First Pulumi on AWS

Python-based IaC.

Overview

The first Pulumi on AWS deploy moves IaC from declarative HCL to general-purpose programming languages. Pulumi supports Python, TypeScript, Go, .NET, and Java; the IaC code becomes real code that uses functions, classes, and modules rather than Terraform’s DSL. The right answer for tool choice depends on team preference: Pulumi suits teams whose engineers already write the language fluently and want real abstractions; Terraform suits teams that prefer the explicit boundary of a DSL.

• Python-based IaC. Real Python (or TypeScript, Go, etc.) code; the IaC inherits the team’s existing language fluency.
• Multi-language support. Python, TypeScript, Go, .NET, Java; matches polyglot teams without forcing a single language.
• Real abstractions. Functions, classes, and modules; supports DRY beyond what Terraform modules can express.
• Pulumi Cloud or self-hosted state plus Terraform-equivalent providers. State backend choice (managed or self-hosted); same AWS, GCP, Azure providers Terraform uses.

The approach

The practical approach is per-stack environments (dev, staging, prod as separate stacks), language-native abstractions for repeated patterns (functions and classes rather than copy-paste), deliberate state-backend choice (Pulumi Cloud for managed, self-hosted for stricter requirements), Pulumi preview integrated into PR CI, and per-stack configuration documented in the infrastructure repo so the model is reviewable.

• Per-stack environment. Dev, staging, prod as separate Pulumi stacks; the configuration boundaries match the operational boundaries.
• Language-native abstractions. Functions and classes for repeated patterns; the IaC code follows the same engineering hygiene as application code.
• State backend deliberate. Pulumi Cloud (managed) or self-hosted (S3 + DynamoDB or equivalent); choose against operational preference.
• CI integration plus documented stacks. Pulumi preview on every PR catches drift; per-stack configuration committed for operational review.

Why this compounds

Pulumi discipline compounds across stacks. Each new stack inherits the patterns established in the first; the team builds language-native IaC abstractions that survive across infrastructure changes; the unit-testable code path produces IaC quality the DSL-based alternatives cannot match.

• Abstraction. Real programming language supports real DRY; modules become reusable in ways Terraform modules cannot match.
• Team fit. Existing language skills apply; engineers contribute to IaC without learning a new DSL.
• Testability. Unit tests for IaC; the resource definitions can be asserted against expectations rather than only validated at apply time.
• Institutional knowledge. Each stack teaches IaC patterns; the team builds vocabulary for infrastructure abstractions.

The first Pulumi on AWS deploy is an infrastructure investment that pays off across years. Nova AI Ops integrates with deployment telemetry, surfaces IaC patterns, and supports the team’s infrastructure discipline.