AWS re:Invent 2025 - AWS infrastructure as code: A year in review (DVT203)

AWS re:Invent 2025 - AWS Infrastructure as Code: A Year in Review

Introduction

• Speakers: Akash and Prrenita, senior product managers for AWS infrastructure as code (IAC) and developer tools
• Focus: Discussing the latest innovations and trends in IAC on AWS

The Fundamentals of Infrastructure as Code (IAC)

• IAC is the practice of modeling infrastructure through configuration files or templates
• AWS pioneered IAC in 2011 with the launch of AWS CloudFormation to address key needs:
  • Replicating infrastructure in new AWS accounts and regions
  • Making safe and predictable updates to running applications
  • Versioning infrastructure states and auditing changes
• AWS IAC portfolio includes:
  • AWS CloudFormation: Core IAC service that accepts JSON/YAML templates
  • AWS Cloud Development Kit (CDK): Allows defining infrastructure in programming languages
  • AWS Amplify: Opinionated higher-level tool for infrastructure management

Democratizing IAC Across the Organization

• IAC is now the front-end to the cloud for all teams, driven by:
  1. Platform teams decentralizing infrastructure management responsibilities
  2. Platform teams building developer platforms with IAC constructs and proactive controls
  3. Rise of generative AI tooling making it easier to generate IAC code

Speeding Up IAC Authoring and Deployment

• Authoring improvements:
  • AWS Toolkit plugins for IDEs provide autocomplete, linting, and security best practice checks for CloudFormation
• Deployment improvements:
  • CloudFormation now validates templates during chain set creation to catch errors like naming conflicts and invalid property values before deployment

Evolving Applications Safely with IAC

• Challenge: IAC drift - when the actual state of resources drifts away from the template definition
• Solution: CloudFormation drift-aware chain sets that compare the actual, new, and previous states to safely reconcile drift

Simplifying and Governing IAC Workflows

• CDK Refactor: Allows renaming constructs, moving resources between stacks, and upgrading construct levels without risking data loss
• CDK Mixins: Reusable, composable abstractions that can be applied to constructs at any level, decoupling innovation from abstraction maintenance
• CloudFormation Hooks: Allows platform teams to enforce proactive security and compliance controls before deployment
• CloudFormation StackSets: Supports dependencies between stacks to ensure correct deployment order when adding new accounts

The Future of IAC: Combining with AI

• Challenges of using AI to generate IAC code:
  • Errors can be minor but catastrophic in infrastructure
  • Agents are removed from deployment failures, making it hard to reason and fix issues
• Solution: IAC MCP Server - provides curated knowledge, troubleshooting, and validation tools for AI agents to improve the quality of generated IAC code

Key Takeaways

• IAC is now fundamental to cloud development, driving the need for faster, safer, and more governed IAC workflows
• AWS has launched several innovations to address key IAC challenges:
  • Authoring and deployment improvements for faster iteration
  • Drift management and application evolution capabilities
  • Proactive controls and landing zone management for governance
• The future of IAC lies in combining it with AI to leverage the speed and ease of use of AI while maintaining the safety and reliability of IAC