Infrastructure as code
in-fruh-STRUK-cher az kohd
Managing servers, networks, and cloud resources through code files instead of manual configuration.
Infrastructure as code means defining your servers, databases, networks, and cloud services in configuration files that you check into version control. Instead of clicking through the AWS console to create a database, you write a Terraform file that describes the database, its size, its backup policy, and its access rules. Then you run a command, and the infrastructure is created exactly as specified.
The benefit is repeatability. If you can create your production environment from a file, you can create an identical staging environment, a testing environment, and a disaster recovery environment from the same file. Every environment is consistent. There are no "I forgot to check the box for encryption" surprises.
Terraform, Pulumi, AWS CloudFormation, and the AWS CDK are the most popular IaC tools. Terraform uses its own configuration language (HCL). Pulumi and the CDK let you write infrastructure in TypeScript, Python, or Go. The choice depends on your team's preferences, but the principle is the same: infrastructure should be defined, reviewed, versioned, and deployed like any other code.
Examples
A team rebuilds their infrastructure after a disaster.
The team's AWS account is compromised and all resources are deleted. Because everything is defined in Terraform, they create a new account, run 'terraform apply,' and the entire infrastructure, 15 services, 4 databases, 3 queues, and all networking, is rebuilt in 45 minutes. Without IaC, rebuilding from memory and screenshots would take weeks.
A developer reviews infrastructure changes in a PR.
A developer opens a PR that changes the RDS instance type from db.t3.medium to db.r5.large. The Terraform plan shows the exact changes: instance size, estimated cost increase ($180/month), and downtime window (3 minutes). The team reviews the change like any code change: they discuss cost, timing, and risk. The change is approved, merged, and applied automatically by CI/CD.
A team provisions identical environments across regions.
The company expands to Europe and needs to comply with GDPR by keeping EU data in EU data centers. The team takes their existing Terraform modules, changes the region parameter from us-east-1 to eu-west-1, and runs apply. The entire stack, including VPC, ECS cluster, RDS, ElastiCache, and S3 buckets, is created in the EU region in 20 minutes. Configuration is identical to the US environment.
In practice
Read more on the blog
Frequently asked questions
Should I use Terraform or Pulumi?
Terraform if your team is comfortable learning HCL (HashiCorp Configuration Language) and wants the largest ecosystem of providers and community modules. Pulumi if your team prefers writing infrastructure in a language they already know (TypeScript, Python, Go). Both are production-grade. Terraform has more community resources and tutorials. Pulumi has a steeper onboarding curve for infrastructure concepts but a shallower one for the language itself. Pick the one your team will actually use.
What is the biggest risk of infrastructure as code?
State drift. IaC tools track the state of your infrastructure in a state file. If someone manually changes a resource through the console (adding a firewall rule, resizing a database), the state file does not reflect reality. The next 'terraform apply' might revert the manual change or fail entirely. The fix is discipline: never make manual changes, and use tools like Terraform's 'drift detection' to catch unauthorized modifications.
Related terms
A set of practices that combines software development and IT operations to shorten the delivery cycle.
On-demand computing infrastructure (servers, storage, networking) provided by a third party.
Lightweight, portable packages that bundle application code with all its dependencies.
Continuous integration and continuous deployment: automating code testing and delivery to production.
The process of releasing code to servers where users can access it.
Want the complete playbook?
Picks and Shovels is the definitive guide to developer marketing. Amazon #1 bestseller with practical strategies from 30 years of marketing to developers.