As part of KubeCon + CloudNativeCon North America, theCUBE’s Rob Strechay sits down with Marcin Wyszynski, co-founder and chief research and development officer at Spacelift (and OpenTofu cofounder), to unpack how AI is reshaping infrastructure as code and platform engineering. Wyszynski traces Spacelift’s origins from “multiplayer Terraform” needs to the recent announcement of Spacelift Intent – an experimental, open-source-first capability with a commercial, multiplayer layer. He explains how Intent accelerates day-zero prototyping, imports ClickOps-created resources and even breaks up overstuffed Terraform states. The discussion highlights why governance and policy-as-code guardrails matter when putting large language models in infrastructure as code loops.
Viewers get a preview of what to watch this month in Atlanta: open sign-ups for Intent on the Spacelift platform (post-KubeCon), improvements to Spacelift’s Kubernetes integration and Spacelift’s first in-person IaCConf focused on the future of IaC. Wyszynski underscores a pragmatic approach – extending Terraform/OpenTofu rather than replacing them – enabling teams to move quickly without sacrificing oversight. It’s a timely look at how cloud-native foundations, AI assistance and strong governance can reduce toil as AI workloads scale.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
KubeCon + CloudNativeCon NA 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open the link to automatically sign into the site.
Register for KubeCon + CloudNativeCon NA 2025
Please fill out the information below. You will receive an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for KubeCon + CloudNativeCon NA 2025.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
KubeCon + CloudNativeCon NA 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open the link to automatically sign into the site.
Sign in to gain access to KubeCon + CloudNativeCon NA 2025
Please sign in with LinkedIn to continue to KubeCon + CloudNativeCon NA 2025. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Marcin Wyszynski, Spacelift
As part of KubeCon + CloudNativeCon North America, theCUBE’s Rob Strechay sits down with Marcin Wyszynski, co-founder and chief research and development officer at Spacelift (and OpenTofu cofounder), to unpack how AI is reshaping infrastructure as code and platform engineering. Wyszynski traces Spacelift’s origins from “multiplayer Terraform” needs to the recent announcement of Spacelift Intent – an experimental, open-source-first capability with a commercial, multiplayer layer. He explains how Intent accelerates day-zero prototyping, imports ClickOps-created resources and even breaks up overstuffed Terraform states. The discussion highlights why governance and policy-as-code guardrails matter when putting large language models in infrastructure as code loops.
Viewers get a preview of what to watch this month in Atlanta: open sign-ups for Intent on the Spacelift platform (post-KubeCon), improvements to Spacelift’s Kubernetes integration and Spacelift’s first in-person IaCConf focused on the future of IaC. Wyszynski underscores a pragmatic approach – extending Terraform/OpenTofu rather than replacing them – enabling teams to move quickly without sacrificing oversight. It’s a timely look at how cloud-native foundations, AI assistance and strong governance can reduce toil as AI workloads scale.
As part of KubeCon + CloudNativeCon North America, theCUBE’s Rob Strechay sits down with Marcin Wyszynski, co-founder and chief research and development officer at Spacelift (and OpenTofu cofounder), to unpack how AI is reshaping infrastructure as code and platform engineering. Wyszynski traces Spacelift’s origins from “multiplayer Terraform” needs to the recent announcement of Spacelift Intent – an experimental, open-source-first capability with a commercial, multiplayer layer. He explains how Intent accelerates day-zero prototyping, imports ClickOps-created...Read more
exploreKeep Exploring
What is the Spacelift Intent tool and how does it work?add
What is Spacelift Intent and how does it facilitate infrastructure management?add
What are the key advantages of using certain tools for prototyping and importing resources in Terraform projects?add
What is the purpose of the Intent system in relation to coding agents and infrastructure deployment?add
What are the data security aspects of Spacelift Intent and how does it ensure accountability in its use of LLMs?add
What is Spacelift Intent and how does it relate to open-source technologies?add
>> Hello, I'm Rob Strechay, and welcome to this episode of the AnalystANGLE on AI
in infrastructure as code, where we will examine the
state of platform engineering and the impact AI is having on it. For this segment, I'm joined
by Marcin Wyszynski, cofounder and chief R&D officer
for Spacelift, as well as the cofounder of OpenTofu,
which you may have heard of, and it's really a growing segment, and I'm excited, as we
go into KubeCon here and CloudNativeCon, to
be talking more about it. Welcome on board, Marcin.
Marcin Wyszynski
>> Hello, everyone, and thank
you for having me, Rob.
