Pulumi's CrossGuard policy engine offers a flexible approach to enforcing infrastructure compliance through policies that can issue warnings or errors when violations occur. Recently, Pulumi introduced remediation policies, which not only detect policy violations but also automatically correct them, ensuring that deployments adhere to specified guidelines without user intervention. This feature supports a range of use cases, from tagging resources to enforcing security measures, and can be configured to apply organization-wide or to specific stacks. Remediation policies leverage Pulumi's policy-as-code capabilities, allowing developers to use languages like JavaScript, Python, and TypeScript to write custom policies. These policies can be run locally or published to Pulumi Cloud for broader enforcement. The remediation feature is inspired by static analysis and code-fixing techniques, enhancing compliance and productivity by automating corrections while maintaining transparency about changes. This new capability is available in Pulumi's open-source SDK, making it accessible for users to implement and experiment with policy packs that automatically remediate infrastructure issues.