Landing Zone
Foundational cloud-account infrastructure (network, identity, keys, audit) other projects depend on.
12 guides available
Related Tags
Showing 12 of 12 guides
Build a AWS landing zone with Pulumi
Stand up the foundational AWS network, identity, key, and audit-logging resources downstream Pulumi projects share. Ships a reusable component, a single stack, and a Pulumi ESC environment other projects import by name.
Build a Azure landing zone with Pulumi
Stand up the foundational Azure network, identity, key, and audit-logging resources downstream Pulumi projects share. Ships a reusable component, a single stack, and a Pulumi ESC environment other projects import by name.
Build a Cloud Landing Zone
Give every other Pulumi project in your cloud account a consistent, pre-built foundation (shared network, identity, key store, audit logs) so downstream stacks adopt it by name instead of rebuilding it every time.
Build a GCP landing zone with Pulumi
Stand up the foundational GCP network, identity, key, and audit-logging resources downstream Pulumi projects share. Ships a reusable component, a single stack, and a Pulumi ESC environment other projects import by name.
Deploy a serverless React + Postgres blueprint on AWS with Pulumi
Ship a React SPA plus a serverless API that queries Aurora Serverless v2 for PostgreSQL behind Amazon CloudFront on AWS. Consumes the Pulumi landing-zone stack for network and secret wiring, and exports the public site URL downstream projects can reuse.
Deploy a serverless React + Postgres blueprint on Azure with Pulumi
Ship a React SPA plus a serverless API that queries Azure Database for PostgreSQL Flexible Server behind Azure Front Door Standard on Azure. Consumes the Pulumi landing-zone stack for network and secret wiring, and exports the public site URL downstream projects can reuse.
Deploy a serverless React + Postgres blueprint on GCP with Pulumi
Ship a React SPA plus a serverless API that queries Cloud SQL for PostgreSQL behind Google Cloud CDN in front of a global external HTTPS load balancer on GCP. Consumes the Pulumi landing-zone stack for network and secret wiring, and exports the public site URL downstream projects can reuse.
Run an opinionated AKS cluster with Pulumi
Provision an opinionated AKS cluster on the Pulumi landing-zone network, preinstall External Secrets Operator plus Application Gateway for Containers and Node Auto Provisioning (NAP) through a reusable component, and export a kubeconfig downstream workloads can consume.
Run an opinionated Amazon EKS cluster with Pulumi
Provision an opinionated Amazon EKS cluster on the Pulumi landing-zone network, preinstall External Secrets Operator plus AWS Load Balancer Controller and Karpenter through a reusable component, and export a kubeconfig downstream workloads can consume.
Run an opinionated Google Kubernetes Engine cluster with Pulumi
Provision an opinionated Google Kubernetes Engine cluster on the Pulumi landing-zone network, preinstall External Secrets Operator plus GKE Gateway API and Node Auto Provisioning (NAP) through a reusable component, and export a kubeconfig downstream workloads can consume.
Run Managed Kubernetes
Give every team a production-ready Kubernetes cluster they can deploy workloads to in minutes, with the platform plumbing (ingress, secrets, autoscaling, and workload identity) already wired up so nobody has to stitch it together by hand.
Serverless React + Postgres
Ship a small full-stack web app in one `pulumi up`, with a React UI, a serverless backend, and a managed PostgreSQL database the backend queries. Scale-to-zero compute where the cloud supports it, and no CORS setup in the browser.