Skip to content
API Reference
Admin /Catalog /MCP Servers
Pulumi logo

Pulumi

Developer Tools

Manage cloud infrastructure with Pulumi IaC

List stacks, search managed resources with Lucene queries, review policy violations, list organization users, run Pulumi Neo automation (bridge, tasks, continue, reset), look up Pulumi Registry types/resources/functions, and deploy application code to AWS via generated infrastructure.

Pulumi CloudDeveloper docsMCP server docs

Install

Section titled “Install”
INSTALL

Add Pulumi to your zone and connect it to your MCP client.

Step 1 - Install in Keycard Console

Section titled “Step 1 - Install in Keycard Console”

  1. In your zone’s Keycard Console, go to Applications -> Add Application -> Explore MCP Servers.

  2. Search for Pulumi and click Install.

  3. A browser tab opens to Pulumi’s OAuth consent screen. Sign in and approve the requested permissions.

  4. You’re redirected back. Pulumi appears on the Applications page with a Keycard MCP Gateway URL.

Step 2 - Connect your MCP client

Section titled “Step 2 - Connect your MCP client”

On the Applications page, click Add to Coding Agent next to Pulumi and pick how you want to install:

  • Cursor - opens a deeplink that hands the MCP config straight to Cursor. Click Install inside Cursor to finish.
  • Claude Code - opens a dialog with a claude mcp add command. Pick a scope (User, Project, or Local), then copy and run the command in your terminal.
  • Install manually - reveals the Server Name and Server URL to paste into any other MCP-compatible client.

Once connected, Pulumi’s tools are available to the agent, scoped to whoever signs in to your zone.

Tools

Section titled “Tools”
TOOLS

What Pulumi can do once installed.

Pulumi provides 14 tools:

get-stacks
List all stacks in the org (no filters); use resource-search for filtered or named stack queries
resource-search
Search and analyze Pulumi-managed resources and stacks (Lucene syntax)
get-policy-violations
Open policy violations by project, stack, or organization (security and compliance)
get-users
List organization members when asked about users, admins, or teams
neo-bridge
Run Pulumi Neo tasks: send follow-ups on the same taskId, paginate while has_more, approvals only with explicit user consent
neo-get-tasks
List Neo tasks with ids, statuses, and console links
neo-continue-task
Poll a Neo task for status and new messages (read-only); send new instructions via neo-bridge with taskId
neo-reset-conversation
Reset the Neo conversation for a specific task
get-type
JSON schema for a specific Registry JSON schema type reference
get-resource
Registry metadata for a Pulumi resource type
get-function
Registry metadata for a Pulumi function
list-resources
List resource types for a provider and module
list-functions
List function types for a provider and module
deploy-to-aws
Deploy app code to AWS by generating Pulumi infrastructure from project files (no prior analysis step required)

Next steps

Section titled “Next steps”
NEXT STEPS

What to do once Pulumi is installed.

Now do this

  • Confirm the gateway works by asking your AI client to call one of the Pulumi tools above.

Recommended

  • Decide who can use it - write access policies scoped to the Pulumi resource so only the right users and agents reach the tools.
  • Watch the calls - every tool call lands in your audit log with user identity, resource, and policy decision.