Competencies: DevOps > Infrastructure as Code

Infrastructure as Code

Body of Knowledge

Topic	Description	Relevance	Career Tracks
IaC Fundamentals	Declarative vs imperative, idempotency, state management, drift detection, version control for infrastructure.	Critical	DevOps, Cloud Engineer, SRE
Terraform Basics	HCL syntax, providers, resources, data sources, variables, outputs, terraform init/plan/apply.	Critical	DevOps, Cloud Engineer
Terraform Advanced	Modules, workspaces, remote state, state locking, import, moved blocks, provider aliases.	High	DevOps, Platform Engineer
OpenTofu	Open-source Terraform fork, compatibility, community governance, migration from Terraform.	Medium	DevOps, Cloud Engineer
Pulumi	Infrastructure as code with real programming languages (Python, TypeScript, Go), stack management.	Medium	DevOps, Developer
AWS CloudFormation	Templates (YAML/JSON), stacks, nested stacks, change sets, drift detection, StackSets.	High	DevOps (AWS)
Azure Bicep	Domain-specific language for ARM, modules, parameters, what-if deployment, decompilation.	Medium	DevOps (Azure)
Ansible	Playbooks, inventory, modules, roles, variables, handlers, Jinja2 templating, Ansible Galaxy.	Critical	DevOps, Systems Administrator
Packer	Machine image building, builders, provisioners, post-processors, multi-cloud images.	High	DevOps, Platform Engineer
cloud-init	Cloud instance initialization, user-data, cloud-config YAML, modules, debugging.	High	Cloud Engineer, DevOps
IaC Testing	Terratest, kitchen-terraform, policy as code (OPA, Sentinel), pre-commit hooks.	Medium	DevOps, Platform Engineer

Topic

Description

Relevance

Career Tracks

IaC Fundamentals

Declarative vs imperative, idempotency, state management, drift detection, version control for infrastructure.

Critical

DevOps, Cloud Engineer, SRE

Terraform Basics

HCL syntax, providers, resources, data sources, variables, outputs, terraform init/plan/apply.

Critical

DevOps, Cloud Engineer

Terraform Advanced

Modules, workspaces, remote state, state locking, import, moved blocks, provider aliases.

High

DevOps, Platform Engineer

OpenTofu

Open-source Terraform fork, compatibility, community governance, migration from Terraform.

Medium

DevOps, Cloud Engineer

Pulumi

Infrastructure as code with real programming languages (Python, TypeScript, Go), stack management.

Medium

DevOps, Developer

AWS CloudFormation

Templates (YAML/JSON), stacks, nested stacks, change sets, drift detection, StackSets.

High

DevOps (AWS)

Azure Bicep

Domain-specific language for ARM, modules, parameters, what-if deployment, decompilation.

Medium

DevOps (Azure)

Ansible

Playbooks, inventory, modules, roles, variables, handlers, Jinja2 templating, Ansible Galaxy.

Critical

DevOps, Systems Administrator

Packer

Machine image building, builders, provisioners, post-processors, multi-cloud images.

High

DevOps, Platform Engineer

cloud-init

Cloud instance initialization, user-data, cloud-config YAML, modules, debugging.

High

Cloud Engineer, DevOps

IaC Testing

Terratest, kitchen-terraform, policy as code (OPA, Sentinel), pre-commit hooks.

Medium

DevOps, Platform Engineer

Personal Status

Topic	Level	Evidence	Active Projects	Gaps
Infrastructure as Code (Concepts)	Intermediate	Understand IaC principles from CISSP study and home lab experience; VyOS config-as-code, Vault policy-as-code	domus-terraform	No Terraform/OpenTofu production experience, no Pulumi, no CloudFormation

Topic

Level

Evidence

Active Projects

Gaps

Infrastructure as Code (Concepts)

Intermediate

Understand IaC principles from CISSP study and home lab experience; VyOS config-as-code, Vault policy-as-code

domus-terraform

No Terraform/OpenTofu production experience, no Pulumi, no CloudFormation