Before the cloud, infrastructure was physical — you ordered servers, racked them, cabled them, and configured them manually. With virtualisation and the cloud came a new problem: managing hundreds of virtual machines, networks, and services through web consoles is slow, inconsistent, and impossible to audit or reproduce.
The Problem with Manual Infrastructure
- Slow: Every change requires human intervention through a UI or SSH session.
- Inconsistent: "Click-ops" produces snowflake servers — each slightly different.
- Not reproducible: Can you recreate your entire infrastructure in a new region in an hour? Without IaC, probably not.
- No audit trail: Who changed that security group? When? There's no git history for manual changes.
- Configuration drift: Over time, manual changes accumulate and dev, staging, and prod diverge unpredictably.
What is Infrastructure as Code?
Infrastructure as Code (IaC) is the practice of defining and managing infrastructure resources — servers, networks, databases, load balancers — through machine-readable configuration files, just like application code.
These files can be:
- Stored in version control (Git)
- Reviewed via pull requests
- Tested in CI pipelines
- Applied consistently across multiple environments
- Rolled back to a previous state
Declarative vs Imperative IaC
| Declarative | Imperative | |
|---|---|---|
| You specify | What you want (desired state) | How to get there (steps) |
| Tool figures out | What needs to change | Nothing — you write each step |
| Idempotent | Yes | Only if you write it that way |
| Examples | Terraform, Pulumi, CloudFormation, Kubernetes manifests | Bash scripts, Ansible in task mode |
Terraform is declarative. You write:
resource "aws_instance" "web" {
ami = "ami-0abcdef1234567890"
instance_type = "t3.micro"
}Terraform determines whether to create, modify, or destroy the instance based on the current state of your infrastructure.
Key Benefits of IaC
- Repeatability: Deploy the same infrastructure to dev, staging, and prod with confidence they match.
- Speed: Provision a full environment in minutes, not days.
- Documentation: The code is the documentation. No more "tribal knowledge."
- Cost visibility: Count resources in code before applying.
- Disaster recovery: Recreate your entire infrastructure from code if needed.
- Collaboration: Teams can review infrastructure changes like they review feature code.
The IaC Ecosystem
| Tool | Type | Language | Cloud |
|---|---|---|---|
| Terraform / OpenTofu | Provisioning | HCL | Any (1000+ providers) |
| AWS CloudFormation | Provisioning | YAML/JSON | AWS only |
| AWS CDK | Provisioning | TypeScript/Python | AWS only |
| Pulumi | Provisioning | TypeScript/Python/Go | Any |
| Ansible | Configuration Mgmt | YAML | Any |
| Chef / Puppet | Configuration Mgmt | Ruby DSL | Any |
Terraform has become the dominant IaC tool for provisioning cloud resources across multiple providers. Next: a closer look at Terraform and how it compares to the alternatives.