Open‑Source Multi‑CloudInfrastructure Framework
Stop learning different tools for every cloud. Write declarative YAML once, deploy to AWS, GCP, Azure, and Kubernetes with the same CLI and workflow. No vendor lock‑in, no artificial abstractions—just consistent infrastructure deployment everywhere.
Define once.Deploy anywhere.
The Multi-Cloud Problem
Deploying the same infrastructure across different clouds means learning completely different tools, CLIs, and workflows
Example: Deploying PostgreSQL
AWS RDS
Learn: CloudFormation, IAM roles, Security Groups, Parameter Groups...
GCP Cloud SQL
Learn: Deployment Manager, Cloud IAM, Authorized Networks, Flags...
Azure PostgreSQL
Learn: ARM templates, Azure AD, Firewall Rules, Server Parameters...
Three different CLIs. Three different terminologies. Three different mental models.
For the same thing: a PostgreSQL database.
The Project Planton Way
Same Structure. Same Workflow. Any Cloud.
AWS RDS
GCP Cloud SQL
Kubernetes
Why ProjectPlanton?
Built for DevOps engineers, platform teams, and infrastructure architects who need consistency across clouds
Consistent across clouds
Same YAML structure across AWS, GCP, Azure, and Kubernetes. Provider-specific fields without artificial abstractions. Every manifest follows the Kubernetes pattern: apiVersion, kind, metadata, spec, status.
Catch errors before deployment
Strongly-typed schemas with field-level validation and sensible defaults. Configuration errors caught immediately with clear messages—before any cloud APIs are called.
Battle-tested modules included
Curated Pulumi and Terraform modules maintained for every component. Choose your preferred execution engine—same manifests work with both. Stop writing raw IaC code.
Production-ready workflow
Complete lifecycle management: preview, apply, refresh, destroy. Stack isolation with org/project/stack namespacing. One CLI for all operations across any cloud.
Security built-in
Standard cloud provider authentication via environment variables. Consistent resource labeling for governance. Native support for cross-resource references.
Fully extensible
Fork and customize any module. Add new components. Generate SDKs from APIs via Buf Schema Registry. Override any field at runtime with --set flags.
Built for Production
A mature, comprehensive framework ready for real-world multi-cloud deployments
Deployment Components
Pre-built, battle-tested modules for common infrastructure patterns
Cloud Providers
AWS, GCP, Azure, Kubernetes, Cloudflare, DigitalOcean, Civo, and more
IaC Engines
Choose between Pulumi or OpenTofu—same manifests work with both
Open Source
Apache 2.0 licensed. All modules, APIs, and CLI are fully transparent
How It Works
From YAML manifest to deployed infrastructure in five clear steps
Unlike tools that force you to learn different abstractions or write imperative code, Project Planton follows the Kubernetes philosophy: declarative configuration, strong validation, consistent workflow. Whether you're deploying to AWS, GCP, Azure, or Kubernetes, the same five-step process applies.
Parse
Validate
Build
Plan
Apply
Input: YAML Manifest
Output: Status/Results
Get Started in Minutes
Five simple steps to deploy with kubectl-style commands
brew install project-planton/tap/project-plantoncat > manifest.yaml <<EOF
apiVersion: kubernetes.project-planton.org/v1
kind: KubernetesPostgres
metadata:
name: my-database
labels:
project-planton.org/provisioner: pulumi # or tofu
spec:
container:
replicas: 1
resources:
limits:
cpu: 500m
memory: 1Gi
EOFproject-planton validate -f manifest.yaml# Auto-detects provisioner from label
project-planton apply -f manifest.yaml
# With field overrides
project-planton apply -f manifest.yaml --set spec.container.replicas=3project-planton destroy -f manifest.yaml✨ What's New
- • kubectl-style commands: Use
applyanddestroyfor all deployments - • Auto-detection: Provisioner automatically detected from
project-planton.org/provisionerlabel - • Interactive prompts: If label is missing, CLI prompts you to choose (defaults to Pulumi)
- • Backward compatible: Traditional
pulumiandtofucommands still work
Prerequisites
- • Provider credentials are read from environment variables (AWS_ACCESS_KEY_ID, GOOGLE_APPLICATION_CREDENTIALS, KUBECONFIG, etc.)
- • Pulumi and/or OpenTofu CLI must be installed separately
- • Supported provisioners:
pulumi,tofu,terraform
Example Gallery
Real manifests from the repo (trimmed for clarity). Replace placeholders like <project-id>.
