Pulumi speeds up your inner dev loop for Infrastructure as Code (IaC) by allowing you to use an IDE giving you statement completion, real-time type checking, and interactive documentation out of the box. In addition you can leverage all of the capabilities of the programming language of your choice so you can reduce the total number of lines of code you’re writing.

import * as pulumi from "@pulumi/pulumi";
import * as awsx from "@pulumi/awsx";
import * as eks from "@pulumi/eks";

// Create a new VPC
const eksVpc = new awsx.ec2.Vpc("eks-vpc", {
    enableDnsHostnames: true,
    cidrBlock: "",

// Create the EKS cluster
const eksCluster = new eks.Cluster("eks-cluster", {
    vpcId: eksVpc.vpcId,
    publicSubnetIds: eksVpc.publicSubnetIds,
    privateSubnetIds: eksVpc.privateSubnetIds,
    instanceType: "t2.medium",
    desiredCapacity: 3,
    minSize: 3,
    maxSize: 6,
    nodeAssociatePublicIpAddress: false,

// Export some values for use elsewhere
export const kubeconfig = eksCluster.kubeconfig;
export const vpcId = eksVpc.vpcId;
import pulumi
import pulumi_awsx as awsx
import pulumi_eks as eks

# Create a VPC for the EKS cluster
eks_vpc = awsx.ec2.Vpc("eks-vpc",

# Create the EKS cluster
eks_cluster = eks.Cluster("eks-cluster",

# Export values to use elsewhere
pulumi.export("kubeconfig", eks_cluster.kubeconfig)
pulumi.export("vpcId", eks_vpc.vpc_id)
package main

import (

func main() {
  pulumi.Run(func(ctx *pulumi.Context) error {
    // Create a new VPC, subnets, and associated infrastructure
    vpcNetworkCidr := ""
    eksVpc, err := ec2.NewVpc(ctx, "eks-vpc", &ec2.VpcArgs{
      EnableDnsHostnames: pulumi.Bool(true),
      CidrBlock:          &vpcNetworkCidr,
    if err != nil {
      return err

    // Create a new EKS cluster
    eksCluster, err := eks.NewCluster(ctx, "eks-cluster", &eks.ClusterArgs{
      VpcId:                        eksVpc.VpcId,
      PublicSubnetIds:              eksVpc.PublicSubnetIds,
      PrivateSubnetIds:             eksVpc.PrivateSubnetIds,
      InstanceType:                 pulumi.String("t2.medium"),
      DesiredCapacity:              pulumi.Int(3),
      MinSize:                      pulumi.Int(3),
      MaxSize:                      pulumi.Int(6),
      NodeAssociatePublicIpAddress: pulumi.Bool(false),
    if err != nil {
      return err

    // Export some values in case they are needed elsewhere
    ctx.Export("kubeconfig", eksCluster.Kubeconfig)
    ctx.Export("vpcId", eksVpc.VpcId)
    return nil
using Pulumi;
using Awsx = Pulumi.Awsx;
using Eks = Pulumi.Eks;
using System.Collections.Generic;

return await Deployment.RunAsync(() =>
    // Create a new VPC
    var eksVpc = new Awsx.Ec2.Vpc("eks-vpc", new()
        EnableDnsHostnames = true,
        CidrBlock = "",

    // Create the EKS cluster
    var eksCluster = new Eks.Cluster("eks-cluster", new()
        VpcId = eksVpc.VpcId,
        PublicSubnetIds = eksVpc.PublicSubnetIds,
        PrivateSubnetIds = eksVpc.PrivateSubnetIds,
        InstanceType = "t2.medium",
        DesiredCapacity = 3,
        MinSize = 3,
        MaxSize = 6,
        NodeAssociatePublicIpAddress = false,

