Manage Tailscale resources using Pulumi
Pulumi is an infrastructure as code (IaC) tool that lets you deploy infrastructure programmatically. Pulumi maintains the Tailscale Pulumi provider in the Pulumi registry.
You can use the Tailscale Pulumi provider to:
- Define your ACLs using the
Aclresource. - Set DNS settings, including:
- Global nameservers using the
DnsNameserversresource. - Restricted nameservers for split DNS using the
DnsSearchPathsresource. - MagicDNS using the
DnsPreferencesresource.
- Global nameservers using the
- Generate an auth key (including setting whether it’s reusable, ephemeral, pre-authorized, and tagged) using the
TailnetKeyresource. - Manage properties of a device, including:
- Device approval using the
DeviceAuthorizationresource. - Key expiry using the
DeviceKeyresource. - Tags using the
DeviceTagsresource. - Subnet routes using the
DeviceSubnetRoutesresource.
- Device approval using the
Installation steps
To use Pulumi with Tailscale:
-
Install the package for the Tailscale Pulumi provider in Node.js, Python, Go, or .NET.
-
Set the Tailscale configuration for Pulumi with an API access token for Tailscale and with the name of your tailnet. You can either set these as environment variables or as part of your Pulumi configuration. To set these in your Pulumi configuration:
pulumi config set tailscale:apiKey tskey-1234567CNTRL-abcdefghijklmnopqrstu --secret pulumi config set tailscale:tailnet example.com
Support
If you have an issue or feature request, file a GitHub issue.