Pulumi Service

cloud engineering platform

The Pulumi Service is the easiest way to use Pulumi open source at scale, enabling infrastructure and development teams to focus on building, deploying, and managing modern cloud applications faster and reliably. It is a managed service that handles infrastructure state and secrets, sets up SAML SSO, integrates with CI/CD pipelines, and enforces compliance rules.

Pulumi Service Screenshot

Key capabilities

Manage infrastructure state and secrets

  • Store your infrastructure’s state for any cloud in Pulumi’s secure backend, which has built-in scaling, availability, and fault tolerance.

    Allow developers to safely deploy in parallel with concurrent state-locking.

    Audit changes or rollback to previous versions with a complete history of your state.

  • Use built-in secrets management for encrypted data such as credentials or tokens. You can also bring your own secrets manager.

    Your infrastructure state is encrypted in transit and at rest.

    Sensitive configurations (e.g. database passwords, cloud tokens) are stored as secrets.

    Use Pulumi’s secrets manager or integrate with AWS KMS, Azure Key Vault, Google KMS, and HashiCorp Vault.

Increase developer productivity and collaboration

  • Visualize projects, stacks, and cloud resources so you and developers in your organization know what’s running and where.

    View timelines that show diffs of changed resources and who made the changes.

    Tag stacks for easier filtering and searching.

    Track the activity of users within your organization with audit logs.

  • Integrate Pulumi with your software delivery pipeline so that you can version, build, test, and deploy infrastructure code like software.

    Work with existing tools like IDEs, test frameworks, and package managers.

    Integrate your source control system so teams can trace changes back to commits and pull requests.

    Continuously deliver infrastructure through existing pipelines with CI/CD integrations.

    Use event-based webhooks to notify external services like Slack or continuous integration tools.

    Use the Service API to manage stacks, updates, teams, and more.

Set guardrails and access controls

  • Use identity and access controls to manage who can make changes to your infrastructure.

    Invite new team members and share projects to collaborate on infrastructure.

    Single sign-on with any SAML 2.0 identity provider like Azure Active Directory, Google Workspace , Okta, and OneLogin.

    Manage Pulumi access from your central identity provider via SCIM 2.0 integration.

    Set role-based access controls that limit who can access infrastructure.

  • Set guardrails for developers in your organization and enforce configuration and deployment rules.

    Define Policy as Code rules for security, best practices, and more.

    Assign policy packs that run on specific stacks (e.g., dev/test/staging rules).

    Automatically block deployments that violate your organization’s policies.

The easiest way to use Pulumi open source

Pulumi Service is a managed service for the open source CLI and SDK. It tracks your infrastructure’s state and coordinates updates with the CLI, which creates or updates resources to reach your infrastructure’s desired state.

You can also use any cloud or on-premises storage to build and run your own backend.

Pulumi Open Source

Pulumi takes security seriously

Pulumi Service runs in an AWS VPC and our architecture follows industry best practices. All network communication is encrypted using TLS and Pulumi’s endpoints are only accessible via HTTPS. Your data is also encrypted at-rest and Pulumi is compliant with SOC 2 Type II.

Pulumi Open Source

Customers innovating with Pulumi Service


Developers reduced their time spent on maintenance by 50%.

GreenPark Sports
GreenPark Sports

All developers contribute infrastructure code and deploy 70% more changes.

Panther logo White
Panther Labs

Increased velocity and speed, with deployments that are up to 10x faster.

Mercedes-Benz Research and Development North America

Enabled developers to deploy Kubernetes clusters quickly and easily.


Standardized infrastructure architectures with reusable components.


Built a multi-cloud, Kubernetes-based platform to standardize all deployments

Deployment options


Use the Pulumi Service without worrying about scaling, availability, fault tolerance, and concurrency.


Run the Pulumi Service in your on-premises or cloud environment and manage it yourself.


The Pulumi Service offers Editions for Individual, Team, Enterprise, and Business Critical. Support is available on Enterprise and Business Critical. You only pay for what you use, and there are free tiers available.

Get started today

Pulumi is open source and free to get started. Deploy your first stack today.