What Is Infrastructure as Code (And Why Should You Care?)
Remember the days when setting up servers meant someone physically walking into a data center, installing hardware, and manually configuring everything? Even in the cloud era, many teams still click through console interfaces to set up their infrastructure—a recipe for inconsistency, human error, and major headaches when scaling.
Enter Infrastructure as Code (IaC)—the game-changing practice of managing and provisioning your computing infrastructure through machine-readable definition files rather than physical hardware configuration or point-and-click tools.
In simple terms: IaC lets you build your entire cloud infrastructure by writing code instead of clicking buttons.
Why IaC Is a Career Game-Changer
Before diving into the tools, let's talk about why IaC matters:
- Consistency: The same code creates identical environments every time
- Speed: Provision entire environments in minutes instead of days
- Version Control: Track changes, roll back when needed (just like with app code)
- Documentation: Your infrastructure is self-documenting through code
- Cost Efficiency: Easily spin up/down resources as needed
- Reduced Risk: Less human error, easier testing, smoother deployments
If you've been following our series on Docker containers and CI/CD pipelines, IaC is the missing piece that ties everything together in modern DevOps.
The Big Players: Terraform vs. CloudFormation
While several IaC tools exist, we'll focus on the two heavyweights:
- Terraform: Open-source, works with multiple cloud providers
- AWS CloudFormation: Native to AWS, deep integration with AWS services
Let's get hands-on with both!
Getting Started with Terraform
What Makes Terraform Special?
Terraform, created by HashiCorp, has become the go-to IaC tool for many DevOps teams because:
- It's cloud-agnostic (works with AWS, Azure, GCP, and more)
- Uses a declarative approach with a relatively simple syntax (HCL – HashiCorp Configuration Language)
- Has a massive ecosystem of providers and modules
- Offers excellent state management capabilities
Your First Terraform Project in 5 Steps
1. Install Terraform
# Mac (using Homebrew)
brew install terraform
# Windows (using Chocolatey)
choco install terraform
# Linux
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
sudo apt-get update && sudo apt-get install terraform
Verify installation:
terraform -version
2. Set Up Your Project
Create a new directory for your project:
mkdir my-first-terraform
cd my-first-terraform
3. Create Your First Configuration File
Create a file called main.tf:
# Configure the AWS Provider
provider "aws" {
region = "us-east-1"
}
# Create a VPC
resource "aws_vpc" "example" {
cidr_block = "10.0.0.0/16"
tags = {
Name = "example-vpc"
}
}
# Create a subnet within the VPC
resource "aws_subnet" "example" {
vpc_id = aws_vpc.example.id
cidr_block = "10.0.1.0/24"
tags = {
Name = "example-subnet"
}
}
4. Initialize, Plan, and Apply
# Initialize Terraform (downloads provider plugins)
terraform init
# See what changes will be made
terraform plan
# Apply the changes
terraform apply
When you run terraform apply, you'll need to type "yes" to confirm the changes.
5. Clean Up When Done
When you're ready to tear down the infrastructure:
terraform destroy
Terraform Pro Tips for Beginners
- Use modules: Don't reinvent the wheel. The Terraform Registry has pre-built modules for common infrastructure patterns.
- State management: For team environments, use remote state storage (S3, Terraform Cloud, etc.)
- Variables and outputs: Use variables to make your configurations reusable and outputs to expose important information.
- Workspace structure:
├── main.tf # Main configuration
├── variables.tf # Variable declarations
├── outputs.tf # Output declarations
└── terraform.tfvars # Variable values (gitignore this for sensitive values)
Getting Started with AWS CloudFormation
If you're focused solely on AWS, CloudFormation offers native integration with all AWS services and a slightly different approach to IaC.
What Makes CloudFormation Different?
- Native AWS service (no additional tools to install)
- Templates in JSON or YAML format
- Integrated with AWS console and CLI
- Built-in rollback capabilities
- Manages "stacks" of resources
Your First CloudFormation Stack in 4 Steps
1. Create a Template File
Create a file named template.yaml:
AWSTemplateFormatVersion: '2010-09-09'
Resources:
MyVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
- Key: Name
Value: MyFirstVPC
MySubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 10.0.1.0/24
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: MyFirstSubnet
2. Deploy the Stack
You have two options:
Using AWS Console:
- Go to CloudFormation in AWS Console
- Click "Create stack" → "With new resources"
- Upload your template file
- Follow the wizard to complete setup
Using AWS CLI:
aws cloudformation create-stack \
--stack-name my-first-stack \
--template-body file://template.yaml
3. Monitor Stack Creation
In the AWS Console, you can watch your stack being created in real-time. CloudFormation will create resources in the correct order, handling dependencies automatically.
