CI/CD for AWS infrastructure using Pulumi

This template gives you a continuous integration and continuous deployment (CI/CD) pipeline that previews a Pulumi change before deploying it to AWS.

At a glance:

How it works

This template:

Assumes a role in AWS using Buildkite’s OIDC. Installs Node dependencies using npm. Prints a preview of the Pulumi change in an annotation on the build. Asks for manual confirmation to deploy the change. Deploys the Pulumi change to AWS with pulumi up .

The runtime environment uses a Docker image with the Pulumi CLI and Node.js.

Next steps

After you select Use template, you’ll:

Connect the Git repository with your Pulumi code. Set Buildkite as an OIDC provider in AWS. Set the AWS_ROLE_ARN environment variable to a role with permission to deploy Pulumi changes to your AWS account. PULUMI_STACK environment variable to the Set theenvironment variable to the Pulumi Stack being deployed. Store PULUMI_ACCESS_TOKEN in your pipeline secrets. Configure the compute—run locally, on-premises, or in the cloud. Run the pipeline.

You can then play around with the pipeline settings. For example, run the pipeline locally while you iterate on the definition or set a schedule to trigger a nightly build.

If you need help, please check our documentation, raise an issue , or reach out to support.