Connected Pulumi

Connected Pulumi is an MCP server that provides AI assistants with Infrastructure as Code development capabilities through Pulumi Cloud and the Pulumi CLI. This MCP bridge enables language models to discover cloud resources, generate Pulumi programs, manage stacks, and inspect infrastructure state, bringing conversational infrastructure management to development workflows.

When to Use This MCP Server

Connect this server when...

• You are developing Infrastructure as Code with Pulumi and want AI assistance generating resource definitions and stack configurations
• You need to discover and inspect existing cloud resources across AWS, Azure, GCP, or Kubernetes managed by Pulumi
• Your team manages multiple Pulumi stacks and you want conversational access to stack outputs, configurations, and deployment history
• You are migrating infrastructure between cloud providers and need AI guidance on translating resource definitions
• You want to troubleshoot failed Pulumi deployments by inspecting stack state and resource dependencies

Consider alternatives when...

• Your infrastructure is managed exclusively with Terraform or CloudFormation without Pulumi involvement
• You only need basic cloud resource listing without Infrastructure as Code capabilities
• You need real-time infrastructure monitoring rather than IaC development assistance

Quick Start

Copy
# .mcp.json configuration
{
  "mcpServers": {
    "pulumi": {
      "command": "npx",
      "args": ["-y", "@pulumi/mcp-server@latest", "stdio"]
    }
  }
}

Connection setup:

1. Install the Pulumi CLI: curl -fsSL https://get.pulumi.com | sh
2. Authenticate with Pulumi Cloud: pulumi login
3. Add the configuration above to your .mcp.json file
4. Restart your MCP client to activate the Pulumi server

Example tool usage:

# Discover cloud resources
> List all S3 buckets managed by the production stack

# Generate infrastructure code
> Create a Pulumi TypeScript program that deploys a VPC with 3 subnets in AWS

# Inspect stack state
> Show me the outputs of the staging stack and any recent deployment failures

Core Concepts

Concept	Purpose	Details
Stacks	Environment instances	Named instances of a Pulumi program representing different environments like dev, staging, and production
Programs	Infrastructure definitions	Code written in TypeScript, Python, Go, or C# that declares the desired cloud resource state
Resources	Cloud infrastructure units	Individual cloud resources (VMs, databases, networks) managed by Pulumi with tracked state
State Backend	Infrastructure tracking	Pulumi Cloud or self-hosted backend that stores the current state of all managed resources
Providers	Cloud API adapters	Plugins that translate Pulumi resource definitions into cloud provider-specific API calls

Architecture:

+------------------+       +------------------+       +------------------+
|  Pulumi Cloud    |       |  Pulumi MCP      |       |  AI Assistant    |
|  + CLI           |<----->|  Server (npx)    |<----->|  (Claude, etc.)  |
|  State/Registry  | API   |  stdio transport  | stdio |                  |
+------------------+       +------------------+       +------------------+
        |
        v
+--------------------------------------------------+
|  Orgs > Projects > Stacks > Resources > Outputs   |
+--------------------------------------------------+

Configuration

Parameter	Type	Default	Description
PULUMI_ACCESS_TOKEN	string	(from CLI login)	Pulumi Cloud access token for API authentication when not using CLI login
PULUMI_BACKEND_URL	string	https://api.pulumi.com	Backend URL for self-hosted Pulumi service or Pulumi Cloud
default_org	string	(personal)	Default Pulumi organization to scope operations when not specified
default_project	string	none	Default project name to use when querying stacks and resources
enable_preview	boolean	false	Allow the server to run pulumi preview for change detection on stacks

Best Practices

1. Use Pulumi Cloud authentication for team workflows. Authenticate through pulumi login or set the PULUMI_ACCESS_TOKEN environment variable rather than embedding credentials in configuration. Pulumi Cloud tokens provide organization-scoped access and can be managed centrally by team administrators.

2. Start with resource discovery before generating code. Before asking the AI to generate new infrastructure, have it inspect existing stacks and resources first. This contextual awareness helps produce code that integrates correctly with existing infrastructure rather than creating conflicts or duplicates.

3. Leverage stack outputs for cross-stack references. When working with multi-stack architectures, use stack outputs to share resource identifiers between stacks. Ask the AI to inspect outputs from dependency stacks to ensure correct references when generating new infrastructure code.

4. Preview changes before applying. If the enable_preview option is enabled, always ask the AI to run a preview before suggesting any destructive operations. The preview shows exactly what resources will be created, updated, or deleted, providing a safety check before actual deployment.

5. Specify the programming language for code generation. Pulumi supports TypeScript, Python, Go, C#, and YAML. When asking the AI to generate infrastructure code, specify your preferred language and any project conventions (naming patterns, module structure) to ensure the output matches your codebase style.

Common Issues

"Not logged in" error when connecting. The MCP server requires an active Pulumi session. Run pulumi login in your terminal to authenticate with Pulumi Cloud, or set the PULUMI_ACCESS_TOKEN environment variable with a valid token. Verify the token has not expired by running pulumi whoami.

Stack operations fail with "stack not found". Ensure you are specifying the full stack reference in the format org/project/stack. If your stack is in a different organization than your default, include the organization name explicitly. Run a list operation first to discover available stacks and their full references.

Resource discovery returns stale data. The Pulumi state backend reflects the last known state from the most recent deployment. If resources were modified outside of Pulumi (manually in the cloud console), the state may be outdated. Run pulumi refresh through the CLI to synchronize state with actual cloud resources before querying.