Infrastructure as code sounds simple until it isn’t. Matt Gowie, founder of IaC consulting firm MasterPoint, joined me on Inside Platform Engineering to share what he’s learned helping organizations build sustainable, scalable platforms with Terraform and Open Tofu, including some costly mistakes he sees teams make time and time again.
One of my favorite topics was talking with Matt about whether to do it yourself and “reinvent the wheel”, or lean on open-source and community modules for building your IaC. I can see value in both approaches and have mostly been on the side of using open source modules where possible. Your infrastructure probably isn’t that different from someone else’s. With that said, there are times when you need to consider the risks of using these modules and whether their support and community are responsive enough to meet your demands when critical changes are needed.
While the discussion focused on Matt’s specialty around IaC, I found all of the discussion points can be re-applied broadly across Platform Engineering.
Watch the episode
You can watch the episode with Matt below.
Inside Platform Engineering with Matt Gowie
Pick one tool and go deep
One of the first traps Matt sees platform teams fall into is spreading their expertise across too many IaC tools. Whether it’s Terraform, Bicep, CloudFormation, or Pulumi, the instinct to keep options open actually slows teams down and breeds inconsistency. His advice is to consolidate, but do so mindfully. Vendor-specific tools like Bicep and CloudFormation lock you into a single cloud, and the moment you need to automate something outside that ecosystem - be it a DNS provider, a monitoring tool, a SaaS platform — you’re hacking around the edges and accumulating technical debt. Pick the tool that gives you the most reach, build expertise around it, and create practices that scale.
Stop reinventing the wheel
If your platform team is writing every Terraform resource by hand, you’re burning time your competitors aren’t. Matt is a strong advocate for the open source module ecosystem and pushes back on the common instinct to build everything internally. A well-maintained, focused open-source module delivers great security defaults, community-vetted patterns, and ongoing updates that most internal teams simply can’t match.
The hidden cost of building it yourself
The same logic applies to the operational layer around your Platform. Many teams build their own Jenkins or GitHub Actions pipelines to run Terraform and assume it saves money because the work is done in-house. But Matt argues this rarely pencils out. At scale, managing state files, enforcing policy, handling environment-specific approvals, and maintaining all of that custom pipeline code is a significant ongoing burden, and when the person who built it leaves, that cost compounds. Matt’s take is to evaluate the vendor tooling available to solve your problem and be honest about what an engineer’s time is actually worth when measured against a vendor invoice.
Happy Deployments!
Inside Platform Engineering is a series of conversations with Matt Allford and a guest, bringing their own experience and perspective from the world of Platform Engineering.
You can find more episodes on YouTube.
