ADR 010: Infrastructure as Code

Status: Accepted | Date: 2025-03-10

Context

All environments must be reproducible from source to minimise drift and security risk. Manual changes and missing version control create deployment failures and vulnerabilities.

Compliance Requirements:

• OWASP IaC Security
• ACSC System Hardening

Decision

Golden Path

1. Git Repository Structure: Single repo per application with environments/{dev,int,uat,prod} folders matching AWS account names, for example app-a-dev, app-a-int, app-a-uat, and app-a-prod
2. State Management: Terraform remote state with locking, separate state per environment
3. CI Pipeline:
   • Validate: Trivy scan + terraform plan/kubectl diff drift check
   • Plan: Show proposed changes on PR
   • Apply: DEV and INT may deploy approved branch refs; UAT and PROD deploy tagged releases only per ADR 009
4. Versioning: Git tags = semantic versions (x.y.z) created on main for UAT and PROD
5. Disaster Recovery: Checkout tag + run just deploy --env=prod with static artifacts from ADR 004

Required Tools & Practices

Infrastructure as Code Workflow:

flowchart LR
    artifacts[Static Artifacts]
    repo[Infrastructure Repo]
    envs[AWS Accounts]

    artifacts -->|versioned| repo
    repo -->|deploy| envs

Git tags are immutable release versions for UAT and PROD. DEV and INT may deploy approved branch refs per ADR 009. Environment folders (environments/{dev,int,uat,prod}) map to separate AWS accounts with isolated state storage.

Consequences

Benefits:

• Reproducible infrastructure deployments with version control
• Automated drift detection and prevention mechanisms
• Reliable disaster recovery through infrastructure as code

Risks if not implemented:

• Configuration drift creating security vulnerabilities
• Failed rollbacks during critical incident recovery
• Inconsistent environments affecting application reliability

References

• ADR 001: Application Isolation
• ADR 002: AWS EKS for Cloud Workloads
• ADR 005: Secrets Management