Pulumi 参考

# 创建新项目 pulumi new aws-typescript pulumi new gcp-python # 栈管理 pulumi stack init dev pulumi stack ls pulumi stack select production # 预览和部署 pulumi preview # 显示计划变更 pulumi up # 部署变更 pulumi up --yes # 自动确认 # 销毁 pulumi destroy # 刷新状态 pulumi refresh # 导入已有资源 pulumi import aws:s3/bucket:Bucket my-bucket my-bucket-name

# 设置配置值 pulumi config set aws:region us-east-1 pulumi config set appVersion 2.1.0 pulumi config set --secret dbPassword SuperSecure123! # 获取配置 pulumi config get aws:region pulumi config get --show-secrets dbPassword # 在代码中使用（TypeScript） const config = new pulumi.Config(); const dbPassword = config.requireSecret("dbPassword"); # 在代码中使用（Python） config = pulumi.Config() db_password = config.require_secret("dbPassword")

import * as pulumi from "@pulumi/pulumi"; import * as aws from "@pulumi/aws"; const env = pulumi.getStack(); const bucket = new aws.s3.Bucket("my-bucket", { bucket: `my-app-${env}`, versioning: { enabled: true }, tags: { Environment: env, ManagedBy: "pulumi" }, }); const fn = new aws.lambda.Function("my-function", { runtime: aws.lambda.Runtime.NodeJS20dX, handler: "index.handler", role: role.arn, environment: { variables: { BUCKET_NAME: bucket.bucket }, }, }); export const bucketName = bucket.bucket; export const functionArn = fn.arn;

// 跨栈引用（读取其他栈的输出） const networkStack = new pulumi.StackReference("my-org/network/production"); const vpcId = networkStack.getOutput("vpcId"); const subnetIds = networkStack.getOutput("subnetIds");