Infrastructure as code still anchors IT automation, but its primary users are now platform engineers, prompting ongoing shifts in product features and competition.
Platform engineering has shifted how IT organizations approach infrastructure as code, prompting tools vendors to rework their products.
The shift from DevOps to platform engineering teams began more than five years ago at large companies with bleeding-edge skill sets, such as Intuit, as separate teams emerged to manage complex IT automation platforms and create golden paths to production on behalf of application developers. As this practice has gone mainstream, infrastructure-as-code tools that began with a focus on individual development teams instead have become part of these internal development platforms (IDP).
Infrastructure-as-code tools introduced in the last two years -- such as Terraform Stacks, Pulumi for Platform Engineers and IDP, Harness Infrastructure as Code Management (IaCM), and products from startups -- added fresh ways to standardize, centralize and automatically generate infrastructure code and configuration data. For example, while previous infrastructure-as-code tools were often managed using versioning systems such as Git that were familiar to developers for application code, newer tools present visual interfaces and private registries friendlier to platform engineering teams focused exclusively on infrastructure.
I want to push the infrastructure stuff down to the infrastructure specialists and then build a platform on top that meets the user where they are.
Paul DeloryAnalyst, Gartner
"There is a recognition that this is an area where you need subject-matter expertise that your typical developer doesn't have," said Paul Delory, an analyst at Gartner. "In an ideal scenario, I wouldn't want developers writing Terraform code. I don't want a developer to even know Terraform exists. I want to push the infrastructure stuff down to the infrastructure specialists and then build a platform on top that meets the user where they are, with an appropriate level of cognitive burden."
Harness update wrangles Terraform, OpenTofu
The latest example of this trend in infrastructure-as-code management came this week from Harness IO, which updated IaCM with a new Module Registry and Workspace Templates.
In the infrastructure-as-code realm -- specifically for Terraform and its open source fork OpenTofu, the two engines supported by Harness IaCM -- modules and workspaces refer to different ways of working with groups of infrastructure manifests, which are declarative lists of computing resources. Modules group together separate but related infrastructure objects, while workspaces encompass both configuration and state files for manifests.
Terraform and OpenTofu offer free public module registries. Private registries are also hosted by vendors such as GitLab, Spacelift, and HashiCorp in its Cloud Platform and Terraform Enterprise edition.
IaCM, which first shipped in 2024, includes software delivery pipelines that users can templatize for consistent infrastructure-as-code workflows. Workspace templates can similarly spin up consistent, standardized infrastructure stacks without requiring separate coding, across both Terraform and OpenTofu. Harness IaCM can plug into the vendor's broader IDP, bringing it into the same platform with which customers might already be working.
One small platform engineering team turned to Harness IaCM after HashiCorp's controversial move to a business source license (BSL) in 2023, to replace Terraform Cloud as an infrastructure-as-code control plane.
"[Harness IaCM] came about at the time when HashiCorp took everything business source license and then started trying to really heavily monetize Terraform Cloud, so it was auspicious timing," said John Maynard, director of platform engineering at mobile gaming company PlayQ, based in Santa Monica, Calif.
As a small team of three engineers -- including Maynard -- the PlayQ platform team preferred IaCM's pricing approach, according to the number of successfully executed "terraform apply" commands to pricing per managed resource from HashiCorp and at higher tiers of pricing for concurrent Terraform runs from other competitors. The fact that IaCM can manage both Terraform and OpenTofu also helped during PlayQ's recent migration between them.
Technically, Maynard's team also liked Harness's event-driven pipelines that spin up and down on the fly.
"Instead of one pipeline for every little piece of infrastructure that we wrote across all our environments, now we can say, 'We want to update production, here's a versioned copy of our IaC for production,' and it's going to [use infrastructure as code to provision] the pipeline environment," Maynard said.
Workspace Templates will help make that "meta infrastructure as code" for IaCM pipelines more consistent and easier to manage, he said.
The big picture outlook and AI wild card
Harness has IaCM support for more infrastructure-as-code engines, such as Pulumi and Crossplane, on its roadmap, Kaliki said. It also plans to integrate IaCM more deeply into other platform modules; for example, the Harness Cloud Cost Management module might automatically reprovision infrastructure resources using IaCM and Harness AI agents.
"Harness and GitLab are the two companies that are really pushing a full SDLC [software delivery lifecycle] view with AI automation," Delory said. "Harness could be a front-end orchestrator that calls down to Terraform the same way that GitHub Actions could, but where the AI piece comes in is, 'Hey, what if we wrote your Terraform code for you, and you'd have Harness as an overall workflow engine?'"
Harness isn't alone in trying to bring infrastructure-as-code into a broader AI-driven IDP. The acquisition of HashiCorp by IBM, which closed earlier this year, has broadened the company's focus on platforms even further, as it prepares to integrate Terraform with tools such as Red Hat Ansible to serve a broader AI automation strategy. Similarly, Pulumi's platform engineering tools grew into a fuller-featured IDP, including a private module registry, in May, that can be managed with its AI-driven Pulumi Copilot.
IBM and HashiCorp are still working out the details about how to integrate tools, which will involve working across business units with sometimes conflicting politics, something that hasn't been IBM's strong suit historically, Delory said. But Terraform and Ansible are still dominant players in IT automation, and that's unlikely to change solely because of another platform's AI automation features, he said.
"There's a ton of hype, and there are a lot of people selling a grandiose plan about self-healing infrastructure and autonomy," Delory said. "But these are going to be tools in the toolbox, even with that fight over the platform layer as the user-facing piece … it's just becoming geek stuff, a specialized little area for subject-matter experts."
Beth Pariseau, a senior news writer for Informa TechTarget, is an award-winning veteran of IT journalism covering DevOps. Have a tip? Email her or reach out @PariseauTT.
Dig Deeper on Systems automation and orchestration
