Self-Hosted Operations Guide

This guide provides best practices for deploying and operating Pulumi Cloud in a self-hosted configuration with high availability (HA) and disaster recovery (DR). These recommendations are derived from how Pulumi operates its own managed service and adapted for self-hosted deployments.

Production readiness checklist

Use this checklist when planning or validating your self-hosted deployment.

Pre-deployment

• Choose deployment platform (ECS, EKS, AKS, GKE, BYO)
• Obtain Pulumi Cloud license key from your Pulumi contact
• Define domain names for API and console endpoints
• Get SMTP server credentials (optional if using SAML SSO exclusively)
• Set up Cloudflare Turnstile for bot protection (recommended for publicly accessible installations)
• Commit installer code as-is to your own source control before customizing

Infrastructure

• Database deployed in multi-AZ configuration
• Object storage buckets created with versioning enabled
• Network configured with public and private subnets across 2+ AZs
• Security groups restrict traffic between tiers

Application

• API service and console deployed with 2+ replicas
• DNS records configured for both API and console domains
• Health checks passing for all services

Operations

• Monitoring and alerting configured (CPU, memory, error rates, storage)
• Database backup schedule configured with cross-region copies
• Object storage replication configured (if multi-region)
• Recovery procedures documented and tested
• Ingress allowlist configured (if restricting access)
• Deletion protection enabled on database and load balancer

Validation

• pulumi login https://api.{domain} succeeds from CLI
• Console accessible at https://app.{domain} in browser
• User signup and login work correctly
• Stack create, update, and destroy operations work
• Email invitations work (if SMTP configured)