Manage Tailscale resources using Pulumi
Pulumi is an infrastructure as code tool that allows you to deploy infrastructure programmatically.
The Tailscale Pulumi provider is maintained and published in the Pulumi registry by Pulumi.
Features
Use the Pulumi provider for Tailscale to:
- Define your tailnet policy file, using the
Acl
resource - Set DNS settings, including:
- global nameservers, using the
DnsNameservers
resource - restricted nameservers for split DNS, using the
DnsSearchPaths
resource - enabling or disabling MagicDNS, using the
DnsPreferences
resource
- global nameservers, using the
- Generate an auth key, including setting whether it’s reusable, ephemeral, pre-authorized, and tagged,
using the
TailnetKey
resource - Manage properties of a device, including:
- approving the device, using the
DeviceAuthorization
resource - disabling key expiry, using the
DeviceKey
resource - setting tags, using the
DeviceTags
resource - advertising subnet routes, using the
DeviceSubnetRoutes
resource
- approving the device, using the
Installation steps
To use Pulumi with Tailscale:
-
Install the package for the Tailscale Pulumi provider in Node.js, Python, Go, or .NET.
-
Set the Tailscale configuration for Pulumi with an API access token for Tailscale and with the name of your tailnet. You can either set these as environment variables or as part of your Pulumi configuration. To set these in your Pulumi configuration:
pulumi config set tailscale:apiKey tskey-1234567CNTRL-abcdefghijklmnopqrstu --secret pulumi config set tailscale:tailnet example.com
Support
The Tailscale Pulumi provider is maintained and published in the Pulumi registry by Pulumi. If you have an issue or feature request, file a GitHub issue.