="confident expression">
+    <figcaption>
+    <i>Working within clear, automated guardrails</i>
+    </figcaption>
+</span>
+</span>
+
+## Pulumi and Governance Enablement
+
+Pulumi provides built-in governance features that help you scale safely and confidently, embedding compliance, consistency, and control directly into your platform:
+
+- **CrossGuard (Policy as Code)**
+  Define and enforce compliance and operational policies automatically. CrossGuard checks every resource against your organization’s standards before deployment, preventing non-compliant resources and reducing manual audits.
+
+- **Role-Based Access Control (RBAC) and Teams**
+  Manage permissions with precision. Pulumi’s RBAC ensures teams get exactly the access they need, no more, no less, so developers can move quickly within clear boundaries and ops can reduce risk.
+
+- **Audit Logs and Drift Detection**
+  Capture a full history of every change and compare live infrastructure to the desired state in code. Audit logs simplify compliance reviews, drift detection spots unauthorized edits, and teams can fix issues in minutes.
+
+- **Time-to-Live (TTL) Stacks / Ephemeral Environments**
+  Spin up short-lived environments for testing or previews. You can assign a TTL to any stack so it shuts down automatically after a set period. That keeps forgotten test resources from racking up costs and ensures your platform stays clean.
+
+By leveraging Pulumi’s governance features, including CrossGuard, RBAC, audit logs, and TTL stacks, your platform becomes a powerful enabler. You automate compliance, maintain consistency, and empower engineering teams to innovate quickly and safely.
+
+## Conclusion: Governance as a Platform Feature
+
+<span style="width: 225px; float: right; margin-left: 20px;">
+<span style="text-align:center">
+    <img src="empowered.png" width="200px" alt="empowered expression">
+    <figcaption>
+    <i>Having autonomy with built-in controls</i>
+    </figcaption>
+</span>
+</span>
+
+Governance doesn't have to slow you down. By embedding governance directly into your platform, you empower engineering teams to innovate quickly while ensuring compliance, consistency, and control. Instead of manual checks, governance becomes automatic, transparent, and frictionless, enabling your organization to scale safely and confidently.
+
+Your engineering teams gain autonomy and speed, your operations teams gain visibility and control, and your organization gains the confidence to innovate at scale.
+
+You’ve now seen all six pillars of a modern internal developer platform—[provisioning](/blog/platform-engineering-pillars-2/), [self-service](/blog/platform-engineering-pillars-3/), [developer experience](/blog/platform-engineering-pillars-4/), [security](/blog/platform-engineering-pillars-5/), [observability](/blog/platform-engineering-pillars-6/), and governance. If you’d like to see how Pulumi makes building and running a platform like this simpler, check out [Pulumi IDP](/product/internal-developer-platforms/).
diff --git a/content/blog/platform-engineering-pillars-7/meta.png b/content/blog/platform-engineering-pillars-7/meta.png
new file mode 100644
index 000000000000..7bfff54c2025
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/meta.png differ
diff --git a/content/blog/platform-engineering-pillars-7/overwhelmed.png b/content/blog/platform-engineering-pillars-7/overwhelmed.png
new file mode 100644
index 000000000000..25c814340857
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/overwhelmed.png differ
diff --git a/content/blog/platform-engineering-pillars-7/relieved.png b/content/blog/platform-engineering-pillars-7/relieved.png
new file mode 100644
index 000000000000..6eda6a5a2940
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/relieved.png differ
diff --git a/content/blog/platform-engineering-pillars-7/satisfied.png b/content/blog/platform-engineering-pillars-7/satisfied.png
new file mode 100644
index 000000000000..7570ee4b5fe0
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/satisfied.png differ
diff --git a/content/blog/platform-engineering-pillars-7/stressed.png b/content/blog/platform-engineering-pillars-7/stressed.png
new file mode 100644
index 000000000000..92582f2e98f4
Binary files /dev/null and b/content/blog/platform-engineering-pillars-7/stressed.png differ
diff --git a/layouts/blog/single.html b/layouts/blog/single.html
index 4a949273ffbc..411842690850 100644
--- a/layouts/blog/single.html
+++ b/layouts/blog/single.html
@@ -3,7 +3,11 @@
         <div class="xxl:flex">
             <div class="flex flex-col lg:flex-row xxl:w-9/12">
                 <div class="lg:w-1/4 xxl:w-4/12 pr-8">
-                    {{ partial "blog/sidebar.html" . }}
+                    {{ if .Params.series }}
+                        {{ partial "blog/series-sidebar.html" . }}
+                    {{ else }}
+                        {{ partial "blog/sidebar.html" . }}
+                    {{ end }}
                 </div>
 
                 <div class="lg:w-3/4 xxl:w-9/12">
diff --git a/layouts/partials/blog/series-sidebar.html b/layouts/partials/blog/series-sidebar.html
new file mode 100644
index 000000000000..954d160751b5
--- /dev/null
+++ b/layouts/partials/blog/series-sidebar.html
@@ -0,0 +1,96 @@
+<!--
+    Series sidebar, showing all posts in the current series with the current post highlighted.
