Good notes on this! We've been getting more and more into developing our resources this way, but it still doesn't mean you get away from the Administrative headaches of having to deal with AWS console. Especially when trying to configure your VPC's, IAM Users and Roles just so you can get them into your Terraform templates. I don't mind learning new tools, after all you need to keep your toolbox current, it just gets so overwhelming when even in my environment we are using Ansible, Terraform, Docker, and probably one or two more I am forgetting just to get your environments in place. At times its hard to keep up.
Michael, I think you hit on a major point that is evolving in this space. Often times more than one tool is being used.
For example, I can use Serverless Framework to provision my serverless resources and Terraform for my VPC, roles, and deployment pipeline. I could also have a Terraform template that provisions EC2 instances in AWS, and maybe I even use Puppet to configure things on those machines.
In that basic example, I am already using three tools.
I don't have the answer here, but I think the future is a bit unknown in terms of this level of complexity. Is this the right way? The wrong way? Unclear.
The one thing that seems clear to me is that an abundance of infrastructure as code is better than no IaC.
I've been in this space before and in my experience all the tools end up finding either their niche or evolve so that they become the "standards" for specific groups. What we had leading up to this was a lot of flavor of the month that people in those positions decided was the one we wanted to use NOW.
Though I started with a bit of venting on the complexity its something that's endemic in our space, we are constantly moving forward. Something new comes, we take it and check it out, if we love it add it to our toolbox or drop it off. The next person who comes in either learns from what we did, if we mentor, or makes their own decisions if the company has not set a standard.
It's nice to keep learning, its the one thing that excites me about going into work every day - the intellectual challenge - but it can be draining at times.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.