Pulumi plugins

Generate modular, production-ready Infrastructure as Code configurations for Terraform, CloudFormation, Pulumi, ARM templates, and CDK across AWS, GCP, and Azure clouds, including variables, outputs, and remote state setup.

Detect drift between cloud infrastructure and IaC definitions using Terraform plan, CloudFormation detect-stack-drift, or Pulumi preview. Parse changes into resource-level reports with remediation suggestions. Generate production-ready DevOps configurations, setup code, and documentation from infrastructure specs.

Research infrastructure best practices via enhanced web search and automatically generate deployable Terraform modules, Dockerfiles, Kubernetes manifests, Pulumi programs, and CI/CD pipelines for AWS, GCP, or Azure deployments.

Navigate Cloudflare's full product suite—compute (Workers, Pages), storage (R2, D1, KV), AI (Workers AI, Vectorize), networking, security, and IaC (Terraform, Pulumi)—via interactive decision trees to select services and retrieve prioritized documentation for deployments.

Delegate platform engineering tasks to specialized AI agents that optimize developer experience through tooling and workflows, provision infrastructure with IaC tools like Terraform and Pulumi across AWS, GCP, and Azure, and design internal developer platforms for self-service, golden paths, and onboarding.

Generate CI/CD workflows, validate Dockerfiles, audit dependencies for CVEs, and run production readiness checks — all from a single Shipyard configuration that detects your project stack and deployment targets.

Manage Pulumi infrastructure-as-code projects directly from the CLI: scaffold TypeScript AWS stacks, compose reusable component resources (EC2, security groups, VPCs), and control multi-environment deployments with stack config and Bash orchestration.

Migrate Terraform, AWS CDK, ARM/Bicep, and CloudFormation infrastructure to Pulumi programs. Convert source code or templates, import existing resources from tfstate or stacks into Pulumi for zero-diff validation, and generate deployment reports to streamline IaC transitions.

Orchestrate full-feature development with worktree isolation and TDD, plan and validate against product specs, enforce systematic root cause analysis, and automate code review, architecture alignment, and rollout behind feature flags.

Orchestrate AI agent workflows across IDEs with structured planning, implementation, testing, and documentation generation, plus infrastructure-as-code support and multi-agent coordination.

Automate end-to-end infrastructure workflows: zero-config project setup, IaC generation with Terraform/Pulumi/CDK, safe deployments to AWS/GCP/Azure with gates, post-deploy verification, migrations, CI/CD pipelines, monitoring, and cost/security audits in structured pipelines.

Embed a team of AI security specialists into your coding workflow to enforce secure SDLC practices. Automatically generate OWASP ASVS-aligned requirements, run STRIDE/LINDDUN threat models, review IaC and code for misconfigurations, map controls to SOC 2/ISO 27001/GDPR/PCI DSS/NIST CSF/DORA, produce risk registers and audit evidence, and gate releases with formal go/no-go checks.

Audit AWS IaC code in Terraform, CloudFormation, and Pulumi against all six Well-Architected Framework pillars for security, reliability, performance efficiency, cost optimization, operational excellence, and sustainability. Scan JavaScript, TypeScript, Python, Java, and Go code for OWASP Top 10 2025 vulnerabilities, reporting severity, locations, risks, and fixes.

Generate infrastructure and architecture diagrams from codebase analysis using D2, producing markdown documentation, D2 source files, and themed SVGs. Discovers IaC patterns and documentation structures, validates diagram quality, and enforces code lifecycle hooks.

Orchestrates the full AI-assisted software delivery lifecycle with structured workflows for feature development, infrastructure/DevOps changes, bug fixes, and releases. Enforces quality gates across planning, design, testing, security, and deployment artifacts, with multi-agent review loops, blast-radius analysis, and compliance checks.

Migrate Kubernetes, Docker Compose, and Helm workloads to Control Plane, then manage their full lifecycle—deploying, scaling, securing, networking, and monitoring across hybrid multi-cloud environments with Infrastructure as Code and GitOps support.