Connect Pulumi to AI agents

Connect Pulumi to Claude, Codex, Cursor, or other AI agents for your entire team. Metorial security, governance, observability, and gives your team a unified Magic MCP url to connect.

Supported Tools

list_environments

List Environments

List all Pulumi ESC environments in an organization. Returns environment names, projects, and timestamps.

open_environment

Open Environment

Open a Pulumi ESC environment to resolve and retrieve its computed values and secrets. This evaluates all dynamic providers (like AWS login, etc.) and returns the resolved values. Optionally retrieve a specific property path.

manage_webhooks

Manage Webhooks

List, create, or delete webhooks in Pulumi Cloud. Supports both organization-level webhooks (receive events for all stacks) and stack-level webhooks (scoped to a single stack).

get_stack

Get Stack

Retrieve detailed information about a specific Pulumi stack including its tags, current operation status, version, and optionally its outputs and resource details.

list_audit_logs

List Audit Logs

Retrieve audit log events for a Pulumi organization. Shows user activity including stack operations, deployments, and access changes. Available for Enterprise and Business Critical editions.

delete_stack

Delete Stack

Delete a Pulumi stack. Use `force` to delete even if resources still exist in the stack.

list_deployments

List Deployments

List deployments for a specific stack or across an entire organization. Useful for monitoring deployment history and status.

cancel_deployment

Cancel Deployment

Cancel an in-progress deployment on a stack. Use with caution — cancelling may leave the stack in an inconsistent state.

list_stacks

List Stacks

List all Pulumi stacks accessible to the authenticated user. Optionally filter by organization, project, or tags. Returns stack names, resource counts, and last update timestamps.

list_policy_packs

List Policy Packs

List all policy packs in a Pulumi organization. Policy packs contain compliance and governance rules that are enforced during stack updates.

manage_access_tokens

Manage Access Tokens

List, create, or delete personal access tokens for the authenticated Pulumi user.

manage_stack_tags

Manage Stack Tags

Set or delete tags on a Pulumi stack. Tags are key-value metadata used for categorization and querying. You can set a new tag, update an existing one, or delete a tag.

create_stack

Create Stack

Create a new Pulumi stack within a project. The project will be created automatically if it does not exist.

trigger_deployment

Trigger Deployment

Trigger a Pulumi deployment operation on a stack. Supports **update**, **preview**, **refresh**, and **destroy** operations. Deployment settings configured on the stack are inherited by default.

get_deployment

Get Deployment

Retrieve details and optionally logs for a specific deployment. Use this to check deployment status, view logs, or monitor deployment progress.

search_resources

Search Resources

Search across all cloud resources managed by Pulumi in your organization using Pulumi query syntax. Useful for auditing, incident response, and resource discovery.

list_stack_updates

List Stack Updates

List the update history for a Pulumi stack. Shows past operations (update, preview, destroy, refresh) with their results, resource changes, and timing.

manage_environment

Manage Environment

Create, read, update, or delete a Pulumi ESC (Environments, Secrets, and Configuration) environment. Environments store secrets, config, and credentials as versioned YAML definitions.

list_org_members

List Organization Members

List all members of a Pulumi organization with their roles and profile information.

More integrations teams use with Pulumi

GitHub

Manage repositories, issues, and pull requests. Create and configure branches, star repositories, review code, and merge changes. Automate CI/CD workflows with GitHub Actions, manage workflow runs, secrets, and artifacts. Track issues with labels, milestones, and assignees. Search across code, repositories, issues, and users. Manage organizations, teams, and memberships. Create and manage projects, gists, packages, deployments, and environments. Access security alerts including code scanning, secret scanning, and Dependabot alerts. Read and write file contents in repositories. Manage webhooks, notifications, and codespaces.

Sharepoint

Manage SharePoint sites, document libraries, lists, and files. Create, read, update, and delete lists and list items with custom columns. Upload, download, move, copy, and version files in document libraries. Search across sites, files, folders, lists, and list items using Microsoft Search. Manage permissions at site, list, and item levels with granular access control. Define and manage content types and site columns. Subscribe to webhooks for list and library change notifications. Retrieve site properties and search for sites across Microsoft 365.

Salesforce

Manage CRM data including Accounts, Contacts, Leads, Opportunities, Cases, and custom objects. Create, read, update, and delete records. Query data using SOQL and search across objects using SOSL. Perform bulk data operations for large-scale imports, exports, and migrations. Execute composite requests to batch multiple operations in a single API call. Access analytics, reports, and dashboards. Manage files and attachments associated with records. Interact with Chatter feeds, posts, and groups for social collaboration. Subscribe to real-time change events via Change Data Capture and Platform Events. Manage org metadata including custom objects, fields, layouts, and workflows. Query data using GraphQL for precise data retrieval across related objects.

Airtable

Create, read, update, and delete records in Airtable bases and tables. Manage base schemas including creating tables and fields. Filter records using formulas, sort by fields, and scope queries to specific views. Upsert records to find, create, or update in a single call. Upload attachments to records, read and write record comments, list accessible bases, and receive real-time base change events through webhooks.

Bitbucket

Manage Git repositories, pull requests, and CI/CD pipelines on Bitbucket Cloud. Create, fork, and configure repositories within workspaces and projects. Create, review, approve, merge, and decline pull requests with inline code comments. Browse source code, list commits, and manage branches and tags. Track issues with the built-in issue tracker. Trigger, monitor, and manage Bitbucket Pipelines. List workspace members, configure repository default reviewers and branch restrictions, create and manage repository webhooks, and search code across repositories.

Heroku

Deploy, manage, and scale applications on Heroku's cloud platform. Create and configure apps, scale dynos, provision add-ons (databases, caching, etc.), manage configuration variables, build and release code, add custom domains and SSL certificates, manage collaborators and team permissions, configure pipelines for continuous delivery, set up log drains, and sync data with Salesforce via Heroku Connect. Subscribe to webhooks for real-time notifications on app changes, builds, releases, dyno lifecycle events, and more.

Technical notes for Pulumi

Manage cloud infrastructure-as-code through Pulumi Cloud. Create, list, and delete stacks and projects. Trigger and monitor deployments including updates, previews, destroys, and refreshes. Manage secrets, configuration, and environments (Pulumi ESC) with versioning and composability. Search and audit cloud resources across organizations. Enforce compliance with policy packs and policy groups. Configure scheduled operations like drift detection and TTL stack destruction. Manage organization membership, teams, and access tokens. Export audit logs and data for external analysis. Configure webhooks for stack, deployment, drift, policy, and environment events.

Connect Pulumi to production AI agents

See how Metorial gives Pulumi access the governance, tracing, and security controls teams need.

Frequently asked questions

Common questions about connecting Pulumi to AI agents with Metorial.

  1. Can Metorial connect Pulumi to AI agents?
    Yes. Metorial connects AI agents to Pulumi through a governed integration layer, so teams can use the provider while keeping access controlled and observable.
  2. Metorial is MCP compatible and lets teams expose approved provider tools to MCP-capable agents and clients through a controlled access layer.
  3. Metorial applies policies across users, groups, providers, agents, and individual tools, then records the context around every agent interaction.
  4. Yes. Metorial records provider activity so teams can inspect tool calls, troubleshoot integrations, and give security teams the visibility they need.