apiVersion: aws.project-planton.org/v1
kind: AwsRdsInstance
metadata:
name: payments-db
spec:
subnetIds:
- value: subnet-abc123
- value: subnet-def456
engine: postgres
engineVersion: "15.4"
instanceClass: db.t3.medium
allocatedStorageGb: 100
storageEncrypted: true
username: dbadmin
password: <secret>
port: 5432
multiAz: trueDeploy:
project-planton validate aws-rds-instance.yaml
project-planton apply -f aws-rds-instance.yamlapiVersion: aws.project-planton.org/v1
kind: AwsS3Bucket
metadata:
name: app-assets
spec:
bucketName: my-app-assets-bucket
versioningEnabled: true
encryptionEnabled: true
publicAccessBlock:
blockPublicAcls: true
blockPublicPolicy: true
ignorePublicAcls: true
restrictPublicBuckets: trueDeploy:
project-planton validate aws-s3-bucket.yaml
project-planton apply -f aws-s3-bucket.yamlCLI Reference
Complete command reference for the ProjectPlanton CLI
project-planton apply -f <manifest.yaml>Deploy infrastructure (kubectl-style, auto-detects provisioner) 🆕
project-planton destroy -f <manifest.yaml>Destroy infrastructure (kubectl-style, auto-detects provisioner) 🆕
project-planton plan -f <manifest.yaml>Preview changes (auto-detects provisioner) 🆕
project-planton init -f <manifest.yaml>Initialize backend (auto-detects provisioner) 🆕
project-planton refresh -f <manifest.yaml>Refresh state (auto-detects provisioner) 🆕
project-planton validate <manifest.yaml>Validate manifest with Buf ProtoValidate
project-planton versionShow CLI version
| Flag | Description | Required |
|---|---|---|
| -f, --manifest <path> | path to the deployment‑component manifest file (kubectl-style -f shorthand) | Required |
| --stack <org/project/stack> | Pulumi stack FQDN (can be in manifest labels) | Optional |
| --module-dir <dir> | directory containing the Pulumi/Tofu module (defaults to current dir) | Optional |
| --kustomize-dir <dir> | directory containing kustomize configuration | Optional |
| --overlay <name> | kustomize overlay to use (e.g., prod, dev, staging) | Optional |
| --set key=value | override manifest fields (deep dot‑paths supported) | Optional |
| --auto-approve | skip interactive approval (tofu/terraform commands) | Optional |
| --yes | auto-approve operations without confirmation (Pulumi) | Optional |
| --diff | show detailed resource diffs (Pulumi) | Optional |
Configure cloud provider credentials and settings
--aws-provider-config <file>AWS provider configuration file
--gcp-provider-config <file>GCP provider configuration file
--azure-provider-config <file>Azure provider configuration file
--kubernetes-provider-config <file>Kubernetes provider configuration file
--confluent-provider-config <file>Confluent provider configuration file
--mongodb-atlas-provider-config <file>MongoDB Atlas provider configuration file
--snowflake-provider-config <file>Snowflake provider configuration file
CI/CD Integration
Deploy your infrastructure automatically with GitHub Actions
name: Deploy with ProjectPlanton
on:
push:
branches: [ main ]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install ProjectPlanton CLI
run: brew install project-planton/tap/project-planton
- name: Install Pulumi & OpenTofu
run: |
curl -fsSL https://get.pulumi.com | sh
echo "$HOME/.pulumi/bin" >> $GITHUB_PATH
curl -L https://github.com/opentofu/opentofu/releases/latest/download/tofu_linux_amd64.zip -o tofu.zip
sudo unzip -o tofu.zip -d /usr/local/bin
- name: Plan
run: project-planton plan -f infra/manifest.yaml
- name: Apply
run: project-planton apply -f infra/manifest.yaml --stack myorg/myproj/prodDeterministic
Same commands, same results across all environments
Version Controlled
Infrastructure as code with full Git history
Portable
Works with any CI/CD system that supports CLI tools
How Project Planton Compares
Short, factual comparison with other infrastructure tools
Their way: Learn AWS, GCP, Azure CLIs separately. Different syntax, mental models, and workflows for every cloud.
Project Planton: One consistent YAML structure and CLI across all clouds. Same workflow everywhere.
Crossplane: Requires running Kubernetes cluster to manage infrastructure. Controller-based reconciliation.
Project Planton: CLI-driven, runs anywhere. No cluster required. You control when deployments happen.
Terraform/Pulumi: Write imperative code or HCL. Learn provider-specific resource syntax for every service.
Project Planton: Write declarative YAML. The framework maintains battle-tested Pulumi and Terraform modules for you.
| Feature | ProjectPlanton | Crossplane | Terraform | Pulumi |
|---|---|---|---|---|
| Declarative YAML | Yes | |||
| Multi-cloud consistency | Yes | |||
| Strong validation | Yes | |||
| Multiple backends | Yes | |||
| CLI workflow | Yes | |||
| Kubernetes native | ||||
| Programming languages | ||||
| Curated modules | Yes |
🔍 Complete Transparency
All Pulumi and Terraform modules are open source. No black boxes. Audit the exact code deploying your infrastructure. Fork and customize if needed.
⚡ Your Choice of Engine
Use Pulumi OR OpenTofu as your execution engine. Same manifests work with both. Switch engines anytime. Not locked to one IaC provider.
🔓 Zero Vendor Lock-In
Standalone CLI with zero SaaS dependencies. Your manifests, your credentials, your infrastructure. Runs locally or in your CI/CD. You're never trapped.