Infrastructure as Code (IaC)
Also Known As
IaC
Terraform
infrastructure automation
Ansible
TL;DR
Managing servers, networks, and services through version-controlled machine-readable configuration files rather than manual processes.
Explanation
IaC applies software engineering practices — version control, code review, CI/CD, testing — to infrastructure management. Tools include Terraform (cloud-agnostic declarative provisioning), Ansible (agentless configuration management), CloudFormation (AWS-specific), and Pulumi (infrastructure in real programming languages). Benefits: reproducible environments (dev/staging/production parity), disaster recovery from code in minutes, peer review of infrastructure changes, and audit trail in git. For PHP deployments, Ansible playbooks commonly manage PHP-FPM configuration, nginx vhosts, TLS certificates, and Composer install workflows as part of the deployment pipeline.
Common Misconception
✗ Infrastructure as code just means writing scripts to provision servers. IaC means managing infrastructure through versioned, declarative definitions that are reviewed, tested, and applied reproducibly — the same discipline applied to application code, enabling infrastructure to be rolled back, peer-reviewed, and reproduced identically.
Why It Matters
Infrastructure as code means your servers, networks, and services are defined in version-controlled files — every change is reviewed, audited, and reproducible. Without it, infrastructure is a snowflake that cannot be rebuilt reliably after a failure.
Common Mistakes
- Making manual changes to infrastructure after IaC is in place — drift between code and reality causes the next apply to fail dangerously.
- Not using remote state — local Terraform state is lost when the machine dies and blocks collaboration.
- Storing secrets in IaC files — use a secrets manager and reference secrets by name, never value.
- Applying changes to production without testing in a staging environment first.
Code Examples
✗ Vulnerable
# Manual server setup — not reproducible:
ssh new-server
apt-get install nginx php8.3-fpm
nano /etc/nginx/sites-available/myapp # Hand-edited
# No record of what was installed or configured
# Cannot reproduce exactly — 'works on this server'
# IaC with Terraform:
resource "aws_instance" "web" {
ami = "ami-12345"
instance_type = "t3.medium"
user_data = file("setup.sh") # Reproducible, version-controlled
}
✓ Fixed
# Terraform — declarative infrastructure
resource "aws_instance" "web" {
ami = "ami-0c55b159cbfafe1f0"
instance_type = "t3.micro"
tags = { Name = "php-app", Env = "production" }
}
resource "aws_db_instance" "main" {
engine = "mysql"
engine_version = "8.0"
instance_class = "db.t3.small"
# ... version-controlled, code-reviewed, repeatable
}
# Apply
$ terraform plan # dry run — shows changes
$ terraform apply # provision/updateTags
🤝 Adopt this term
£79/year · your link shown here
Added
15 Mar 2026
Edited
22 Mar 2026
Views
29
🤖 AI Guestbook educational data only
|
|
Last 30 days
Agents 0
No pings yet today
Perplexity 8
Amazonbot 6
Google 3
Unknown AI 3
Ahrefs 2
SEMrush 2
ChatGPT 2
Majestic 1
Also referenced
How they use it
crawler 24
crawler_json 2
pre-tracking 1
Related categories
⚡
DEV INTEL
Tools & Severity
🟡 Medium
⚙ Fix effort: High
⚡ Quick Fix
Define all infrastructure (servers, databases, load balancers) in Terraform or Pulumi — never make manual changes in the cloud console
📦 Applies To
PHP 5.0+
web
cli
🔗 Prerequisites
🔍 Detection Hints
Manual cloud console changes; undocumented server configuration; infrastructure not in version control
Auto-detectable:
✗ No
terraform
pulumi
ansible
cloudformation
⚠ Related Problems
🤖 AI Agent
Confidence: Low
False Positives: Medium
✗ Manual fix
Fix: High
Context: File