Totally get what you mean. I'll pitch for either terraform or AWS CDK as good ways to make some of this plumbing less painful (they both have you describe the end state you want and then generate resources to get there).
Terraform is—as a colleague described it—a combination very-sharp-knife and fully-loaded foot-seeking gun. Very powerful, but also requires a sufficient amount of respect and care.
e.g. You’ve defined a nice, fully-functional end-state, which was generated n time ago, but now you need to make a change to that state, so you run your
terraform plan
…and it wants to destroy your entire infrastructure and recreate it all from scratch just to e.g. add a new hostname to the certs generated by certmanager.
That may be okay, but you should probably measure at least 3 times before you cut.
e.g. You’ve defined a nice, fully-functional end-state, which was generated n time ago, but now you need to make a change to that state, so you run your
…and it wants to destroy your entire infrastructure and recreate it all from scratch just to e.g. add a new hostname to the certs generated by certmanager.That may be okay, but you should probably measure at least 3 times before you cut.