IaaC
Definition
Infrastructure as Code (IaaC) is a practice in which infrastructure is provisioned and managed using code and automation, rather than manual processes. This approach allows for consistent and repeatable infrastructure deployments, enabling version control, peer review, and automated testing of infrastructure configurations. IaaC is commonly implemented using tools like Terraform, AWS CloudFormation, and Ansible, which help manage cloud resources, networks, and services programmatically.
Secure Settings Example
# Terraform example for AWS S3 bucket with secure settings
resource "aws_s3_bucket" "secure_bucket" {
bucket = "my-secure-bucket"
versioning {
enabled = true
}
server_side_encryption_configuration {
rule {
apply_server_side_encryption_by_default {
sse_algorithm = "AES256"
}
}
}
acl = "private"
lifecycle_rule {
enabled = true
noncurrent_version_expiration {
days = 30
}
}
}
Insecure Settings Example
# Terraform example for AWS S3 bucket with insecure settings
resource "aws_s3_bucket" "insecure_bucket" {
bucket = "my-insecure-bucket"
# Versioning is not enabled
versioning {
enabled = false
}
# No server-side encryption
acl = "public-read"
# No lifecycle rules for old versions
}