Skip to main content

One post tagged with "imperative"

View All Tags

Understanding AWS Infrastructure as Code (IaC): Declarative vs. Imperative Approaches

· 3 min read
Simon Morgan

When it comes to managing your AWS infrastructure, there's an ongoing debate about the best approach to Infrastructure as Code (IaC).

Many practitioners on platforms like Reddit, Medium, and Dev.to advocate for using languages such as Python, TypeScript, JavaScript, Java, or C# with AWS Cloud Development Kit (CDK). In this post, I’ll explore why these recommendations are prevalent and introduce StackOps, a tool that enables IaC practitioners to continue using imperative CloudFormation templates effectively.

Programming Language Classification

CloudFormation templates use JSON or YAML, which are classified as "declarative" languages. In contrast, languages supported by AWS SDK and CDK - such as Python and TypeScript - are considered "imperative."

The two paradigms differ fundamentally:

  • Declarative Languages (e.g., CloudFormation templates):

    • Focus on describing what the output should be.
    • Abstracts away how the output is generated.
    • Involves very minimal control flow.

  • Imperative Languages (e.g., Python, TypeScript):

    • Specify both what the output should be and how it is achieved.
    • Involves explicit control flow, error handling, and logic.

What’s the Difference?

The primary differences between declarative and imperative languages pertain to their complexity and use cases:

  • Language Complexity: Declarative languages have simpler syntax and are easier to code.
  • Output Complexity: Imperative languages cater to more complex scenarios and logic.

It seems that declarative languages are great for simple infrastructure setups, while imperative languages are better suited for complex, distributed, and dynamic setups.

Why is this Important?

Many argue for moving away from CloudFormation due to the output complexity imperative languages can handle. Here’s why:

  • Complexity Handling: Imperative languages can manage complex scenarios, such as large, distributed, dynamic infrastructure setups.
  • Code Reusability: Python and TypeScript support variables, functions, and modules, enhancing code reuse and easing maintenance.
  • Logic and Loops: Allow conditional logic and loops, enabling more dynamic infrastructure setups.
  • Error Checking: IDEs offer linting, type-checking, and autocompletion, increasing productivity.
  • Abstractions and Constructs: AWS CDK provides higher-level constructs to simplify resource management.
  • Multi-Environment Deployment: Easier configuration management across environments like dev and prod.

Is Imperative Code for IaC the Best?

Initially, I believed imperative code was the key for IaC. However, challenges soon emerged:

  • Without CDK, the amount of coding becomes overwhelming.
  • Resource drift can be problematic - tracking whether resources match their definitions often leads back to CloudFormation.
  • Dependency management is challenging, particularly with circular dependencies.
  • Managing deployments across multiple accounts and stages remains difficult.

Embracing CloudFormation's Strengths

So I came full circle back to CloudFormation, compelled by its simplicity, declarative nature, and the robust features it offers during stack creation and updates.

Instead of using imperative code to create infrastructure, I coded to create a solution that would compliment CloudFormation, enhancing its capabilities and addressing its limitations. My objective was to develop a solution that was:

  • Fully compatible with CloudFormation and entirely declarative.
  • Capable of supporting multi-account and multi-region deployments.
  • Designed to make stacks modular, with automatic dependencies for large, distributed environments.
  • Secure and fully contained within a customer’s AWS account.
  • Equipped with a simple, user-friendly web console for deployment execution and oversight.

Introducing StackOps

Grappling with the pros and cons of declarative versus imperative languages inspired the creation of StackOps, a CloudFormation deployment pipeline and management console. It can be set up in under five minutes in your AWS account, leveraging CloudFormation’s strengths while addressing multi-account and modularity challenges—all using declarative code.

If you’re interested in learning more or need assistance getting started with IaC, visit StackOps or reach out for support.