AI and IaC

Hey folks,

AI is going to change the way we manage infrastructure. But it's not going to replace Infrastructure as Code (IaC).

I'm already seeing AI accelerate automation everywhere inside organizations, both my own and my clients. As application engineers move faster, the expectations on the platform to perform efficiently are skyrocketing.

Here's the problem: if your infrastructure isn't codified, AI will end up "managing" it by spraying raw API calls at your vendors. Without a defined code artifact, review process, and source of truth for change history, you won't know what is being modified, why, or by whom.

That's a recipe for disaster.

This is exactly where IaC shines. When IaC tools like Terraform/OpenTofu (TF) are combined with GitOps, they give platform teams:

• visibility into every change

• reviewability so agents and/or engineers don't ship chaos without checks in place

• history so they know when something changed and why it changed

• management across not just one cloud provider or SaaS vendor, but all of their providers and vendors

If you haven't already adopted IaC broadly across your org, you're going to struggle to bring in agentic workflows for your platform sustainably.

AI is going to unlock a new level of platform efficiency, but only if the foundation of IaC is in place first.

AI isn’t going to replace IaC. But it will be used to generate IaC.

Some people hate generating IaC with AI. They say the models don't know what they're doing, they fall on their face with simple requests, and then the prompter ultimately gives up and writes everything by hand. If you haven't heard this pain before, here’s a reddit thread where this is the resounding sentiment -- it's fascinating to read!

At Masterpoint, we feel for these folks. We've been in that place and we felt the same. But my team and I were determined, we spent the time and we've gotten better. We've got the prompts to prove it.

We're out here yelling into the cloud to share how you can get better too. Check out one of our blog posts on the topic from my colleague, Weston. It also includes the prompts he found success with.

The future of all code and config is that it's going to be AI generated. This is happening now and it's happening fast. But, let's not use fear mongering to push a single line of thought and set of tooling. Just because AI understands K8s well, you don't need to be on K8s to have a career in a year.

AI can and will generate any IaC just as well as it can generate K8s configs or imperative code. The API requests that TF and other IaC tools create are the same damn API requests that K8s, Crossplane, or a direct model context protocol requests will create.

The difference is that when you generate TF, it is tied to an artifact that is visible, reviewable, cross-platform and human readable.

May all your infrastructure be managed by IaC,

Matt @ Masterpoint

PS If you want to chat about AI and IaC, grab some time on my calendar here. Want more of my thinking about the future? Here’s an interview I did about the landscape of TF and IaC in 2035.