Pulumi Cloud

Infrastructure as Code platform

Pulumi Cloud is the easiest way to use Pulumi open source at scale. It stores infrastructure state and secrets, provides search and clear visibility into all your clouds, runs remote deployments, integrates with CI/CD pipelines, and enforces policies.

Pulumi Service Screenshot

Key capabilities

Manage infrastructure state, secrets, and configuration

  • Store your infrastructure’s state for any cloud in Pulumi’s secure backend, which has built-in scaling, availability, and fault tolerance.

    Allow developers to safely deploy in parallel with concurrent state-locking.

    Audit changes or rollback to previous versions with a complete history of your state.

  • Use built-in secrets management for encrypted data such as credentials or tokens. Store and manage collections of config in Pulumi ESC into environment groupings.

    Your infrastructure state is encrypted in transit and at rest.

    Sensitive configurations (e.g. database passwords, cloud tokens) are stored as secrets.

    Use Pulumi’s secrets manager or integrate with AWS KMS, Azure Key Vault, Google KMS, and HashiCorp Vault.

Increase productivity and collaboration

  • Add teammates to Pulumi so you can work on projects together, ship code collaboratively, and coordinate changes to infrastructure.

    Invite new team members and share projects to collaborate on infrastructure.

    View timelines that show diffs of changed resources and who made the changes.

    Tag stacks for easier filtering and searching.

  • Integrate Pulumi with your software delivery pipeline so that you can version, build, test, and deploy infrastructure code like software.

    Work with existing tools like IDEs, test frameworks, and package managers.

    Integrate your source control system so teams can trace changes back to commits and pull requests.

    Continuously deliver infrastructure through existing pipelines with CI/CD integrations.

    Use event-based webhooks to notify external services like Slack or continuous integration tools.

    Use the Service API to manage stacks, updates, teams, and more.

Build infrastructure automation that scales

  • Run remote infrastructure commands to provision, configure, and destroy cloud resources, all executed in a secure cloud environment.

    Trigger deployments via REST API, click to deploy from Pulumi Cloud’s console, Git Push to Deploy, Remote Automation API, and other programmatic building blocks.

    Use a simple, centralized format for specifying everything needed to deploy your infrastructure stacks.

  • Use the Pulumi Deployments REST API to programmatically trigger deployments for high volume infrastructure automation use cases.

    Call Pulumi’s REST API endpoint to trigger Pulumi commands that run in Pulumi Cloud (e.g., update, destroy, refresh, preview).

    Offload your local Automation API deployment workloads to Pulumi Cloud via the Remote Automation API feature.

View and search all infrastructure from one place

  • View resources deployed in all your clouds, organized in projects and stacks, so that you know what’s running and where.

    View dashboards for quick insights into your infrastructure, such as how many resources are running and who has made changes.

    Tag stacks for easier filtering and searching.

    Jump directly to the cloud console for each resource you’ve deployed with Pulumi.

  • Easily look for resources in a single cloud or across all your clouds with structured queries or natural language search.

    Search for resources by filtering with facets like type, provider, project, and stack.

    Use a structured query syntax or natural language search (coming soon).

    Share queries with your teammates.

Set guardrails and access controls

  • Integrate SSO and your identity provider with Pulumi, set user permissions for each stack, and track user activity with audit logs.

    Single sign-on with any SAML 2.0 identity provider like Azure Active Directory, Google Workspace , Okta, and OneLogin.

    Manage Pulumi access from your central identity provider via SCIM 2.0 integration.

    Set role-based access controls that limit who can access infrastructure.

    Track the activity of users within your organization with audit logs.

  • Set guardrails for developers deploying with Pulumi by creating policy packs that enforce your deployment rules.

    Define Policy as Code rules for security, best practices, and more.

    Assign policy packs that run on specific stacks (e.g., dev/test/staging rules).

    Automatically block deployments that violate your organization’s policies.

The easiest way to use Pulumi open source

Pulumi Cloud is a managed service for Pulumi’s open source CLI and SDK. It tracks your infrastructure’s state and coordinates updates with the CLI, which creates or updates resources to reach your infrastructure’s desired state.

You can also use any cloud or on-premises storage to build and run your own backend.

Pulumi Open Source

Pulumi takes security seriously

Pulumi Cloud runs in an AWS VPC and our architecture follows industry best practices. All network communication is encrypted using TLS and Pulumi’s endpoints are only accessible via HTTPS. Your data is also encrypted at-rest and Pulumi is compliant with SOC 2 Type II.

Pulumi Open Source

Customers innovating with Pulumi Cloud


Developers reduced their time spent on maintenance by 50%.


Increased developers’ agility and speed through platform engineering.

Panther logo White
Panther Labs

Increased velocity and speed, with deployments that are up to 10x faster.

Mercedes-Benz Research and Development North America

Enabled developers to deploy Kubernetes clusters quickly and easily.


Standardized infrastructure architectures with reusable components.


Built a multi-cloud, Kubernetes-based platform to standardize all deployments

Deployment options


Use Pulumi Cloud without worrying about scaling, availability, fault tolerance, and concurrency.


Run Pulumi Cloud in your on-premises or cloud environment and manage it yourself.


Pulumi Cloud offers Editions for Individual, Team, Enterprise, and Business Critical. Support is available on Enterprise and Business Critical. You only pay for what you use, and there are free tiers available.

Get started today

Pulumi is open source and free to get started. Deploy your first stack today.