Terraform, and Pulumi are two popular Infrastructure as Code (IaC) tools used to provision and manage virtual environments. Both tools are open source, widely used, and provide similar features. However, it isn’t easy to choose between Pulumi and Terraform without a detailed comparison.

Below is an examination of the main differences between Pulumi and Terraform. The article analyzes which tool performs better in real-life use cases and offers more value to an efficient software development life cycle.

Key Differences Between Pulumi and Terraform

  • Pulumi does not have a domain-specific software language. Developers can build infrastructure in Pulumi by using general-purpose languages such as Go, .NET, JavaScript, etc. Terraform, on the other hand, uses its Hashicorp Configuration Language.
  • Terraform follows a strict code guideline. Pulumi is more flexible in that regard.
  • Terraform is well documented and has a vibrant community. Pulumi has a smaller community and is not as documented.
  • Terraform is easier for state file troubleshooting.
  • Pulumi provides superior built-in testing support due to not using a domain-specific language.

What is Pulumi?

Pulumi is an open-source IaC tool for designing, deploying and managing resources on cloud infrastructure. The tool supports numerous public, private, and hybrid cloud providers, such as AWS, Azure, Google Cloud, Kubernetes, phoenixNAP Bare Metal Cloud, and OpenStack.

Pulumi is used to create traditional infrastructure elements such as virtual machines, networks, and databases. The tool is also used for designing modern cloud components, including containers, clusters, and serverless functions.

While Pulumi features imperative programming languages, use the tool for declarative IaC. The user defines the desired state of the infrastructure, and Pulumi builds up the requested resources.

What is Terraform?

Terraform is a popular open-source IaC tool for building, modifying, and versioning virtual infrastructure.

The tool is used with all major cloud providers. Terraform is used to provision everything from low-level components, such as storage and networking, to high-end resources such as DNS entries. Building environments with Terraform is user-friendly and efficient. Users can also manage multi-cloud or multi offering environments with this tool.

How to Install Terraform?

Learn how to get started with Terraform in our guide How to Install Terraform on CentOS/Ubuntu.

Terraform is a declarative IaC tool. Users write configuration files to describe the needed components to Terraform. The tool then generates a plan describing the required steps to reach the desired state. If the user agrees with the outline, Terraform executes the configuration and builds the desired infrastructure.

A diagram comparing Pulumi to Terraform

Pulumi vs Terraform Comparison

While both tools serve the same purpose, Pulumi and Terraform differ in several ways. Here are the most prominent differences between the two infrastructure as code tools:

1. Unlike Terraform, Pulumi Does Not Have a DSL

To use Terraform, a developer must learn a domain-specific language (DSL) called Hashicorp Configuration Language (HCL). HCL has the reputation of being easy to start with but hard to master.

In contrast, Pulumi allows developers to use general-purpose languages such as JavaScript, TypeScript, .Net, Python, and Go. Familiar languages allow familiar constructs, such as for loops, functions, and classes. All these functionalities are available with HCL too, but their use requires workarounds that complicate the syntax.

The lack of a domain-specific language is the main selling point of Pulumi. By allowing users to stick with what they know, Pulumi cuts down on boilerplate code and encourages the best programming practices.

2. Different Types of State Management

With Terraform, state files are by default stored on the local hard drive in the terraform.tfstate file. With Pulumi, users sign up for a free account on the official website, and state files are stored online.

By enabling users to store state files via a free account, Pulumi offers many functionalities. There is a detailed overview of all resources, and users have insight into their deployment history. Each deployment provides an analysis of configuration details. These features enable efficient managing, viewing, and monitoring activities.

What's a State File?

State files help IaC tools map out the configuration requirements to real-world resources.

To enjoy similar benefits with Terraform, you must move away from the default local hard drive setup. To do that, use a Terraform Cloud account or rely on a third-party cloud storing provider. Small teams of up to five users can get a free version of Terraform Cloud.

Pulumi requires a paid account for any setup with more than a single developer. Pulumi’s paid version offers additional benefits. These include team sharing capabilities, Git and Slack integrations, and support for features that integrate the IaC tool into CI/CD deployments. The team account also enables state locking mechanisms.

3. Pulumi Offers More Code Versatility

Once the infrastructure is defined, Terraform guides users to the desired declarative configuration. The code is always clean and short. Problems arise when you try to implement certain conditional situations as HCL is limited in that regard.

Pulumi allows users to write code with a standard programming language, so numerous methods are available for reaching the desired parameters.

4. Terraform is Better at Structuring Large Projects

Terraform allows users to split projects into multiple files and modules to create reusable components. Terraform also enables developers to reuse code files for different environments and purposes.

Pulumi structures the infrastructure as either a monolithic project or micro-projects. Different stacks act as different environments. When using higher-level Pulumi extensions that map to multiple resources, there is no way to deserialize the stack references back into resources.

