HashiConf 2025 Don't miss the live stream of HashiConf Day 2 happening now View live stream
Well-Architected Framework

Automation maturity model

Manually deploying and configuring cloud infrastructure is a natural starting point for cloud practitioners. However, as applications mature, maintaining manually deployed infrastructure is unsustainable and is an industry anti-pattern.

The automation maturity model describes three stages in the progression from manual deployments to fully automated infrastructure. Each stage has specific characteristics, benefits, and challenges that organizations must navigate.

Understand the automation maturity model

Understanding your automation maturity level addresses the following strategic planning and operational challenges:

  • Establish baseline and measure progress: Organizations struggle to improve automation without understanding their current state. Teams make automation investments without knowing whether they address the most critical gaps or build on proper foundations. The maturity model provides objective criteria to assess your current automation level, identify specific gaps, and measure progress over time, ensuring automation investments deliver maximum value.

  • Create realistic roadmaps with appropriate sequencing: Jumping directly from manual deployments to fully-automated CI/CD can overwhelm teams. Organizations waste resources building advanced automation without foundational practices like version control or scripting in place. The maturity model shows prerequisite capabilities for each stage, enabling you to sequence automation investments logically and avoid costly mistakes from skipping essential foundations.

  • Identify risks and prioritize automation efforts: Manual and semi-automated deployments create hidden risks such as configuration drift, deployment errors, compliance gaps, and knowledge silos. Organizations cannot address all risks simultaneously and must prioritize based on impact and feasibility. The maturity model highlights specific risks at each stage, allowing you to prioritize automation efforts that deliver the fastest risk reduction and demonstrate clear business value to stakeholders.

  • Align teams and secure leadership support: Automation initiatives fail when teams lack shared understanding of goals, timelines, and resource requirements. Engineering teams want to move faster while leadership questions automation ROI without clear milestones. The maturity model provides common language for discussing automation goals, sets realistic expectations for each stage's effort and benefits, and helps secure leadership support by demonstrating a structured approach to automation transformation.

Manual deployments

Manual deployments involve human operators creating, configuring, and managing infrastructure resources. Common methods include using cloud provider web consoles, connecting to remote servers via SSH or RDP, and running commands directly on systems.

The following are examples of manual deployments:

  • Clicking through cloud provider dashboards to create resources
  • Connecting to servers to manually install software and configure services
  • Making configuration changes directly on running systems
  • Manually scaling resources up or down based on demand
  • Troubleshooting issues by logging into systems and running diagnostic commands

Manually deploying your infrastructure contains the following risks and challenges:

  • Lack of version control: No systematic way to track what changes were made, when, or by whom
  • Human error: Manual processes are prone to typos, missed steps, and inconsistent configurations
  • Poor repeatability: Difficult to recreate the same environment consistently across different deployments
  • Hard-to-audit changes: No automatic logging of infrastructure modifications
  • Difficulty scaling: Manual processes don't scale with team size or infrastructure complexity
  • Knowledge silos: Critical infrastructure knowledge often exists only in individual team members' heads

Occasionally, manually deploying and configuring your infrastructure makes sense, such as one-time experiments or proof-of-concept work, emergency troubleshooting that requires immediate human intervention, and exploring new cloud services. Make sure to use Boundary to securely access systems during manual interventions.

Semi-automated deployments

Semi-automated deployments introduce scripting and basic automation tools while still requiring human intervention to execute processes. Instead of manually running individual commands, operators execute scripts that perform deployment and configuration tasks.

The following are examples of semi-automated deployments:

  • Running bash, Python, or PowerShell scripts to provision infrastructure
  • Using cloud-init or user-data scripts for server configuration
  • Employing configuration management tools like Ansible for application setup
  • Storing scripts in version control systems
  • Defining infrastructure as code using Terraform or other declarative configuration tools
  • Running deployment scripts manually or through triggered automation that still requires human coordination
  • Creating application images with code using Packer or Dockerfiles
  • Implementing immutable infrastructure patterns where servers are replaced rather than modified
  • Auditing cloud logs to detect manual changes outside of automated processes

Benefits over manual deployments:

  • Improved repeatability: Scripts can be run multiple times with consistent results
  • Basic version control: Scripts are stored in repositories, providing change tracking
  • Reduced human error: Automated script execution eliminates many manual mistakes
  • Documentation: Scripts serve as executable documentation of deployment processes
  • Easier scaling: Scripts can be run across multiple environments more efficiently

Fully-automated deployments

Fully-automated deployments use version-controlled infrastructure that is automatically executed through CI/CD systems. Infrastructure changes are implemented through code commits, which trigger automated testing, validation, and deployment processes.

The following are examples of fully-automated deployments:

  • Automatically triggering deployments through Git commits using tools like GitHub Actions or HCP Terraform
  • Running automated tests against infrastructure changes
  • Implementing blue-green or canary deployments
  • Monitoring and alerting on infrastructure health with tools like Datadog
  • Self-healing systems that automatically respond to failures like Nomad or auto-scaling groups
  • Self-service infrastructure

Benefits over semi-automated deployments:

  • Complete audit trail: Every change is tracked through version control
  • Automated testing: Automation validates infrastructure changes
  • Consistent environments: Identical infrastructure across development, staging, and production
  • Rapid rollback: Easy to revert to previous known-good states
  • Self-service capabilities: Developers can provision infrastructure without operations team intervention
  • Compliance and governance: Automated policy enforcement and security scanning

Assess your current state

To determine where your organization currently sits on the maturity model, answer the following questions:

Manual Deployment Indicators:

  • Do you primarily use cloud provider web consoles for infrastructure changes?
  • Do you frequently SSH into servers to make configuration changes?
  • Do you make infrastructure changes without tracking or approval processes?
  • Do you manually install software and dependencies on servers?
  • Do you scale resources up or down manually based on demand?

Semi-Automated Deployment Indicators:

  • Do you use scripts for most deployment tasks?
  • Do you store your scripts in a version control system?
  • Do you still manually execute deployment scripts?
  • Do you use infrastructure as code tools like Terraform or Ansible?
  • Do you build application images using tools like Packer or Docker?
  • Do you use golden images as a base for your applications?
  • Does occasional drift occur between your scripts and the actual infrastructure?

Fully-Automated Deployment Indicators:

  • Do you make infrastructure changes exclusively through code commits?
  • Do you have automated testing for infrastructure changes?
  • Can developers self-service infrastructure needs?
  • Do you automate and test rollbacks regularly?

Choose your next step

Based on your assessment results, select the appropriate document:

  • Read Implement semi-automated deployments if you answered yes to most Manual Deployment Indicators. Your organization primarily uses manual processes through cloud consoles, SSH access, and direct configuration changes. Start by implementing version control, deployment scripts, Packer-based image creation, and immutable infrastructure patterns. These foundational practices reduce errors, improve repeatability, and prepare you for full automation.

  • Read Implement fully-automated deployments if you answered yes to most Semi-Automated Deployment Indicators. Your organization uses scripts and infrastructure as code but still requires manual execution and coordination. Advance by implementing Git-driven CI/CD workflows, self-service infrastructure platforms, comprehensive monitoring and testing integration, and progressive deployment strategies like blue-green and canary deployments.

Next steps

In this section of Process automation, you learned the automation maturity model stages, assessed your current automation level, and identified which stage to pursue next. The automation maturity model is part of the Define and automate processes pillar.

Continue your automation journey with the following documents:

Edit this page on GitHub