{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreibh5i5yjlfo7lok5oxzchbocepuit6utskjht3gezbyk54grusxcu",
"uri": "at://did:plc:5sgu76a53rz3n6unbykmovqy/app.bsky.feed.post/3mm33k3xe6ja2"
},
"description": "Pulumi is an Infrastructure as Code platform that challenges Terraform's HCL-based approach by letting you write infrastructure definitions in languages you already know. Instead of learning a new DSL, you write a TypeScript program that creates an S3 bucket, configures IAM roles, and deploys an EKS cluster, with full access to loops, conditionals, functions, and packages.\n\n\nHow Pulumi Differs from Terraform\n\n\n\n\nFeaturePulumiTerraform\n\nLanguageTypeScript, Python, Go, C#, JavaHCL (domain-specific",
"path": "/engineering-glossary/pulumi/",
"publishedAt": "2026-05-17T19:21:08.000Z",
"site": "https://sahilkapoor.com",
"tags": [
"Hashicorp Vault",
"Argocd",
"Kubernetes",
"Helm",
"@pulumi"
],
"textContent": "Pulumi is an Infrastructure as Code platform that challenges Terraform's HCL-based approach by letting you write infrastructure definitions in languages you already know. Instead of learning a new DSL, you write a TypeScript program that creates an S3 bucket, configures IAM roles, and deploys an EKS cluster, with full access to loops, conditionals, functions, and packages.\n\n## How Pulumi Differs from Terraform\n\nFeature| Pulumi| Terraform\n---|---|---\nLanguage| TypeScript, Python, Go, C#, Java| HCL (domain-specific)\nLogic| Full programming (loops, functions, classes)| Limited (for_each, count, modules)\nReuse| npm/PyPI packages| Terraform Registry modules\nState| Pulumi Cloud or self-hosted backend| Terraform Cloud, S3, local\nProvider coverage| 150+ providers (shares Terraform providers)| 3000+ providers\n\n## Basic Example\n\n\n import * as aws from \"@pulumi/aws\";\n\n const bucket = new aws.s3.Bucket(\"my-bucket\", {\n website: { indexDocument: \"index.html\" },\n });\n\n export const bucketName = bucket.id;\n export const websiteUrl = bucket.websiteEndpoint;\n\nThis creates an S3 bucket with website hosting. The exported values are printed after `pulumi up` and can be consumed by other stacks.\n\n## Stacks and State\n\nPulumi manages state (what resources exist) in a backend, Pulumi Cloud, an S3 bucket, or Azure Blob Storage. Stacks are isolated deployments of the same program (dev, staging, prod) with different configuration values. `pulumi up` diffs the desired state (your code) against the current state (backend) and applies changes.\n\n## Pulumi ESC\n\nPulumi Environments, Secrets, and Configuration (ESC) is a secrets management layer that integrates with Hashicorp Vault, AWS Secrets Manager, and 1Password. It allows pulling secrets into Pulumi stacks without hardcoding credentials in config files.\n\n## When to Choose Pulumi vs Terraform\n\nChoose Pulumi when: your team is strong in a general-purpose language, you need dynamic infrastructure generation (many similar resources with varying configs), or you want to share infrastructure components as library packages. Choose Terraform when: you have an existing HCL investment, need the widest provider coverage, or prefer declarative configs with no programming concepts.\n\n## Related Terms\n\n * Argocd, GitOps delivery for Kubernetes; Pulumi handles the infra that ArgoCD deploys onto\n * Helm, Kubernetes package manager; Pulumi can deploy Helm charts via the Helm provider\n * Hashicorp Vault, secrets management that integrates with Pulumi ESC\n * Kubernetes, common target for Pulumi infrastructure definitions\n\n",
"title": "Pulumi",
"updatedAt": "2026-05-18T20:03:25.873Z"
}