4. Clean Up
When you're done experimenting:
aws cloudformation delete-stack --stack-name my-first-stack
Or use the "Delete" option in the CloudFormation console.
CloudFormation Tips for Beginners
- Parameters: Make your templates reusable with parameters:
Parameters:
EnvironmentName:
Description: Environment name (dev/test/prod)
Type: String
Default: dev
- Mappings: Create lookup tables in your templates
- Change sets: Preview changes before applying them
- Nested stacks: Break large templates into manageable pieces
Terraform vs. CloudFormation: Which Should You Learn?
The honest answer? Both have their place, but if you're just starting out:
Choose Terraform if:
- You work across multiple cloud providers
- You value a more readable syntax
- You want a tool that's widely used across the industry
- You prefer open-source solutions
Choose CloudFormation if:
- You're all-in on AWS
- You want native integration with all AWS services
- You prefer no additional tools to install/manage
- You need deep integration with AWS-specific features
Many organizations actually use both: CloudFormation for AWS-specific infrastructure and Terraform for multi-cloud or more complex scenarios.
Common IaC Beginner Mistakes (And How to Avoid Them)
-
Hardcoding credentials: Never put AWS keys directly in your code. Use environment variables, AWS profiles, or secret management tools.
-
Missing state management: Terraform's state files track what's been created. Always use remote state storage for team environments.
-
Not using version control: Always commit your IaC code to Git or another VCS system.
-
Ignoring modularity: Start with simple configurations, but plan to refactor into reusable modules.
-
Forgetting about drift: Infrastructure can change outside your IaC tool. Regularly check for configuration drift.
Taking Your IaC Skills to the Next Level
Once you've mastered the basics, consider:
-
CI/CD for Infrastructure: Automate testing and deployment of your infrastructure code. Our CI/CD article covers this topic in detail.
-
Testing: Tools like Terratest let you write automated tests for your infrastructure.
-
Policy as Code: Tools like Open Policy Agent (OPA) or AWS Config Rules to enforce compliance and security policies.
-
GitOps: Managing infrastructure using Git workflows for greater control and auditability.
Real-World Example: Building a Simple Web App Infrastructure
To tie everything together, here's a basic example of setting up infrastructure for a web application with a database using Terraform:
# Configure AWS provider
provider "aws" {
region = "us-east-1"
}
# Create a VPC
resource "aws_vpc" "app_vpc" {
cidr_block = "10.0.0.0/16"
tags = {
Name = "app-vpc"
}
}
# Create a public subnet
resource "aws_subnet" "public" {
vpc_id = aws_vpc.app_vpc.id
cidr_block = "10.0.1.0/24"
availability_zone = "us-east-1a"
tags = {
Name = "public-subnet"
}
}
# Create a private subnet
resource "aws_subnet" "private" {
vpc_id = aws_vpc.app_vpc.id
cidr_block = "10.0.2.0/24"
availability_zone = "us-east-1a"
tags = {
Name = "private-subnet"
}
}
# Create a security group for the web server
resource "aws_security_group" "web" {
name = "web-sg"
description = "Allow web traffic"
vpc_id = aws_vpc.app_vpc.id
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
# Create an EC2 instance for the web server
resource "aws_instance" "web" {
ami = "ami-0c55b159cbfafe1f0" # Amazon Linux 2 AMI
instance_type = "t2.micro"
subnet_id = aws_subnet.public.id
security_groups = [aws_security_group.web.id]
tags = {
Name = "web-server"
}
}
This simple example creates a VPC with public and private subnets, security groups, and deploys a web server—all defined as code.
Conclusion: The Path Forward
Infrastructure as Code isn't just a technical skill—it's a fundamental shift in how we approach building and managing systems. As cloud environments grow more complex, the ability to define infrastructure in code becomes not just convenient but essential.
Whether you choose Terraform, CloudFormation, or both, the principles remain the same: automate, version control, and treat your infrastructure with the same care you treat your application code.
Ready to take your DevOps journey to the next level? Check out our other guides on Git, Docker, and CI/CD pipelines to build a comprehensive DevOps skill set.
Have you started using Infrastructure as Code in your projects? Which tool do you prefer? Share your experiences in the comments below!
