G
GuideDevOps
Lesson 1 of 14

Introduction to IaC

Part of the Terraform tutorial series.

What is Infrastructure as Code (IaC)?

Infrastructure as Code (IaC) is the process of provisioning, configuring, and managing your cloud resources (servers, databases, networks) using code instead of manual processes or graphical user interfaces (GUIs).

In the past, to provision a server, a system administrator would:

  1. Log into a cloud provider's web UI (like the AWS Console).
  2. Click through multiple screens to choose an OS, instance size, and network.
  3. Manually configure security groups and storage.
  4. Document the process in a Wiki (optional, and often forgotten).

With IaC, you instead write a file that describes the server you want, and a tool automatically talks to the cloud provider's API to build it.

# This code creates exactly the same server as 20 clicks in the GUI
resource "aws_instance" "web" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t3.micro"
  
  tags = {
    Name = "Production-Web-Server"
  }
}

Why IaC Chaged the World

If you manage a single hobby server, clicking in a UI is fine. If you manage 500 servers across 3 environments and need to ensure compliance, auditing, and high availability, manual clicking is impossible.

1. Speed and Automation

Deploying an entire application stack consisting of databases, load balancers, caching layers, and compute nodes takes minutes with IaC, compared to hours or days manually.

2. Consistency across Environments

"It works in Dev, but broken in Prod" happens because the environments drift apart. With IaC, your Development, Staging, and Production environments use the exact same code. Production becomes a carbon copy of Development, just with beefier servers.

3. Version Control and History

Because your infrastructure is just text files, it lives in Git alongside your application code.

  • Want to know who opened port 22 to the world? Check git blame.
  • Need to know what changed on Tuesday when the site went down? Check the commit history.
  • Need to review a change before it goes live? Use GitHub Pull Requests.

4. Disaster Recovery

If an intern accidentally deletes your entire production network, how long does it take to rebuild? Without IaC: Days of panicking and reading outdated documentation. With IaC: Just run terraform apply and watch the infrastructure rebuild itself in 10 minutes.

Imperative vs. Declarative IaC

There are two primary ways IaC tools operate:

Imperative (Procedural)

You tell the tool HOW to get to the desired state. You write step-by-step instructions. (e.g., Ansible, Chef, shell scripts)

# Imperative approach
aws ec2 run-instances --image-id ami-12345 --count 1
# If you run this script 5 times, you get 5 servers!

Declarative

You tell the tool WHAT the desired end state should look like. The tool figures out how to make reality match your code. (e.g., Terraform, CloudFormation, Kubernetes YAML)

# Declarative approach
resource "aws_instance" "web" {
  count = 1
  ami   = "ami-12345"
}
# If you run this code 5 times, you STILL only have 1 server.
# The tool knows 1 already exists, so it does nothing.

Terraform relies heavily on the declarative model, which is why it is so safe to run repeatedly.

Enter HashiCorp Terraform

Terraform, created by HashiCorp, is the undisputed industry standard for Infrastructure as Code.

Why Terraform Won

Before Terraform, every cloud provider had their own proprietary IaC tool (AWS had CloudFormation, Azure had ARM Templates).

Terraform succeeded because it is cloud-agnostic. It uses a single language—HashiCorp Configuration Language (HCL)—to manage resources across virtually any provider.

You can use the exact same tool and workflow to manage:

  • Cloud Providers: AWS, Google Cloud, Azure
  • SaaS Platforms: GitHub, DataDog, PageDuty, Cloudflare
  • On-Premises: VMware, Active Directory, Kubernetes

How Terraform Works (High Level)

  1. Write: You write configuration files (*.tf) declaring your desired infrastructure.
  2. Init: Terraform downloads the necessary plugins (Providers) to talk to your chosen services.
  3. Plan: Terraform compares your code to reality and generates an execution plan showing exactly what will be added, changed, or destroyed.
  4. Apply: Terraform executes the plan, making API calls to your cloud providers to provision the resources.

The Terraform Core Loop

graph LR
    A[Write HCL Code] --> B[terraform init]
    B --> C[terraform plan]
    C --> D[terraform apply]
    D --> E[Real Infrastructure]

Next, we'll install Terraform and see this loop in action.