Our great sponsors
-
pulumi-terraform-bridge
A library allowing providers built with the Terraform Plugin SDK to be bridged into Pulumi.
-
terraform-plugin-sdk
Terraform Plugin SDK enables building plugins (providers) to manage any service providers or custom in-house solutions
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
pulumi-aws
An Amazon Web Services (AWS) Pulumi resource package, providing multi-language access to AWS
Yes, pulumi is just wrapping terraform[1]. So you need to understand both the quirks of that and the quirks of pulumi. And I'm lazy so I just want to deal with one quirk at the time.
[1] https://github.com/pulumi/pulumi-terraform-bridge
> We're coming up on 10000 resources in our main Terraform repository and while there is definitely some friction, it's overall much better than having to hit the cloud API's to gather each of those states which would probably take at least an order of magnitude longer.
I don't think that's necessary true. Most cloud API's actually can return hundreds of records with 1 API calls, e.g. https://docs.aws.amazon.com/elasticloadbalancing/latest/APIR... has a maximum page size of 400.
If I manage the cloud resources via some custom tools and/or with some ansible-fu, I can decide to batch the API calls when it makes sense.
With terraform, it is not possible to do so (https://github.com/hashicorp/terraform-plugin-sdk/issues/66, https://github.com/hashicorp/terraform-provider-aws/issues/2...).
> We're coming up on 10000 resources in our main Terraform repository and while there is definitely some friction, it's overall much better than having to hit the cloud API's to gather each of those states which would probably take at least an order of magnitude longer.
I don't think that's necessary true. Most cloud API's actually can return hundreds of records with 1 API calls, e.g. https://docs.aws.amazon.com/elasticloadbalancing/latest/APIR... has a maximum page size of 400.
If I manage the cloud resources via some custom tools and/or with some ansible-fu, I can decide to batch the API calls when it makes sense.
With terraform, it is not possible to do so (https://github.com/hashicorp/terraform-plugin-sdk/issues/66, https://github.com/hashicorp/terraform-provider-aws/issues/2...).
>Isn't pulumi aws just terraform under the hood still?
It depends.
The AWS "Classic" provider uses the terraform provider [1].
The AWS "Native" provider does not, and instead uses the AWS Cloud Control API [2].
[1]: https://github.com/pulumi/pulumi-aws
[2]: https://github.com/pulumi/pulumi-aws-native
>Isn't pulumi aws just terraform under the hood still?
It depends.
The AWS "Classic" provider uses the terraform provider [1].
The AWS "Native" provider does not, and instead uses the AWS Cloud Control API [2].
[1]: https://github.com/pulumi/pulumi-aws
[2]: https://github.com/pulumi/pulumi-aws-native
Related posts
- How To Manage Amazon GuardDuty in AWS Organizations Using Terraform
- AWS EKS: From IRSA to Pod Identity With Terraform
- AWS Makes Cloud Formation Stack Creation Up to 40% Faster
- Authorization and Amazon Verified Permissions - A New Way to Manage Permissions Part XII: Terraform
- Part 4 - Terraform Providers