Generate Infra-as-Code and Config Files with AI

A brief guide to generating IaC templates, bash scripts and config files with AIaC.

As more companies modernise and migrate their infrastructure to the cloud, the demand for skilled DevOps engineers to automate the deployment and management of the infrastructure continues to grow. However, the complexity of setting up the systems and pipelines also continues to grow simultaneously. With the explosion in usage of large language models (LLMs) in recent months, more tools are adopting artificial intelligence as a means to reduce complexity and simplify the usage of tools and workflows. In this post, we'll take a look at AIaC, an open-source tool looking to simplify the DevOps process.

What is AI Infra-as-Code (AIaC)?

AIaC (short for Artificial Intelligence Infrastructure-as-Code) is an open-source code generation utility developed by Firefly. It can generate infrastructure-as-code (IaC) templates, configuration files, bash scripts, queries and more using OpenAI LLM APIs. You can print the generated code to the standard output or save it to a file. You can also use AIaC in non-interactive mode or use as a library.

Deploy AIaC on a DigitalOcean Droplet

For this walk-through, I'll use DigitalOcean; if you don't have an account, sign up here - you’ll receive a $200, 60-day credit when you add a valid payment method. Set up your team and project, and create a basic Ubuntu droplet in your desired region. Set up the authentication scheme, and change the hostname if you wish. Once the droplet is ready, select it and launch the Droplet Console as root from the menu options. Run the following commands to install aiac.

# Update the package repo and install go
apt-get update
apt-get install golang-go

# Option 1: Using go install
go install

# Option 2: Clone the repository and build from source
git clone
go build

# Add aiac directory to the PATH environment variable
export PATH=$PATH:/root/go/bin

Provide the OpenAI API key via the OPENAI_API_KEY environment variable or via the --api-key command line flag; if you don't have the key, you can get it here.

export OPENAI_API_KEY=<your OpenAI API key>

Generate IaC, Bash Scripts and Config Files using AIaC

aiac uses the gpt-3.5-turbo model by default, but you can change it if required. To generate code with a different model, provide the --model="<model>" flag.

aiac list-models

Name                Type        Maximum Tokens  
gpt-3.5-turbo       chat        4096            
gpt-3.5-turbo-0301  chat        4096            
text-davinci-003    completion  4097            
text-davinci-002    completion  4097

The AIaC GitHub repo offers several examples to help you get started. It covers:

  • IaC templates for Terraform, Pulumi and CloudFormation
  • Dockerfiles, Kubernetes manifests
  • CI/CD pipelines for Jenkins, GitHub Actions
  • OPA policy-as-code files
  • Mongo, Elastic and SQL queries
  • Bash scripts, Python code
  • And more...

Let's play with the aiac tool. Here's a simple Dockerfile for a Caddy server. You can save the output, chat with aiac to fine tune the output, or continue.

aiac get dockerfile for a secure caddy server

FROM caddy:2.4.3-alpine

# Install necessary packages
RUN apk add --no-cache openssh-client

# Copy Caddyfile to container
COPY Caddyfile /etc/caddy/Caddyfile

# Set permissions for Caddyfile
RUN chown -R caddy:caddy /etc/caddy/Caddyfile && \
    chmod 644 /etc/caddy/Caddyfile

# Expose ports
EXPOSE 80 443

# Start Caddy server
CMD ["caddy", "run", "--config", "/etc/caddy/Caddyfile"]

Hit [S/s] to save, [C/c] to chat, [R/r] to retry, [Q/q] to quit:

Here's another example of a terraform script for deploying a DigitalOcean droplet. In this example, you may clearly want to fine tune the output based on your specific droplet requirements, authentication scheme, and startup scripts.

aiac get terraform for digitalocean droplet

provider "digitalocean" {

resource "digitalocean_droplet" "example" {
  image  = "ubuntu-18-04-x64"
  name   = "example-droplet"
  region = "nyc1"
  size   = "s-1vcpu-1gb"

  ssh_keys = [

  connection {
    type        = "ssh"
    user        = "root"
    private_key = file("~/.ssh/id_rsa")
    timeout     = "2m"
    host        = self.ipv4_address

  provisioner "remote-exec" {
    inline = [
      "sudo apt-get update",
      "sudo apt-get install -y nginx",
      "sudo systemctl start nginx",

✗ Hit [S/s] to save, [C/c] to chat, [R/r] to retry, [Q/q] to quit:

Now, I have not validated the above code myself but, as you can clearly see, aiac makes it ridiculously easy to get started with infrastructure automation. However, you'd be well advised to not outsource the entire responsibility to it! Make sure you have the skills and environments necessary to validate the output, especially before deploying any code in production.

Subscribe to alphasec

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.