Open in app

Sign in

Write

Sign in

Using custom Pulumi state storage in the cloud

Christian Eder
2 min readJul 18, 2019

Similar to Terraform, Pulumi captures and stores the state of the cloud infrastructure that you create and manage using one of those tools. By default, Pulumi (the tool) stores its state information in the backend provided by Pulumi (the company).

While this is a reasonable default and works well both for individuals using the free Pulumi Community Edition as well as teams running on a paid plan, in some cases this might not be desired. Up until May 2019, Pulumi only supported local state storage as an alternative (which is the default in other tools like Terraform) and left it to the user to figure out how to share that state between multiple users or CI / CD agents:

Since version 0.17.10 Pulumi also supports storing and sharing its state in cloud storage solutions such as Amazon S3, Azure Blob Storage and Google Cloud Storage. In this article, I will describe how to share Pulumi state using the Azure Blob Storage state backend.

  • First of all, you will need to create a new Azure Storage account & container (not using Pulumi, but manually or using other automation mechanisms such as the Azure CLI tools (az CLI).
  • The next step is to set some environment variables that the GoCloud tooling expects to read credentials from. GoCloud is the tool that Pulumi uses under the hood to access your cloud storage account.
  • The last step is to use the Pulumi CLI to login to your newly created state backend using the credentials provided in the Environment variables

Note: if you try this in an existing Pulumi program that already has state in an existing state backend, this will fail. In these cases, you will have to migrate the state first.

Another gotcha I ran into: sometimes Pulumi gets hiccups when using pulumi login to get back to another state backend. In this case, first try to specify the default backend explicitly as in pulumi login https://api.pulumi.com. This worked for me. If it doesn’t solve your issue, just delete your ~/.pulumi/credentials.json file, and run pulumi login again to get back to the default backend.

Cloud Computing
Pulumi
Infrastructure As Code
Azure

--

--

Christian Eder

Written by Christian Eder

384 Followers

Software architect @zuehlke_group, passionate about automation, infrastructure & architecture as code

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams