Pulumi Benefits For DevOps Teams

The pulumi platform allows for infrastructure as code to be defined in real programming languages with a huge ecosystem. This offers benefits like IDE support (strong typing, error squiggles, code completion), and enables unit, property and integration testing.

While both Terraform and Pulumi allow you to import existing infrastructure, the pulumi documentation is extensive on working with brownfield projects. It also supports referencing external states which isn’t possible with Terraform.

DevOps

The core of DevOps is automation from code creation to application deployment. Pulumi delivers powerful infrastructure as code capabilities that empower teams to accelerate their DevOps workflows.

Unlike Terraform, which uses its own DSL to model infrastructure, Pulumi utilizes programming languages that already have a rich ecosystem of libraries, IDEs, refactoring, testing and static analysis/linters. This provides a familiar programming model that is easy for development and devops teams to work with.

Combined with powerful CI/CD systems such as GitHub Actions, Atlassian Bitbucket Pipelines or built-in cloud CI/CD services like AWS CodePipeline or Azure DevOps, the Pulumi stack can create a unified cloud native infrastructure CD pipeline. This provides a seamless experience between application and infrastructure code with a fast inner development loop and a managed outer operational loop. It also unlocks advanced use cases such as integrating with ticketing systems for change management. And with the Pulumi refresh command, it’s possible to detect and remediate infrastructure drift on demand or on a scheduled basis.

Continuous Delivery

Founded in 2017, pulumi is a newer infrastructure as code (IAC) tool that’s quickly gaining popularity. Its easy learning curve, broad language support and compatibility with multiple cloud providers make it a good choice for organisations of any size.

With pulumi, developers can define infrastructure in programming languages of their choice, such as Java, JavaScript/TypeScript, and Python. This gives them the full power of these languages, including IDE support and libraries. It also eliminates the need for writing domain-specific templates in a DSL.

Another benefit of pulumi is that it allows for integration testing with native testing frameworks. This allows teams to use the same tools they use for testing their application code. Additionally, pulumi can be integrated with existing CI/CD systems, such as Git workflows and GitHub Pipelines. This helps to ensure continuous delivery. It also supports the creation, deployment, and management of cloud infrastructure. It’s important to note that pulumi is not intended to replace Terraform.

Automation

With pulumi you can use one pipeline for application code and infrastructure code. This means that changes to infrastructure can be reviewed, validated and tested using the same processes as applications such as Pull Requests, linters, static analysis and unit tests.

Pulumi has a powerful command to run a preview and update of infrastructure programs: pulumi stack init stackname>. This creates a snapshot of the current state of the stack and compares it to a desired goal state, identifying what read, write, create or delete operations need to be performed to get to that state.

The resulting operation graph is then computed to perform the required actions on the existing state. This can include any number of nested atomic operations, including changing a resource’s type or moving it to a different stack or workspace. This can also be combined with other policies such as CrossGuard or Spacelift to automate changes to the infrastructure.

Security

Pulumi supports a secure self-managed backend which is encrypted by default. It also uses the free Pulumi Service to store and update your infrastructure state. This eliminates the need for terraform’s complex state files and enables team collaboration that is easier to manage with policies and guardrails in place.

Unlike Terraform, Pulumi’s programming model is built to make engineers maximally productive using the real languages they are already familiar with. Programmers can write infrastructure as code in the same IDEs they use for their application development, reducing cognitive load.

This approach also supports incremental adoption where teams may be using Terraform and shifting to Pulumi progressively (for example, for their VPCs or low-level network definitions). With the state reference support, it is easy to create higher-level infrastructure in Pulumi that consumes Terraform’s provisioned state, making co-existence between the two tools effortless.