1. Docs
  2. Clouds
  3. Azure
  4. Get started
  5. Review project

Pulumi & Azure: Review project

    Let’s review some of the generated project files:

    • Pulumi.yaml defines both the project and the program that manages your stack resources.
    • src/main/java/myproject defines the project’s Java package root.
    • __main__.py is the Pulumi program that defines your stack resources.
    • index.js index.ts main.py main.go Program.cs Program.fs Program.vb App.java Pulumi.yaml is the Pulumi program that defines your stack resources.

    Let’s examine index.js index.ts __main__.py main.go Program.cs Program.fs Program.vb App.java Pulumi.yaml .

    import * as pulumi from "@pulumi/pulumi";
    import * as resources from "@pulumi/azure-native/resources";
    import * as storage from "@pulumi/azure-native/storage";
    // Create an Azure Resource Group
    const resourceGroup = new resources.ResourceGroup("resourceGroup");
    // Create an Azure resource (Storage Account)
    const storageAccount = new storage.StorageAccount("sa", {
        resourceGroupName: resourceGroup.name,
        sku: {
            name: storage.SkuName.Standard_LRS,
        kind: storage.Kind.StorageV2,
    // Export the primary key of the Storage Account
    const storageAccountKeys = storage.listStorageAccountKeysOutput({
        resourceGroupName: resourceGroup.name,
        accountName: storageAccount.name
    export const primaryStorageKey = storageAccountKeys.keys[0].value;
    """An Azure RM Python Pulumi program"""
    import pulumi
    from pulumi_azure_native import storage
    from pulumi_azure_native import resources
    # Create an Azure Resource Group
    resource_group = resources.ResourceGroup("resource_group")
    # Create an Azure resource (Storage Account)
    account = storage.StorageAccount(
    # Export the primary key of the Storage Account
    primary_key = (
        pulumi.Output.all(resource_group.name, account.name)
            lambda args: storage.list_storage_account_keys(
                resource_group_name=args[0], account_name=args[1]
        .apply(lambda accountKeys: accountKeys.keys[0].value)
    pulumi.export("primary_storage_key", primary_key)
    package main
    import (
    func main() {
        pulumi.Run(func(ctx *pulumi.Context) error {
            // Create an Azure Resource Group
            resourceGroup, err := resources.NewResourceGroup(ctx, "resourceGroup", nil)
            if err != nil {
                return err
            // Create an Azure resource (Storage Account)
            account, err := storage.NewStorageAccount(ctx, "sa", &storage.StorageAccountArgs{
    			ResourceGroupName: resourceGroup.Name,
    			AccessTier:        storage.AccessTierHot,
    			Sku: &storage.SkuArgs{
    				Name: storage.SkuName_Standard_LRS,
    			Kind: storage.KindStorageV2,
            if err != nil {
                return err
            // Export the primary key of the Storage Account
    		ctx.Export("primaryStorageKey", pulumi.All(resourceGroup.Name, account.Name).ApplyT(
    			func(args []interface{}) (string, error) {
    				resourceGroupName := args[0].(string)
    				accountName := args[1].(string)
    				accountKeys, err := storage.ListStorageAccountKeys(ctx, &storage.ListStorageAccountKeysArgs{
    					ResourceGroupName: resourceGroupName,
    					AccountName:       accountName,
    				if err != nil {
    					return "", err
    				return accountKeys.Keys[0].Value, nil
            return nil
    using Pulumi;
    using Pulumi.AzureNative.Resources;
    using Pulumi.AzureNative.Storage;
    using Pulumi.AzureNative.Storage.Inputs;
    using System.Collections.Generic;
    return await Pulumi.Deployment.RunAsync(() =>
        // Create an Azure Resource Group
        var resourceGroup = new ResourceGroup("resourceGroup");
        // Create an Azure resource (Storage Account)
        var storageAccount = new StorageAccount("sa", new StorageAccountArgs
            ResourceGroupName = resourceGroup.Name,
            Sku = new SkuArgs
                Name = SkuName.Standard_LRS
            Kind = Kind.StorageV2
        var storageAccountKeys = ListStorageAccountKeys.Invoke(new ListStorageAccountKeysInvokeArgs
            ResourceGroupName = resourceGroup.Name,
            AccountName = storageAccount.Name
        var primaryStorageKey = storageAccountKeys.Apply(accountKeys =>
            var firstKey = accountKeys.Keys[0].Value;
            return Output.CreateSecret(firstKey);
        // Export the primary key of the Storage Account
        return new Dictionary<string, object?>
            ["primaryStorageKey"] = primaryStorageKey
    package myproject;
    import com.pulumi.Pulumi;
    import com.pulumi.azurenative.resources.ResourceGroup;
    import com.pulumi.azurenative.storage.StorageAccount;
    import com.pulumi.azurenative.storage.StorageAccountArgs;
    import com.pulumi.azurenative.storage.StorageFunctions;
    import com.pulumi.azurenative.storage.enums.Kind;
    import com.pulumi.azurenative.storage.enums.SkuName;
    import com.pulumi.azurenative.storage.inputs.ListStorageAccountKeysArgs;
    import com.pulumi.azurenative.storage.inputs.SkuArgs;
    import com.pulumi.core.Either;
    import com.pulumi.core.Output;
    import com.pulumi.deployment.InvokeOptions;
    public class App {
        public static void main(String[] args) {
            Pulumi.run(ctx -> {
                var resourceGroup = new ResourceGroup("resourceGroup");
                var storageAccount = new StorageAccount("sa", StorageAccountArgs.builder()
                var primaryStorageKey = getStorageAccountPrimaryKey(
                ctx.export("primaryStorageKey", primaryStorageKey);
        private static Output<String> getStorageAccountPrimaryKey(Output<String> resourceGroupName,
                                                                  Output<String> accountName) {
            return Output.tuple(resourceGroupName, accountName).apply(tuple -> {
                var actualResourceGroupName = tuple.t1;
                var actualAccountName = tuple.t2;
                var invokeResult = StorageFunctions.listStorageAccountKeys(ListStorageAccountKeysArgs.builder()
                        .build(), InvokeOptions.Empty);
                return Output.of(invokeResult)
                        .applyValue(r -> r.keys().get(0).value())
    name: quickstart
    runtime: yaml
    description: A minimal Azure Native Pulumi YAML program
        type: azure-native:resources:ResourceGroup
        type: azure-native:storage:StorageAccount
          resourceGroupName: ${resourceGroup.name}
            name: Standard_LRS
          kind: StorageV2
          resourceGroupName: ${resourceGroup.name}
          accountName: ${sa.name}
      primaryStorageKey: ${storageAccountKeys.keys[0].value}

    This Pulumi program creates an Azure resource group and storage account and then exports the storage account’s primary key.

    In this program, the location of the resource group is set in the configuration setting azure-native:location (check the Pulumi.dev.yaml file). This is an easy way to set a global location for your program so you don’t have to specify the location for each resource manually. The location for the storage account is automatically derived from the location of the resource group. To override the location for a resource, set the location property to one of Azure’s supported locations.

    Next, you’ll deploy your stack, which will provision a resource group and your storage account.

      Introducing Pulumi Copilot - Intelligent Cloud Management