Infrastructure as code
Infrastructure as code (IaC) is the practice of defining and provisioning infrastructure — servers, networks, databases, IAM policies — through machine-readable declaration files rather than manual configuration. The two dominant approaches are declarative (Terraform, OpenTofu, Pulumi, AWS CDK, CloudFormation), where you describe desired state, and imperative scripting (Ansible, Chef, Puppet), where you describe how to reach it.
IaC's value is reproducibility: a new environment (staging, disaster recovery, regional expansion) is a `terraform apply` away rather than a week-long manual setup. Equally important is reviewability — infrastructure changes go through PR review like code, with diffs that engineers can reason about. Common pitfalls: state-file management (Terraform's biggest operational hazard); drift (manual changes outside IaC); cyclic dependencies in modules. Modern alternatives (Pulumi, CDK) use general-purpose programming languages instead of DSLs, which trades the simplicity of HCL for the expressiveness of TypeScript or Python — the right answer depends on team familiarity.
Related terms
- GitOps
GitOps is a deployment methodology, coined by Weaveworks in 2017, in which the desired state of infrastructure and applications is declared in Git and reconciled to running systems by an automated agent.
- Continuous deployment
Continuous deployment automatically deploys every change that passes the test suite into production — no human gate between merging code and serving traffic.