Providers
Providers allow you to interact with cloud services.
A provider is what allows SST to interact with the APIs of various cloud services. These are packages that can be installed through your sst.config.ts
.
SST is built on Pulumi/Terraform and supports 150+ providers. This includes the major clouds like AWS, Azure, and GCP; but also services like Cloudflare, Stripe, Vercel, Auth0, etc.
Check out the full list in the Directory.
Install
To add a provider to your app run.
This command adds the provider to your config, installs the packages, and adds the namespace of the provider to your globals.
SST manages these packages internally and you do not need to import the package in your sst.config.ts
.
The name of a provider comes from the name of the package in the Directory. For example, sst add planetscale
, will add the following to your sst.config.ts
.
You can add multiple providers to your app.
Read more about the sst add
command.
Configure
You can configure a provider in your sst.config.ts
. For example, to change the region for AWS.
You can check out the available list of options that you can configure for a provider over on the provider’s docs. For example, here are the ones for AWS and Cloudflare.
Versions
By default, SST installs the latest version. If you want to use a specific version, you can change it in your config.
If you make any changes to the providers
in your config, you’ll need to run sst install
.
The version of the provider is always pinned to what’s in the sst.config.ts
and does not auto-update. So if you want to update it, you’ll need to change it manually and run sst install
.
Credentials
Most providers will read your credentials from the environment. For example, for Cloudflare you might set your token like so.
However, some providers also allow you to pass in the credentials through the config.
Read more about configuring providers.
Components
The provider packages come with components that you can use in your app.
For example, running sst add aws
will allow you to use all the components under the aws
namepsace.
Aside from components in the providers, SST also has a list of built-in components. These are typically higher level components that make it easy to add features to your app.
You can check these out in the sidebar. Read more about Components.
Functions
Aside from the components, there are a collection of functions that are exposed by a provider. These are listed in the Pulumi docs as getXXXXXX
on the sidebar.
For example, to get the AWS account being used in your app.
Or to get the current region.
Output versions
The above are async methods that return promises. That means that if you call these in your app, they’ll block the deployment of any resources that are defined after it.
So we instead recommend using the Output version of these functions. For example, if we wanted to set the above as environment variables in a function, we would do something like this
The aws.getXXXXOutput
functions typically return an object of type Output<primitive>
. Read more about Outputs.
Instances
You can create multiple instances of a provider that’s in your config. By default SST creates one instance of each provider in your sst.config.ts
with the defaults. By you can create multiple instances in your app.
This is useful for multi-region or multi-account deployments.
Multi-region
You might want to create multiple providers in cases where some resources in your app need to go to one region, while others need to go to a separate region.
Let’s look at an example. Assume your app is normally deployed to us-west-1
. But you need to create an ACM certificate that needs to be deployed to us-east-1
.
Here the function is created in your default region, us-west-1
. While the certificate is created in us-east-1
.
Directory
Below is the full list of providers that SST supports.
Install any of the following using sst add <name>
, where name
is the package name. For example, sst add auth0
.
Provider | Package |
---|---|
ACI | @netascode/aci |
ACME | @pulumiverse/acme |
Aiven | aiven |
Akamai | akamai |
Alibaba Cloud | alicloud |
Amazon EKS | eks |
Aquasec | @pulumiverse/aquasec |
Artifactory | artifactory |
Astra DB | @pulumiverse/astra |
Auth0 | auth0 |
Auto Deploy | auto-deploy |
AWS API Gateway | aws-apigateway |
AWS Classic | aws |
AWS Control Tower | @lbrlabs/pulumi-awscontroltower |
AWS IAM | aws-iam |
AWS Native | aws-native |
AWS QuickStart Aurora Postgres | aws-quickstart-aurora-postgres |
