Dmytro Klevakin Cloud · Architecture · Music
EN/UA Say hi
← Writing
Cloud & DevOps

Bicep vs Terraform on Azure, in 2026

An honest comparison after running both in production — when to use which, and what the tradeoffs actually look like day-to-day.

The short answer

Use Bicep if you’re Azure-only and want the path of least resistance. Use Terraform if you’re multi-cloud, your team already knows HCL, or you need the ecosystem.

That’s the answer most teams need. Here’s everything else.

What changed in 2026

Bicep has matured significantly. The language is cleaner, the VS Code extension is excellent, and the az deployment ergonomics have improved. Terraform on Azure has also improved — the AzureRM provider is well-maintained and the azapi provider fills the gaps for new Azure resources.

The gap has narrowed. But the fundamental tradeoffs haven’t changed.

When Bicep wins

You’re Azure-only. If your entire infrastructure is Azure, Bicep is the natural choice. It compiles directly to ARM, has zero abstraction overhead, and you get access to new Azure features immediately — no waiting for a Terraform provider update.

You want simplicity. A Bicep file is easier to read for someone unfamiliar with IaC than an equivalent Terraform configuration. The type system is strict enough to catch errors at compile time. The what-if command is genuinely useful.

You’re using Azure DevOps or GitHub Actions heavily. The native integrations are smooth.

When Terraform wins

Multi-cloud or hybrid. If you’re managing AWS and Azure, or Azure and Cloudflare and Datadog, Terraform’s provider ecosystem is unmatched. Writing Terraform for everything means one mental model, one state management approach, one CI pipeline pattern.

Your team already knows HCL. Migration cost is real. If your team is proficient in Terraform, the productivity gain from switching to Bicep is probably negative in year one.

You need the module registry. The Terraform registry has thousands of community modules. Bicep’s module registry is growing but thinner.

The state management question

This is where Bicep is still weaker. Terraform’s state file is a first-class concept — it tracks what’s deployed, what drifted, what needs updating. Bicep relies on ARM’s incremental deployment model, which is less explicit.

For large estates, Terraform’s state management (especially with remote state in Azure Storage + state locking) gives you better visibility into what’s actually deployed.

My current recommendation

For new Azure-only projects in 2026: start with Bicep. The developer experience is good, the integration with Azure is seamless, and the operational overhead is lower.

For existing Terraform estates: stay in Terraform. The migration cost isn’t worth it unless you have a specific reason.

For multi-cloud: Terraform, no question.

The hybrid approach

Some teams use both — Bicep for Azure-specific resources where native features matter (Azure Policy, Blueprints, Management Groups), Terraform for everything else. This works but adds cognitive overhead. I’d only do it if you have a clear, well-documented boundary between the two.

One more thing

Whatever you choose, invest in your module structure early. A flat directory of Bicep files or a flat Terraform config both become unmaintainable quickly. The module design is more important than the language choice.