Standardize the way you deploy IaC
Review, approve, and deploy your infrastructure changes directly from GitHub Pull Requests.
Built for Terragrunt
From the makers of Terragrunt, Gruntwork Pipelines
supports Terragrunt units, run-all, and more.
Use all your favorite Terragrunt features
Multi-unit changes. Easily make changes that affect many Terragrunt units at once.
Dependencies. Intelligent run-all support keeps your pipeline moving smoothly.
New features. Get support for new features like Terragrunt stacks as they launch.
Run plan and apply in GitHub pull requests
Automatic plan/apply. plan runs automatically when you open a pull request, while apply runs on merge
Informative comments. View elegant log summaries of plan and apply output, or link to full logs in GitHub Actions.
Centralized discussion. Discuss changes and apply guardrails with all the info in one place.
Create custom steps and workflows
Fully extensible. Add arbitrary steps at any stage in the pipeline to suit your team’s specific needs, such as:
- Security checks. Keep your security team happy by adding checks to ensure compliance and security standards.
- Costs estimates. Add cost estimation steps such as Infracost to estimate the financial impact of an infrastructure change.
- Best practice checks. Verify that your code adheres to best practices using your favorite linter.
Use with one team, or scale to hundreds
Config as code. Systematically track all changes to pipeline configurations across your DevOps estate.
Automated setup. Stand up new teams or repos with Pipelines by generating the desired config code.
Centralized access control. Users request AWS permissions in a dedicated “access control” git repo.
Automatically detect and resolve infrastructure drift
Scheduled runs. Run drift detection as often as you like to ensure your live resources reflect your IaC.
Automatic pull requests. Get pull requests to automatically report and resolve drift.
Environment aware. Manage drift independently in each environment, so you have the control you need where you need it.
Secure from the ground up
Gruntwork Pipelines was designed from day one
with a strong security posture in mind.
Enforce access limits
Apply the principle of least privilege by giving team members access to only the cloud permission they need.
Use temp credentials
Leverage Github OIDC to authenticate and apply changes without storing cloud credentials.
Keep audit Logs
Get insights into every action taken in your pipeline with detailed audit logs stored in AWS CloudTrail.
Try a Proof of Concept
Take it for a spin with a month-to-month contract.
Pay less on an annual plan once you’ve proven the value.
Part of the Gruntwork DevOps Platform
Pipelines works seamlessly with other Gruntwork products.
