IaC: Strength or Weakness for Cloud Providers?

Jul 16, 2022

Infrastructure as code (IaC) will change the way that we consume infrastructure from cloud providers. IaC is a win for customers, but will it be long-term strategic for the cloud providers themselves? Or is it the start of the commoditization and abstraction of the cloud layer? A wedge for new entrants to compete on?

  • IaC turns cloud infrastructure from a GUI to an API layer. I believe this also changes the end-user of many of these services, disintermediating many purely operational roles (e.g., Cloud IT) and going directly to developers. API layers can be abstracted away much more easily.
  • The new API layer is wholly controlled and tightly coupled to the underlying cloud provider. All IaC is bottlenecked by the underlying APIs. Terraform and Pulumi are ultimately limited by the underlying layer (e.g., Cloudformation in AWS). Updates will always come to cloud provider-controlled SDKs first.
  • Mid-tier SaaS applications will be overtaken by simple CDK configurations. Code can be copied more efficiently than GUI configurations. This means that a developer can copy-paste an architecture or framework (say, CDN + serverless functions). Why pay for third-party providers to do the same?
  • Developers crave commoditization. Operation-type folks are OK with getting AWS-certified and learning cloud-esoteric features; developers are not. Instead, developers want abstractions that they can build on – IaC provides that foundation. The surface area is so large that cloud providers can't possibly solve for all solutions. The question: will these abstractions capture the value they create (what's the business model)?
  • Competitors can commoditize the layers, too. No cloud provider supports native Terraform – instead, they built their own abstractions – AWS Cloudformation, Google Cloud Deployment Manager, and Azure Deployment Manager. But what if Google Cloud decided to support Cloudformation as a way of making AWS workloads more portable to Google Cloud? There are enough differences that this is hard to imagine, but it's not impossible (maybe for a third-party like Hashicorp, it is).

IaC isn't going anywhere – it aligns usage with value. Customers can quickly delete orphaned and unused resources (+value) and programmatically spin up more infra, quicker (+$).

Short-term, it's a win for everyone involved. Long-term, it might be the wedge to attack cloud providers' dominance.