Should Startups Use Infrastructure as Code (IaC)?

When you’re an early stage startup, nothing seems more important than being quick. You iterate fast to find product-market fit. You race to deliver features before your competitors do and at times, trade best practices for quick fixes. Sometimes, it pays to move fast and shore up your technical infrastructure later. However, you can’t escape the fact that you have to spend a little bit of engineering time on foundational work in order to be able to handle growth. Skipping foundational work can end up being a huge mistake, and there’s one in particular that gets made all too often in the startup world: not using Infrastructure as Code (IaC).

We have too often seen startups opt for “easier,” manual solutions that are tedious and not reproducible. Only the individual who creates the solution has an understanding of its configurations. This leads to configuration drifts — an environment where running your workloads in your infrastructure changes over time due to manual changes or other updates. If there is no adept documentation, drifts can cause your organization time and stress, not to mention monetary loss, even over minor issues. It’s important for your customers to have the highest uptime and all their expectations met. Delaying the implementation of IaC makes it more challenging to deliver new features and fixes to users, and it will also take much longer to scale your resources as your user base grows.

In this blog post, we want to highlight why utilizing IaC is so important and beneficial, and show you how useful implementing IaC with the AWS Cloud Development Kit (AWS CDK) can be.

What is Infrastructure as Code?

The “Infrastructure” in IaC refers to all the servers and services that you use to build, test, deploy, and run your app or product. If your app runs on Elastic Compute Cloud (EC2) instances, then the infrastructure includes not only the EC2 instances but also the Virtual Private Cloud (VPC) in which the instances run, the NAT Gateways that your application use to connect to the internet, the Elastic Load Balancers (ELB) that handle traffic from your customers, and the Relational Database Service (RDS) databases in which your application stores data. Additionally, if your application relies on managed queues like SQS or workflow orchestrators like Step Functions, those application-level services are also included in our definition of Infrastructure. Furthermore, if you run your applications as serverless functions or in containers, then the API Gateways and container definitions are also part of your Infrastructure.

The “Code” part of IaC is a script or program that can be executed by an automated process that creates, configures, deploys, and tests whatever infrastructure it has created. In some cases, that could be declarative code, like CloudFormation’s JSON or YAML that gets executed inside the CloudFormation service. In other cases, the code could be the AWS SDK’s API that you could call from many different procedural languages like Python, TypeScript, or Java to provision infrastructure.

A Bit About IaC Tools

While we encourage its use, AWS CDK is not the only tool for IaC. There are several popular IaC frameworks and tools that customers can use with AWS, such as HashiCorp’s Terraform. Many of these tools, Terraform included, work by making API calls to AWS via the AWS SDK. Dependency and state management is the responsibility of the tool.

By contrast, AWS CDK works by turning procedural code written in conventional programming languages into CloudFormation’s declarative template. Beneficially, CloudFormation will maintain the state and dependencies of your infrastructure so that you don’t have to store or manage it. With AWS CDK, you can use familiar and powerful software engineering tools and best practices, such as type-safety, reusability, unit testing, source control branching and merging, and continuous deployment. Similar to other tools, AWS CDK also provides a command-line utility for deploying the generated declarative code to CloudFormation. During this step, AWS CDK can generate least-privilege security roles and policies needed to define and operate your infrastructure and services.

How AWS CDK Helps

Now that we’ve established what AWS CDK can do, let’s talk about a real-world scenario where IaC makes a difference.

Imagine the following situation: Your startup develops an amazing software-as-a-service (SaaS) application targeted at the financial services industry. You’ve done everything right so far — found your product-market fit, developed a scalable and multi-tenant application that makes it simple for new customers to get started with little more than a credit card and a web browser. Early on, though, you decided to save a little bit of time by deploying your application’s infrastructure without IaC. So far, that hasn’t been a problem because you used EC2 auto-scaling to handle growth. As your business grows, larger customers come knocking. Soon, you catch the eye of a global financial services company, and they approach you with interest. If you were to sign them as a customer, it would completely change the trajectory of your startup, so you’re incredibly keen to get them on board.

There is a catch, however. They want you to deploy your application for them as a single-tenant, and in a standalone AWS account that they own. Having to create a new environment from scratch will have an immediate and significant impact on your business. The global financial services company will take longer to onboard, and they will have to wait longer for future infrastructure changes to be deployed. Not only that, but chances are you’ll be updating your multi-tenant SaaS application more often than your single-tenant customer. Over time, your single-tenant customer will notice that they aren’t receiving version updates as often as their multi-tenant counterparts. By having to deploy infrastructure without the benefit of IaC, you’re giving your customers a bad experience. And from there the challenges you face will continue to compound. If you want to grow, you’ll have to take on other single-tenant customers. Each one will add complexity and risk.

When you decided to skip IaC, the key benefit that you’ve missed is automation. Without defining your infrastructure in code, you can’t automate its creation. Instead, you have to manually create infrastructure when you need to deploy a new environment. As your startup grows, you will need to deploy multiple environments. You will also need to maintain the environments that you create, so updating them will also be a manual, risky, and time-consuming process. It might seem like the number of environments will be small, early on. You might have a single production environment and a single test environment. But in reality you are likely to have many, many more environments — and you need to make sure they are reliably identical, or else correct behavior in one environment will not predict correct behavior in another environment.

The Goal

If your goal is to build a modern company using today’s development best practices — which it should be — then you will have environments for developers, unit testing, integration testing, pre-production testing, and production itself. If you have single-tenant environments, you may even have the latter three environments duplicated for each tenant. Provisioning and updating the infrastructure in all these environments manually will be exceedingly difficult, adding time, complexity, and cost to your startup’s operations. And it will only become more challenging as your startup grows.

In contrast, with AWS CDK you can put your infrastructure, application code, and configuration all in one place, ensuring that at every milestone you have a complete, cloud-deployable system. This makes AWS CDK the fastest way to get started with IaC in the early phase of a startup, because developers don’t need to learn a new tool or programming language as they would with CloudFormation’s JSON/YAML complexity or Hashicorp Configuration Language (HCL) with Terraform. AWS CDK equips them with the languages they already know, while allowing them to start learning by making small changes that will ultimately translate into big, scalable changes. It gives you the ability to write less and do more, creating quick but long-term impact and saving you time — now and in the future.

Drive Value with Automation

When we think of all the steps needed to deploy new versions of an application, being able to deploy with automation is key to delivering value to customers. As a startup, you won’t just be creating new environments when you onboard new customers; you’ll need to iterate quickly on your product and gather feedback from your customers constantly. Deploying updates safely with native testing capabilities, without the potential for human error, is one of the key benefits of automation via IaC for startups.

Time to get started! We recommend the AWS CDK Intro Workshop as a fast on-ramp for learning at startup speed. If you’ve postponed an investment of time and resources into infrastructure as code and automation, now would be a great time to make it a priority.

Ed Epstein is the principal at Metapoint Informatics. He lives just outside Vancouver, Canada.