Universal Infrastructure as Code for Kubernetes

Kubernetes Superpowers

Pulumi lets you use a single infrastructure as code workflow for managing cloud native resources and infrastructure with software engineering. Eliminate complex YAML, JSON, and DSLs by using your favorite programming languages and automate deployments to AWS, Azure, Google Coud, and 100+ providers.

  • index.ts
  • __main__.py
  • main.go
  • MyStack.cs
  • Main.java
  • Pulumi.yaml
import * as pulumi from "@pulumi/pulumi";
import * as kubernetes from "@pulumi/kubernetes";

// Create a K8s namespace.
const devNamespace = new kubernetes.core.v1.Namespace("devNamespace", {
    metadata: {
        name: "dev",

// Deploy the K8s nginx-ingress Helm chart into the created namespace.
const nginxIngress = new kubernetes.helm.v3.Chart("nginx-ingress", {
    chart: "nginx-ingress",
    namespace: devNamespace.metadata.name,
        repo: "https://charts.helm.sh/stable/",
import pulumi_kubernetes as kubernetes

# Create a K8s namespace.
dev_namespace = kubernetes.core.v1.Namespace(
        "name": "dev",

# Deploy the K8s nginx-ingress Helm chart into the created namespace.
nginx_ingress = kubernetes.helm.v3.Chart(
package main

import (
    corev1 "github.com/pulumi/pulumi-kubernetes/sdk/v2/go/kubernetes/core/v1"
    metav1 "github.com/pulumi/pulumi-kubernetes/sdk/v2/go/kubernetes/meta/v1"

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {

        // Create a K8s namespace.
        ns, err := corev1.NewNamespace(ctx, "devNamespace", &corev1.NamespaceArgs{
            Metadata: &metav1.ObjectMetaArgs{
                Name: pulumi.String("dev"),
        if err != nil {
            return err

        // Deploy the K8s nginx-ingress Helm chart into the created namespace.
        _, err = helm.NewChart(ctx, "nginx-ingress", helm.ChartArgs{
            Chart: pulumi.String("nginx-ingress"),
            Namespace: ns.Metadata.ApplyT(func(metadata interface{}) string {
                return *metadata.(*metav1.ObjectMeta).Name
            FetchArgs: helm.FetchArgs{
                Repo: pulumi.String("https://charts.helm.sh/stable/"),
        if err != nil {
            return err

        return nil
using Pulumi;
using Kubernetes = Pulumi.Kubernetes;

class MyStack : Stack
    public MyStack()
        // Create a K8s namespace.
        var devNamespace = new Kubernetes.Core.V1.Namespace("devNamespace", new Kubernetes.Types.Inputs.Core.V1.NamespaceArgs
            Metadata = new Kubernetes.Types.Inputs.Meta.V1.ObjectMetaArgs
                Name = "dev",

        // Deploy the K8s nginx-ingress Helm chart into the created namespace.
        var nginx = new Kubernetes.Helm.V3.Chart("nginx-ingress", new Kubernetes.Helm.ChartArgs
            Chart = "nginx-ingress",
            Namespace = devNamespace.Metadata.Apply(x => x.Name),
            FetchOptions = new Kubernetes.Helm.ChartFetchArgs
                Repo = "https://charts.helm.sh/stable/"
package com.pulumi.example.infra;

import com.pulumi.Context;
import com.pulumi.Exports;
import com.pulumi.Pulumi;
import com.pulumi.kubernetes.core_v1.Namespace;
import com.pulumi.kubernetes.core_v1.NamespaceArgs;
import com.pulumi.kubernetes.meta_v1.inputs.ObjectMetaArgs;
import com.pulumi.kubernetes.helm.sh_v3.Release;
import com.pulumi.kubernetes.helm.sh_v3.ReleaseArgs;
import com.pulumi.kubernetes.helm.sh_v3.inputs.RepositoryOptsArgs;

public class Main {

    public static void main(String[] args) {

    private static Exports stack(Context ctx) {
        var devNamespace = new Namespace("devNamespace", NamespaceArgs.builder()

        var nginxIngress = new Release("nginx-ingress", ReleaseArgs.builder()

        return ctx.exports();
name: simple-kubernetes
runtime: yaml
    type: kubernetes:core:Namespace
        name: "dev"
    type: kubernetes:helm.sh:Chart
      chart: "nginx-ingress"
      namespace: ${devNamespace.metadata.name}
          repo: "https://charts.helm.sh/stable/"

Powering top engineering teams


Cloud Native Engineering with Pulumi

Pulumi streamlines Kubernetes cluster configuration, management, and app workload deployments to your clusters. With Pulumi for Kubernetes you can:

