Terraform can get ugly for a large codebase. You have a lot of power with an actual programming language instead of YAML. But CDK is more complicated and the learning curve is higher.
My preference would be Terraform for small-mid sized infra and CDK for larger installations where code abstraction and reuse was more important.
But they both disappoint in their own ways. Orchestration is the great unsolved problem of the cloud.
To add to that; if you're dealing with multiple cloud providers it's a lot nicer to push a standard configuration, say networking, into a type system. Then you implement interfaces that accept that configuration and handle the provider specific bits.
That way the day-to-day tweaking of the config is the same, regardless of provider.
Definitely Terraform for me:
- Vendor agnostic but you do have to write separate code per vendor
- Better state management capabilities
- Fastest growing dev community in IAC space (except for maybe Pulumi?)
- I don't know the current state of CDK but last year imports weren't really supported so there was no way to reconcile state with existing hand rolled infra. Speaks to TF's drift detection being a core capability.
Our team uses CDK or CFN for building aws "platform level" infra (ie is go to for infra roles who build / maintain kube clusters or account level stuff), but terraform as the iac for devs who manage their own app-level resources eg rds, queues, hsms etc.
The rationale is that CDK/CFN seems to work more reliably "at scale" for commonly used stacks due to low drama rollbacks etc. Roles that are primarily infra tend to not mind using aws focused tooling.
For devs, the documentation and usability of terraform is just better, plus the wide range of 3rd party integrations is handy. While it can be fiddly / not as scalable it's also a lot easier to adopt resources or refactor stuff which you tend to need more with "precious" long lived app resources.
Terraform is for when you are doing large projects in company, and want to have additional management features that CDK doesn't have.
On the flip side, for personal projects, you can get away with using boto3 library with the api it provides to create infrastructure, considering infrastructure probably won't change much, and its free. You pretty much just have to write a little wrapper to create the resource if it doesn't exist, then modify its attributes whether its just been created or if it already exists.
CDK, and pure cloudformation, and others are somewhere in between
Terraform can get ugly for a large codebase. You have a lot of power with an actual programming language instead of YAML. But CDK is more complicated and the learning curve is higher.
My preference would be Terraform for small-mid sized infra and CDK for larger installations where code abstraction and reuse was more important.
But they both disappoint in their own ways. Orchestration is the great unsolved problem of the cloud.