Modern infrastructure demands modern tools. Pulumi unifies infrastructure as code, secrets management, policy governance, and AI automation into a single platform. Start with our Apache 2.0 open source core, scale with enterprise features when you need them.
Infrastructure as Code in Any Language
Open Source Foundation, Enterprise Scale
Stop wrestling with DSLs. Write infrastructure in TypeScript, Python, Go, C#, Java, or YAML. Deploy to AWS, Azure, Google Cloud, Kubernetes, and thousands of providers. Our Apache 2.0 open source engine powers everything.
Real Programming Languages
Use loops, conditionals, functions, and classes. Catch errors at compile time. Reuse code across projects.
Thousands of Providers
Full API coverage for AWS, Azure, Google Cloud, plus Cloudflare, Datadog, GitHub, and thousands more.
Test Before You Ship
Write unit tests for infrastructure. Run integration tests against ephemeral environments. Ship with confidence.
Meet Neo, Your AI Platform Engineer
Automate Infrastructure with Built-in Governance
The industry’s first AI agent built for infrastructure. Neo automates complex tasks end-to-end, debugs deployments instantly, and generates infrastructure code - all while respecting your policies and requiring appropriate approvals.
End-to-End Automation
Delegate complex tasks in plain English. Neo handles dependencies, executes changes, and maintains compliance.
Instant Cloud Insights
Ask questions, get answers. Find cost savings, debug failures, check compliance - Neo knows your infrastructure.
Enterprise Controls
Human-in-the-loop approvals. Respects all RBAC and policies. Complete audit trail for every action.
Centralized Secrets & Configuration
One Interface for All Your Secrets
Pulumi ESC centralizes secrets from every vault and cloud provider. Connect HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, 1Password, and more. Dynamic credentials via OIDC. Works with or without Pulumi IaC.
Eliminate Secrets Sprawl
Connect to any secrets store. One interface for all your secrets. No more juggling multiple vaults.
Dynamic Credentials
Generate just-in-time, short-lived credentials via OIDC. Automatically revoke when leases expire.
Works Everywhere
CLI, API, SDKs, Kubernetes operators. Use with any CI/CD platform, any application, any workflow.
Complete Visibility & Governance
See Everything, Control Everything
Search across all clouds from a single pane of glass. Enforce policies automatically. Track compliance. Get AI-powered insights. Know exactly what’s running where and why.
Multi-Cloud Visibility
Search resources across AWS, Azure, and GCP with AI-powered insights. Find anything in seconds.
Policy as Code
Enforce security and compliance automatically. 150+ built-in policies or write your own.
Complete Audit Trail
Track every change, every user, every action. Export to SIEM. Compliance reports at your fingertips.
Build Your Internal Developer Platform
Enable Self-Service Infrastructure at Scale
Give engineers self-service infrastructure through templates, components, and developer portals. Platform teams maintain control through policies and governance. Ship golden paths that engineers actually want to use.
Golden Paths
Create reusable components and templates. Platform engineers define patterns once, engineers use everywhere.
Self-Service Options
Code, low-code YAML, or no-code portals. Engineers work how they prefer with consistent governance.
Day 2 Operations
Drift detection, dependency management, enterprise RBAC. Handle the full infrastructure lifecycle.
Start Building Today
Get started in 5 minutes
Deploy your first infrastructure with Pulumi. Choose your language, pick your cloud, ship your code.
Migrating from Terraform?
Keep using both or migrate completely. Import existing infrastructure, convert HCL to real code, migrate state.