Claude Code for Pulumi Multi-Cloud Workflow

Managing infrastructure across multiple cloud providers—AWS, Azure, GCP, and beyond—can quickly become complex and error-prone. Pulumi, with its infrastructure-as-code approach using familiar programming languages, offers a powerful solution. When combined with Claude Code, you get an intelligent assistant that can help you write, debug, and optimize your multi-cloud infrastructure definitions efficiently.

This guide walks you through building a multi-cloud Pulumi workflow with Claude Code as your development partner.

Setting Up Your Pulumi Project with Claude Code

Before diving into multi-cloud configurations, ensure your development environment is properly configured. Start by creating a new Pulumi project or initializing one in your existing repository:

mkdir multi-cloud-infra && cd multi-cloud-infra
pulumi new typescript --name multi-cloud-demo

When working with Claude Code, provide context about your infrastructure requirements upfront. A well-crafted prompt helps Claude understand your architectural goals:

“I need to set up a multi-cloud infrastructure using Pulumi with TypeScript. The stack should deploy identical workloads to AWS (us-east-1) and GCP (us-central1), including a VPC, managed Kubernetes cluster, and basic networking. Help me create a modular structure that shares configuration across providers.”

Claude Code will generate a project structure with separated concerns, typically organizing cloud-specific resources into distinct modules while maintaining shared configuration.

Understanding Pulumi Stack Configuration

Pulumi’s stack concept is crucial for multi-cloud deployments. Each environment—dev, staging, production—can have different configurations, but you also need to handle multiple cloud providers within the same stack.

Create a configuration file that defines your cloud provider settings:

// config.ts
import * as pulumi from "@pulumi/pulumi";

const config = new pulumi.Config();

export const awsConfig = {
  region: config.require("aws:region"),
  accessKey: config.requireSecret("aws-access-key"),
  secretKey: config.requireSecret("aws-secret-key"),
};

export const gcpConfig = {
  project: config.require("gcp-project"),
  region: config.require("gcp-region"),
  credentials: config.requireSecret("gcp-credentials"),
};

export const commonTags = {
  environment: config.get("environment") || "development",
  managedBy: "pulumi",
  description: "Multi-cloud infrastructure",
};

This configuration approach lets you manage secrets securely while providing a consistent interface for accessing provider credentials.

Building Reusable Cloud Components

One of Pulumi’s greatest strengths is component resources—reusable building blocks that abstract away provider-specific complexity. Claude Code excels at generating these components based on your requirements.

Here’s a Kubernetes cluster component that works across AWS (EKS) and GCP (GKE):

import * as aws from "@pulumi/aws";
import * as gcp from "@pulumi/gcp";
import * as kubernetes from "@pulumi/kubernetes";

interface ClusterArgs {
  name: string;
  vpcId: string;
  subnetIds: string[];
  provider: "aws" | "gcp";
  nodeCount: number;
  instanceType: string;
}

export class MultiCloudCluster extends pulumi.ComponentResource {
  public kubeconfig: pulumi.Output<string>;
  public clusterName: pulumi.Output<string>;

  constructor(name: string, args: ClusterArgs, opts?: pulumi.ComponentResourceOptions) {
    super("infra:MultiCloudCluster", name, {}, opts);

    if (args.provider === "aws") {
      this.createEksCluster(name, args);
    } else {
      this.createGkeCluster(name, args);
    }
  }

  private createEksCluster(name: string, args: ClusterArgs): void {
    const cluster = new aws.eks.Cluster(name, {
      vpcConfig: {
        vpcId: args.vpcId,
        subnetIds: args.subnetIds,
      },
      nodeGroupDefaults: {
        instanceTypes: [args.instanceType],
      },
    }, { parent: this });

    this.clusterName = cluster.name;
    this.kubeconfig = cluster.kubeconfig;
  }

  private createGkeCluster(name: string, args: ClusterArgs): void {
    const cluster = new gcp.container.Cluster(name, {
      location: args.subnetIds[0], // Using subnet as location proxy
      initialNodeCount: args.nodeCount,
      nodeConfig: {
        machineType: args.instanceType,
      },
      networkingMode: "VPC_NATIVE",
    }, { parent: this });

    this.clusterName = cluster.name;
    this.kubeconfig = cluster.endpoint;
  }
}

This component abstracts the differences between EKS and GKE, presenting a unified interface. When you instantiate it, you specify the provider, and Pulumi handles the rest.

