Infrastructure as Code (IaC) sounds simple until you hit the real-world issues: state, drift, collaboration, and governance. In this episode, Matt and Helen break down Terraform from first principles — what it’s doing under the hood, where teams get burned, and how to run it safely at scale.

You’ll learn:

• IaC (Infrastructure as Code): why defining infrastructure as version-controlled code improves repeatability, auditability, and change control

• Provisioning vs configuration management: where Terraform fits and when Ansible is the better tool

• Declarative workflows: what “desired state” means, and what actually happens during plan/apply

• Modules + variables: how to standardise patterns without creating a brittle monolith

• Terraform state: why it exists, why it’s sensitive, and why mishandling it causes outages

• Drift: how infrastructure diverges from code, how to detect it, and how to reduce it

• Remote state (S3) + Terraform Cloud/HCP: collaboration, locking, and governance

• IaC scanning/guardrails: practical security/compliance checks before changes land

• CDK for Terraform (CDKTF) vs HCL: choosing abstraction without losing control

• RUM pricing: what “resources under management” means in practice

If you’re adopting Terraform (or cleaning up an existing estate), this is a direct, practical guide to avoiding the common failure modes.