Infrastructure As Code

Copper Contributor



I've been working with ARM for a good few years now, and need to make a decision if I stick with ARM or move to Terraform, I am very much Azure focused and don't work with other cloud providers.


I've worked with both Terraform and ARM and find ARM easier to use probably because I have been using it for a long time. but I was told that Microsoft actually uses Terraform to build-out resources in Azure and not ARM - is this correct?  I mean I'm not really sure what Microsoft would be building in Azure other than services for other customers, but just wondering if that was accurate? 


Anyway - With the new features of ARM becoming available, like dry run, etc i can't see why a purely Azure-based service would not use ARM?

4 Replies

@JacksWastedLife In my view, automated deployment on Azure and Infrastructure as Code (IaC) are two different things. You can automate all your deployments without achieving IaC. However, by creating IaC you will achieve both. In case of automated deployment you are just provisioning the resources but IaC is actually a replica of your infrastructure meaning if your infrastructure is broken you can just run the code to rebuild it including all the configurations and applications installed within you VMs.

Personally I find ARM templates are very useful and easy for programmatic or automated provisioning of Azure resources. I do not think you can achieve IaC by only using ARM templates. However, you can use PowerShell DSC with ARM templates to achieve IaC. 

On the other hand, Terrafom or Ansible are also good choice if you want to achieve IaC. They have various modules that you can use to automate pretty much everything starting from Azure resource deployment to installing and configuring your application within a VM. Still sometimes you may need to use PowerShell/Shell commands to achieve some automation for which modules are not yet available.

Please keep in mind when you are targeting IaC, your objective should be automate as much as possible. So, it really depends on you or your organisation want to achieve. Do not proceed with anything without a proper road-map and architecture. Please let me know if you have any further query.



Rohan Islam | Azure Architect


@rohanislam this reply was really helpful IMO.

I'm looking to move to IaC for a whole bunch of lift-and-shift migrations...I've worked with DSC in the past but found the MOF steps a bit obtuse. With new DSC moves to support JSON, I think this will make DSC more appealing for practical use.

Automated deployment and Infrastructure as Code (IaC) are distinct concepts. While automated deployment focuses on provisioning resources, IaC replicates the entire infrastructure for easy rebuilding in case of failures. ARM templates are valuable for automated provisioning in Azure but may not fully achieve IaC; combining them with PowerShell DSC can enhance IaC capabilities. Alternatively, tools like Terraform and Ansible offer modules for comprehensive automation, including resource deployment and application configuration. The key to successful IaC adoption lies in automating extensively and having a clear roadmap and architecture.



One thing we need to consider, about Terraform will be charge in near further