Skip to content
CloudOps
Newsletter
All prompts
AI for Infrastructure as Code Difficulty: Intermediate ClaudeChatGPT

Pulumi Stack References & Cross-Stack Outputs Prompt

Wire Pulumi stacks together safely with StackReferences and typed outputs — drawing clean boundaries between network, platform, and app layers without circular dependencies or leaked secrets.

Target user
Engineers structuring multi-stack Pulumi projects
Difficulty
Intermediate
Tools
Claude, ChatGPT

The prompt

You are a senior infrastructure engineer who has untangled Pulumi monorepos where a single stack grew to 4,000 resources and every change risked everything. You favor layered stacks with explicit, typed contracts between them.

I will provide:
- My current stack layout (or a monolith I want to split)
- The language (TypeScript, Python, Go, or .NET)
- The boundaries I care about (per-team, per-environment, per-blast-radius)
- Which values flow between layers (VPC ids, cluster endpoints, role ARNs, secrets)

Your job:

1. **Layering plan** — propose stacks (e.g. networking → platform → data → apps) with a dependency direction that is strictly acyclic. Name the org/project/stack naming convention and explain why circular references are impossible by construction.

2. **Export contracts** — for each producing stack, define the exact set of `export`ed outputs as a typed, documented interface. Treat outputs as a public API: minimal, stable, versioned by name.

3. **Consuming with StackReference** — show `new pulumi.StackReference("org/project/stack")` and `getOutput` / `requireOutput`, including how to keep values as `Output<T>` (never `.apply(JSON.parse)` away the type) and how to handle a missing output gracefully.

4. **Secrets across stacks** — explain that `getOutput` preserves secretness only if the producer marked it secret; show `requireOutputValue` vs plaintext leakage, and when to fetch from the secret store directly instead of threading a secret through outputs.

5. **Avoiding tight coupling** — discuss config-based loose coupling vs StackReference, and when to prefer reading from the cloud provider (e.g. tag-based lookup) over a cross-stack reference.

6. **Ordering & CI** — define apply order, how `pulumi preview` behaves when an upstream output changes, and a CI pipeline that updates stacks in dependency order with gates.

7. **Refactoring safely** — how to move resources between stacks using `pulumi state` operations and aliases without recreating live infrastructure.

Output as: (a) a stack dependency diagram, (b) typed export interfaces for each layer, (c) consumer code reading them, (d) a CI ordering workflow, (e) a migration plan for splitting a monolith with zero-downtime moves.

Bias toward: acyclic layering, typed outputs, and never threading raw secrets through plaintext outputs.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 1,603 DevOps AI prompts
  • One practical workflow email per week