| I've experimented with a few different things and there really are lots of valid ways to work depending on context. Terraform: at some point you will probably end up here. It gives you so much control, it's fast and (mostly) easy to work with. It gives you a good idea of what it is doing and why. Cloudformation: mostly I've used this embedded in some other tool. For example we have a fairly small Elastic Beanstalk app which uses SQS and SNS - nice to be able to extend the basic infrastructure easily inline with your app definition. Similar situation with serverless. Awless: this is a really nice (scriptable!) CLI alternative. Nothing wrong with the normal AWS CLI but this does some things simpler/nicer. If what you are doing is simple enough you can script infrastructure with these tools. Console: I really use this alongside the other things as I'm building automation or to explore some new service I've not used before. Ansible: for configuration management (post terraform apply) we are using ansible. So far we set up an admin box inside the infrastructure and run ansible from there. We've experimented with having ansible build the inventory but currently looking at a bash/jq/awless combo to build it dynamically. Edit: not ever used ansible to modify AWS infrastructure. We keep infrastructure separate with a configuration management separate from setting up the infrastructure. |