AWS QuickStart Redshift | aws-quickstart-redshift |
AWS QuickStart VPC | aws-quickstart-vpc |
AWS S3 Replicated Bucket | aws-s3-replicated-bucket |
AWS Static Website | aws-static-website |
AWSx | awsx |
AzAPI | @ediri/azapi |
Azure Active Directory | azuread |
Azure Classic | azure |
Azure Justrun | pulumi-azure-justrun |
Azure Native | azure-native |
Azure Quickstart ACR Geo Replication | azure-quickstart-acr-geo-replication |
Azure QuickStart ACR Geo Replication | azure-quickstart-acr-geo-replication |
Azure Static Website | azure-static-website |
AzureDevOps | azuredevops |
Buildkite | @pulumiverse/buildkite |
Checkly | @checkly/pulumi |
Cisco Catalyst SD-WAN | sdwan |
Cisco ISE | ise |
Civo | civo |
Cloud-Init | cloudinit |
CloudAMQP | cloudamqp |
Cloudflare | cloudflare |
CockroachDB | @pulumiverse/cockroach |
Command | command |
Confluent | confluentcloud |
Consul | consul |
Control Plane | @pulumiverse/cpln |
Databricks | databricks |
Datadog | datadog |
dbt Cloud | dbtcloud |
DigitalOcean | digitalocean |
DNSimple | dnsimple |
Docker | docker |
Docker Build | docker-build |
Doppler | @pulumiverse/doppler |
Dynatrace | @pulumiverse/dynatrace |
Elastic Cloud | ec |
Equinix | @equinix-labs/pulumi-equinix |
ESXi Native | @pulumiverse/esxi-native |
Event Store Cloud | @eventstore/pulumi-eventstorecloud |
Exoscale | @pulumiverse/exoscale |
F5 BIG-IP | f5bigip |
Fastly | fastly |
Flux | @worawat/flux |
Fortios | @pulumiverse/fortios |
FusionAuth | pulumi-fusionauth |
Gandi | @pulumiverse/gandi |
GCP Global CloudRun | gcp-global-cloudrun |
Genesis Cloud | @genesiscloud/pulumi-genesiscloud |
GitHub | github |
GitLab | gitlab |
Google Cloud Classic | gcp |
Google Cloud Native | google-native |
Google Cloud Static Website | google-cloud-static-website |
Grafana | @pulumiverse/grafana |
Harbor | @pulumiverse/harbor |
Harness | harness |
HashiCorp Vault | vault |
HCP | @grapl/pulumi-hcp |
Hetzner Cloud | hcloud |
Impart Security | @impart-security/pulumi-impart |
InfluxDB | @komminarlabs/influxdb |
Kafka | kafka |
Keycloak | keycloak |
Kong | kong |
Koyeb | @koyeb/pulumi-koyeb |
Kubernetes | kubernetes |
Kubernetes Cert Manager | kubernetes-cert-manager |
Kubernetes CoreDNS | kubernetes-coredns |
LaunchDarkly | @lbrlabs/pulumi-lauchdarkly |
LBr Labs EKS | @lbrlabs/pulumi-eks |
libvirt | libvirt |
Linode | linode |
Mailgun | mailgun |
Matchbox | @pulumiverse/matchbox |
Miniflux | aws-miniflux |
MinIO | minio |
MongoDB Atlas | mongodbatlas |
MSSQL | @pulumiverse/mssql |
MySQL | mysql |
New Relic | newrelic |
NGINX Ingress Controller | kubernetes-ingress-nginx |
ngrok | @pierskarsenbarg/ngrok |
Nomad | nomad |
NS1 | ns1 |
Nuage | nuage |
Nutanix | @pierskarsenbarg/nutanix |
Okta | okta |
OneLogin | onelogin |
OpenStack | openstack |
Opsgenie | opsgenie |
Oracle Cloud Infrastructure | oci |
OVHCloud | @ovh-devrelteam/pulumi-ovh |
PagerDuty | pagerduty |
Pinecone | @pinecone-database/pulumi |
PlanetScale | planetscale |
Port | @port-labs/port |
PostgreSQL | postgresql |
Prodvana | @prodvana/pulumi-prodvana |
Proxmox Virtual Environment | @muhlba91/pulumi-proxmoxve |
Pulumi Cloud | pulumiservice |
purrl | @pulumiverse/purrl |
Qovery | @ediri/qovery |
RabbitMQ | rabbitmq |
Rancher2 | rancher2 |
random | random |
Redis Cloud | @rediscloud/pulumi-rediscloud |
Rootly | @rootly/pulumi |
Runpod | @runpod-infra/pulumi |
Scaleway | @pulumiverse/scaleway |
Sentry | @pulumiverse/sentry |
SignalFx | signalfx |
Slack | slack |
Snowflake | snowflake |
Splight | @splightplatform/pulumi-splight |
Splunk | splunk |
Spotinst | spotinst |
Statuscake | @pulumiverse/statuscake |
Strata Cloud Manager | scm |
Stripe | pulumi-stripe |
StrongDM | @pierskarsenbarg/sdm |
Sumo Logic | sumologic |
Supabase | supabase |
Symbiosis | @symbiosis-cloud/symbiosis-pulumi |
Synced Folder | synced-folder |
Tailscale | tailscale |
Talos Linux | @pulumiverse/talos |
Time | @pulumiverse/time |
TLS | tls |
Twingate | @twingate/pulumi-twingate |
Unifi | @pulumiverse/unifi |
Upstash | @upstash/pulumi |
Venafi | venafi |
Vercel | @pulumiverse/vercel |
VMware vSphere | vsphere |
Volcengine | @volcengine/pulumi |
vSphere | vsphere |
Vultr | @ediri/vultr |
Wavefront | wavefront |
Yandex | yandex |
Zitadel | @pulumiverse/zitadel |
Zscaler Internet Access | @bdzscaler/pulumi-zia |
Zscaler Private Access | @bdzscaler/pulumi-zpa |
Any missing providers or typos? Feel free to Edit this page and submit a PR.