+-->
+<aside class="lg:pr-8 sticky-sidebar">
+    <!-- Sidebar menu toggle for mobile. -->
+    <div class="lg:hidden">
+        <button class="blog-sidebar-toggle items-center px-3 py-2 border rounded text-purple border-purple">Toggle Series Navigation</button>
+    </div>
+
+    <h2 class="no-anchor hidden lg:flex mt-2 mb-6">
+        <a data-track="sidebar" class="text-2xl" href="{{ relref . "/blog" }}">Pulumi Blog</a>
+    </h2>
+
+    <!-- Sidebar content. Hidden on smaller displays unless toggled. -->
+    <div class="blog-sidebar-content hidden lg:block">
+        {{ partial "blog/search" . }}
+
+        <hr class="my-8" />
+
+        {{ $currentSeries := .Page.Params.series }}
+        {{ if $currentSeries }}
+            <!-- Series Navigation -->
+            <div class="my-4">
+                <h5 class="no-anchor text-lg font-semibold mb-4">In This Series</h5>
+                
+                <!-- Get all posts with the same series tag, including future posts, sorted chronologically -->
+                {{ $allPages := .Site.AllPages }}
+                {{ $seriesPosts := where $allPages "Params.series" $currentSeries }}
+                {{ $seriesPosts := $seriesPosts.ByDate }}
+                
+                <ul class="list-none p-0 space-y-3">
+                    {{ range $index, $post := $seriesPosts }}
+                        <li class="leading-snug">
+                            {{ if eq $post.RelPermalink $.Page.RelPermalink }}
+                                <!-- Current post - highlighted -->
+                                <div class="bg-blue-50 border-l-4 border-blue-500 pl-3 py-2 rounded-r">
+                                    {{ if strings.Contains $post.Title ":" }}
+                                        {{ $titleParts := split $post.Title ":" }}
+                                        <div class="text-sm font-semibold text-blue-900">{{ add $index 1 }}. {{ trim (index $titleParts 0) " " }}</div>
+                                        <div class="text-xs text-blue-700 mt-1">{{ trim (index $titleParts 1) " " }}</div>
+                                    {{ else }}
+                                        <span class="text-sm font-semibold text-blue-900">{{ add $index 1 }}. {{ $post.Title }}</span>
+                                    {{ end }}
+                                    <div class="text-xs text-blue-600 mt-1">Current post</div>
+                                </div>
+                            {{ else }}
+                                <!-- Other posts in series -->
+                                {{ if $post.Date.After now }}
+                                    <!-- Future post - show as coming soon -->
+                                    <div class="pl-3 py-1 opacity-60">
+                                        <div class="text-sm text-gray-500">
+                                            {{ if strings.Contains $post.Title ":" }}
+                                                {{ $titleParts := split $post.Title ":" }}
+                                                <div class="font-medium">{{ add $index 1 }}. {{ trim (index $titleParts 0) " " }}</div>
+                                                <div class="text-xs text-gray-400 mt-1">{{ trim (index $titleParts 1) " " }}</div>
+                                            {{ else }}
+                                                {{ add $index 1 }}. {{ $post.Title }}
+                                            {{ end }}
+                                        </div>
+                                        <div class="text-xs text-blue-400 mt-1">Coming {{ $post.Date.Format "Jan 2" }}</div>
+                                    </div>
+                                {{ else }}
+                                    <!-- Published post -->
+                                    <div class="pl-3 py-1">
+                                        <a data-track="series-post" class="text-sm hover:text-blue-600" href="{{ $post.RelPermalink }}">
+                                            {{ if strings.Contains $post.Title ":" }}
+                                                {{ $titleParts := split $post.Title ":" }}
+                                                <div class="font-medium">{{ add $index 1 }}. {{ trim (index $titleParts 0) " " }}</div>
+                                                <div class="text-xs text-gray-600 mt-1">{{ trim (index $titleParts 1) " " }}</div>
+                                            {{ else }}
+                                                {{ add $index 1 }}. {{ $post.Title }}
+                                            {{ end }}
+                                        </a>
+                                    </div>
+                                {{ end }}
+                            {{ end }}
+                        </li>
+                    {{ end }}
+                </ul>
+                
+                <!-- Link to view all series posts -->
+                <div class="mt-4 pt-3">
+                    <a class="text-blue-600 text-sm" href="/blog/tag/{{ $currentSeries | urlize }}/">View whole series &rarr;</a>
+                </div>
+            </div>
+        {{ end }}
+
+        <hr class="my-8" />
+
+        {{ partial "sidebar-cta" . }}
+    </div>
+
+    <div class="lg:hidden pb-4">
+        <!-- Vertical spacer, for mobile layouts. -->
+    </div>
+</aside>