What does “declarative” mean in infrastructure as code?

In your research of infrastructure as code tools, you might see the word “declarative” used to describe services like Terraform and AWS Cloudformation – but what does it mean?

What does “declarative” mean in the context of Infrastructure as Code?

Quite simply, declarative means you define the what, and the tool handles the how. If you want to provision virtual machines with terraform, you can define them as such:

resource "aws_instance" "foo" {
  ami           = "ami-005e54dee72cc1d00"
  instance_type = "t2.micro"

Terraform, being a declarative tool then handles the API calls, provisioning of necessary underlying services, and other things to help bring that machine online. You define what you want, the tool handles how it gets there.

What’s the alternative?

The alternative to a declarative tool is an imperative one, by which infrastructure is provisioned line-by-line in a series of steps. Instead of a tool like terraform, an imperative infrastructure-as-code deployment might be a bash script, or a configuration management tool like Ansible.

Related Article  Understanding the differences between tools like Terraform, CloudFormation, Ansible, and Puppet
Looking to build secure infrastructure?

Get started with Cloudrail