Pulumi Integration
Infrastructure-as-code change events and stack update correlation. Correlate every Pulumi resource change with operational metric shifts and surface IaC-driven regressions instantly.
How It Works
Add the TigerOps Pulumi Plugin
Install the tigerops Pulumi resource provider or the tigerops-pulumi automation API wrapper. It hooks into stack lifecycle events and resource change events without modifying your existing Pulumi programs.
Configure Stack Webhook in Pulumi Cloud
In Pulumi Cloud, add a TigerOps webhook to your organization or stack. Select update, preview, and destroy events. Pulumi Cloud will POST structured stack update payloads to your TigerOps endpoint.
Tag Stacks with Service Metadata
Use Pulumi stack tags to annotate your stacks with service name, team, and environment. TigerOps uses these tags to scope change events to the correct service metrics for accurate post-deploy correlation.
Correlate Updates with Operational Metrics
TigerOps records every stack update as a change event and automatically scans correlated time series for anomalies, surfacing which resource changes are likely responsible for metric regressions.
What You Get Out of the Box
Stack Update Event Tracking
Capture every Pulumi stack update with resource diff counts, update duration, the triggering identity, and a link to the Pulumi Cloud update page. All updates appear as annotated change events in TigerOps dashboards.
Resource Change Diff Correlation
When a stack update modifies infrastructure resources, TigerOps correlates the affected resource types and names with downstream metric anomalies, helping you pinpoint which resource change caused a regression.
Update Duration & Drift Metrics
Track Pulumi stack update duration trends over time. TigerOps alerts when update times regress significantly, which can indicate increasing infrastructure complexity or provider API throttling.
Preview Failure Monitoring
Capture failed preview runs with their error messages and resource contexts. TigerOps aggregates preview failures by stack and error type to help identify common IaC authoring issues across your organization.
Drift Detection via Scheduled Refresh
Monitor Pulumi refresh results to track resource drift between your desired state and actual cloud state. TigerOps alerts when refresh runs detect significant drift before it causes deployment failures.
Multi-Stack Deployment Coordination
Track update ordering and dependencies across stacks that share stack references. TigerOps visualizes the update propagation chain and identifies bottlenecks in your infrastructure delivery pipeline.
Pulumi Cloud Webhook & Stack Tags
Configure a Pulumi Cloud webhook and stack tags to forward update events to TigerOps.
#!/bin/bash
# Configure TigerOps webhook in Pulumi Cloud via the Pulumi CLI
# Add stack tags for service/environment scoping
pulumi stack tag set service my-api
pulumi stack tag set environment production
pulumi stack tag set team platform-eng
# Create the TigerOps webhook at the stack level
# (or use --organization flag for org-level forwarding)
pulumi webhook create \
--stack my-org/my-api/production \
--display-name "TigerOps Change Events" \
--url https://ingest.atatus.net/api/v1/pulumi/events \
--secret "${TIGEROPS_API_KEY}" \
--event update_succeeded \
--event update_failed \
--event preview_succeeded \
--event preview_failed \
--event destroy_succeeded
# ─── Automation API example (TypeScript) ─────────────────────────
# import * as tigerops from "@tigerops/pulumi";
#
# const stack = await LocalWorkspace.createOrSelectStack({ ... });
#
# // Wrap the stack to emit lifecycle events automatically
# const trackedStack = tigerops.wrapStack(stack, {
# apiKey: process.env.TIGEROPS_API_KEY!,
# service: "my-api",
# environment: "production",
# });
#
# await trackedStack.up({ onOutput: console.info });Common Questions
Does TigerOps work with both Pulumi Cloud and self-hosted Pulumi backends?
Yes. The Pulumi Cloud webhook integration works with Pulumi Cloud (SaaS). For self-hosted or local backends (S3, Azure Blob, GCS), use the TigerOps Automation API wrapper or the CLI event hooks to forward stack update events.
Which Pulumi languages are supported?
TigerOps integrates at the Pulumi engine and CLI level, not at the language SDK level, so it supports all Pulumi languages — TypeScript, Python, Go, .NET, Java, and YAML — without any language-specific configuration.
How does TigerOps handle Pulumi destroy events?
Destroy operations are tracked as change events with a "destroy" type. TigerOps records the destroyed resource count, stack name, and triggering identity. Post-destroy metric correlation helps confirm whether teardown caused any production impact.
Can TigerOps integrate with Pulumi ESC for secret and environment tracking?
TigerOps can ingest environment open and close events from Pulumi ESC via webhooks, giving you visibility into when environment configurations are consumed by stacks. This helps correlate environment-level configuration changes with stack update outcomes.
How are Pulumi stack references handled in multi-stack architectures?
When a stack update consumes outputs from another stack via stack references, TigerOps records both the updated stack and the referenced stack in the change event, enabling cross-stack correlation in your infrastructure dependency graph.
Know the Moment an IaC Change Breaks Production
Stack update correlation, resource diff tracking, and drift detection. Connect in under 5 minutes.