Pulumi
OfficialMCP server for Pulumi infrastructure as code operations via Automation API and Cloud API.
Tools (14)
get-stacks
Call this tool to list Pulumi stacks for the authenticated user and organization. Do not use this tool when the user wants to filter or search for specific stacks by name, type, or other criteria (e.g., "stacks with 'prod' in the name", "stacks created after 2024", "show me stacks containing 'bob'"). Use resource-search instead for these filtered queries. Use this tool only when you need to: - List ALL stacks in the organization - Get a complete inventory of stacks without any filtering - Browse all available stacks when the user wants a general overview.
resource-search
Search and analyze Pulumi-managed cloud resources. This tool should be used to find stacks when the user query has a filter, such as "with name 'Bob'". Use this tool to answer questions like: - "What cloud resources do I have?" - "Do I have any untagged S3 buckets?" - "Show me all resources in my production stack" - "What Lambda functions are running?" - "Find resources by type, name, project, or stack" - "Find stacks with name containing 'Bob'" Uses Lucene query syntax. See the 'query' parameter description for complete syntax rules and examples.
get-policy-violations
Get policy violations for Pulumi stacks. Use this tool to answer questions like: - "Do I have any policy violations?" - "What security issues are in my infrastructure?" - "Show me policy violations for my production stack" - "Are there any compliance issues in my project?" Returns open policy violations filtered by project, stack, or organization. Policy violations represent security, compliance, or best practice issues detected in your Pulumi resources.
get-users
List all users (members) in the organization. Use this when asked about users, members, admins, or team members.
neo-bridge
Launch and monitor Neo tasks step by step. Pulumi Neo is a purpose-built cloud infrastructure automation agent. If the JSON result has `has_more=true`, call this tool again to read more data. Continue calling until `has_more=false`. If you stop calling the tool, tell the user that the task continues running in Pulumi Console. When displaying messages to the user, try to return the data as-is with minimal summarization. IMPORTANT: Only set the approval parameter when the user explicitly approves/rejects in response to Neo requesting approval. Never automatically approve - wait for explicit user consent. CRITICAL: Once you receive a taskId from this tool, YOU MUST CONTINUE USING THAT SAME taskId for ALL subsequent calls until the conversation is explicitly reset. DO NOT create new tasks for follow-up questions - always use the existing taskId to send follow-up messages to the same Neo conversation. Each Neo task represents a continuous conversation thread that should be maintained throughout the user session. ENTITIES USAGE: When creating a NEW task (no taskId), if the user mentions specific infrastructure resources, you MUST provide them in the entities array: - If user mentions a GitHub repository like "github.com/owner/repo" or "analyze repository X", provide a repository entity - If user mentions a Pulumi stack like "my-stack in my-project" or "my-project/my-stack", provide a stack entity - If user mentions a policy issue ID, provide a policy_issue entity Examples: - "analyze repository github.com/pulumi/workshop" -> entities: [{type: "repository", name: "workshop", org: "pulumi", forge: "github"}] - "check the prod stack in infra-project" -> entities: [{type: "stack", name: "prod", project: "infra-project"}]
neo-reset-conversation
Reset the Neo conversation for a specific task
neo-continue-task
Continue or return to an existing Neo task. Use this to resume work on a previous task, check its status, or see what happened. You can specify a task by its ID, by position (e.g., "the second task", "the last task"), or by description (e.g., "the task about Pulumi ESC"). This command will poll the task and return any new messages. IMPORTANT: This tool is READ-ONLY for checking status and retrieving messages. To send follow-up questions or new instructions to an existing task, use neo-bridge with the taskId and query parameters instead.
neo-get-tasks
List Neo tasks for the organization. Returns task names, IDs, statuses, and links to view them in Pulumi Console.
get-type
Get the JSON schema for a specific JSON schema type reference
get-resource
Returns information about a Pulumi Registry resource
get-function
Returns information about a Pulumi Registry function
list-resources
List all resource types for a given provider and module
list-functions
List all function types for a given provider and module
deploy-to-aws
Deploy application code to AWS by generating Pulumi infrastructure. This tool automatically analyzes your application files and provisions the appropriate AWS resources (S3, Lambda, EC2, etc.) based on what it finds. No prior analysis needed - just invoke directly.