I think the writing on the wall is clear DSC will kill GPOs for servers.
If you really think about what a GPO is, it is a big registry hack that is apply to servers joined to a domain. If you have workgroup servers like in the cloud and/or the DMZ, you know there a lot registry keys that need to be change via PowerShell or manually using regedit worst case scenario.
When you change a GPO policy, can you really be sure when the server took the registry change? Not really, if you are lucky it will take less than 15 minutes and you worst case scenario it will only apply when a reboot is performed.
Now, one of the biggest issue that I personally have with GPOs is that you can not really version control them, sometimes you do not even know who made the change and/or when. I know there is AGPM but is not good enough to keep control and it is a little bit clunky.
The other big issue is when regulators ask you for proof that the policies that they require are implemented. Now you have to to run gpresult on the servers and collect the results ; not only that but for HIPPA, SOX, PCI compliance you need to have documentation about the process.
If you have code written in DSC that can be use as your documentation and it will always be up to date. You will be able to version control using repositories like GIT and know for certain when the policies are applied or not.
When using DSC you can make sure the resources are idempotent and they are pretty easy to write. Look at the following example
As you can see there are two resources one to manage the message of the day (MOD) and the other one for no locking the screen on the node and the only requirement on the servers to have PowerShell V4 or higher.
If you want more information about PowerShell DSC you can find some of it here