There are templates that you can write and others that you can have generated. Having templates automatically generated presents some not-so-obvious benefits. Here are a few:
- Time saver: If you’re migrating to Cloudformation, you can generate snippets for them, not the minutia in writing them from scratch.
- Reliability: CloudFormation needs strictly defined templates. With automated templates, engineers will save themselves a lot of trouble in figuring out the right syntax.
- Going multi-account/multi-region: When going multi-region, you’ll need to make certain adjustments so that resources are created correctly. For example, the resources will probably need to remove references to specific regions and/or account IDs. An automated tool should handle that.
- It’s difficult to compare AWS accounts as they stand. But this changes if you have comprehensive definitions of them. Use automated templates to spot inconsistencies in your various environments by comparing their templates to quickly understand how the environments differ. Even better with 3-way compare that some diff tools support, compare test, staging and production at the same time.
- Tracking/auditing: Track more of your infra in version control, not just those that you manually wrote. E.g AWS provides a few default VPCs; without automated templates, you wouldn’t know how how to accurately replicate their setup.
- Team turnover: Engineers come and leave. If they didn’t tell others how they created their infra, automated templates can help recover and document them.
- Dynamic cloud: Such environments make for difficult documentation. Automated templates that are automatically committed to git ensures that what you see is accurate.
- Subtle updates: Sometimes changes happen without anybody noticing, e.g In the management console, AWS sometimes offers to update IAM roles transparently for their service to work properly. However, it’s not obvious what exact permissions they are adding. An automated template under git will ensure you have the up-to-date definition of the role handy.
- Experimentation: People can freely create resources manually while experimenting, knowing that there’s a reproducible way of getting their resources back.
- Architect-friendly: Software architects can point and click (as proof-of-concept) and the DevOps engineer will know how to recreate its equivalent in Cloudformation.
- Version control benefits: Profit from other benefits of using git:
- Know when and how your infrastructure evolves over time
- Team members have all (hand-written and generated) templates handy in their familiar tool, git.