TECH_COMPARISON
Crossplane vs Terraform: Kubernetes-Native IaC Comparison
Compare Crossplane and Terraform on Kubernetes-native infrastructure management, composition model, GitOps compatibility, and cloud resource lifecycle.
Overview
Crossplane and Terraform are both infrastructure as code tools, but they operate in fundamentally different paradigms. Terraform is a CLI-driven tool that provisions cloud resources using HCL configuration files. Crossplane is a Kubernetes operator that extends Kubernetes with custom resource definitions (CRDs) for cloud infrastructure, enabling cloud resources to be managed with the same kubectl apply workflow as Kubernetes workloads.
Crossplane represents a bet on Kubernetes as the universal control plane for both application workloads and cloud infrastructure. This is powerful for organizations already operating Kubernetes, but adds significant complexity for teams that are not.
Key Technical Differences
Crossplane's Composite Resource (XR) model is its most compelling feature. Platform engineers define Composite Resource Definitions (XRDs) — custom API types that combine multiple cloud resources into a single abstraction. For example, a PostgresDatabase XRD might provision an RDS instance, subnet group, security group, and parameter group as a single composable resource. Application teams consume this abstraction without needing to know AWS internals.
Terraform achieves similar abstraction through modules, but modules are consumed by running terraform apply, not by creating Kubernetes resources. The Crossplane model integrates infrastructure provisioning into the same GitOps workflow as application deployment — create a PostgresDatabase YAML, commit it to Git, Argo CD syncs it, Crossplane provisions the RDS instance.
State management in Crossplane is implicit — resource status is stored in Kubernetes etcd as part of the CRD status fields. There is no separate state file to manage or lock. Terraform's explicit state file requires a remote backend (S3+DynamoDB, Terraform Cloud) for team collaboration and locking.
Performance & Scale
Crossplane's operator reconciliation loop continuously ensures cloud resources match the desired state in CRDs — similar to Terraform's plan/apply but continuous rather than triggered. This provides automatic drift detection. Terraform requires explicit terraform plan runs to detect drift.
When to Choose Each
Choose Crossplane for Kubernetes-native platform engineering where the goal is a self-service internal developer platform. Its integration with GitOps workflows and Kubernetes RBAC is unmatched for this use case.
Choose Terraform for provisioning cloud infrastructure with the widest provider coverage, for non-Kubernetes contexts, or when team expertise in Kubernetes operators is insufficient to operate Crossplane.
Bottom Line
Crossplane is the right choice for platform engineering teams building Kubernetes-native internal developer platforms. Terraform is the right choice for broad cloud provisioning with maximum provider coverage and team accessibility.
GO DEEPER
Master this topic in our 12-week cohort
Our Advanced System Design cohort covers this and 11 other deep-dive topics with live sessions, assignments, and expert feedback.