[avip]

Like it or not (I do...) terraform is the de-facto industry standard, and pretty much the only mature cloud resources management tool I'm aware of.

It is unwise IMHO to use CloudFormation currently unless you're provisioning resources so obscure they didn't yet make it to tf aws provider.

BTW your Dockerfile pretty much boils down to:

    FROM alpine:3.10

    RUN apk add --no-cache \
        python3

    RUN pip3 install awscli

    COPY config /root/.aws/
    COPY credentials /root/.aws/

[Galanwe]

Have a look at CDK. It's a framework on top of CF to use python/javascript/etc made by AWS. I've been trying it out recently to try to move away from TF and it's a promising alternative.

[Aeolun]

My problem with CF is the CF part, not the yaml. It takes just a few times getting stuck in a rollback loop to hate CF forever.

Especially when you contact AWS support and they tell you the only thing you can do is wait.

[bob33]

ansible and serverless are also very powerful IAC tools that let you deploy on top of CloudFormation but give you a much nicer way to do so. Terraform does require state which is a pain point of it for some. Ansible let's you just run their scripts and you don't have to worry about state in S3 or Dynamo DB.

[yjftsjthsd-h]

> unless you're provisioning resources so obscure they didn't yet make it to tf aws provider.

Isn't there precedent for terraform getting support for things before cloudformation?

[LilBytes]

I'd say it's more and more common that CF doesn't support X resource or pattern than anything else.

We've got custom resources _everywhere_ instead and only just started on our journey of using TF instead. CDK is trying to drive up adoption though I've not used it yet so can't provide any opinions.

[crtlaltdel]

if you don’t want to copy your credentials into the container you can supply them via env vars when you docker run commands in the container