    // Export some values for use elsewhere
    return new Dictionary<string, object?>
        ["kubeconfig"] = eksCluster.Kubeconfig,
        ["vpcId"] = eksVpc.VpcId,
package my_eks_cluster;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.awsx.ec2.Vpc;
import com.pulumi.awsx.ec2.VpcArgs;
import com.pulumi.eks.Cluster;
import com.pulumi.eks.ClusterArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {;

    public static void stack(Context ctx) {
        var eksVpc = new Vpc("eksVpc", VpcArgs.builder()

        var eksCluster = new Cluster("eksCluster", ClusterArgs.builder()

        ctx.export("kubeconfig", eksCluster.kubeconfig());
        ctx.export("vpcId", eksVpc.vpcId());
name: pulumi-eks
description: A simple EKS cluster
runtime: yaml
  # Create a VPC for the EKS cluster
    type: awsx:ec2:Vpc
      enableDnsHostnames: true
      cidrBlock: ""
  # Create the EKS cluster
    type: eks:Cluster
      vpcId: ${eks-vpc.vpcId}
      publicSubnetIds: ${eks-vpc.publicSubnetIds}
      privateSubnetIds: ${eks-vpc.privateSubnetIds}
      instanceType: "t2.medium"
      desiredCapacity: 3
      minSize: 3
      maxSize: 6
      nodeAssociatePublicIpAddress: false
  # Output the Kubeconfig for the cluster
  kubeconfig: ${eks-cluster.kubeconfig}
  vpcId: ${eks-vpc.vpcId}

Pulumi Pipeline

Ship applications faster

Pulumi speeds up your outer dev loop by making CI/CD for your IaC seamless and the default experience. Pulumi has integrations with all the popular CI/CD platforms and testing frameworks, so you can validate every change with testing and built-in policies. You can also build Pulumi Packages to create best-practice abstractions available in all languages.

Deliver ideas faster

Pulumi gives you a faster dev loop across the entire organization by guaranteeing the infrastructure software supply chain. Standard software packaging allows sharing and reuse of code across the organization along with org-wide policy enforcements, full change visibility and auditing across your entire organization, and automatic encryption for secrets and state. Pulumi provides the industry’s only automation workflow capability that allows software engineering to be applied to solve and manage cloud infrastructure at scale.

Pulumi Service

Do more with less

Use Pulumi's Automation API to create tooling that helps you and your engineers manage 10x the amount of resources versus traditional tooling.

What if IaC was a library and not just a CLI? Pulumi Automation API is the industry's first and only fully programmable infrastructure as code technology.

With Automation API, you can embed Pulumi right into your application code to drive complex deployment workflows programmatically. Build command-line tools, desktop applications, self-service infrastructure portals, and more, all in your language of choice — without having to "shell out" to another CLI. CLI tool to behind a HTTP API to a custom PaaS.

Automation API enables you and your company to scale 10x the amount of infrastructure managed per engineer.


