You are grossly exaggerating. I'll grant you that IaC is a far cry from what people wanted to accomplish through all the tooling.

But making it harder? Are you kidding me? Try to provision a VM with all the security locks and some software install. It may take a bit of time to do it once via Ansible, but the second time around it boils down to shifting around some packages / changing inventory.

Compare doing it fully manually every time, go spin up the VM, ssh into it and so on.

For sure, immutable infrastructure is a pipe dream as long as people can make manual changes. Drift? It sounds like it's a sort of thing that just happens naturally but in reality is people doing down and dirty changes.

Software itself can help only so much.


Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store