Pulumi Cloud

Intelligent Infrastructure Management

Pulumi Cloud is the smartest and easiest way to automate, secure, and manage everything you run in the cloud. It stores infrastructure state, centralizes secrets management, provides search and clear visibility into all your clouds, runs remote deployments, integrates with CI/CD pipelines, and enforces security and compliance policies.

New - Pulumi Insights 2.0 - Import and Sync All Cloud Infrastructure: Sign up for the waitlist

Products

Pulumi IaC
Pulumi ESC
Pulumi Insights

Pulumi IaC

  • Pulumi Cloud is a fully managed service for infrastructure as code. Store your infrastructure’s state for any cloud in Pulumi’s secure backend, which has built-in scaling, availability, and fault tolerance. You also get access to granular access controls, CICD integrations, SAML/SCIM, audit logging, and more.

    Allow developers to safely deploy in parallel with concurrent state-locking.

    Audit changes or rollback to previous versions with a complete history of your state.

  • Use built-in secrets management for encrypted data such as credentials or tokens. Store and manage collections of config in Pulumi ESC into environment groupings.

    Your infrastructure state is encrypted in transit and at rest.

    Sensitive configurations (e.g. database passwords, cloud tokens) are stored as secrets.

    Use Pulumi’s secrets manager or integrate with AWS KMS, Azure Key Vault, Google KMS, and HashiCorp Vault.

  • With Automation API, you can use the Pulumi engine as a strongly typed SDK in your application code, enabling it to call functions that can provision and configure infrastructure on any cloud.

    Automation API enables you to build custom cloud interfaces for your technical end users. For example, build self-service developer portals, CLIs, frameworks, and CI/CD workflows.

    Easily build high-scale, SaaS applications that serve customers with single-tenant instances. Automate creating and managing infrastructure for thousands of unique customers.

  • Integrate Pulumi with your software delivery pipeline so that you can version, build, test, and deploy infrastructure code like software.

    Work with existing tools like IDEs, test frameworks, and package managers.

    Integrate your source control system so teams can trace changes back to commits and pull requests.

    Continuously deliver infrastructure through existing pipelines with CI/CD integrations.

    Use event-based webhooks to notify external services like Slack or continuous integration tools.

    Use the Service API to manage stacks, updates, teams, and more.

Cross-Product Capabilities

Pulumi CrossGuard
Pulumi Deployments
Pulumi Copilot
Team Management

Pulumi CrossGuard

  • Set guardrails for developers deploying with Pulumi by creating policy packs that enforce your deployment rules.

    Define Policy as Code rules for security, best practices, and more.

    Assign policy packs that run on specific stacks (e.g., dev/test/staging rules).

    Automatically block deployments that violate your organization’s policies.

  • Business Critical customers can enforce compliance and remediate non-compliance using Pulumi provided policies across your organization.

    Choose from hundreds of policies for AWS, Azure, Google Cloud, and Kubernetes. Support for PCI DSS, ISO 27001, SOC 2, and CIS Benchmarks.

    Set policy packs that block prohibited deployments across your entire organization, preventing issues.

  • Policies can remediate violations to fix the problems found in addition to reporting them as violations.

    Here are a few examples of the remediation policy use cases:

    • Tagging resources with standard, organization-wide tags.
    • Disabling Internet access for gateways and firewall rules.
    • Enabling encryption on storage or buckets.
    • Down-sizing virtual machine configuration to use less expensive machine types.

The easiest way to use Pulumi open source

Pulumi Cloud is a managed service for Pulumi IaC’s open source CLI and SDK. It tracks your infrastructure’s state and coordinates updates with the CLI, which creates or updates resources to reach your infrastructure’s desired state.

You can also use any cloud or on-premises storage to build and run your own backend.

Pulumi Open Source

Pulumi takes security seriously

Pulumi Cloud runs in an AWS VPC and our architecture follows industry best practices. All network communication is encrypted using TLS and Pulumi’s endpoints are only accessible via HTTPS. Your data is also encrypted at-rest and Pulumi is compliant with SOC 2 Type II.

Pulumi Open Source

Customers innovating with Pulumi Cloud

Atlassian

Developers reduced their time spent on maintenance by 50%.

Elkjop

Increased developers’ agility and speed through platform engineering.

Starburst

Increased velocity and speed, with deployments that are up to 3x faster.

BMW

Enabled developers to deploy across hybrid cloud environments.

Lemonade

Standardized infrastructure architectures with reusable components.

Snowflake

Built a multi-cloud, Kubernetes-based platform to standardize all deployments

Deployment options

SaaS

Use Pulumi Cloud without worrying about scaling, availability, fault tolerance, and concurrency.

Self-hosted

Run Pulumi Cloud in your on-premises or cloud environment and manage it yourself.

Pricing

Pulumi Cloud offers Editions for Individual, Team, Enterprise, and Business Critical. Support is available on Enterprise and Business Critical. You only pay for what you use, and there are free tiers available.

Get started today

Pulumi is open source and free to get started. Deploy your first stack today.