PIPELINES
Standardize the way you deploy IaC

Review, approve and deploy your infrastructure changes directly from Pull/Merge Requests

Built for:
Terragrunt
OpenTofu
Terraform
Learn More
Trusted by DevOps Teams at
Features
Built for
Terragrunt
From the makers of Terragrunt, Gruntwork Pipelines supports Terragrunt units, run-all, and more.
TERRAGRUNT
Use all your favorite Terragrunt features
Multi-unit changes
Easily make changes that affect many Terragrunt units at once.
Dependencies
Intelligent run-all support keeps your pipeline moving smoothly.
New features
Get support for new features like Terragrunt stacks as they launch.
How it works
See the docs
Terragrunt
How it works
Run, plan, apply, or destroy on multiple Terragrunt units in parallel.
Pipelines will automatically group Terragrunt units into "dependency groups" to execute them in the right order.
GITOPS
Run plan and apply in GitHub pull requests
Automatic plan/apply
Plan runs automatically when you open a pull request, while apply runs on merge
Informative comments
View elegant log summaries of plan and apply output, or link to full logs in GitHub Actions.
Centralized discussion
Discuss changes and apply guardrails with all the info in one place.
Benefits
See the docs
Gitops
Benefits
Adopt a GitOps workflow
Get a complete audit trail of who changed what, when, and why.
Use GitHub branch protection rules to enforce your desired requirements for review and approval.
Easily roll back by reverting a git commit.
CUSTOM WORKFLOWS
Create custom steps and workflows
Fully extensible
Add arbitrary steps at any stage in the pipeline to suit your team’s specific needs, such as:
Security checks.
Keep your security team happy by adding checks to ensure compliance and security standards.
Costs estimates.
Add cost estimation steps such as Infracost to estimate the financial impact of an infrastructure change.
Best practice checks.
Verify that your code adheres to best practices using your favorite linter.
How it works
Learn More
CUSTOM WORKFLOWS
How it works
Add custom steps using GitHub Actions workflows.
Run your custom steps before or after any Gruntwork Pipelines phase.
Access the `terragrunt plan` output and dozens of context properties to optimize your custom workflow steps.
Scale
Use with one team, or scale to hundreds
Fully extensible
Add arbitrary steps at any stage in the pipeline to suit your team’s specific needs, such as:
Config as code
Systematically track all changes to pipeline configurations across your DevOps estate.
Automated setup
Stand up new teams or repos with Pipelines by generating the desired config code.
Centralized access control
Users request AWS permissions in a dedicated “access control” git repo.
How it works
Learn More
framework
How it works
Add custom steps using GitHub Actions workflows.
Drift Detection
Automatically detect and resolve infrastructure drift
Scheduled runs
Run drift detection as often as you like to ensure your live resources reflect your IaC.
Automatic pull requests
Get pull requests to automatically report and resolve drift.
Environment aware
Manage drift independently in each environment, so you have the control you need where you need it.
How it works
Learn More
framework
How it works
Configure GitHub Actions to schedule a drift detection run on a periodic basis (e.g. once a week) using a simple reference to a Gruntwork-defined GitHub Actions workflow.
When a run is scheduled, Pipelines will run terragrunt plan on every unit you've configured.
If any unit has a non-empty plan, or throws an error, it's flagged. All flagged Terragrunt units terragrunt.hcl files are then aggregated into a single pull request which guides maintainers on how to resolve the drift.
Secure from the ground up
Gruntwork Pipelines was designed from day one with a strong security posture in mind.
Enforce access limits
Apply the principle of least privilege by giving team members access to only the cloud permission they need.
Use temp credentials
Leverage Github OIDC to authenticate and apply changes without storing cloud credentials.
Keep audit Logs
Get insights into every action taken in your pipeline with detailed audit logs stored in AWS CloudTrail.
“The quality that Gruntwork produces and maintains is outstanding. It has proven time and time again to be a huge accelerator bringing companies forward in terms of stability and quality. It also enables closer collaboration across the engineering organization.”
A sample headshot picture
Markus Burgur
4 time repeat customer
Get Started
Try a Proof of Concept
Take it for a spin with a month-to-month contract. Pay less on an annual plan once you’ve proven the value.
Book a demo

Platform

IaC Library
Account Factory
Pipelines
Patcher

Services

Accelerator
OpenTofu Services
Terragrunt Services
Pricing
Support

Open Source

Terragrunt
Terratest
Boilerplate
Cloudnuke
Git Xargs

Resources

Docs
Blog
Books
Community

Company

About
Careers
Merch
Legal
Security
This is some text inside of a div block.
This is some text inside of a div block.