Switzerland May 22, 2025
 

Declarative vs Programmatic
 Infrastructure as Code Jakub Gaj Cloud Solution Architect @ Danske Bank
 Copenhagen, Denmark Switzerland Jakub Gaj AWS Community Builder AWS New Voices Speaker 

Rapid prototyping of cloud solutions Interactive demos for less technical audiences I absolutely 🧡 ClickOps 😎 Experimenting with new AWS services & integrations Hot fixes in pre-production accounts Switzerland 

“Infrastructure as Code is the practice of provisioning and managing infrastructure using code, as opposed to doing it interactively 
 or with non-code automation tools.” Kief Morris Infrastructure as Code, 2nd Edition
 (O’Reilly Media) ‣ Fundamental differences ‣ Optimal use cases ‣ Framework considerations ‣ Best practices Declarative & programmatic approach: 

Evolution of IT infrastructure Iron Age Virtual Age Bare Metal in Data Centers Virtualization of Compute, Storage, Networking Cloud Providers (Cloud Services) AI Services Cloud Era AI Era 

Milestones of Everything as Code ‣ Bash Shell (BSH) ‣ Korn Shell (KSH) ‣ Distributed Shell (DSH) ‣ Batch ‣ PowerShell ‣ Perl ‣ Python Shell Scripting ‣ CFEngine ‣ Puppet ‣ Chef ‣ Ansible ‣ Salt (SaltStack)
 
 Configuration as Code ‣ AWS CloudFormation ‣ HashiCorp Terraform ‣ Microsoft Azure
 Resource Manager ‣ Microsoft Bicep ‣ Google Cloud
 Deployment Manager
 Infrastructure as Code 

Milestones of Everything as Code ‣ Docker Compose ‣ Kubernetes Templating ‣ AWS Serverless
 Application Model ‣ Serverless Framework
 
 
 Containers & FaaS ‣ AWS CDK ‣ AWS PDK ‣ CDK for Terraform ‣ Pulumi IaC Engine ‣ SST Framework
 
 Cloud Development Kits ‣ AWS CodeWhisperer ‣ AWS Q Developer ‣ Pulumi AI & Copilot ‣ GitHub Copilot ‣ Anthropic Claude Code ‣ OpenAI Codex ‣ Cursor AI
 AI-Assisted Development 

Core aspects of declarative IaC Domain-specific languages
 (CF, HCL, Bicep) Limited built-in
 logic capabilities Code readability
 (WYSIWYG) Can become lengthy for complex infra Focus on infra layer 
 (shared platforms) Better suited for low-level resources definition 

Popular declarative frameworks AWS
 CloudFormation AWS Serverless Application Model Serverless Framework HashiCorp Terraform CE Linux Foundation OpenTofu Microsoft 
 Bicep (ARM) Google Cloud Deployment Manager AWS Amplify 

Core aspects of programmatic IaC Standard programming languages
 (Python, TypeScript) Advanced logic:
 conditional statements, loops, etc Custom abstractions:
 patterns, constructs, packages Integrations with existing development workflows Focus on app layer (business logic) Better suited for high-level app-centric deployments 

Popular programmatic frameworks Pulumi Engine SST Framework CDK for Terraform AWS Cloud Development Kit AWS Project Development Kit 

State management: backend & locking AWS CloudFormation Pulumi Engine Google DM Microsoft ARM Terraform Terraform
 Cloud / HCP Terraform
 Enterprise Pulumi Cloud Spacelift Remote Storage Cloud Service Enterprise IaC Platforms 

Demo time! AWS Cloud Development Kit AWS Cloud Development Kit CDK Constructs, 
 Patterns, Solutions CloudFormation
 IaC Generator Compliance scans
 with NagPacks AWS
 CloudFormation 

Some best practices Infrastructure, Configuration, Security Policies, Documentation, Diagrams Test Driven Development, Unit / Integration Tests (Automated Test Suites) Group components into deployable stacks, separate stateful / stateless resources Define everything as code (apply SDLC processes) Continuously test and deliver all work in progress Build small pieces that can be changed independently 

Key takeaways Define lifecycle policies to protect resources from being accidentally deleted Resource Protection Use linters & scanners
 to enforce best practices
 (Snyk, Chekov, cdk-nag) Static Code Analysis Use CDK Constructs, Terraform Modules, Pulumi Packages, etc Reusable Patterns Use CI/CD pipelines to deliver any changes to infrastructure Continuous Deployments Implement regular drift detection checks & remediation actions Drift Detection Implement automated rollback mechanisms for failed deployments Automated Rollbacks 

🇬🇧 Thank you! 🇵🇱 Dziękuję! 🇨🇭 Vilen Dank! Let’s connect! Social Profiles Tech Blogs GitHub Repos Resources / Slides Jakub Gaj