Notre avis
Aide à définir et gérer l'infrastructure cloud avec Pulumi en utilisant des langages de programmation comme TypeScript, Python, Go ou C#.
Points forts
- Utilise de vrais langages de programmation au lieu de HCL, permettant des boucles et conditions
- Prend en charge plus de 150 fournisseurs cloud (AWS, GCP, Azure, Kubernetes)
- Favorise la réutilisation avec des Component Resources et les références entre stacks
- Intègre des tests unitaires et des politiques CrossGuard pour la conformité
Limites
- Nécessite la connaissance de Pulumi CLI et du langage choisi
- La gestion des stacks et des secrets peut être complexe pour les débutants
- Débogage parfois plus difficile qu'avec Terraform en raison de l'abstraction supplémentaire
Utilisez Pulumi lorsque vous préférez des langages de programmation pour l'infrastructure as code et avez besoin de composants réutilisables et testables.
Évitez Pulumi si votre équipe maîtrise déjà Terraform ou HCL, ou pour des projets très simples ne justifiant pas la complexité d'un langage généraliste.
Analyse de sécurité
SûrThe skill provides instructional guidance on using Pulumi for infrastructure as code. It does not contain any commands or instructions that would directly cause harm, exfiltrate data, or bypass security measures. It focuses on best practices like using secrets and testing.
Aucun point d'attention détecté
Exemples
Set up an AWS Lambda API with DynamoDB using Pulumi and TypeScriptBuild a reusable VPC module with Pulumi that teams can sharename: pulumi description: >- Assists with defining and managing cloud infrastructure using Pulumi with TypeScript, Python, Go, or C#. Use when provisioning AWS, GCP, Azure, or Kubernetes resources with real programming languages instead of HCL. Trigger words: pulumi, infrastructure as code, iac, pulumi up, pulumi stack, cloud infrastructure, component resource. license: Apache-2.0 compatibility: "Requires Pulumi CLI and a supported language runtime (Node.js, Python, Go, .NET)" metadata: author: terminal-skills version: "1.0.0" category: devops tags: ["pulumi", "infrastructure-as-code", "cloud", "devops", "multi-cloud"]
Pulumi
Overview
Pulumi enables defining and managing cloud infrastructure using real programming languages (TypeScript, Python, Go, C#) instead of domain-specific languages. It supports 150+ cloud providers and allows using loops, conditionals, classes, and packages to build reusable, testable infrastructure components.
Instructions
- When creating resources, declare them as objects (e.g.,
new aws.s3.Bucket("my-bucket", {...})) and usepulumi.Output<T>with.apply()for computed values from cloud API responses. - When managing environments, use stacks (
pulumi stack init dev/staging/prod) with stack-specific config for instance sizes, replica counts, and feature flags. - When handling secrets, always use
pulumi config set --secretfor credentials and never hardcode secrets in code. - When building reusable patterns, create Component Resources by extending
pulumi.ComponentResourceto encapsulate common infrastructure patterns (VPC module, ECS service, etc.). - When referencing across projects, use Stack References to read outputs from other stacks for cross-project dependencies.
- When enforcing compliance, use CrossGuard policies to prevent non-compliant resources (e.g., no public S3 buckets, require encryption) in CI.
- When testing, write unit tests for Component Resources using standard test frameworks (Vitest, pytest, go test) by mocking the cloud provider and asserting resource properties.
Examples
Example 1: Deploy a serverless API on AWS
User request: "Set up an AWS Lambda API with DynamoDB using Pulumi and TypeScript"
Actions:
- Scaffold project with
pulumi new aws-typescript - Define DynamoDB table and Lambda function resources
- Create API Gateway routes linked to Lambda handlers
- Export endpoint URL as a stack output for consumption
Output: A serverless API with infrastructure defined and deployed via pulumi up.
Example 2: Create a reusable VPC component
User request: "Build a reusable VPC module with Pulumi that teams can share"
Actions:
- Create a Component Resource class extending
pulumi.ComponentResource - Define VPC, subnets, route tables, and NAT gateway as child resources
- Expose outputs for subnet IDs and security group references
- Write unit tests mocking AWS provider to validate configuration
Output: A reusable infrastructure component that teams import as a package.
Guidelines
- Use Component Resources for reusable patterns; do not repeat VPC/ECS/RDS configs across stacks.
- Always use
pulumi config set --secretfor credentials; never hardcode secrets in code. - Name resources with the project and stack for unique identification across environments.
- Export important outputs (URLs, endpoints, ARNs) for cross-stack consumption.
- Write unit tests for Component Resources by mocking the cloud provider and asserting resource properties.
- Use stack-specific config for environment differences: instance sizes, replica counts, feature flags.
- Enable CrossGuard policies in CI to prevent non-compliant resources from being deployed.
Architecte Docker Compose
DevOps
Concoit des configurations Docker Compose optimisees.
Rapport de Post-Mortem
DevOps
Rédige des rapports post-mortem d'incidents structurés et blameless.
Créateur de Runbooks
DevOps
Crée des runbooks opérationnels clairs pour les procédures DevOps courantes.