So you're looking to get started with Infrastructure as Code (IaC) but you're not quite sure which tool to begin with? You've asked your friends and colleagues for advice and while no one tool stood out, AWS Cloud Development Kit (AWS CDK) and Terraform were mentioned the most. But which one should you choose and why?
What is Infrastructure as Code?
Before comparing AWS CDK and Terraform, it's important to first understand what Infrastructure as Code means and how it came to be. Back in the early 2000's when modern utility cloud computing first started to come to the fore, and around the time when AWS released Simple Queue Service (SQS), scaling and other issues raised their heads. Infrastructure as Code was the answer to some of these issues. IaC is simply defining cloud infrastructure in machine readable code. This process opens up a number of possibilities and benefits:
- Source Control - by defining your infrastructure in code all changes are tracked and rollbacks become much easier.
- Reproducibility - you can use the same files to deploy the same infrastructure in multiple environments without worrying about human error.
- Understanding - the IaC files act as their own documentation and other engineers can read the code to quickly understand the infrastructure.
What is AWS CDK?
AWS CDK is a relatively new tool, having been released by AWS in 2019. The aim of AWS CDK was to solve some of the issues that folks had with other tools, such as AWS CloudFormation. Problems included the amount of boilerplate code required, language constraints and verbosity.
AWS CDK lets an engineer imperatively define their infrastructure in a familiar language such as Typescript, Python or Java and then synthesize it to CloudFormation to provision infrastructure resources.
Key Features and Benefits
AWS CDK is built on the concept of constructs. These infrastructure objects are basically building blocks that let you quickly build up complex AWS infrastructure with much less effort. AWS CDK ships with these constructs out of the box which makes the process of provisioning AWS infrastructure much quicker and less verbose. Custom constructs can also be created and shared with the community.
AWS CDK abstracts away a lot of the configuration traditionally required in more declarative tools such as CloudFormation. This allows you to shift focus back to what you are building without having to worry about the nitty-gritty of resource configuration. Constructs vary in level of abstraction from L1 (lowest level of abstraction) to L3 (highest level of abstraction).
Familiar Programming Languages
What is Terraform?
Now on to Terraform. Released in 2014, HashiCorp Terraform is a slightly more mature product than AWS CDK. Mitchell Hashimoto, one of the creators of Terraform, liked the idea of AWS CloudFormation but saw some flaws - the main one being that it was not cloud agnostic. He wanted a product that could be used across different cloud providers.
Terraform uses HashiCorp's own proprietary language called HashiCorp Configuration Language (HCL) to declaratively define infrastructure resources. In 2022, however, Hashicorp released CDK for Terraform which opens up more language possibilities within Terraform. CDK for Terraform, often referred to as "cdktf", is an collaboration between AWS and HashiCorp that integrates AWS CDK with Terraform. It allows developers to define cloud infrastructure using familiar programming languages like TypeScript, Python, and Java, rather than relying solely on HCL, Terraform's native language. Once the infrastructure is defined, "cdktf" synthesizes it into Terraform JSON configuration files. These files can then be deployed using Terraform's core engine, benefiting from Terraform's state management and wide provider ecosystem. In essence, CDK for Terraform bridges the gap between AWS CDK's imperative approach and Terraform's declarative nature, offering developers a broader choice of languages and the strengths of both platforms.
Key Features and Benefits
The standout feature of Terraform is that it is cloud agnostic meaning that you can use it to automate infrastructure management and the provisioning of cloud resources with multiple different cloud providers. You can define your infrastructure in HCL and use a common workflow to provision infrastructure in AWS, GCP and Azure.
Terraform stores your infrastructure state in a Terraform state file. This allows Terraform to compare and map your configuration with your deployed infrastructure to plan what to build and to detect drift.
Modular and reusable code
Terraform modules, similar but not quite the same as AWS CDK Constructs, allow you to wrap infrastructure definitions into reusable components. These infrastructure components can be shared both internally and across the community, reducing duplication and increasing speed.
Comparison: AWS CDK vs Terraform
AWS CDK supports a number of popular programming languages:
Terraform supports HashiCorp Configuration Language (HCL) which is a proprietary language. It is designed to be both human and machine readable.
As mentioned above, CDK for Terraform allows you to use the CDK supported languages:
AWS CDK is designed for use with AWS resources and is tightly integrated with their other services. However, there is limited support for third-party resources such as GitHub, MongoDB and Okta (see here for more).
Terraform was born out of the idea that it should be platform agnostic so it's no surprise that it supports a lot more cloud platforms than AWS CDK, including AWS, Google Cloud Platform, Microsoft Azure and Oracle Cloud.
When deploying AWS CDK, it is first synthesized to CloudFormation. CloudFormation then manages state for you out of the box.
In Terraform, state is managed locally by default in a file called terraform.tfstate. However, it can be configured to be managed remotely to synchronize state and add versioning.
Community and Ecosystem
The AWS community in itself is very large and vibrant - and has been a large contributor to its success - and this has also extended to AWS CDK. There are a growing number of community constructs, libraries and tools aimed at helping CDK users.
The fact that Terraform is platform agnostic has led to a diverse community growing around Terraform. However, that soured recently when HashiCorp announced that they were backing away from open source and moving toward a business source license.
- Best suited for projects deeply integrated with AWS services.
- Ideal for developers who prefer a code-first approach to infrastructure.
- Great for projects that can benefit from AWS-specific optimisations and integrations.
- Perfect for multi-cloud or hybrid cloud scenarios.
- Suitable for teams that prioritize a consistent tool and workflow across different platforms.
- Recommended for projects that require flexibility in choosing storage backends for state management.
Pros and Cons
- Tight AWS Integration - AWS CDK is designed to work seamlessly with AWS services. This ensures that deployments are optimized for the AWS ecosystem, and developers can take full advantage of AWS-specific features and integrations.
- Growing Community - As AWS CDK matures, its community is expanding. This means more shared resources, community-contributed constructs, and increased support from other developers and AWS experts.
- AWS-centric - While AWS CDK offers deep integration with AWS services, its primary focus is the AWS ecosystem. This can be limiting for organizations looking to deploy across multiple cloud providers.
- Steeper Learning Curve for Non-developers - AWS CDK's code-first approach might be challenging for individuals who aren't familiar with programming. Those without a development background might find it more complex compared to traditional Infrastructure as Code tools.
- Multi-cloud Support - Terraform's platform-agnostic nature is one of its standout features. It supports multiple cloud providers, including AWS, Google Cloud, Azure, and more. This versatility is invaluable for organizations with multi-cloud or hybrid cloud strategies.
- Large Community - Terraform boasts a vast and active community. This translates to a wealth of shared modules, extensive documentation, community-driven enhancements, and a broad range of third-party integrations.
- Mature Tool - Released in 2014, Terraform has had time to mature and evolve. Its stability and feature set reflect years of feedback, improvements, and real-world usage.
- Need to Manage State Files - Terraform uses state files to keep track of infrastructure configurations. While these files are crucial for Terraform's operation, managing them—especially in team environments—can be tricky. Ensuring state file consistency and avoiding conflicts require careful management.
- Uncertain Future - With the recently announced change in licensing methodology, there is increasing confusion over the long term path of Terraform.
So which tool should you choose? As with most things - it depends. If you know for sure that you are only going to use AWS then AWS CDK is probably your best choice. However, if you work at a very large organization with multiple other cloud providers, then Terraform is more than likely the preferred option. Either way, I hope this helps your understanding and that you can now make a more informed choice.