Rob Strechay
>> Yeah. It's really exciting. I think, again, as we're ramping up, it's such a great time
to learn about companies and what they're up to. For those who are not as
familiar with Spacelift as I am, how did the company come around? I mean, you're one of the cofounders. Kind of tell the origin
story a little bit.
Marcin Wyszynski
>> Sure. It's a nice one.
I'm not a serial founder. I'm an accidental founder. I'm generally a software
engineer. I worked at Google. I worked at Facebook before
it was even called Meta. And for a couple of years,
I was a cloud consultant. And when I was a cloud consultant, I was getting people onto
the clouds from things like Roku, from on-prem, you name it. And as part of the
challenge, it was difficult to get people at a large scale to adopt cloud. Terraform was an amazing help with that. But quickly, you realize
that tools like Terraform, as amazing as they are on a single laptop, they're not particularly multiplayer. It's similar to Git. Git is
great when you're just on your laptop and you're doing
your version control, but the moment that
you're supposed to send, and I think it was the
original design of Git, that you're supposed to
send patch files over email. I mean, it's madness. So that's why you have
multiplayer modes like GitHub. And essentially, I was
like, "Okay. It's cool. Terraform is cool. It's like Git cool, but where
is the multiplayer mode? " And the multiplayer mode
didn't exist back then. And the moment I was
rolling out my solutions to the organization, I
was finding bottlenecks. So you first start centralizing CI/CD. I think I've used pretty much
everything there was on the market for different clients, then I used Terraform Cloud, or I think
it was called Terraform Enterprise back then. It was a very simple solution. It didn't really make
much of a difference. So ultimately, I created something for one of my clients who's moving off of Roku. I created something in
my spare time trying to scratch the itch that I
had, and it was successful. I mean, the reason I think it
was successful is that people leaving that company, moving to other companies would be calling me and asking, "Marcin, I really like that. I really like what you did
at Company X, and I'm in my new company. Can I get the same?"
I'm like, "Yeah. Sure. Why not? We could do that." But at
some point, I realized that if so many people are asking, then there is definitely
an opportunity here. So I decided to actually go to HashiCorp and say, "Hey, I think
I have a few ideas on how you could make
Terraform Enterprise better. " So I applied for a product manager role at HashiCorp, and
the interview was funny. They pretty much laughed
me out of the room. They're like, "No, you're hallucinating. " You'd call it hallucinating,
I guess, in the age of LLM. I don't think they used that word, but they're like, "Absolutely not. " And I'm like, "I would
love to prove you wrong, because I think that
those ideas do make sense. " And I started the product. That product turned into a company. And here, we raised Series
C, and we are a serious contender in this space. So maybe I wasn't so wrong about everything
as they might have thought.
Rob Strechay
>> Yeah. No, I think you're
definitely a serious competitor. I think what I love about it is that you've really embraced the community and what's going on, but
you've also really embraced... Because you have that background
from those major cloud organizations and have
been that cloud consultant, I think it's definitely give
you different perspective. Myself, having been at AWS, I
get what you guys are doing. I think one of the things that I really loved is
you just had a significant announcement about bringing
AI to help take the toil out of platform engineering. Why don't you kind of unravel
that a little bit for us, that announcement, and
tell us how it came about and what it's doing?
Marcin Wyszynski
>> Yeah. It's a good question. We just launched a tool
called Spacelift Intent. It's an experimental project, but it's a serious tool already. It's available in open-source mode where it's a local MCP server, and there's also a commercial
component on top of it for people who want this multiplayer mode that we're good at. This is a part of Spacelift.
The project is called Spacelift Intent, and the idea is to allow
people to move very quickly with their basic
infrastructure management bit. Technically, how it
works is that, basically, it does Terraform without Terraform. So you express intent, and you don't have to learn much to get that intent translated
into cloud resources. When you think about this,
in the past, you had two ways of getting a resource onto the cloud. One was simple. It's like a caveman. You click on an AWS console.
