How this works

This page documents the data, questions, and rules used by the decision model. It is a reference, not a global ranking.

For data and contribution details, see the contributing guide.

Tools (10)

Inspect the comparison table with source references.

Review tool facts side by side, including focus area, definition model, supported languages, and state model.

Open comparison table

Questions (7)

The questionnaire uses these prompts and options.

Must the deployment engine be CloudFormation (not just compatible)?

Choosing “Yes” excludes tools that do not deploy through CloudFormation directly.

Yes, CloudFormation is requiredNoNot sure

How do you want to define infrastructure or automation?

Declarative includes templates (YAML/JSON), HCL, or Kubernetes-style manifests. Code-first means authoring infrastructure in a general-purpose language (Python/TypeScript/etc.). Choosing code-first required excludes DSL-based tools like Terraform/OpenTofu (HCL).

Code-first required (Python/TypeScript)Declarative configurationNo preference

What are you primarily trying to automate?

This helps distinguish infrastructure provisioning, configuration management, and control-plane orchestration.

Provisioning and managing cloud infrastructureConfiguring and maintaining servers and appsBuilding a platform control plane on KubernetesNot sure

Are you building or operating a platform control plane?

This refers to managing infrastructure through continuously reconciled APIs (often Kubernetes-based), rather than running one-off apply operations.

Yes, we’re building/operating a control planeNo, we want direct provisioning toolsNot sure

Which target scope best matches your needs?

AWS-native favors tools built around AWS services. AWS-only means AWS today, but portability may still matter. Multi-cloud targets multiple providers.

AWS-native integrationAWS only (portability still matters)Multi-cloudNot sure

Do you want to operate infrastructure state yourself?

Some tools require you to run and maintain a state backend yourself. Managed state services count as tool-managed. Example: self-managed includes S3 + DynamoDB locking (Terraform/OpenTofu). Tool-managed includes CloudFormation stacks or managed backends like Terraform Cloud.

I don’t want to operate state infrastructureI’m fine managing a state backend myselfNot sure

Do you prefer a managed state service (SaaS)?

A managed service handles storage, locking, and history for state. This is separate from provider-native engines like CloudFormation.

Yes, prefer a managed state serviceNo, self-managed is fineNot sure

Rules (15)

Rules exclude tools that violate constraints, then apply weights to rank the rest.

Hard constraints

These rules remove tools that fail a required condition.

Must-have

mh-cloudformation

Requires AWS CloudFormation as the deployment engine.

Must-have

mh-code-first-required

Requires infrastructure to be authored in a mainstream general-purpose programming language (e.g., Python or TypeScript).

Must-have

mh-no-control-plane

User does not want a control-plane operating model (reconciliation-based platform).

Preference weights

These rules add weight based on selected preferences.

Weight

w-control-plane-opt-in

Explicitly opts into a control-plane (reconciliation) operating model.

crossplane: +1

Weight

w-general-purpose

Prefers general-purpose programming languages.

aws-cdk: +3

pulumi: +3

formae: +2

Weight

w-declarative

Prefers declarative configuration and templates.

terraform: +3

opentofu: +3

aws-cloudformation: +3

formae: +2

ansible: +2

puppet: +2

chef: +1

crossplane: +3

Weight

w-focus-infra

Primary focus is infrastructure provisioning.

aws-cdk: +3

aws-cloudformation: +3

terraform: +3

opentofu: +3

pulumi: +3

formae: +2

crossplane: +1

Weight

w-focus-config

Primary focus is configuration management.

ansible: +3

puppet: +3

chef: +3

terraform: +1

opentofu: +1

pulumi: +1

Weight

w-focus-control-plane

Primary focus is Kubernetes control-plane orchestration.

crossplane: +3

Weight

w-aws-native

Prefers AWS-native integration.

aws-cdk: +3

aws-cloudformation: +3

pulumi: +1

terraform: +1

opentofu: +1

Weight

w-aws-only

AWS is the only provider today, but portability still matters.

aws-cdk: +2

aws-cloudformation: +2

pulumi: +2

terraform: +2

opentofu: +2

formae: +1

ansible: +1

puppet: +1

chef: +1

crossplane: +1

Weight

w-multi-cloud

Targets multiple cloud providers.

terraform: +3

opentofu: +3

pulumi: +3

crossplane: +2

ansible: +1

puppet: +1

chef: +1

Weight

w-avoid-state-backend

Prefers tools that manage state for you.

aws-cdk: +3

aws-cloudformation: +3

formae: +3

pulumi: +2

crossplane: +2

Weight

w-managed-state-no

Self-managed state is acceptable; no SaaS preference.

terraform: +1

opentofu: +1

Weight

w-managed-state

Prefers a managed state service.

pulumi: +3

terraform: +2

opentofu: +1

crossplane: +1