Pulumi

Pulumi is an infrastructure as code service that we use for managing all of our infrastructure.

When people discover that we're using Pulumi, they generally ask one of two questions. One, why use IAC at all, given the size of our organization? Two, why Pulumi specifically?

Why infrastructure as code?

IAC is generally used by companies larger than ours, and I think this is a bit of a failure case for the IAC zeitgeist. It is dramatically useful to reify your infrastructure and create systems around the deployment of it as soon as possible in an ideal world. It does not add friction to making changes in the early goings.

If anything, it reduces it. It's easier to deploy from Pulumi than have to log into AWS or whatever vendor and make changes. I think it's part documentation and part cultural inertia that this isn't a more widely adopted mechanism.

In addition, Pulumi is self-documenting, and that's really the killer thing for me. If we didn't have Pulumi, we would still need to have a document somewhere saying where all of our stuff lives, why the records are what they are, etc. And as soon as you have that, you might as well go the extra mile and have it actually do the provisioning as well.

Why Pulumi?

As for why Pulumi over Terraform or SST or any of the more esoteric options, it represented a good middle ground in my mind. I don't have to write .tf files and can instead leverage an existing Python codebase. And Pulumi itself has a mature ecosystem relative to SST, which, at the time of this writing, is in a quasi-abandoned state, which is not exactly where you want your infrastructure layer to live.