Pulumi Provider

DevZero has a native Pulumi provider for managing clusters, workload policies, and node policies as infrastructure-as-code. The provider is available for TypeScript and Python.

Package	Language	Registry
`@devzero/pulumi-devzero`	TypeScript	npm
`pulumi-devzero`	Python	PyPI

Installation

npm install @devzero/pulumi-devzero

pip install pulumi-devzero

Configuration

Set the following configuration values in your Pulumi stack:

pulumi config set devzero:endpoint https://dakr.devzero.io
pulumi config set devzero:token <your-pat-token> --secret
pulumi config set devzero:teamId <your-team-id>

Config Key	Description	Where to Find
`devzero:endpoint`	DevZero API endpoint	Default: `https://dakr.devzero.io`
`devzero:token`	Personal access token	User Settings
`devzero:teamId`	Your team ID	Organization Settings

Always use the --secret flag when setting your token to ensure it is encrypted in the stack state.

Quick Example

This program creates a cluster, attaches a workload policy to it, and exports the cluster ID:

import * as pulumi from "@pulumi/pulumi";
import { resources, types } from "@devzero/pulumi-devzero";

// Register a cluster
const cluster = new resources.Cluster("my-cluster", {
    name: "production-cluster",
});

// Create a workload policy
const policy = new resources.WorkloadPolicy("default-policy", {
    name: "default-policy",
    description: "Standard rightsizing policy",
    cpuVerticalScaling: {
        enabled: true,
        targetPercentile: 0.95,
        minRequest: 100,
        maxRequest: 4000,
        overheadMultiplier: 1.1,
        limitsAdjustmentEnabled: true,
        limitMultiplier: 2.0,
    },
    actionTriggers: ["on_detection"],
    detectionTriggers: ["pod_creation", "pod_update"],
});

// Attach the policy to the cluster
const target = new resources.WorkloadPolicyTarget("default-target", {
    name: "default-target",
    policyId: policy.id,
    clusterIds: [cluster.id],
    enabled: true,
});

export const clusterId = cluster.id;
export const clusterToken = pulumi.secret(cluster.token);

import pulumi
from pulumi_devzero.resources import (
    Cluster, ClusterArgs,
    WorkloadPolicy, WorkloadPolicyArgs,
    WorkloadPolicyTarget, WorkloadPolicyTargetArgs,
)
from pulumi_devzero.resources.types import VerticalScalingArgs

# Register a cluster
cluster = Cluster("my-cluster", args=ClusterArgs(
    name="production-cluster",
))

# Create a workload policy
policy = WorkloadPolicy("default-policy", args=WorkloadPolicyArgs(
    name="default-policy",
    description="Standard rightsizing policy",
    cpu_vertical_scaling=VerticalScalingArgs(
        enabled=True,
        target_percentile=0.95,
        min_request=100,
        max_request=4000,
        overhead_multiplier=1.1,
        limits_adjustment_enabled=True,
        limit_multiplier=2.0,
    ),
    action_triggers=["on_detection"],
    detection_triggers=["pod_creation", "pod_update"],
))

# Attach the policy to the cluster
target = WorkloadPolicyTarget("default-target", args=WorkloadPolicyTargetArgs(
    name="default-target",
    policy_id=policy.id,
    cluster_ids=[cluster.id],
    enabled=True,
))

pulumi.export("cluster_id", cluster.id)
pulumi.export("cluster_token", pulumi.Output.secret(cluster.token))

Resources

The provider manages the following resources:

Clusters -- register Kubernetes clusters with DevZero
Workload Policies -- configure workload rightsizing rules and attach them to clusters
Node Policies -- configure Karpenter-based node provisioning

For Go or other languages without native provider support, you can use the Terraform Bridge to generate SDK bindings from the DevZero Terraform provider.

Pulumi Provider

Pulumi Provider

Installation

Configuration

Quick Example

Resources

On this page