Pulumi AWS

7.24.0 · active · verified Thu Apr 09

Pulumi AWS is a Python package that enables users to define, deploy, and manage Amazon Web Services (AWS) cloud resources using Python code. It is the most widely used provider in the Pulumi ecosystem and offers access to the full surface area of the upstream Terraform AWS Provider. The library is actively maintained with frequent minor and patch releases, typically tied to updates in the underlying Terraform AWS Provider, with major versions released periodically to incorporate significant upstream changes and Pulumi-specific enhancements.

Warnings

breaking The `assumeRole` property on the Pulumi AWS Provider resource has changed to `assumeRoles`, which now accepts a list of role objects. This enables IAM role chaining. If you were using `assumeRole` for provider configuration, you must update your code.
Fix: Update `assumeRole` to `assumeRoles` and ensure the value is a list of role configuration objects. Refer to the v7 migration guide for examples.
breaking The S3 `Bucket` and `BucketV2` resources have been unified into a single `aws.s3.Bucket` resource. While existing `BucketV2` usages should be aliased, `aws.s3.Bucket` now reflects the latest upstream Terraform implementation. You may need to update resource definitions to simply use `aws.s3.Bucket`.
Fix: Replace `aws.s3.BucketV2` with `aws.s3.Bucket` in your Python code. Check for any behavioral changes in the new `Bucket` resource compared to the legacy `Bucket` implementation.
gotcha When upgrading to Pulumi AWS v7, a special command is required to migrate the state file. Failure to do so can result in unexpected diffs or deployment errors.
Fix: After updating `pulumi_aws` in your `requirements.txt` (and running `pip install -r requirements.txt`), execute `pulumi up --refresh --run-program` to ensure your state is correctly migrated to the new provider version.
gotcha Pulumi AWS v7 introduces a `region` input property to most resources, allowing multi-region deployments with a single provider. While this reduces memory usage by not requiring multiple provider instances, users migrating from older versions that relied on explicit provider configurations per region might need to update their resource definitions to leverage this new capability or explicitly define provider instances for specific regions.
Fix: For resources intended for a specific region different from the default provider region, set the `region` argument directly on the resource (e.g., `aws.s3.Bucket("my-bucket", region="us-west-2")`). Review the v7 migration guide for detailed examples.
gotcha Due to Pulumi's relative novelty compared to tools like Terraform, online search results and AI-generated code for `pulumi-aws` (especially in Python) can sometimes be outdated or contain 'hallucinated' (incorrect) patterns. Always cross-reference with the official Pulumi documentation for accuracy.
Fix: Prioritize official Pulumi documentation and the Pulumi Registry for up-to-date and accurate code examples and API references. Use online forums and AI assistance with caution and critical review.

Install

pip install pulumi_aws pulumi Install `pulumi-aws` and `pulumi` core SDK

Imports

pulumi
```
import pulumi
```
Required for core Pulumi functions like `pulumi.export` and `pulumi.Config`.
aws
```
import pulumi_aws as aws
```
Resources are typically accessed via the `pulumi_aws` module, often aliased as `aws` for brevity.
Bucket
```
aws.s3.Bucket
```
As of v7, `Bucket` and `BucketV2` resources were unified into a single `aws.s3.Bucket`.
Role
```
aws.iam.Role
```
For creating IAM Role resources.
Vpc
```
aws.ec2.Vpc
```
For creating EC2 VPC resources.

Quickstart

This quickstart code defines a basic AWS S3 bucket using `pulumi_aws`. It demonstrates importing the necessary modules, creating a resource, and exporting an output. To run this, ensure the Pulumi CLI is installed and configured for AWS credentials (e.g., via `~/.aws/credentials` or environment variables like `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `AWS_REGION`). You would typically initialize a Pulumi project (`pulumi new python`), save this code in `__main__.py`, set the AWS region (`pulumi config set aws:region us-east-1`), and then deploy (`pulumi up`).

import pulumi
import pulumi_aws as aws
import os

# Configure the AWS region using Pulumi config or environment variables.
# For example: pulumi config set aws:region us-east-1
# Or set AWS_REGION environment variable.

# Create an AWS S3 bucket. Pulumi automatically suffixes the name for global uniqueness.
bucket = aws.s3.Bucket("my-unique-bucket",
    tags={
        "Environment": os.environ.get('PULUMI_ENVIRONMENT', 'development'),
        "Project": "MyPulumiApp"
    }
)

# Export the name and website endpoint of the bucket
pulumi.export('bucket_name', bucket.id)
pulumi.export('bucket_arn', bucket.arn)

view raw JSON →