Mastering AWS IaC with Pulumi and Python – Part 2

In Part 1 of this series, we learned about the importance of AWS and Pulumi. Now, let’s explore the demo part in this practical session, which will create a service on AWS VPC by using Pulumi.

Before We Start, Ensure You Have the Following

AWS Account with IAM permissions for resource creation

• Install Pulumi CLI:
  • # curl -fsSL https://get.pulumi.com | sh
• Install Python & Virtual Environment:
  • # python3 -m venv venv
  • # source venv/bin/activate # On Windows: venv\Scripts\activate
    •  # pip install pulumi boto3

Configure AWS Credentials

• Check if AWS CLI is Installed
  • Run the command:
  • # aws –version
• If AWS CLI is not installed, download and install it from AWS CLI installation guide.

Create an IAM User and Assign Permissions

• Go to the AWS Management Console → IAM → Users
• Click Create User, provide a username, and check Access Key – Programmatic Access
• Assign necessary policies/permissions (e.g., AdministratorAccess or a custom policy).

Generate Security Credentials

• After creating the user, download or copy the Access Key ID and Secret Access Key.

Configure AWS CLI with IAM User Credentials

• Run:
  • # aws configure
• Enter the credentials when prompted:
  • Access Key ID
  • Secret Access Key
  • Default region (e.g., us-east-1)
  • Output format (e.g., json)

Verify Configuration

• Run a test command, such as:
  • # aws sts get-caller-identity
• If everything is set up correctly, this will return the IAM user details.

Pulumi Version

AWS Configuration

Pulumi Dashboard

It will be included with the details mentioned above

• Overview
• Readme
• Updates
• Deployments
• Resources
• Settings

Deployment Steps with Commands and Screenshots

Step 1: Initialize a Pulumi Project

• # pulumi new aws-python

Step 2: Define AWS Resources

• Modify __main__.py to create a VPC:

Step 3. Pulumi Preview

• # Pulumi Preview

Pulumi Preview shows a dry-run of changes before applying them. It helps you see what resources will be created (+), updated (~), or deleted (-) without actually making any changes.

Step 4: Deploy Infrastructure

• # pulumi up

Pulumi up deploys or updates infrastructure by applying changes from your Pulumi code.

Revolutionize Your Business With Generative AI

From product design and software development to virtual agents, content creation, and reporting, GenAI is transforming business. Our AI experts help you unlock GenAI’s full potential and drive growth.

Let’s Get Started

Step 5: Verify Deployment

AWS Console Page

Creating VPC Peering with Pulumi

Pulumi destroy

• # Pulumi Destroy

Removes all resources managed by Pulumi, restoring the environment to its original state. 

Step 6: Pulumi Stack Remove

• # Pulumi Stack rm <stack name>

Pulumi stack rm removes a Pulumi stack and its state but does not delete cloud resources unless –force is used.

After removed Stack

AWS Console Page after deleting VPC

Conclusion

Pulumi offers a powerful, flexible, and developer-friendly approach to managing AWS infrastructure. By leveraging Pulumi, you can:

• Simplify Infrastructure Management – Define cloud resources as code for consistency and repeatability.
• Enhance Productivity—Create a dynamic infrastructure by using Python’s full capabilities, including loops, functions, and modules.
• Improve Collaboration – Version control your infrastructure with Git and integrate seamlessly with CI/CD pipelines.
• Achieve Multi-Cloud Flexibility – Deploy AWS, Azure, and Google Cloud workloads without changing tools.
• Maintain Security & Compliance – Use IAM policies, automated policies, and state management to enforce best practices.

With Pulumi’s modern IaC approach, you can move beyond traditional Terraform and CloudFormation and embrace a more scalable, flexible, and efficient way to manage AWS resources.

Key Takeaways

• Code-Driven Infrastructure – Use loops, conditionals, and functions for dynamic configurations.
• Multi-Cloud & Hybrid Support – Pulumi works across AWS, Azure, Google Cloud, and Kubernetes.
• State Management & Versioning – Store state remotely with Pulumi Cloud or AWS S3 + DynamoDB.
• Developer-Friendly – No need to learn a new domain-specific language (DSL); use Python!
• Experiment with More AWS Services – Deploy API Gateway, Lambda, or DynamoDB.
• Implement CI/CD with Pulumi – Automate deployments using GitHub Actions, Jenkins, or AWS CodePipeline.
• Explore Pulumi Stacks – Manage multiple environments efficiently.
• Read the Official Pulumi Docs – Pulumi AWS Documentation

References

• Pulumi Official Website: https://www.pulumi.com
  
• Pulumi AWS Documentation: https://www.pulumi.com/docs/clouds/aws
• Pulumi Python SDK: https://www.pulumi.com/docs/using-pulumi/languages/python
• AWS CLI Configuration: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html
  
• AWS IAM Best Practices: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
  
• Pulumi GitHub Repository: https://github.com/pulumi/pulumi