Infrastructure as Code (IaC)

(OBJ 3.1)

Modern approach to IT infrastructure management
Automates provisioning and management of computing resources through code
- Machine readable definition files or scripts rather than manual/interactive configuration tools
Used in DevOps and with cloud computing

Developers and ops teams manage infrastructure through code
Code files are versioned, tested, and audited
High-level languages like YAML, JSON, or domain-specific languages (e.g., HashiCorp Configuration Language (HCL)) used
Example:
- A developer might write a script that automatically sets up a server, installs necessary software and deploys an application
- Can be replicated in identical environments easily
Idempotence ensures identical environments
- Idempotence
  - Ability of an operation to consistently produce the same results
    - An idempotent script sets up an infrastructure that is identical every time it is run, regardless of the infrastructure's initial state
  - Crucial for consistency and reliability in multiple environments
Goal: Elimination of Snowflake Systems
- Snowflake System
  - A configuration that lacks consistency that might introduce risks, so it has to be eliminated

Speed and Efficiency
- Allows for rapid provisioning and de-provisioning of resources
- Speeds deployment process
Consistency and Standardization
- Ensure every environment is set up the same way
- reducing inconsistencies and errors
Scalability
- Makes it easy to replicate infrastructure set ups
Cost Savings
- Reduce time and resources spent on manual configuration troubleshooting
Auditability and Compliance
- Easier to track changes and maintain compliance through code

Learning Curve
- New skills and mindset required
- Teams learn to write, test, and maintain infrastructure code
Complexity
- Infrastructure code can become complex to manage
- Mitigated with modularization and proper documentation
Security Risks
- Sensitive data exposure in code files
- Insecure configurations may be introduced