Pipelines

Standardize the way you deploy IaC

Review, approve, and deploy your infrastructure changes directly from GitHub Pull Requests.

Optimized for:
Book a DemoRead the Docs
Gruntwork Pipelines Screenshot
Pipelines
Trusted by devops teams at

Secure from the ground up

Gruntwork Pipelines was designed from day one
with a strong security posture in mind.

Part of the Gruntwork DevOps Platform

Pipelines works seamlessly with other Gruntwork products.

Built for Terragrunt

From the makers of Terragrunt, Gruntwork Pipelines
supports Terragrunt units, run-all, and more.

Features
“Gruntwork and Terragrunt bring a level of robustness to your Terraform workflows that's hard to overstate. They effectively level up your infrastructure management, providing a solid foundation for complex deployments.”
Matthew Brahms Headshot
Matthew BrahmsSenior Platform Engineer
Get started

Try a Proof of Concept

Take it for a spin with a month-to-month contract.
Pay less on an annual plan once you’ve proven the value.

Book a DemoExplore pricing
Crossed Arms
Patcher
Keep infrastructure up to date.
TERRAGRUNT

Use all your favorite Terragrunt features

Multi-unit changes. Easily make changes that affect many Terragrunt units at once.

Dependencies. Intelligent run-all support keeps your pipeline moving smoothly.

New features. Get support for new features like Terragrunt stacks as they launch.

See the docs
Terragrunt
GITOPS

Run plan and apply in GitHub pull requests

Automatic plan/apply. plan runs automatically when you open a pull request, while apply runs on merge

Informative comments. View elegant log summaries of plan and apply output, or link to full logs in GitHub Actions.

Centralized discussion. Discuss changes and apply guardrails with all the info in one place.

See the docs
gitops
CUSTOM WORKFLOWS

Create custom steps and workflows

Fully extensible. Add arbitrary steps at any stage in the pipeline to suit your team’s specific needs, such as:

  • Security checks. Keep your security team happy by adding checks to ensure compliance and security standards.
  • Costs estimates. Add cost estimation steps such as Infracost to estimate the financial impact of an infrastructure change.
  • Best practice checks. Verify that your code adheres to best practices using your favorite linter.

See the docs
SCALE

Use with one team, or scale to hundreds

Config as code. Systematically track all changes to pipeline configurations across your DevOps estate.

Automated setup. Stand up new teams or repos with Pipelines by generating the desired config code.

Centralized access control. Users request AWS permissions in a dedicated “access control” git repo.

See the docs
DRIFT DETECTION

Automatically detect and resolve infrastructure drift

Scheduled runs. Run drift detection as often as you like to ensure your live resources reflect your IaC.

Automatic pull requests. Get pull requests to automatically report and resolve drift.

Environment aware. Manage drift independently in each environment, so you have the control you need where you need it.

See the docs

Enforce access limits

Apply the principle of least privilege by giving team members access to only the cloud permission they need.

Use temp credentials

Leverage Github OIDC to authenticate and apply changes without storing cloud credentials.

Keep audit Logs

Get insights into every action taken in your pipeline with detailed audit logs stored in AWS CloudTrail.

Patcher
IaC Library
Use battle-tested best practices.
Account Factory
Stamp out new AWS accounts.
IaC Library
Account Factory
Steps
Key
ListMagnifyingGlass
LockKey