Deploying to Multiple Clouds Simultaneously

With your components in place, orchestrating multi-cloud deployments becomes straightforward. Here’s how to deploy identical workloads across providers:

import * as pulumi from "@pulumi/pulumi";
import { MultiCloudCluster } from "./cluster";
import { NetworkStack } from "./network";

const config = new pulumi.Config();
const environment = config.require("environment");

// Create networks for each cloud
const awsNetwork = new NetworkStack("aws-network", {
  provider: "aws",
  cidrBlock: "10.0.0.0/16",
});

const gcpNetwork = new NetworkStack("gcp-network", {
  provider: "gcp",
  networkName: "multi-cloud-vpc",
});

// Deploy Kubernetes clusters
const awsCluster = new MultiCloudCluster("aws-cluster", {
  name: `${environment}-aws`,
  vpcId: awsNetwork.vpcId,
  subnetIds: awsNetwork.subnetIds,
  provider: "aws",
  nodeCount: 3,
  instanceType: "t3.medium",
});

const gcpCluster = new MultiCloudCluster("gcp-cluster", {
  name: `${environment}-gcp`,
  vpcId: gcpNetwork.networkId,
  subnetIds: gcpNetwork.subnetIds,
  provider: "gcp",
  nodeCount: 3,
  instanceType: "n1-standard-2",
});

// Export cluster endpoints for reference
export const awsClusterEndpoint = awsCluster.clusterName;
export const gcpClusterEndpoint = gcpCluster.clusterName;

This approach ensures consistent infrastructure across providers while maintaining provider-specific optimizations.

Managing Cross-Cloud Networking

A true multi-cloud setup requires networking between providers. While complex, you can establish basic connectivity through VPC peering or Cloud Interconnect. Claude Code can help generate the appropriate configurations:

// cross-cloud-networking.ts
import * as aws from "@pulumi/aws";
import * as gcp from "@pulumi/gcp";

// Note: Full implementation requires VPN or interconnect
// This demonstrates the concept with AWS Transit Gateway

export class CrossCloudNetworking extends pulumi.ComponentResource {
  constructor(
    awsVpcId: pulumi.Input<string>,
    gcpNetworkLink: string,
    opts?: pulumi.ComponentResourceOptions
  ) {
    super("infra:CrossCloudNetworking", "cross-cloud", {}, opts);

    // AWS Transit Gateway for hub-spoke model
    const transitGateway = new aws.ec2transitgateway.TransitGateway("main", {
      amazonSideAsn: 64512,
      autoAcceptSharedAttachments: "enable",
      defaultRouteTableAssociation: "enable",
      description: "Multi-cloud transit gateway",
    }, { parent: this });

    // Export for use in other stacks
    this.transitGatewayId = transitGateway.id;
  }

  public readonly transitGatewayId: pulumi.Output<string>;
}

Best Practices for Multi-Cloud Pulumi Projects

When working with Claude Code on multi-cloud Pulumi projects, keep these practices in mind:

Organize by concern, not by provider. Instead of separate directories for each cloud, organize around infrastructure concerns (networking, compute, data). This makes your code more maintainable and helps Claude Code understand your architecture better.

Use strict typing throughout. TypeScript’s type system catches errors before runtime. When defining interfaces for cloud resources, be explicit about required properties:

interface StorageBucketArgs {
  name: string;           // Required: bucket name
  region: string;         // Required: AWS region or GCP zone
  versioning?: boolean;  // Optional: enable versioning
  lifecycleRules?: object[]; // Optional: lifecycle configuration
}

Implement drift detection. Multi-cloud infrastructure requires monitoring for unintended changes. Use Pulumi’s refresh capability:

pulumi refresh --stack production

Automate secret management. Never hardcode credentials. Use Pulumi’s secret encryption:

pulumi config set --secret aws-secret-key "your-secret-value"

Debugging Multi-Cloud Deployments

When deployments fail, Claude Code helps identify issues quickly. Share error messages and ask targeted questions:

“The GCP cluster creation failed with a permission error. The error mentions ‘container.clusters.create’ is forbidden. What IAM permissions am I missing, and how do I configure the service account?”

Claude Code will analyze the error, identify missing permissions, and suggest the required IAM roles to add to your GCP service account.

Conclusion

Combining Pulumi’s infrastructure-as-code capabilities with Claude Code’s intelligent assistance creates a powerful workflow for managing multi-cloud environments. By building reusable components, organizing configuration properly, and using Claude Code’s debugging capabilities, you can deploy consistent infrastructure across AWS, Azure, GCP, and other providers efficiently.

Remember to start small—deploy a simple resource to multiple clouds first, then gradually add complexity as your confidence grows. Claude Code becomes more effective as it understands your specific infrastructure patterns and conventions.

With this foundation, you’re equipped to tackle sophisticated multi-cloud architectures while maintaining infrastructure as reliable, version-controlled code.

Built by theluckystrike — More at zovo.one