  • Manage Kubernetes clusters on all major cloud providers.
  • Increase productivity using the full ecosystem of dev tools such as IDE auto-completion, type & error checking, linting, refactoring, and test frameworks to validate Kubernetes clusters, app workloads, or both.
  • Automate Kubernetes deployments with CI/CD integrations for Flux, Spinnaker, Octopus, GitHub Actions, GitLab, Azure DevOps and more.
  • Seamlessly manage both Kubernetes and cloud resources using GitOps with the Pulumi Kubernetes Operator.
  • Use Kubernetes Server-Side Apply to safely manage shared Kubernetes resources with Pulumi and your existing controllers.
  • Run On Any Cloud

    Support for all clouds including Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), DigitalOcean Kubernetes (DOKS), and more, with dozens of integrations with popular infrastructure service providers.

    Learn more

  • Reduce Provisioning Time

    With Pulumi you are able to take advantage of the features of programming languages, helping you reduce boilerplate code and ultimately ship Kubernetes infrastructure and applications faster with greater consistency.

    Learn more

  • Automate Delivery

    You can integrate Pulumi directly with your favorite CI/CD and SCM systems to continuously deliver Kubernetes infrastructure and applications. Improve the velocity and visibility into your deployments from simple to complex global environments.

    Learn more

  • Smart Architecture

    YAML and templated DSLs force you to write the same boilerplate code over and over. Pulumi’s Kubernetes library allows you to codify those patterns and best practices so you can stop reinventing the wheel and start inventing the platforms of the future.

    Learn more

  • Be Proactive, Not Reactive

    When you enable Pulumi's Policy as Code feature, you instantly gain the power to prevent mistakes from being deployed. Enforce security, compliance, cost controls, and best practices using policies defined in modern languages.

    Learn more

  • Reduce Deployment Complexity

    Deploying untested code can lead to some unexpected results. Pulumi lets you take advantage of common tools, frameworks, and techniques to unit, integration, and property test your Kubernetes infrastructure. Ensure your infrastructure is correct before and after deployment.

    Learn more

Continue using the tools you love

Pulumi has first-class support for popular Kubernetes tools, such as Helm, Kustomize, YAML, Secret Managers, Open Policy Agent (OPA), Custom Resource Definitions (CRDs), and Server-Side Apply (SSA).

Everything In One Place

Easily make the best use of existing Kubernetes tools such as Helm, and reduce the friction caused by multiple deployment tools and models across complex architectures.

Efficient Adoption

There’s no need to rewrite your existing Kubernetes configurations to get started with Pulumi. You can efficiently adopt existing K8s resources to deploy your application to save time and effort.

Secrets Management

Use Pulumi to ensure secret data is encrypted in transit, at rest, and physically anywhere it gets stored. Bring your own preferred cloud encryption provider or use Pulumi’s native secrets provider.

Pulumi Kubernetes Operator

Deploy both Kubernetes resources and cloud infrastructure from within the Kubernetes resource model using a GitOps workflow. Use Pulumi’s Flux integration and many other CI/CD integrations.

Kubernetes Best Practices with Pulumi Crosswalk

Create, deploy, and manage production-ready infrastructure leveraging hosted Kubernetes offerings such as Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), or Google Kubernetes Engine (GKE).

Day 2 and Beyond

By using Pulumi Crosswalk for Kubernetes, you can benefit from tried-and-true “Day Two and beyond” integrations and playbooks, improving your infrastructure security, manageability, and cost effectiveness.

Accessible Kubernetes

Through Pulumi’s Crosswalk for Kubernetes library extensions, the authorship experience has improved to make the Kubernetes API more accessible and approachable to operators and developers of all backgrounds.

Focus on Delivering Value

With Pulumi you’ll focus more on functionality and business logic of your Kubernetes infrastructure and applications, and less on low-level implementation details.

Avoid Pitfalls

Discover solutions to the hardest Kubernetes problems to avoid mitigating pitfalls around infrastructure, security, governance, reliability, and maintainability of the K8s cluster, its workloads, and underlying resources.

Pulumi In Action

Watch how easy it is to set up Amazon Elastic Kubernetes Service (EKS) in 5 minutes with Pulumi.

Get Started with Pulumi

Use Pulumi's open source SDK to create, deploy, and manage infrastructure on any cloud.

Google Cloud

Need Help?

Need technical help?

Use our Support Portal to get in touch.

Need help getting started?

Send us a note, and someone will reach out to help you.

Want a demo?

Talk with an expert to see how Pulumi fits your use case.

Something else on your mind?

Send us a note.