Pulumi

Use the Pulumi integration to execute Pulumi templates and connect the execution with other integrations that Fylamynt offers.

Overview

Pulumi is a modern infrastructure as code platform. It leverages existing programming languages—TypeScript, JavaScript, Python, Go, and .NET—and their native ecosystem to interact with cloud resources through the Pulumi SDK.

Users run multiple types of code (e.g. Terraform templates, Ansible playbooks, Python scripts) to automate their tasks. We built this integration, specifically to support the execution of Pulumi Programs.

Use Cases

The integration between Fylamynt and Pulumi lets you:

  • Execute "Pulumi Up" for the specified project and stack. Create the set of resources specified in the project.

  • Execute "Pulumi Stack Output" for the specified project and stack. The output is in JSON format and can be pulled from specified log_bucket and log_key for further processing.

  • Execute "Pulumi Destroy" for the specified project and stack, and removes the provisioned resources.

Configure Pulumi in Fylamynt

  • Navigate to Settings > Integrations > Pulumi

  • Click on Add Integration

Details needed to provide Pulumi integration with Fylamynt. Either Access Token or Backend (with a Passphrase protecting the content) can be specified:

Parameter

Description

Required

Access Token

Access Token obtained from Pulumi Web console

If Backend is not specified

Backend

An S3 bucket that will store Pulumi config and state. The target account(s) for Pulumi operations should have read/write access to this bucket.

If Access Token is not specified

Passphrase

The passphrase for accessing the Pulumi config.

If backend is specified

Organization

Organization under which Pulumi projects should be run.

Optional. If specified, all workflows share the organization.

Creating an Access Token

  • Click on the Settings tab after logging into the Pulumi web console

  • Click on the Access Tokens menu item

  • Click on Create token. Give it a name, and click on Create token

  • Copy the generated Access Token into the corresponding entry box in Pulumi Settings

Integration Actions

We only support Pulumi Python projects with an AWS provider. Before using any Pulumi integration action, a project needs to be defined, either in the GitHub Repos resource, or the S3 Buckets resource. All actions are configured in the same way:

  1. pulumi_up - runs pulumi up for the specified project and stack. Creates the set of resources specified in the project.

  2. pulumi_stack_output - runs pulumi stack output for the specified project and stack. The output is in JSON format and can be pulled from specified log_bucket and log_key for further processing.

  3. pulumi_destroy - runs pulumi destroy for the specified project and stack, and removes the provisioned resources.

Input

Parameter Name

Description

Required

alias

Target account alias for running the Pulumi action. It needs to have access to the Backend S3 bucket

True

log_bucket

An S3 bucket for writing logs from the Pulumi command execution. The target account needs to have access to this bucket.

True

stack

The Pulumi stack used for the action. Pulumi support running the same project against different stacks.

True

git_repo

A GitHub Repos resource with a Pulumi Python project with an AWS provider.

If git repo was picked in Select Input

s3_bucket

A S3 Buckets resource with a Pulumi Python project with an AWS provider

If s3 bucket was picked in Select Input

Output

Parameter Name

Type

Description

task_arn

string

The task ARN for the asynchronous Pulumi task

task_status

string

The task status when the action returns.

log_bucket

string

log_bucket from the Input parameters

log_key

string

name of system created log file

Action Example