Brings Infrastructure Closer To Application Development
Pulumi uses general-purpose programming languages, so you can take advantage of the full set of productivity features your IDE provides like code completion, inline documentation, syntax highlighting and more. It also works with a wide range of IDEs.
You can embed Pulumi programs into applications and drive stack operations programmatically with the Automation API, enabling higher-order orchestration workflows and dynamically managed infrastructure.
1. Scalability
Pulumi supports a wide range of programming languages and cloud providers. It also uses a powerful command-line interface (CLI). It can be used by teams with diverse backgrounds and skill levels to manage their infrastructure as code.
Unlike Terraform, which requires state files, Pulumi has built-in support for versioning and concurrency control. This allows a single CI/CD pipeline to deploy and update the entire architecture of your cloud program.
Like other Infrastructure as Code tools, pulumi lets you express desired state using general-purpose languages and then executes the engine to make it happen. That provides a tighter development loop, faster feedback, and easier integration into CI/CD workflows. It also enables you to write tests for your programs. For example, you can write tests that verify a given configuration value has been deployed and updated correctly.
2. Flexibility
Unlike Terraform which requires teams to learn a custom domain specific language (HCL), Pulumi allows you to write infrastructure as code in real programming languages such as Python, Go, JavaScript, and TypeScript. This provides greater flexibility and adaptability for teams.
In addition, the pulumi CLI supports consuming local Terraform state in order to continue managing infrastructure with Terraform while making the transition to Pulumi. This makes it easier to incrementally adopt a new IaC tool.
Pulumi also provides a more flexible approach to policy as code by using open source programmable guardrails called CrossGuard. These programmable guardrails enforce security, best practices, and cost across your infrastructure and servers. This is a key difference between Pulumi and Terraform’s closed source Sentinel product. This is important for enterprises moving to modern cloud architectures.
3. Automation
Pulumi has built-in capabilities for working with brownfield infrastructure, like importing existing resources and automatically generating code to add them (similar to Terraform). It has an excellent guide on how to work with your old configurations when adopting a new platform.
Another advantage of Pulumi over Terraform is that you can use native providers written in the programming language of your choice. This is especially useful when you are using multiple different cloud platforms. You can also create a bridged provider that uses the full features of a provider ecosystem, like a Terraform provider, and expose it to other languages through a Pulumi package.
With the recently launched Automation API, you can build software solutions that embed Pulumi’s robust desired state infrastructure as code deployment engine within your applications. The API offers a strongly typed, secure way to run Pulumi programs without the need for the CLI.
4. Security
Austin wants his team to use standard software engineering tools to manage infrastructure and tame the complexity of modern cloud applications. With Pulumi, they can do that by using a programmatic approach to infrastructure-as-code.
Both Terraform and Pulumi support importing existing infrastructure, but Pulumi takes it a step further by enabling the referencing of external states (i.e., stacks created with other IaC tools). This allows you to incrementally adopt infrastructure-as-code by moving your higher-level infrastructure into a Pulumi project while still managing the VPC and low-level network definitions with Terraform.
Furthermore, unlike Terraform, which only provides a domain-specific language for creating and managing your infrastructure, Pulumi uses programming languages with their native ecosystems. This enables you to use your preferred development environment with a rich tooling experience that includes code completion, strong typing, error squiggles and other features. It also supports native testing frameworks for unit, property, and integration tests.
5. Integrations
Like Terraform, Pulumi provides a full stack infrastructure as code solution with multi-cloud support. However, unlike Terraform, Pulumi uses your preferred programming language for your infrastructure configuration instead of requiring domain-specific languages. This helps DevOps teams follow best practices while reducing time and cost in this busy day and age.
For example, a reusable config file for staging, QA, or production lets you easily deploy different environments. Also, you can split a single project into multiple files to manage smaller projects with different purposes.
Similar to Terraform, a refresh function in Pulumi updates the state of your cloud environment. But, rather than recursively modifying each resource in your state, it replaces the existing resources with replacements, then deletes the old ones. This helps you avoid downtime during the update.