Summary
Track Runloop — secure execution infrastructure for AI agents using isolated micro-VM sandboxes — as a future Pulumi provider candidate. Not ready to build yet; revisit when API reaches v1 and company has more traction.
What Is Runloop
Runloop provides isolated micro-VM sandboxes (Devboxes) for AI agent code execution, along with management-plane primitives like Blueprints (Dockerfile-based VM templates), Network Policies, AI Gateway configs, MCP tool server configs, and Secrets. It has SOC 2 Type II compliance and is on AWS Marketplace.
Why It's on the Watch List
- No TF provider exists anywhere — pure greenfield, first-mover opportunity
- Comprehensive OpenAPI 3.0 spec (Stainless-generated, 122 paths) covering management-plane resources
- AI-era alignment — the management-plane resources (Blueprints, NetworkPolicies, GatewayConfigs, McpConfigs, Secrets) map cleanly to IaC declarative semantics
- $7M seed round (2025), SOC 2, AWS Marketplace — credible early traction
Why Not Yet
- API is v0.1 — breaking changes expected; premature to pin a provider schema
- Seed-stage company — longevity risk
- No TF bridge path — would be a native provider requiring sustained maintenance commitment
IaC-Appropriate Resource Scope (when ready)
runloop.Blueprint — Dockerfile-based devbox templatesrunloop.NetworkPolicy — egress rulesrunloop.GatewayConfig — AI API proxy credentialsrunloop.McpConfig — MCP tool server connectionsrunloop.Secret — encrypted runtime credentialsrunloop.DiskSnapshot — reusable saved disk states
Explicitly out of scope: Devbox (ephemeral VM instances), Axon (event streams), Execution (command runs) — these are operational, not declarative.
Action
Revisit in ~6 months. Trigger conditions for proceeding:
- Runloop API reaches v1
- Series A funding or equivalent scale milestone
- Community interest signals (GitHub issues, Discord requests)
References
Summary
Track Runloop — secure execution infrastructure for AI agents using isolated micro-VM sandboxes — as a future Pulumi provider candidate. Not ready to build yet; revisit when API reaches v1 and company has more traction.
What Is Runloop
Runloop provides isolated micro-VM sandboxes (Devboxes) for AI agent code execution, along with management-plane primitives like Blueprints (Dockerfile-based VM templates), Network Policies, AI Gateway configs, MCP tool server configs, and Secrets. It has SOC 2 Type II compliance and is on AWS Marketplace.
Why It's on the Watch List
Why Not Yet
IaC-Appropriate Resource Scope (when ready)
runloop.Blueprint— Dockerfile-based devbox templatesrunloop.NetworkPolicy— egress rulesrunloop.GatewayConfig— AI API proxy credentialsrunloop.McpConfig— MCP tool server connectionsrunloop.Secret— encrypted runtime credentialsrunloop.DiskSnapshot— reusable saved disk statesExplicitly out of scope:
Devbox(ephemeral VM instances),Axon(event streams),Execution(command runs) — these are operational, not declarative.Action
Revisit in ~6 months. Trigger conditions for proceeding:
References