Terraform vs Crossplane

Terraform and Crossplane both provision cloud infrastructure declaratively, but they take fundamentally different approaches. Terraform uses a CLI-driven plan/apply workflow with dedicated state files. Crossplane treats infrastructure as Kubernetes custom resources, reconciled continuously by controllers.

Core Architecture Differences

Terraform's CLI Workflow

Terraform reads HCL configuration, builds a dependency graph, and executes a plan/apply cycle. State is stored in a backend (local file, S3, Terraform Cloud). Drift is only detected when you run terraform plan — there is no continuous reconciliation.

This model is straightforward for operators comfortable with CLI tools. Modules provide reusability, and the massive provider ecosystem covers almost any API.

Crossplane's Kubernetes-Native Model

Crossplane extends the Kubernetes API with Custom Resource Definitions (CRDs) for cloud resources. You declare an RDS instance the same way you declare a Pod — as a YAML manifest. The Crossplane controller continuously reconciles desired state against actual state, fixing drift automatically.

Compositions let platform teams build higher-level abstractions (like a "Production Database" CRD) that encapsulate multiple underlying resources, creating self-service infrastructure platforms.

State Management

Terraform's state file is both its strength and its weakness. It enables powerful diffing and planning, but state corruption, locking issues, and remote backend management add operational burden. Teams must carefully manage state across environments.

Crossplane stores state in Kubernetes etcd. This eliminates the separate state management problem but ties your infrastructure lifecycle to your Kubernetes cluster's health. Losing the cluster without a backup means losing infrastructure state.

Platform Engineering

Crossplane shines in platform engineering. Compositions and Composite Resource Definitions (XRDs) let you build internal developer platforms where application teams consume infrastructure through simple Kubernetes APIs, while platform teams control what is provisioned underneath. Combined with GitOps workflows and Kubernetes RBAC, this creates powerful self-service capabilities.

Terraform achieves similar goals with modules and Terraform Cloud, but the abstraction is less natural — developers still interact with Terraform configurations rather than Kubernetes-native APIs.

Interview Considerations

In system design interviews, understanding when to choose each tool demonstrates infrastructure maturity. Terraform is the safer choice for general-purpose IaC. Crossplane is the modern choice for Kubernetes-centric organizations building internal platforms. Many organizations use both — Terraform for foundational infrastructure and Crossplane for application-level resources managed by development teams.

See also: cloud infrastructure concepts and pricing considerations for managed IaC platforms.