Infrastructure as Code: Managing Infrastructure with Terraform
Infrastructure as Code (IaC) is the practice of defining and managing infrastructure (servers, databases, networking, security groups, DNS records, and everything else) using code — specifically structured configuration files that can be version controlled, reviewed, tested, and automatically applied. It replaces manual click-through-the-console infrastructure management.
Why IaC Matters
- Reproducibility: Infrastructure can be recreated exactly from code — create identical staging and production environments, rebuild after a disaster
- Version control: All infrastructure changes are committed to Git — providing a full audit trail of who changed what and when
- Peer review: Infrastructure changes go through the same pull request and code review process as application code
- Automation: Apply infrastructure changes through CI/CD pipelines — consistent, automated, with approval gates
- Documentation: The code itself documents the infrastructure — no more outdated wiki pages
Terraform
Terraform is the industry-standard open-source IaC tool, maintained by HashiCorp. It supports all major cloud providers and hundreds of other services through providers. Key concepts:
- Resources: Infrastructure components (an RDS database, a VPC, an S3 bucket)
- State: Terraform tracks the current state of infrastructure — enabling it to calculate and apply only the changes needed
- Plan: Preview exactly what changes will be applied before applying them
- Modules: Reusable, parameterised infrastructure components
Our Approach
All production infrastructure we manage is defined in Terraform. Changes are applied through CI/CD with terraform plan output reviewed and approved before apply. State is stored remotely (Terraform Cloud, S3 backend) with locking to prevent concurrent modifications.