What is 'Infrastructure as Code'

Brett Gillett

So, you were sitting in a meeting last week, and one of your teammates happened to mention that they have made several ‘commits’ this week to the ‘infrastructure as code’ base. Everyone else seems to know what the heck that means, so you keep quiet and decide to ‘Google’ it later.

It’s simple really, let me explain.

When someone mentions ‘infrastructure as code’ what they are saying is that they have turned the infrastructure and possibly the application components into one or more snippets of code that can be used to quickly deploy new testing and development environments; or to rebuild infrastructure after an outage.

Ok, so with that out of the way, I bet you’re wondering what you need to transform your infrastructure? First, you’re going to need tools that understand how to deploy code on your chosen platform. There are many options available, the two that I most commonly use are AWS' CloudFormation or Hashicorp’s Terraform. Here’s how I decide which one to use. If I know that the solution is destined for use on the AWS platform I use CloudFormation, otherwise, I use Terraform.

While using a code repository like GitHub or BitBucket is not a requirement I strongly suggest that you store all your code in a repo of your choosing. By doing this, you can control versions, and quickly distribute code snippets to multiple team members.

Finally, you need to push your application down to this newly created infrastructure. While it’s technically possible to do this directly in your templates, I find it difficult so I opt to use a configuration management tool like SaltStack or Ansible.

Well, there you go. A simple explanation of what it means when someone says ‘infrastructure as code’ plus a quick overview of some tools to get you started.

Code Samples

Build a Virtual Private Cloud (VPC)


Provision an Elastic Compute Cloud (EC2) instance

resource "aws_instance" "bastion" {
  ami = "ami-f6f8a79c"
  instance_type = "t2.micro"
  subnet_id = "${aws_subnet.public-subnet.0.id}"
  key_name = "key-name"
  vpc_security_group_ids = ["${aws_security_group.ssh-bastion.id}"]

  tags {
    Name = "bastion"
    project = "Terraform Project"
    deployment-source = "Terraform"

Brett Gillett


Like what you read? Why not subscribe to the weekly Orbit newsletter and get content before everyone else?