CLOUD LABS
Provisioning Infrastructure as Code—From Zero to Hero
In this Cloud Lab, you’ll use IAC with AWS SAM, CloudFormation, and Terraform to create an app that interacts with AWS services.
beginner
Certificate of Completion
Learning Objectives
Infrastructure as Code (IaC) gives developers the power to build and deploy services using code, so they don’t have to do much manual work. To make this method work even better, developers break down big, complex architectures into smaller, more manageable pieces. They then write code to create these parts and ensure they connect smoothly with other services.
In this Cloud Lab, you’ll explore the power of Infrastructure as Code (IaC) with AWS CloudFormation, AWS SAM, and Terraform. You will construct a comprehensive infrastructure on the AWS Cloud that includes AWS DynamoDB, Lambda function, and an API Gateway. With these cloud technologies, you will use a ToDo-list React application that interacts with your IaC-deployed infrastructure.
By the end of this Cloud Lab, you’ll be able to use Infrastructure as Code and develop an understanding of its principles and practical application of AWS CloudFormation, AWS SAM, and Terraform in constructing and managing cloud-based architectures.
The following is the high-level architecture diagram of the infrastructure you’ll create in this Cloud Lab:
What is Infrastructure as Code (IaC)?
Infrastructure as Code (IaC) is the practice of defining and managing infrastructure through code, rather than manual configuration. Rather than clicking through a console, you describe the desired infrastructure state in files that can be versioned, reviewed, tested, and applied consistently.
IaC is useful because it turns infrastructure into a repeatable process:
The same environment can be recreated in minutes.
Changes are tracked and auditable.
Teams can collaborate using pull requests and code review.
Rollbacks become easier because history is preserved.
Why IaC is a “from zero to hero” skill
Cloud platforms are flexible, but that flexibility creates risk. Without automation, environments drift, setups become inconsistent across teams, and small changes can cause unexpected outages.
IaC gives you control and predictability. It’s one of the fastest ways to level up from “I can deploy something” to “I can operate infrastructure responsibly.”
The core IaC workflow
Regardless of the tool, most IaC workflows share the same loop:
Define: Write declarations for networks, compute, storage, security policies, and other resources.
Plan: Preview what will change before anything happens. This step reduces accidental deletions and surprises.
Apply: Implement changes and synchronize the real environment with the declared configuration.
Manage drift: Detect when infrastructure changes outside your IaC process and decide how to reconcile them.
Promote across environments: Use the same code patterns to create dev, staging, and production environments with controlled differences.
What to get right early when learning IaC
A few early habits make IaC far easier to scale:
State management: Understand how your tool tracks real resources.
Modularity: Reuse common infrastructure patterns through modules/stacks.
Separation of concerns: Keep foundational infrastructure separate from app-level resources when possible.
Secrets and credentials: Avoid hardcoding; use managed secret systems and least privilege.
Review and automation: Treat infra changes like code changes, PRs, reviews, and automated checks.
When IaC pays off the most
IaC is especially valuable when you:
Need consistent environments for multiple teams.
Want reliable disaster recovery and reproducibility.
Manage compliance and audit requirements.
Run multiple deployments per day through CI/CD.
Operate at scale where manual changes are risky.
The more production your infrastructure becomes, the less optional IaC becomes.
Relevant Courses
Use the following content to review prerequisites or explore specific concepts in detail.
Frequently Asked Questions
What is provisioning infrastructure?
Provisioning infrastructure involves setting up and allocating the necessary IT resources, such as servers, storage, networks, and applications, to support a workload or application. Cloud computing often involves creating virtual machines, setting up databases, or configuring networking components using automation tools or scripts.
What is an example of infrastructure as code?
IaC is the set of instructions used to provision and configure resources. Examples of IaC tools are Terraform and AWS CloudFormation. These tools can be used to provision and manage cloud resources like VPCs, EC2 instances, and load balancers.
How to deploy infrastructure as code?
We can deploy IaC by first writing infrastructure specifications and instructions in code (using Terraform or CloudFormation), storing it in version control (like Git), and executing deployment commands (e.g., terraform apply or aws cloudformation deploy). The tool then automatically provisions the defined resources in our cloud environment.
What is an example of infrastructure provision?
An example of infrastructure provisioning is using AWS CloudFormation to deploy a fully configured VPC with subnets, internet gateways, and EC2 instances by defining the infrastructure in a YAML or JSON template. AWS automatically creates and configures the specified resources when the template is deployed, ensuring consistency and repeatability.
What is the difference between infrastructure provisioning and configuration?
Infrastructure provisioning is about setting up the foundation, like creating servers, storage, or networks essentially the physical or virtual resources. Configuration, on the other hand, is about customizing those resources by installing software, setting up applications, or tweaking system settings. For example, provisioning is like launching an EC2 instance, while configuration is installing and setting up an Apache web server.
What is the difference between infrastructure as code (IaC) and IaaS?
IaC and IaaS can be used together but they are two different concepts and should not be confused. IaaS (Infrastructure as a Service) is a cloud service model providing virtual computing resources over the internet. Infrastructure as code (IaC) manages and provides these resources through machine-readable definition files. For example, AWS EC2 is IaaS, while using Terraform to automate EC2 deployment is IaC.
What are the most common IaC tools?
Popular IaC tools include Terraform, AWS CloudFormation, Pulumi, and others. While the syntax differs, the underlying ideas, such as declarative resources, change planning, and state, are similar.
What is “state,” and why does it matter in IaC?
State is how an IaC tool remembers what resources exist and how they’re configured. It’s critical to safely apply updates and avoid unintended changes, so the state must be carefully stored and protected.
Felipe Matheus
Software Engineer
Adina Ong
Senior Engineering Manager
Clifford Fajardo
Senior Software Engineer
Thomas Chang
Software Engineer
