AWS ‐ Configuration as a Code (CaC) - FullstackCodingGuy/Developer-Fundamentals GitHub Wiki

Configuration as Code (CaC) can save time and reduce human error by keeping configs consistent, manageable, traceable, and secure. It helps to deploy configuration via code.

Helps to manage configuration as a resource

It is Versioned application configuration as the Configuration code is stored in a repository for better consistency and maintainability

Benefits

• Advantage of CaC is the solution configuration is reviewable as code, as the code has to be updated in the repository first before it actually getting deployed in the environment which reduces the chance of failure in the production.
• CaC is closely related to IaC (Infra as Code)
• Code and Configuration have different lifecycle, both are managed separately, separate pipeline for configurations
• Security Advantages: Normally if a user wants to make a change to a resource, user should have access to do it, where as with CaC, only the pipeline should have the access to execute the configuration changes on the resource
• Manageability: configuration is managed in a centralized code repository to manage the changes effectively
• Traceability: changes are made in code repo, so we can track easily from why and where the changes came in.

CaC Best Practices

• Use both CaC and IaC
• Simplify configuration data
• Employ version control in code repo