Welcome to the January 2026 edition of Mission Infrastructure, your monthly tour of the infrastructure-as-code world. In this issue, we bring you highlights of the Spacelift blog, recent videos that illuminate the cost of drift and the best way to organize Terraform files, and our latest product updates, so you can start the year armed with the right information to help make it your best one yet.
IaC tools automate infrastructure provisioning and management, streamlining the management of large-scale, complex, and dynamic environments. In this guide, Flavius Dinu reviews 16 leading IaC tools for 2026, outlining their key features to help you choose the right one for your requirements.
OpenTofu feels reassuringly accessible when you first start using it, but scaling challenges emerge when your infrastructure codebase expands. In this article, Flavius Dinu brings you four proven approaches for managing OpenTofu workflows at enterprise scale, outlining their strengths, limitations, and the specific issues each approach addresses.
Blue/green deployments are a solid strategy for minimizing user disruption when deploying new versions of your applications. You can use plain Kubernetes objects, such as services and deployments, and orchestrate the required steps using Terraform. In this article, Mattias Fjellström explains how to implement blue/green deployments in Kubernetes with Terraform.
Using Ansible to manage Docker streamlines container operations through automation. Purpose-built Docker modules enable Ansible to help define consistent, scalable deployments that minimize manual work and errors. In this article, Faisal Hashem outlines how to structure roles, apply conditionals, and follow best practices to ensure repeatable, reliable infrastructure automation.
A Terraform GUI enhances team collaboration, visibility, and usability by providing a visual interface to manage infrastructure as code more efficiently. In this article, Mariusz Michalowski explains the Terraform GUI and its significance for DevOps and platform teams, and compares leading solutions.
All security professionals face the challenge of addressing a constant stream of vulnerabilities that far exceeds their capacity to remediate them. The secret to survival and effective security lies in developing a strategic approach that prioritizes the most important issues. David Galiata’s guide outlines best practices for remediating vulnerabilities.
DevOps is a compelling approach for boosting delivery velocity, visibility, and quality, but it can be difficult to get right. Development and operations teams often grapple with challenges that result in implementations failing to deliver desired outcomes. In this article, James Walker considers the top DevOps challenges and how to address them.
Infrastructure drift becomes a business risk as soon as your infrastructure ceases to be demonstrably compliant. Your Terraform doesn’t need to be flawless, but it must be observable, auditable, and governed by policy. In this article, Aoife O’Carroll explains how to address drift before your next audit.
Infrastructure drift is one of the fastest ways to turn “we’re compliant” into an audit problem. In this video, DevSecOps engineer Matt Bailey explains the most common causes of drift, why it slows teams down, and what auditors are looking for. He also covers when to automate reconciliation, how to set governance workflows for high-risk environments, and how policy as code stops drift from bypassing your guardrails.
A clean Terraform project structure makes infrastructure easier to understand, change, and scale — but it’s often overlooked until things get messy. In this video, DevSecOps engineer Matt Bailey walks through practical best practices for organizing Terraform files and directories, from standard naming conventions such as main.tf, variables.tf, and outputs.tf to structuring modules and separating environments safely. You’ll learn how to choose between monorepo and polyrepo setups, manage environment-specific values, and avoid committing sensitive or generated files, so your infrastructure as code stays predictable, secure, and easy to collaborate on.
“Infrastructure rarely breaks because of bad tools, it breaks because of untested assumptions. Subscribe to learn my hard-won lessons from scaling systems at Facebook and Google, the highs and lows of co-founding OpenTofu and Spacelift, and everything in between.”
Marcin Wyszynski, Co-founder @ Spacelift & OpenTofu
Early access to Spacelift Intent is now available to everyone! Spacelift Intent lets you provision and manage infrastructure by describing what you need in natural language rather than writing Terraform/OpenTofu code. Here is a quick video on how to configure Intent with Claude and get started.
Now, whenever you create or edit a cloud integration, toggle Enable auto-attach and include a label in the integration following the format autoattach:<your_label>. Any stack that has <your_label> on it will automatically attach the cloud integration.
