[nothrabannosir]

For anyone deliberating between Pulumi and CDK let me recommend what I consider the best of both worlds: CDKTF, Hashicorp’s answer to Pulimi (my quote not theirs).

It’s got everything you want:

- strong type system (TS),

- full expressive power of a real programming language (TS),

- can use every existing terraform provider directly,

- compiles to actual Terraform so you can always use that as an escape hatch to debug any problems or interface with any other tools,

- official backing of Hashicorp so it’s a safe bet

It’s a super power for infra. If you have strong software dev skills and you want to leverage the entire TF ecosystem without the pain of Terraform the language, CDKTF is for you.

(No affiliation)

https://developer.hashicorp.com/terraform/cdktf

[ranguna]

Cdktf is good, but it's not amazing. You are still constrained by terraform syntax like `count = condition? 1 : 0` , instead of doing a normal` if` statement. And there's a fairly good amount of times where you need to use terraform iterators instead of doing a normal for/forEach/map/reduce.

But all in all, it works. It's just a bit limited on what you can do with the actual language.

[eadmund]

> - full expressive power of a real programming language (TS)

I suppose TypeScript does count as a real programming language, in that it’s Turing complete. But I can use Pulumi from (they claim) any programming language. Specifically, I can use it from Go. Why would I add TypeScript to my project when I can live in one language?

> - official backing of Hashicorp so it’s a safe bet

Given the number of folks leaving the Hashicorp platform, I think it’s arguably no longer a ‘safe bet.’

[gregwebs]

The Go SDK is a lot more verbose for configuration (plums.String, etc) and then you have error handling boilerplate as well. Exceptions are a better match for creating resources in Pulumi.

[ivantop]

How is compiling to terraform a positive? I'd rather debug python than python-compiled-to-terraform.

[nothrabannosir]

Because you can use that to interface with existing tooling. Terraform has a huge and established ecosystem and it’s an uphill battle to compete with it. It’s risky to bet your infra on a tech that tries to drink the ocean and supplant the entire thing. Meanwhile if you compile down to TF you get to use a different language without having to pay the cost of moving out of the tf ecosystem. And given that the language itself is by far the worst thing about terraform that’s a big win.

It turns out terraform is actually quite acceptable when you slap a decent language on top of it. Passable, even :)

[ivantop]

Makes sense! Except for one little thing..

We've been migrating off of Terraform at BigCo recently and it has been a tremendous success. The migration has saved countless hours. Before, I was jaded and routinely in the office until 8 or 9 or so manually running terraform deploys for our engineering teams in India. Now, thanks to Pulumi, I'm able to leave the office at 7:30-8 -- and I can tell you single handed that this has saved my relationship with my daughter and maybe even my marriage. I'm running the fastest for loops thanks to Pulumi. We actually compile our Python down to c and use the Pulumi C SDK for insane speed benefits when we loop over our datacenter arrays. Turns out, not having bounds checks shaves off valuable time that I would otherwise be spending with my daughter. Routinely I'd be waking up screaming at 4 in the morning due to Terraform (or, what we would refer to as Tearaform because all of the infra engineers were constantly in tears). Now, I can sleep soundly until 5:30.

[djtango]

Thanks for sharing your story it sounds like you had a really rough time of Terraform.

I don't have much experience running Terraform at scale. What has Pulumi made easier? Why is looping a bottleneck in infrastructure code?

Based on the info I can glean from this story you may be working at a scale / use case that may be too big or a poor fit for Terraform but I'm not sure...

[jpeeler]

I think he's kidding... there's no C CDK:

https://www.pulumi.com/docs/iac/languages-sdks/

[meekins]

In an AWS scenario I can think of:

Pro vs pulumi: you get a declarative template to debug and review

Pro vs CDK: The declarative template is applied via APIs instead of CloudFormation. The CDK CloudFormation abstraction leaks like hell

[terminalbraid]

Does Typescript offer a strong type system?

[spicyusername]

Yes

[terminalbraid]

What's your argument here? For example, Typescript allows lots of operations on objects that cannot be known at compile time because it relies on the user to inform it of types accurately, anything can be coerced into anything without complaint with "as", and it allows for arbitrary operations on an "any" type without complaint.

I've heard it referred to it as an "optionally typed" or "gradually typed" system, which, having worked for years in Typescript and other languages like Rust and Kotlin, etc, I agree with.

[terandle]

Pretty easy to add runtime validation at the edges with Zod https://github.com/colinhacks/zod

Great thing is that the zod schema also doubles as your typescript type so you don't have to write a duplicate/shadow TS type definition.

[terminalbraid]

That doesn't make Typescript as a language "strongly typed".