Infrastructure as Code Delivers Business Value and Strategic Advantage
David Bejar, Head of Software Engineering at Allianz Indonesia
David Bejar, Head of Software Engineering at Allianz Indonesia
In a world where “software eats the world”, the allure of transforming everything into code is undeniable. Why not revolutionize your infrastructure by coding it and making it swift, simple, and cost-effective to modify? Imagine converting tangible hardware into flexible, programmable entities. Today, any IT manager worth their salt is acutely aware that there are no cure-alls in technology. The 'peak of inflated expectations' is not just a catchphrase from a renowned analyst firm; it's a real phenomenon; every technology silver bullet comes with its own set of trade-offs and risks. This also holds true for Infrastructure as Code (IaC).
If your organization hasn't yet adopted IaC, it is time to consider its transformative potential. IaC is a game-changer for achieving streamlined, dependable, and scalable IT operations. With IaC, environments can be spun up with speed and precision, ensuring consistency across deployments. Scaling, cloning, or redeploying infrastructure becomes a matter of a few keystrokes—safe, quick, and on your terms. Embrace the shift-left approach to secure your infrastructure, integrate governance automation, and maintain audit trails for every change. With IaC, every alteration is version-controlled and can be tested and tracked before implementation. Envision the resilience it can add to your disaster recovery strategies, the robustness it can offer to your security posture, and the agility it brings to governance processes. Consider the reduction in operational expenses, the boost in collaborative efforts, and the freedom to innovate. Forget just managing infrastructure; boost it with the versatility of code.
Yet, with the rewards of IaC come significant trade-offs and risks that organizations may encounter. Those who have ventured into IaC often confront a steep learning curve, alongside a complex setup process. Our experience was no exception, marked by numerous refactoring of our IaC modules and repositories to achieve both speed and collaborative efficiency. As IaC matures, the challenges of version control magnify, requiring sharp attention to tool and language selection to circumvent costly vendor lock-in or resistance from engineers. Moreover, 'drift' — the divergence of actual infrastructure from its IaC specifications — can render the effort counterproductive.
Understanding that a strategic approach was critical to mitigating these risks, we set out to structure our code in a way that supported decentralization, collaboration, and agility. This objective led to several iterations of refactoring. Our hands-on experience with these challenges informed our selection of tools and languages, emphasizing ease of adoption and minimizing engineer pushback. We dedicated substantial resources to education and training. Adopting 'compliance as code' and establishing robust pipelines were key moves. We recalibrated privileges, empowering programmatic access while constraining manual intervention. Open communication channels were essential to connect with our engineers, allowing us to understand their difficulties and collaboratively develop solutions. We opened access to our infrastructure in non-production environments. Now, if an engineer can write IaC, they can enact changes, subject only to passing automated compliance and security reviews. This shift has effectively dismantled the old ticketing system bottleneck and galvanized our team's commitment to the IaC initiative.
In any strategic implementation, measuring progress is crucial. It's even more vital to have leading indicators that predict future trends.
In any strategic implementation, measuring progress is crucial. It's even more vital to have leading indicators that predict future trends. We track several key metrics to gauge our IaC adoption: the number of people actively committing IaC code within the organization, the number of assets under IaC management, the frequency of dry runs compared to actual applications, and the volume of applications our engineers are executing over time. An increase in engineers contributing to IaC suggests a shift away from traditional infrastructure management, signaling a win in the integration of modern practices. A higher frequency of applications denotes a more agile and responsive infrastructure. This agility enhances our team’s ability to experiment and rapidly prototype. Meanwhile, the dry run-to-application ratio provides insight into our engineers' proficiency with IaC, reflecting their comfort level with previewing and implementing infrastructure changes through code.
Recently, a senior IT manager inquired about the true business value of the metrics associated with Infrastructure as Code and what they reveal. At the time, a concise response was all that could be offered: these metrics are beacons for IT operational resilience, and IaC plays a pivotal role in the success of a cloud transition—though this was a gross simplification. This article is the expanded response I wish to convey then. It's a deeper dive into how IaC is more than a technical practice; it’s a strategic decision that equips organizations with the agility, efficiency, and foresight needed to thrive in the modern cloud landscape. The metrics we collect narrate the story of our journey toward a more resilient, responsive, and innovative IT culture. They provide the language to communicate IaC's business value to those who may not speak in code but understand the language of strategic advantage.
