Manage Tailscale resources using Pulumi

Pulumi is an infrastructure as code tool that lets you deploy infrastructure programmatically.

The Tailscale Pulumi provider is maintained and published in the Pulumi registry by Pulumi.

Features

Use the Pulumi provider for Tailscale to:

• Define your tailnet policy file, using the Acl resource
• Set DNS settings, including:
  • global nameservers, using the DnsNameservers resource
  • restricted nameservers for split DNS, using the DnsSearchPaths resource
  • enabling or disabling MagicDNS, using the DnsPreferences resource
• Generate an auth key, including setting whether it’s reusable, ephemeral, pre-authorized, and tagged, using the TailnetKey resource
• Manage properties of a device, including:
  • approving the device, using the DeviceAuthorization resource
  • disabling key expiry, using the DeviceKey resource
  • setting tags, using the DeviceTags resource
  • advertising subnet routes, using the DeviceSubnetRoutes resource

Installation steps

To use Pulumi with Tailscale:

1. Install the package for the Tailscale Pulumi provider in Node.js, Python, Go, or .NET.

2. Set the Tailscale configuration for Pulumi with an API access token for Tailscale and with the name of your tailnet. You can either set these as environment variables or as part of your Pulumi configuration. To set these in your Pulumi configuration:

   pulumi config set tailscale:apiKey tskey-1234567CNTRL-abcdefghijklmnopqrstu --secret
   pulumi config set tailscale:tailnet example.com
   

Support

The Tailscale Pulumi provider is maintained and published in the Pulumi registry by Pulumi. If you have an issue or feature request, file a GitHub issue.