AWS CDK vs Terraform: the honest comparison in 2025

What they are

Terraform: Declarative HCL. Provider-agnostic (AWS + GCP + Azure + Kubernetes).

CDK: TypeScript/Python/Java that generates CloudFormation. AWS-only.

Core tradeoff

Terraform:
  + Explicit, readable HCL — easy to review PRs
  + Provider-agnostic — same tooling for everything
  + Mature ecosystem, large module registry
  - Dynamic logic is verbose (count, for_each)

CDK:
  + Real programming languages with loops and classes
  + L2/L3 constructs hide AWS complexity behind good defaults
  + Unit testing with standard frameworks
  - AWS-only
  - Generated CloudFormation = thousands of lines, hard to debug

CDK L2 constructs (where it shines)

const service = new ecs_patterns.ApplicationLoadBalancedFargateService(this, 'Svc', {
  cluster, cpu: 256, memoryLimitMiB: 512,
  taskImageOptions: {
    image: ecs.ContainerImage.fromEcrRepository(repo), containerPort: 8080
  }
  // ALB + target group + security groups created automatically
});

When CDK wins

1. Software engineers managing their own infra — TypeScript they already know
2. Complex dynamic infrastructure — programming model is more expressive
3. AWS-only shops — native constructs are excellent

When Terraform wins

1. Dedicated infra engineers — HCL is explicit, readable by anyone
2. Multi-cloud or non-AWS resources
3. Auditability — terraform plan is unambiguous
4. Module ecosystem

My honest take

• DevOps-focused team: Terraform
• Software engineers owning their own infra: CDK
• Mixed team: Terraform for infra, CDK for applications needing dynamic config

Step2Dev uses Terraform — chosen for auditability.

👉 step2dev.com