It's there. It's 30 seconds. It's there. You're trying to
repeat it, like you're trying to explain to your colleague what you did? Best of luck. Right? It's
quick. It's hacky. It's dirty. Nobody does that. Well, at least since here,
nobody should do that at any level of scale. But the other part of the
spectrum is very ceremonial. So imagine you're a completely new person to infrastructure management. You don't know Terraform,
and you're being asked to deploy an S3 bucket
for your application. So imagine the hoops that
you need to go through. You need to, first of
all, learn a new syntax, learn a new language,
HCL, then you need to look for the provider. You need to learn the provider. You need to understand how
to set it up, then you need to find the right resource. You need to learn how to set it up, and it's almost never a single resource. It's usually a couple of resources. You need to learn how
they're wired up together to constitute what you wanted, and then you need a bucket
to store your state. You probably need to have a CI to deploy your infrastructure in a sort of centralized manner. And for a starter, it will take days. For someone who's relatively
good with infrastructure, it'll probably take hours, and
there's nothing in between. So either you take this
giant Thor's hammer to drive a nail or you use your forehead. Both are kind of stupid. You
don't always need that power. Sometimes you do need a Thor's hammer. In a large organization,
in a serious environment, in production environments,
you do need Thor's hammer, and that's what Spacelift
is, and sometimes you don't. Sometimes you need to move
quickly, but not stupidly. That's what Intent then does.
It kind of short-circuits. It gives you almost a Thor's hammer, but without all the ceremony in between. You get your state. You
get Terraform resources. You get Open Lake. You
get Terraform providers or OpenTofu providers
doing things for you, but then you get a
massive help from an LLM that is synchronizing your intent with what the cloud is expecting, and it's translating your
intent into API calls using schemas from providers. Effectively, what we did
is we removed Terraform, the binary, or OpenTofu, the binary, and we kind of replaced it with an LLM with a human driver, and
that's the idea of Intent. Where it really shines is
actually a couple of things. First of all is prototyping. You know what you generally want, but you don't know how to get there. So how about we skip
the whole learning part or we teach you in the
process how this is set up, but you get your resource immediately? The second thing is importing
resources that were kind of plucked in the console. Right? It's a giant thing. When we were starting
Spacelift, we assumed that people are Terraforming
everything in their AWS accounts or GCP accounts. That's never the case. >> No, it isn't.
- Right?
Marcin Wyszynski
>> Almost every project in Terraform
is a brownfield project.
Rob Strechay
>> It coexists with things that
are not Terraform. Right? And so, if you have a
good human-in-the-loop way to import things under
Terraform management or even some sort of soft management by a centralized solution,
that's already a win, and that's where Intent shines. You essentially say, "Look, I got a bunch of VPCs in this account. Please Terraform them for me."
And it does it. It does it with the help
of LLM, and it's iterative. You can influence it. It's almost like having this engine that amplifies your power. And the third thing that
people found, and this is a community discovery, is that it's really good at
breaking giant Terraform states into smaller constituent parts. That's something that Terraform
never got quite right. You got this giant state. It kind of grows and grows and grows, and you're painting
yourself into the corner with every new resource
that you keep adding, and then breaking it is
quite a thing. Right?
Rob Strechay
>> Right.
- And Intent solves that problem.
Rob Strechay
>> Yeah. I love that part.
Marcin Wyszynski
>> I mean, again, you coming
from the software development, there was a reason why we
went back to really services and building things as components and componentizing
software and applications and SaaS services, was because you wanted to be able to deal with that estate in a more,
I guess you could say, regulated manner where you
could change things out as you needed to or improve things or copy things even when
you had to go and do that. But one of the things that I think you touched
on it just there was, how does this really tie
into the existing toolchains that organizations are using today to build out these applications? >> I think it lives somewhere in between
Marcin Wyszynski
>> prototyping or vibe coding
and mature infrastructure. So we see it as mainly day zero, where, as you're developing, you're more and more using coding assistants. Right? And coding assistants
allow you to get things to production or to
completion very quickly, and that's the moment
where, okay, you realize that you need some infrastructure, and you can't divide code
infrastructure at all. Right? So you're flying a jet fighter, and suddenly, you're jumping
to the speed of a horse. Suddenly, the magic is gone. So one thing that we're trying to do with Intent is that, "Okay. If you're just figuring
out what you wanted to do, you want infrastructure here and there, how about we
extend your coding agent, like Claude Code, with the ability to spin up infrastructure
in a controlled way? " So Spacelift will
control the capabilities. We'll have policies that will prevent your LLM
from doing something that you would not want to do, but other than that, let your coding agent continue with the magic. And if you want to show
your project to someone else and you want to deploy
it on AWS, then Intent kicks in and allows you to do this. Right? So it's a day zero thing. There's another day zero
story here, as I said, about company that is... It sits on a massive
pile of infrastructure that has never been Terraformed. Maybe it was created by hand. Maybe they had the entire ClickOps team, because it's not unheard of, or maybe they use a bunch of Bash scripts and one-off procedures to
provision the infrastructure, with Jira tickets maybe. Right? And so, they sit
on top of a lot of things that is almost like
shadow IT at that point, and that's day zero, and
they introduce Terraform. Right? And as they
introduce Terraform, the big question becomes, like,
"What do we do with the rest of stuff that was never Terraformed? " And I understand that
the new way will be clean, but what about the stuff
that predates Terraform, that predates that journey
that we're taking to proper management of resources? And to some extent, it's an
extension of the day zero story. We have almost not even day
zero, but a day minus one. We have a massive technical debt to pay, and here's where Intent comes in, and you're able to just bring
those resources under soft management, make sure that
they're orderly, make sure that they're connected
the way that you want, and then you can export and promote them to a more formal management
using Terraform or OpenTofu. So what we're doing is we're not trying to replace Terraform. We're trying to extend
the Terraform story to where it was not a good tool before. Right? You could have used it, maybe, but it was just not a very good fit as in like a Thor's hammer
for driving a small nail. Right? What we're trying
to give you is a tool that sits somewhere on the
spectrum between just ClickOps and extremely ceremonial, proper, formalized way of deploying things, which you don't always need
and which you pay a price for.
