AWS and Pulumi with Go Getting Started

Published: 2022-09-03

Intro

Pulumi is an Infrastructure as Code (IaC) tool similar to Terraform, except that, rather than defining resources in a DSL, you defined them in a supported programming language. This means you have access to all of your chosen languages features as well as any supporting libraries you may need.

In this post I will cover the steps to get started configuring your AWS environment with Pulumi and the Go language.

Software

The following software was used in this post.

  • Go - 1.19
  • Pulumi - 1.1.7
  • Ubuntu - 22.04

Pre-Flight Check

AWS

An AWS user is required to interact with AWS resources.

Create IAM User

Create an IAM user that will access AWS programatically. The docs to create a user can be found here.

Note
The users permission level needs to allow access to the resources you wish to manage.
Configure AWS Credentials

Once the user is created, generate access keys. The relevant docs can be found here.

Add the credentials as environment variables in your ~/.zshrc file. This allows Pulumi to utilize the credentials automagically.

# ~/.zshrc export AWS_ACCESS_KEY_ID="<access-key>" export AWS_SECRET_ACCESS_KEY="<secret-key>" export AWS_REGION="<region>"

Go

I am using Pulumi with the Go language so we need to have Go installed.

Install Go

Details for installing Go can be found in the docs here.

The TL/DR steps are as follows.

# Download wget https://go.dev/dl/go1.19.linux-amd64.tar.gz # Extract tar -zxvf go1.19.linux-amd64.tar.gz # Install sudo mv go/ /usr/local
Configure Go Path

Add Go to your path via your ~/.zshrc file. This gives you access to the 'go' cli command.

# ~/.zshrc export PATH=$PATH:/usr/local/go/bin

Pulumi

Install Pulumi

Details for installing Pulumi can be found here.

The TL/DR with the installer script is as follows.

curl -fsSL https://get.pulumi.com | sh
Configure Pulumi Path

Add Pulumi to your path via your ~/.zshrc file. This gives you access to the 'pulumi' cli command.

# ~/.zshrc export PATH=$PATH:$HOME/.pulumi/bin
Create a Pulumi Account

I am utilising the Pulumi service backend, if you don't have an account already go here to create one.

Note
The Pulumi service backend is free for individual use.
Create Pulumi Access Token

Once you have created an account, login and create an access token that will be used to authenticate you to the Pulumi service. Browse to:

  • Settings
  • Access tokens
Configure Pulumi Credentials

Add the Pulumi access token to your ~/.zshrc file.

# ~/.zshrc export PULUMI_ACCESS_TOKEN="<pulumi-token>"

Build the Infrastructure

Let's build some simple infrastucture in AWS with Pulumi.

Pulumi Components

Pulumi has a number of components that are used to define and manage infrastructure.

In this section I will concentrate on the following three.

  • Project - Specifies the language runtime and other configuration options for the project.
  • Stack - Isolated instance of a Pulumi program. Usually named after the desired envionment (dev, test, prod, etc..)
  • Resource - Configuration items to be managed such as S3 bucket and EC2 instance.

Create a Project

When creating a new project the folder name is used for the project name. The project folder will also have a Pulumi.yaml file.

Create a project named testing123.

mkdir testing123 && cd testing123

Initialize Project

Use the pulumi new command to initialize the project and stack.

pulumi new aws-go --stack test --yes

The options specified are as follows.

  • new - Initialize a new project.
  • aws-go - The template that is used to build the project. In this case, the project is for AWS using the Go language.
  • --stack test - The name of the stack.
  • --yes - Accept default config values.

The above command creates to following files.

  • Pulumi.yaml - The project configuration file.
  • Pulumi.test.yaml - The stack configuration file.
  • go.mod - Go modules property file which includes the Go version and the dependencies.
  • go.sum - Checksum file for Go dependencies.
  • main.go - The entrypoint for the Pulumi program.

Define Resources

The default main.go file defines the code to build and S3 bucket.

Open up the main.go file and let step through it. I have added some additional comments below to further explain what is happening.

file
// file: main.go
// Defines this file as being part of the `main` package.
package main

// Import the required packages to build the resources.
import (
	github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3
	github.com/pulumi/pulumi/sdk/v3/go/pulumi
)

// Entrypoint for the program.
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		// Create an AWS resource (S3 Bucket)
		bucket, err := s3.NewBucket(ctx, "my-bucket", nil)

		// If we get an erorr, return the error.
		if err != nil {
			return err
		}

		// Export the name of the bucket.
		// Exports are displayed as `Outputs` when
		// building resources.
		ctx.Export("bucketName", bucket.ID())

		// exit the program returning `nil`
		return nil
	})
}

Build Resources

Install Dependencies

We are using the s3 module so we need to install it.

cmd
go get github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3

Build Resources

Lets build the resources by running the pulumi up command.

cmd
pulumi up -f

# Output
Updating (test)

View Live: https://app.pulumi.com/<account-name>/testing123/test/updates/3

Type                 Name             Status
+   pulumi:pulumi:Stack  testing123-test  created
+   └─ aws:s3:Bucket     my-bucket        created

Outputs:
bucketName: "my-bucket-22610e5"

Resources:
+ 2 created

Duration: 10s
Note
The -f flag auto-accepts to changes.

We can see from the Outputs section that the my-bucket-22610e5 S3 Bucket was created.

Confirm Creation

If you have the AWS CLI installed you can get a list of the S3 buckets with the aws s3 ls command.

cmd
aws s3 ls --region us-east-1

# Output
2022-09-03 13:16:13 my-bucket-22610e5

Otherwise, you can browse to the S3 services section in the AWS console.

Delete Resources

Resources can be deleted with the pulumi destroy command.

cmd
pulumi destroy -f

# Output
Destroying (test)

View Live: https://app.pulumi.com/<account-name>/testing123/test/updates/4

Type                 Name             Status
-   pulumi:pulumi:Stack  testing123-test  deleted
-   └─ aws:s3:Bucket     my-bucket        deleted

Outputs:
- bucketName: "my-bucket-22610e5"

Resources:
- 2 deleted

Duration: 5s

Delete Stack

If the stack is no longer required, you can delete the stack as well with the pulumi stack rm test command.

cmd
pulumi stack rm test

# Output
This will permanently remove the 'test' stack!
Please confirm that this is what you'd like to do by typing `test`: test
Stack 'test' has been removed!

How much fun was that!

Outro

In this post I showed you how to get started managing AWS infrastructure using Pulumi with the Go language. Look out for a future post where I will show you how to host a static website on AWS with Pulumi.