I'm trying to figure out the best Infrastructure as Code (IaC) tool for managing infrastructure, including managed and serverless services, on AWS. I've seen options like AWS's own CloudFormation, SAM, and CDK, as well as the vendor-agnostic Terraform. I have experience with Terraform in Azure and GCP, but I noticed fewer people seem to use Azure's ARM templates. However, I've come across many job postings that prefer AWS-specific tools. Can anyone share their experiences using these IaC tools on AWS?
10 Answers
I mainly use Terraform because it’s so popular and compatible with multiple vendors. If you need to manage things outside of AWS, it's great to have everything under one tool. I haven't tried Pulumi yet, but I hear it could also do the trick.
There's no 'one-size-fits-all' tool. Terraform and OpenTofu are popular choices, but for very complex serverless needs, you might want to look at SAM, and for general AWS services, CloudFormation can still work. It really depends on your specific use case.
I've been using Terraform for over 10 years, and I think it's definitely the best choice for AWS. It's widely adopted, and even GCP has shifted to recommend Terraform after retiring their own tool. It gives you a lot of flexibility and control.
If you're starting out, you might want to look at OpenTofu too, which is an open-source fork of Terraform after some licensing changes. It’s supported by the Linux Foundation and some big companies, so it could be worth considering.
With 11 years of AWS experience, I can confirm: Terraform is the king!
For serverless applications, I personally prefer CDK. But for most of the other things like VPCs and load balancers, I stick to Terraform or OpenTofu. It just depends on what you’re building.
Honestly, I think CloudFormation is much less user-friendly compared to Terraform. If you want something that's easy to work with, Terraform is the better way to go.
I'm a fan of the Serverless Framework paired with CloudFormation. If you're into JavaScript, the JSON-heavy approach is really intuitive for me. I’m not the biggest fan of CDK or Terraform, but I see their appeal due to widespread usage.
Don’t dismiss Ansible too quickly. It's great for configuration management, even if you aren't using it for serverless or containers!
I use Terraform for everything except AWS Lambda; for that, SAM has been my go-to. It's simple and effective for managing serverless deployments.
Why not use both? They can complement each other really well!
Since you’re already familiar with Terraform, it makes sense to keep using it. If a development team is involved, consider introducing them to CDK or TFCDK since it might better suit their skill sets. At my job, we stick with Terraform for shared infrastructure, but I initiated a CDK project for some automation, and the dev team quickly took over with minimal issues!
Honestly, it all depends on what you're trying to achieve. Terraform is great for small projects, but for larger setups, there's a lot of overhead. I've enjoyed using Pulumi for its integration with other tools, especially if you're using Kubernetes. The main thing to remember is to structure your workspaces wisely to avoid slow refresh times as your projects grow.
Some people prefer CloudFormation only. I've heard concerns about Terraform due to its ownership and possible changes, but others think it's a solid option. Ultimately, it boils down to personal preference.
I’d argue that CDK might provide a better developer experience compared to editing YAML for complex serverless setups.