What does Infrastructure as Code (IaC) mean? How can we get started with this approach to managing infrastructure resources? Simply put, IaC is an approach to applying software engineering DevOps practices, such as version control, auditability, testing, and pipeline automation, to infrastructure resources. These days, the success of rapidly evolving application architectures largely depends on the stability and elasticity of the underlying infrastructure. Infrastructure can no longer be seen separately from code; rather, it is code. AWS offers several capabilities to support this approach. By leveraging services such as AWS CloudFormation, you can achieve the same level of automation and reliability as seen in software delivery, also at the infrastructure level. Adopting IaC practices allows software professionals to spend less time on ensuring the reliability, portability, and consistency of the underlying infrastructure, which has a direct positive impact on the software that runs on top of it.
The core idea behind IaC is to prevent the problems associated with environmental drift. A commonly adopted DevOps methodology for improving the software delivery pipeline is to use dedicated development, staging, and production environments. To support these software applications in the cloud, developers typically depend on a lot of infrastructure resources, such as load balancers, application servers, firewalls, and databases. Manually configuring them can be a Herculean task. Historically, companies used to build and maintain operational runbooks and document all the steps, but this cannot support the pace of infrastructure change rollout in the cloud. Furthermore, system administrators can easily forget what component configuration was applied in a particular environment, and not others. This results in the environments being out of sync, causing unexpected application behaviors since the software was developed and tested in an environment that differed from how production looked like. Overall, this leads to bad customer experience, unreliable infrastructure, and operational complications.
Managing the complete infrastructure stack as code solves these problems and leads to increased efficiencies around deployment speed and faster feedback cycles. The idea of infrastructure disposability also gets a boost when infrastructure is managed with code. Infrastructure configurations are no longer embedded in the respective systems, but rather available at the surface, allowing everyone to understand and debug communication patterns between different components.
We will cover the following topics in this chapter:
- What is AWS CloudFormation?
- Good design practices when using AWS CloudFormation
- How to choose between Terraform and AWS CloudFormation
- Hands-on exercise to deploy infrastructure and application stacks with AWS CloudFormation
Let’s establish a basic understanding of important AWS CloudFormation concepts first before we dive into more advanced topics.
Technical requirements
For this chapter, you will require the following:
- AWS Cloud9 IDE deployed in your AWS account
- An active AWS account subscription