Rob Strechay
>> Yeah. Totally. I think,
again, being able to go into and understand the code and be
able to look at it afterwards before pushing it and
things is really important. But one of the other things
that I think is neat, and again, we've had some
conversations around this already, previous, was the fact that you built in an MCP server. Go into why that's so
important to bring that, that API set, to Spacelift Intent.
Marcin Wyszynski
>> I'm a huge believer in MCP. There is a bit of a controversy.
Some people love it. Some people are a bit more
skeptical, especially as Claude now released their abilities. I love MCP because we are kind of, almost by chance, creating a new ecosystem. It reminds me of the days of HTTP and people exposing APIs, but everyone kind of tends
to expose APIs differently. And so, something that was a promise of one application being able to talk to another application relatively easily was never fulfilled. But I see another promise
with MCP that, one day, it actually might be fulfilled. Why? Because suddenly, we
have a killer application, which is LLMs, which is the agents, and those agents are requiring everyone to speak their language, which means that even if I'm not an agent, if I can speak the same
language as the agent would, I can speak to any application or any API that supports remote MCP. And suddenly, I have this common platform that I can build an ecosystem on top of. Right?
And this is why I believe MCP... First of all, supporting MCPs, exposing MCPs is a huge thing,
not just for the agents, but it creates a completely new ecosystem. It fulfills that promise
that was unfulfilled since HTTP and REST APIs and open API and all the other efforts to
standardize how applications and users talk to applications. Right? That's why I
think MCP goes way, way beyond the LLM use case, and that's why I believe
it's important for us to build this capability and to open up this opportunity for interconnectedness between applications.
Rob Strechay
>> Yeah. I agree. I think it's really neat, and I think we'll see a lot more about that down at KubeCon in Atlanta
as well, to put it mildly, now that it's kind of under governance and everything like that, which is great. One of the things, talking
about kind of governance, that I think is really needed and I think is really
unique about Intent, kind of go into the governance and data security aspects of
Intent and Spacelift Intent.
Marcin Wyszynski
>> Spacelift Intent has a commercial mode in which we provide a sort of middleware, and that middleware gives the
ability for users to protect their clouds, to protect their organizations
from LLMs doing not exactly what you want it to do. Right? So first of all,
we manage the state. We save everything to an encrypted state. So the LLM is fully accountable for those. It's easy to see what has been done, who initiated any particular
action, what was the result of the action, but you
can also set up policies that would prevent certain
things from happening or even constrain the LLM
to only a subset of things that it could potentially trigger. I think it is quite important, because it uses the same policy-as- code layer as the rest of Spacelift. A lot of concern about LLMs and use of AI in general,
especially in such a sensitive area as infrastructure,
is around accountability and being able to catch
any misconfigurations. Right? A human can be
assumed to be reasonable. You interview that human. You're meeting that human as
a manager every week or so. The team is coaching a human.
LLM is not there. Right? So you need to build stronger
guarantees for LLMs not to go haywire, not to
hallucinate certain things. But ultimately, the same
guardrails that we introduced for human creators of code or Spacelift will work for an LLM as well. So at Spacelift, we have a
very strong story around policy as code, and we just extended
the very same thing to LLMs, and it has great, great results.
Rob Strechay
>> Yeah. I think that, to me, is key. I think exactly what you
said is that you have to have those guardrails in place, and I think that is a key
with any AI technology that's rolled out. So I think one of the things,
I want to kind of come back to your roots, and
Spacelift has always really rallied around open-source technologies. How has this continued with the
release of Spacelift Intent?