5. Terraform Provides Better State File Troubleshooting

When using an IaC tool, running into a corrupt or inconsistent state is inevitable. A crash usually causes an inconsistent state during an update, a bug, or a drift caused by a bad manual change.

Terraform provides several commands for dealing with a corrupt or inconsistent state:

  • refresh handles drift by adjusting the known state with the real infrastructure state.
  • state {rm,mv} is used to modify the state file manually.
  • import finds an existing cloud resource and imports it into your state.
  • taint/untaint marks individual resources as requiring recreation.

Pulumi also offers several CLI commands in the case of a corrupt or inconsistent state:

  • refresh works in the same way as Terraform’s refresh.
  • state delete removes the resource from the state file.

Pulumi has no equivalent of taint/untaint. For any failed update, a user needs to edit the state file manually.

6. Pulumi Offers Better Built-In Testing

As Pulumi uses common programming languages, the tool supports unit tests with any framework supported by the user’s software language of choice. For integrations, Pulumi only supports writing tests in Go.

Terraform does not offer official testing support. To test an IaC environment, users must rely on third-party libraries like Terratest and Kitchen-Terraform.

7. Terraform Has Better Documentation and a Bigger Community

When compared to Terraform, the official Pulumi documentation is still limited. The best resources for the tool are the examples found on GitHub and the Pulumi Slack.

The size of the community also plays a significant role in terms of helpful resources. Terraform has been a widely used IaC tool for years, so its community grew with its popularity. Pulumi‘s community is still nowhere close to that size.

8. Deploying to the Cloud

Pulumi allows users to deploy resources to the cloud from a local device. By default, Terraform requires the use of its SaaS platform to deploy components to the cloud.

If a user wishes to deploy from a local device with Terraform, AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY variables need to be added to the Terraform Cloud environment. This process is not a natural fit with federated SSO accounts for Amazon Web Services (AWS). Security concerns over a third-party system having access to your cloud are also worth noting.

The common workaround is to use Terraform Cloud solely for storing state information. This option, however, comes at the expense of other Terraform Cloud features.

Note: The table is scrollable horizontally!

Pulumi Terraform
Publisher Pulumi HashiCorp
Method Push Push
IaC approach Declarative Declarative
Price Free for one user, three paid packages for teams Free for up to five users, two paid packages for larger teams
Written in Typescript, Python, Go Go
Source Open Open
Domain-Specific Language (DSL) No Yes (Hashicorp Configuration Language)
Main advantage Code in a familiar programming language, great out-of-the-box GUI Pure declarative IaC tool, works with all major cloud providers, lets you create infrastructure building blocks
Main disadvantage Still unpolished, documentation lacking in places HCL limits coding freedom and needs to be mastered to use advanced features
State files management State files are stored via a free account State files are by default stored on a local hard drive
Community Mid-size Large
Ease of use The use of JavaScript, TypeScript, .Net, Python, and Go keeps IaC familiar HCL is a complex language, albeit with a clean syntax
Modularity Problematic with higher-level Pulumi extensions Ideal due to reusable components
Documentation Limited, with best resources found on Pulumi Slack and GitHub Excellent official documentation
Code versatility As users write code in different languages, there are multiple ways to reach the desired state HCL leaves little room for versatility
Deploying to the cloud Can be done from a local device Must be done through the SaaS platform
Testing Test with any framework that supports the used programming language Must be performed via third-party tools

Infrastructure as code diagram with templates scripts and policies

Using Pulumi and Terraform Together

It is possible to run IaC by using both Pulumi and Terraform at the same time. Using both tools requires some workarounds, though.

Pulumi supports consuming local or remote Terraform state from Pulumi programs. This support helps with the gradual adoption of Pulumi if you decide to continue managing a subset of your virtual infrastructure with Terraform.

For example, you might decide to keep your VPC and low-level network definitions written in Terraform to avoid disrupting the infrastructure. Using the state reference support, you can design high-level infrastructure with Pulumi and still consume the Terraform-powered VPC information. In that case, the co-existence of Pulumi and Terraform is easy to manage and automate.

Conclusion: Both are Great Infrastructure as Code Tools

Both Terraform and Pulumi offer similar functionalities. Pulumi is a less rigid tool focused on functionality. Terraform is more mature, better documented, and has strong community support.

However, what sets Pulumi apart is its fit with the DevOps culture.

By expressing infrastructure with popular programming languages, Pulumi bridges the gap between Dev and Ops. It provides a common language between development and operations teams. In contrast, Terraform reinforces silos across departments, pushing development and operations teams further apart with its domain-specific language.

From that point of view, Pulumi is a better fit for standardizing the DevOps pipeline across the development life cycle. The tool reinforces uniformity and leads to quicker software development with less room for error.