IaC Paradigms, Patterns & Decisions
Read the full guide on docs.beyondyou.my.idInfrastructure as Code is a de facto requirement for modern cloud operations, but choosing the right approach isn’t straightforward. Declarative or imperative? Terraform or Pulumi? Mutable or immutable infrastructure? The answers depend on your team’s skills, your infrastructure complexity, and your operational requirements.
Key Takeaways
- Declarative IaC (Terraform, CloudFormation): You declare desired state; the tool figures out how to achieve it
- Imperative IaC (Pulumi with code, Ansible to some degree): You write the sequence of steps to reach desired state
- Mutable infrastructure: Resources are updated in place — faster but can drift
- Immutable infrastructure: Resources are replaced rather than modified — prevents drift but slower to deploy
- State management is the hardest problem in IaC — it tracks the mapping between code and real-world resources
Quick Overview
The three dominant IaC paradigms are: (1) DSL-based declarative (Terraform/HCL, CloudFormation/YAML) — purpose-built languages optimized for infrastructure; (2) General-purpose language (Pulumi with TypeScript/Python, CDK) — leverage existing programming skills; (3) Configuration management (Ansible, Chef) — procedural approach better suited for VM configuration than cloud resource provisioning.
Most organizations standardize on Terraform for cloud resource provisioning due to its provider ecosystem, strong community, and platform-agnostic approach. Pulumi is gaining traction with teams that prefer writing infrastructure in TypeScript or Python.
Read the full guide: IaC Paradigms, Patterns & Decisions → — includes paradigm comparisons, decision frameworks, and migration strategies between IaC tools.