HashiConf The full conference agenda's now LIVE. Buy your pass and plan your schedule. Register
Well-Architected Framework
Well-Architected Framework Home

Codify systems and tools

Infrastructure as code (IaC) lets you codify your resource definitions, making it easier to understand your resource configurations and infrastructure topology. Codifying your resources also enables collaboration since your team can more easily review changes made in code than manual updates. When you define your infrastructure as code, you can use the same engineering practices for your infrastructure as for application development, such as code review, automated deployment, and phased rollout that allows you to test your configuration across environments.

Infrastructure as code provides the following benefits:

  • Infrastructure that is written as code can follow your organization's established development best practices.
  • Version control systems such as GitHub, GitLab, or Bitbucket, let you version your infrastructure code. This allows you to audit infrastructure changes, and roll back changes as needed.
  • Infrastructure as code enables team and cross-team collaboration. By storing your code in a code repository, you can share the code with other developers. These developers can then contribute to the infrastructure code, provide feedback, and catch issues such as security or other policy violations.
  • Infrastructure as code allows you to test the code similar to how you test application code.
  • Deploying infrastructure as code lets you automate infrastructure deployment through scripts and CI/CD systems.
  • Infrastructure as code increases deployment consistency and repeatability. You will know what infrastructure your code will deploy. Code should be able to be deployed multiple times, with almost identical outcomes.

Terraform-driven development

Terraform uses providers to directly interact with cloud resources and services. Terraform creates and manages these resources by storing the state of your infrastructure. Terraform codifies cloud APIs into declarative configuration files, using HashiCorp Configuration Language (HCL). You define the desired state of your infrastructure in HCL and Terraform will deploy and configure the resources to match your configuration.

In addition to configuring your networks, servers, and databases, you can also use Terraform to manage other resources like containers, machine images, and observability services. Terraform enables you to create an infrastructure delivery workflow where you create consistent infrastructure, application configurations, and images. This workflow consists of adopt, build, standardize, and scale.

  • Adopt: Compose infrastructure as code in a Terraform file using HCL to provision resources from any infrastructure provider.
  • Build: Infrastructure automation workflows to compose, collaborate, reuse, and provision infrastructure as code across IT operations and teams of developers.
  • Standardize: Establish guardrails for security, compliance, and cost management through role-based access controls, policy, enforcement, and audit.
  • Scale: Extend workflow automation to all teams in the organization with self-service infrastructure as code and integrate with VSC, ITSM, and CI/CD.

The Terraform Registry is a single source for finding providers and their supporting documentation. You can find official, partner, and community providers, modules, policy libraries, and run tasks in the Terraform Registry. The Terraform Registry is a great first step in learning all the resources you can manage with Terraform.

Modules are the main way to package and reuse resource configurations with Terraform. This is especially useful for standardizing your infrastructure deployments. You can find publicly available Terraform modules for configuring many kinds of common infrastructure in the Terraform Registry. These modules are free to use, and Terraform can download them automatically if you specify the appropriate source and version in a module call block.

Your organization may produce modules tailored for your own infrastructure needs. HCP Terraform and Terraform Enterprise both include a private module registry for sharing modules internally within your organization.

HashiCorp resources:

Next steps

In this section of Codify infrastructure and tools, you learned what infrastructure as code (IaC) is how you can deploy IaC with Terraform. Codify systems and tools is part of the Define and automate processes pillar.

To learn more about codifying your systems and tools, refer to the following documents:

Edit this page on GitHub