Marcin Wyszynski
>> Spacelift Intent has been released as an open-source
project, with a commercial implementation on top of Spacelift. io. But at its very core, first of all, it's using a bunch of
open-source technologies. Obviously, we're using OpenTofu providers. We're using some OpenTofu code
to talk to those providers. So we owe a massive debt to
the open-source community, which we are paying off. So that's one thing. The other
thing is that what Intent is, is kind of like a category creation. It's not just like a better Terraform or a different OpenTofu. It's essentially a different way of thinking about infrastructure and infrastructure management to a point where sometimes explaining
even to industry veterans, we were met with misunderstanding, or people are not fully grasping
what we were talking about. And finally, when it clicks
for them, they're like, " Oh my God, that's really
thinking out of the box. I didn't expect that. " Now I see it, I'm like,
"Of course, it's so obvious. " Right? But what it means is that we're talking in
completely new paradigms here, and the new paradigms are
best built in the open. If people don't understand how it works, if they can't see the code,
if they can't play around with it, if they can't
extend what's happening, then they will not trust it,
and they will not adopt it, and then the paradigm will die, and maybe it will be
resurrected by someone else. But trying to close it, trying
to guard it very closely, trying to develop it behind open doors is fighting an uphill battle, because ultimately, it
is the open standards that get adopted. It's the open standards that do win. Trying to get people to adopt closed standards
essentially means lock-in for them, and people are really
cautious these days about lock-in, especially after
what happened with some of the rug pulls in the
open-source community. BSL from HashiCorp was one thing, then there was Redis. Now, I do believe that
the name de jure is MinIO that just left the open-source community,
to my understanding. I didn't really look into it too much, but people are getting wary of
things that are kind of like open source-ish. They're scared of rug pulls.
What we want to do is we want to be extremely clear
about, "Hey, this is Apache. This is open source. You can literally take it, do
whatever you please with it. " Right? And that gives
people maybe the comfort and the security to adopt a new paradigm or at least to try a new paradigm.
Rob Strechay
>> Yeah. No, I totally agree with that. I think, again, we're big
believers in open source. I think being supporters of it ourselves, I've actually worked at an
open-source company previously. I think when you look at it,
it's going to be a lot of fun as we run towards KubeCon. Any teasers that you have
about what people should be looking into as they come to see Spacelift at KubeCon in Atlanta?
Marcin Wyszynski
>> We are launching Intent to noncustomers. So even if you're not a
customer, you'll be able to use Intent on the platform after signing up. So we are not doing GA, but we're having open season for sign-ups. So that's one thing. I'd
love people to try it out. If you want to use an open-source version, you can obviously use it now. But if you want to use a version
that is commercially backed and it's secure, then I would suggest that after KubeCon, you'll be able to do that. We are launching some of the improvements of our Kubernetes integration,
the ability to kind of auto- register our work for pools in Kubernetes. But most importantly, what
Spacelift is organizing as an event around KubeCon is a first- ever IaCConf in which we're going to be talking about the future of infrastructure as code in general. We've kind of realized that
we've been doing infrastructure as code almost the same for last 10 years, and it's time to start talking about what the future might be. So we've organized two infrastructure-as- code conferences already. They were online. But
given the fact that a lot of our users, a lot of the
opinion leaders are in Atlanta for KubeCon, we thought, "Why don't we organize
something in person? " So that's our first in-person IaCConf, and we warmly invite you to that. >> Yeah. I'm excited.
Rob Strechay
>> I'm actually going to run one of the panels at IaCConf for you guys. I was excited to be a part of
it. I think it's Monday night. I guess they consider it day
one, but it's really day zero before all the keynotes
and stuff like that, and it's going to have a lot of networking, which I also love. You guys have built in a lot
of community with the partners that you're working with on it. I think it's going to
be a fantastic event. So hey, Marcin, thank
you for coming on board. I really appreciate it, and I'm excited to hang in
person when I see you at IaCConf down there in Atlanta. >> Thank you. Thank you for having me.
Rob Strechay
>> Yup. And thank you, everyone,
Marcin Wyszynski
>> for watching this AnalystANGLE where we dug into AI in IaC. Really, I think infrastructure as code is definitely changing, and I think this has a huge
impact on where it's going to go, and I'm excited for it. So stay tuned to theCUBE, the
leader in analysis and news.
Rob Strechay