IaC vs GitOps: How they differ?

Dec 22, 2022 · 2 mins read · Post a comment

This is a good DevOps interview question: “What’s the differences between IaC and GitOps?” I could easily say that IaC carries the torch for Configuration Management while GitOps is the next logical step in DevOps, but let’s briefly go through each of them and their differences.

infrastructure and infra are used interchangeably.


  • N/A



Infrastructure as Code (IaC) is a practice, or process for managing and deploying cloud, on-premise and/or hybrid infrastructure using code and automation tools. It presents as a next step for the “legacy” Configuration Management. IaC has two approaches: Declarative and Imperative. Also, leverages code to define, manage and provision infrastructure, leading to many pros including:

  • Code is the single source of truth, hence
  • Tracking changes becomes much easier and
  • Applying the same code best practices as with writing application code. For instance: writing unit tests, pull requests strategies.
  • Reusability, by writing reusable templates.
  • Automation: by implementing automation tools such as Terraform, Ansible.
  • Idempotency: no matter how many times you deploy the same code, it yields the same results.
  • Declarative (defining what we want = the desired state) and Imperative (defining how we want = steps required to get to the state).
  • Disaster and Recovery: quickly recover from a failed cloud zone/region by provisioning the same infrastructure to another zone or region.

The most currently popular tools are Terraform and Ansible.


On the contrary, GitOps is a set of practices, or process, a modern way of implementing Continuous Delivery (CD) for application mostly hosted in the cloud. GitOps uses Git as a single source of truth for defining almost everything infra-related and application configuration such as: VMs, containers, network, storage, environment variables, resource requirements, data, etc. It overlaps with IaC though. And this is where it may sound a bit confusing.

Think of it as an extension to infra-as-code: IaC + Merging Pull Requests + CI/CD (for both Infrastructure + Applications)

It has just about the same advantages as IaC, except few differences including:

  • Uses exclusively Git for versioning.
  • Declarative only.
  • Push-based and pull-based deployment.

Popular tools: Git, Helm, Flux, Argo CD.


IaC focuses on the best code practices and automation tools to create and deploy infrastructure. IaC is much broader term that can be applied to any type of infrastructure. Not tied to Git-only. It could use any VCS tool in that regard.

GitOps, on the other hand, put the focus on Git and automation tools to manage and deploy apps in a cloud and hybrid environments. GitOps is a specific way of using CD to deploy apps.


Basically, It’s not the one thing or the other, since it comes down to comparing apples and oranges though. Usually, they are used both. Although, you can use IaC without GitOps, but not the other way around.

Feel free to leave a comment below and if you find this tutorial useful, follow our official channel on Telegram.