Bicep vs Terraform for Azure Infrastructure
Contents
Summary
This post compares Bicep and Terraform in the context of Azure infrastructure. This context should help align discussions with clients who have already chosen Azure as their cloud provider.
Bicep vs Terraform
The leader in each category is in bold.
| Category | Bicep | Terraform |
|---|---|---|
| Supported Clouds | Azure-only | Azure, AWS, GCP, Multi-cloud, Hybrid-cloud, etc. See all Terraform providers . |
| Cost | Free | Paid |
| Azure Coverage | Bicep offers immediate support for new Azure features. | Terraform relies on providers that must be updated to reflect new Azure features which can result in a delay. |
| Azure DevOps Pipeline Integration | Natively Supported | Supported but must download and install the Azure Pipelines Terraform Tasks extension. |
| Reverse-Engineering Azure Resources | Azure Portal natively allows you to export templates which provides the resource’s Bicep/ARM properties and will accelerate your Bicep development. | Azure Portal does not provide the same native export ability but you can use the open-source Azure Export for Terraform tool. |
| State Management | Bicep does not require you to maintain state. Instead, it relies on incremental deployments. | Terraform stores the state of your managed infrastructure in a local file named terraform.tfstate. It is critical to back up and secure this file. |
| Azure Policy Compliance | Bicep’s preflight validation process determines whether resources comply with Azure Policies before the actual deployment giving developers an opportunity to remediate any issues. | When Terraform resources do not comply with Azure Policies, it fails during deployment. |
| Out-of-Band Changes (i.e. changes made directly in Azure Portal) | Out-of-band changes should be reconciled with Bicep to avoid overwriting those changes but will NOT block deployments. | You must import out-of-band changes into Terraform state for your next deployment to succeed. |
| Language, Coding, Modules, Helpers | Bicep and Terraform are relatively comparable. | Bicep and Terraform are relatively comparable. |
Conclusion
When deciding between Bicep and Terraform for Azure-only infrastructure, Bicep is the clear leader providing the following benefits:
- Free
- Less complexity:
- Does not require providers.
- No state file to maintain.
- Immediate support for new Azure features.
- Natively integrates with Azure DevOps pipelines.
- Increased developer velocity & experience:
- Exported templates in Azure Portal accelerate Bicep development.
- Azure Policy validation occurs before deployment allowing developers an opportunity to fix any issues.
- Better user-experience for handling out-of-band changes.