  • import * as express from "express";
    import * as aws from "@pulumi/aws";
    import * as auto from "@pulumi/pulumi/automation";
    const app = express();"/update", async (req, res) => {
        // Create a new stack.
        const stack = await auto.createStack({
            stackName: req.body.stackName,
            projectName: req.body.projectName,
            program: () => {
                return {
                    bucket: new aws.s3.Bucket("my-bucket");
        // Update the stack.
        await stack.up({ onOutput: });
        return res.send("Update complete.");
  • import (
    func pulumiProgram(ctx *pulumi.Context) error {
        // Your Pulumi program.
    var deployCmd = &cobra.Command{
        Use:   "deploy",
        Short:  "Deploy my infrastructure.",
        Run: func(cmd *cobra.Command, args []string) error {
            ctx := context.Background()
            projectName := "example"
            stackName := "dev"
            s, err := auto.UpsertStackInlineSource(ctx, stackName, projectName, pulumiProgram)
            if err != nil {
              return err
            w := s.Workspace()
            // for inline source programs, we must manage plugins ourselves
            err = w.InstallPlugin(ctx, "aws", "v4.0.0")
            if err != nil {
              fmt.Printf("Failed to install program plugins: %v\n", err)
            // set stack configuration specifying the AWS region to deploy
            s.SetConfig(ctx, "aws:region", auto.ConfigValue{Value: "us-west-2"})
            _, err = s.Refresh(ctx)
            if err != nil {
              return err
            stdoutStreamer := optup.ProgressStreams(os.Stdout)
            res, err := s.Up(ctx, stdoutStreamer)
            if err != nil {
              return err
            return nil
    func init() {
  • import sys
    import json
    import pulumi
    import pulumi_aws as aws
    from pulumi import automation as auto
    from mysql.connector import connect
    # This is our pulumi program in "inline function" form
    def pulumi_program():
        default_vpc = aws.ec2.get_vpc(default=True)
        public_subnet_ids = aws.ec2.get_subnet_ids(
        subnet_group = aws.rds.SubnetGroup("db_subnet", subnet_ids=public_subnet_ids.ids)
        # make a public security group for our cluster for the migration
        security_group = aws.ec2.SecurityGroup("public_group",
        # example on, you should change this
        db_name = "hellosql"
        db_user = "hellosql"
        db_pass = "hellosql"
        # provision our db
        cluster = aws.rds.Cluster("db",
        cluster_instance = aws.rds.ClusterInstance("db_instance",
        pulumi.export("host", cluster.endpoint)
        pulumi.export("db_name", db_name)
        pulumi.export("db_user", db_user)
        pulumi.export("db_pass", db_pass)
    # To destroy our program, we can run python destroy
    destroy = False
    args = sys.argv[1:]
    if len(args) > 0:
        if args[0] == "destroy":
            destroy = True
    project_name = "database_migration"
    stack_name = "dev"
    # create (or select if one already exists) a stack that uses our inline program
    stack = auto.create_or_select_stack(stack_name=stack_name,
    print("successfully initialized stack")
    # for inline programs, we must manage plugins ourselves
    print("installing plugins...")
    stack.workspace.install_plugin("aws", "v4.0.0")
    print("plugins installed")
    # set stack configuration specifying the AWS region to deploy
    print("setting up config")
    stack.set_config("aws:region", auto.ConfigValue(value="us-west-2"))
    print("config set")
    print("refreshing stack...")
    print("refresh complete")
    if destroy:
        print("destroying stack...")
        print("stack destroy complete")
    print("updating stack...")
    up_res = stack.up(on_output=print)
    print(f"update summary: \n{json.dumps(up_res.summary.resource_changes, indent=4)}")
    print(f"db host url: {up_res.outputs['host'].value}")
    print("configuring db...")
    with connect(
            database=up_res.outputs['db_name'].value) as connection:
        print("db configured!")
        # make sure the table exists
        print("creating table...")
        create_table_query = """CREATE TABLE IF NOT EXISTS hello_pulumi(
            id int(9) NOT NULL PRIMARY KEY,
            color varchar(14) NOT NULL);
        with connection.cursor() as cursor:
        # seed the table with some data to start
        seed_table_query = """INSERT IGNORE INTO hello_pulumi (id, color)
            (1, 'Purple'),
            (2, 'Violet'),
            (3, 'Plum');
        with connection.cursor() as cursor:
        print("rows inserted!")
        print("querying to verify data...")
        # read the data back
        read_table_query = """SELECT COUNT(*) FROM hello_pulumi;"""
        with connection.cursor() as cursor:
            result = cursor.fetchone()
            print(f"Result: {json.dumps(result)}")
        print("database, table and rows successfully configured")

Atlassian reduced time spent on maintenance by 50%

"Using Pulumi and Python, our team quickly and easily built a repeatable pipeline that deploys development environments for more than 100 team members worldwide. The benefits of working in languages we know can’t be overstated. That just made moving to the Pulumi Cloud Engineering Platform an obvious choice for the team."

- Mike Corsaro, Senior Software Engineer at Bitbucket

