Glossary

API

Application Programming Interface. Pulumi offers APIs for working with a wide variety of cloud platforms, as well as higher-level APIs that make it easier to deliver cloud applications and infrastructure.

API

CLI

Command-line Interface. The Pulumi CLI is open source and works in conjunction with the Pulumi service to deploy changes to your cloud apps and infrastructure.

CLI

Checkpoint

A checkpoint is recorded by Pulumi at various points so that it can operate reliably—whether that means diffing goal state versus current state during an update, recovering from failure, or destroying resources accurately to clean up afterwards.

Checkpoint

Component

A Pulumi component is a logical group of resources that contains other components and physical cloud resources.

Component

Config

Configuration values are always stored as strings, but can be parsed as richly typed values. You may set and get configuration values via the CLI or by using the Config object.

Config

Deployment Engine

The deployment engine is responsible for computing the set of operations needed to drive the current state of your infrastructure into the desired state expressed by your program.

Deployment Engine

Dynamic Providers

Dynamic Providers are a flexible and low-level mechanism to plug arbitrary code directly into the deployment process. It is currently in preview.

Dynamic Providers

IdP

IdP stands for Identity Provider. A Security Assertion Markup Language (SAML) IdP is a service that acts as a user directory.

IdP

IdP Metadata XML

IdP Metadata XML is the XML configuration document provided by your Security Assertion Markup Language (SAML) IdP. It contains public information about your user directory, which can be used by the service provider to make authentication requests.

IdP Metadata XML

Language Executor

A language executor is a binary named pulumi-language-<language-name>, that Pulumi uses to launch the runtime for the the language your program is written in (e.g. Node or Python). This binary is distributed with the Pulumi CLI.

Language Executor

Language Host

The language host is responsible for running a Pulumi program and setting up an environment where it can register resources with the deployment engine.

Language Host

Organization

An organization is the primary grouping unit for stacks within the Pulumi Console.

Organization

Outputs

Outputs are a key part of how Pulumi tracks dependencies between resources. Because the values of Outputs are not available until resources are created, these are represented using the special Output type.

Outputs

Packages

Pulumi packages are normal NPM or Python packages. They transitively depend on @pulumi/pulumi which defines how resources created by a Pulumi program will be communicated to the Pulumi engine. The ability to register resources with the Pulumi engine is the only difference between a Pulumi package and any other NPM package.

Packages

Paths

When your Pulumi program references resources in the local filesystem, they are always relative to the working directory.

Paths

Program

Pulumi programs are authored in general-purpose programming languages such as JavaScript or Python. You can use any packages supported by the language’s package manager, as well as Pulumi packages.

Program

Project

A Pulumi project is any folder which contains a Pulumi.yaml file.

Project

Project File

The Pulumi.yaml project file specifies metadata about your project.

Project File

Pulumi Console

The Pulumi Console refers to the web application at `app.pulumi.com` which automatically manages deployment state and enables collaboration between developers and operators.

Pulumi Console

Resource Args

The args provided to a resource determine what inputs will be used to initialize the resource. These can be either raw values or outputs from other resources.

Resource Args

Resource Plugin

A resource plugin is the binary used by the deployment engine to manage a resource.

Resource Plugin

Resource Provider

A Pulumi resource provider consists of two different pieces: a resource plugin and an SDK.

Resource Provider

Resources

All resources have a name, which must be unique in the Pulumi program.

Resources

Runtime Code

You can create libraries and components that allow the caller to pass in JavaScript callbacks to invoke at runtime.

Runtime Code

SAML

Security Assertion Markup Language. You may use a SAML 2.0-compatible identity provider in order to sign in to the Pulumi Console via single sign-on. The SAML SSO feature is only available on the Pulumi Enterprise Edition.

SAML

SDK

A Pulumi Software Development Kit (SDK) provides bindings for each type of resource that the provider can manage.

SDK

SP

SP stands for Service Provider. A Security Assertion Markup Language (SAML) service provider relies on an identity provider for authentication.

SP

Secrets

The Pulumi CLI and programming model offer ways for you to encrypt configuration values with the --secret flag or by programmatically wrapping it as a secret at runtime.

Secrets

Secrets Encryption

The Pulumi Service automatically manages per-stack encryption keys on your behalf. Anytime you encrypt a value using --secret or by programmatically wrapping it as a secret at runtime, a secure protocol is used between the CLI and Pulumi Service that ensures secret data is encrypted in transit, at rest, and physically anywhere it gets stored.

Secrets Encryption

Self-hosted

Self-hosted in Pulumi applies to on-premise "behind a firewall" scenarios, as well as environments hosted within your own AWS, Azure, or GCP account.

Self-hosted

Stack

A stack is an isolated, independently configurable instance of a Pulumi program. Stacks are commonly used to denote different phases of development (such as development, staging and production) or feature branches (such as feature-x-dev, jane-feature-x-dev).

Stack

Stack Output

A stack output is a value exported from a stack. A stack’s outputs can be easily retrieved from the Pulumi CLI and are displayed on pulumi.com.

Stack Output

Stack Reference

Stack references provide a way to access the outputs of one stack from another stack.

Stack Reference

Stack Tags

Stacks have associated metadata in the form of tags, with each tag consisting of a name and value. Stack tags are only supported when logged into the Pulumi Service backend.

Stack Tags

State

Pulumi stores its own copy of the current state of your infrastructure. This is often simply called state, and is stored in transactional snapshots we call checkpoints.

State