Drift Detection
Automatically detect and fix Terraform state drift with AI assistance
Overview
Terraform drift occurs when your actual cloud infrastructure differs from what's defined in your Terraform state. This can happen when resources are modified manually through cloud consoles, by other tools, or through automated processes outside of Terraform.
Infra.new's drift detection continuously monitors your Terraform state backends and automatically identifies when drift occurs. Our AI-powered system not only detects these changes but also provides intelligent suggestions to resolve them.
- Continuous monitoring of your Terraform state backends
- Automatic detection of configuration drift across all resources
- AI-powered analysis and intelligent fix suggestions
- One-click fixes for common drift scenarios
How It Works
Infra.new's drift detection works by continuously monitoring your connected Terraform state backends and comparing them with your actual cloud infrastructure.
Connect State Backends
Connect your existing Terraform state backends (S3, GCS) to enable continuous monitoring.
Continuous Monitoring
Infra.new regularly checks your state files and compares them against actual cloud resources.
Drift Detection
When differences are found, drift alerts are automatically created with detailed information about what changed.
AI Analysis & Fixes
Our AI analyzes the drift and provides intelligent suggestions for resolving the differences.
Setup Instructions
To enable drift detection, you need to connect your Terraform state backends to Infra.new. This requires cloud credentials with read access to your state storage.
Configure Cloud Credentials
Set up AWS or GCP credentials to access your state backends
Connect State Backends
Once you have configured your cloud credentials, connect your Terraform state backends:
- Navigate to State Backends in your dashboard
- Click Connect State Backend
- Select your cloud provider and configure the backend details:
Monitor Terraform state stored in S3
- • Bucket name and region
- • State file key/prefix
- • Optional: DynamoDB lock table
Monitor Terraform state stored in GCS
- • Bucket name and location
- • State file prefix
- • Project ID
Using Drift Detection
Dashboard Overview
Your main dashboard shows a summary of drift alerts across all connected backends. The drift detection card displays:
- Total number of active drift alerts
- Breakdown of active vs resolved alerts
- Recent drift activity (last 30 days)
Click on the drift detection card to view detailed drift information.
Drift Alerts Table
The drift alerts page shows all detected drift organized by backend. Each backend section includes:
- Backend Header: Shows backend name, total drift count, and Fix Allbutton
- Resource Rows: Individual resources with drift, showing resource name, type, status, and last detected time
- Drift Details: Click any resource row to expand and see specific configuration differences
Understanding Drift Details
When you expand a drifted resource, you'll see:
- Configuration Diff: Side-by-side comparison of expected vs actual configuration
- Change Summary: Description of what changed and when
- Impact Assessment: AI analysis of the change's significance
AI-Powered Drift Fixes
How AI Fixes Work
Infra.new's AI analyzes each drift scenario and determines the best approach to resolve it. The AI considers:
- The type of resource and configuration that drifted
- The nature of the change (addition, modification, deletion)
- Best practices for Terraform state management
- Potential impact on dependent resources
Fix All Functionality
For each backend with drift, you can use the
- Click Fix All for the backend with drift
- Review the AI-generated fix plan
- Approve or modify the suggested changes
- Apply the fixes to resolve the drift
Smart Fix Recommendations
The AI may recommend updating your Terraform configuration to match the actual state, reverting the cloud resources to match your configuration, or ignoring certain changes that are expected (like auto-scaling adjustments).
Best Practices
When to Fix vs Ignore Drift
Usually Fix These
- • Security group rule changes
- • Resource configuration modifications
- • Unexpected resource deletions
- • Tag or label changes
Consider Ignoring These
- • Auto-scaling capacity changes
- • System-managed attributes
- • Temporary state changes
- • Provider-specific defaults
Monitoring Tips
- Set up regular reviews of drift alerts to catch issues early
- Use the dashboard to monitor drift trends over time
- Address critical infrastructure drift immediately
- Document any intentional changes made outside of Terraform
Drift Detection
Automatically detect and fix Terraform state drift with AI assistance
Overview
Terraform drift occurs when your actual cloud infrastructure differs from what's defined in your Terraform state. This can happen when resources are modified manually through cloud consoles, by other tools, or through automated processes outside of Terraform.
Infra.new's drift detection continuously monitors your Terraform state backends and automatically identifies when drift occurs. Our AI-powered system not only detects these changes but also provides intelligent suggestions to resolve them.
- Continuous monitoring of your Terraform state backends
- Automatic detection of configuration drift across all resources
- AI-powered analysis and intelligent fix suggestions
- One-click fixes for common drift scenarios
How It Works
Infra.new's drift detection works by continuously monitoring your connected Terraform state backends and comparing them with your actual cloud infrastructure.
Connect State Backends
Connect your existing Terraform state backends (S3, GCS) to enable continuous monitoring.
Continuous Monitoring
Infra.new regularly checks your state files and compares them against actual cloud resources.
Drift Detection
When differences are found, drift alerts are automatically created with detailed information about what changed.
AI Analysis & Fixes
Our AI analyzes the drift and provides intelligent suggestions for resolving the differences.
Setup Instructions
To enable drift detection, you need to connect your Terraform state backends to Infra.new. This requires cloud credentials with read access to your state storage.
Configure Cloud Credentials
Set up AWS or GCP credentials to access your state backends
Connect State Backends
Once you have configured your cloud credentials, connect your Terraform state backends:
- Navigate to State Backends in your dashboard
- Click Connect State Backend
- Select your cloud provider and configure the backend details:
Monitor Terraform state stored in S3
- • Bucket name and region
- • State file key/prefix
- • Optional: DynamoDB lock table
Monitor Terraform state stored in GCS
- • Bucket name and location
- • State file prefix
- • Project ID
Using Drift Detection
Dashboard Overview
Your main dashboard shows a summary of drift alerts across all connected backends. The drift detection card displays:
- Total number of active drift alerts
- Breakdown of active vs resolved alerts
- Recent drift activity (last 30 days)
Click on the drift detection card to view detailed drift information.
Drift Alerts Table
The drift alerts page shows all detected drift organized by backend. Each backend section includes:
- Backend Header: Shows backend name, total drift count, and Fix Allbutton
- Resource Rows: Individual resources with drift, showing resource name, type, status, and last detected time
- Drift Details: Click any resource row to expand and see specific configuration differences
Understanding Drift Details
When you expand a drifted resource, you'll see:
- Configuration Diff: Side-by-side comparison of expected vs actual configuration
- Change Summary: Description of what changed and when
- Impact Assessment: AI analysis of the change's significance
AI-Powered Drift Fixes
How AI Fixes Work
Infra.new's AI analyzes each drift scenario and determines the best approach to resolve it. The AI considers:
- The type of resource and configuration that drifted
- The nature of the change (addition, modification, deletion)
- Best practices for Terraform state management
- Potential impact on dependent resources
Fix All Functionality
For each backend with drift, you can use the
- Click Fix All for the backend with drift
- Review the AI-generated fix plan
- Approve or modify the suggested changes
- Apply the fixes to resolve the drift
Smart Fix Recommendations
The AI may recommend updating your Terraform configuration to match the actual state, reverting the cloud resources to match your configuration, or ignoring certain changes that are expected (like auto-scaling adjustments).
Best Practices
When to Fix vs Ignore Drift
Usually Fix These
- • Security group rule changes
- • Resource configuration modifications
- • Unexpected resource deletions
- • Tag or label changes
Consider Ignoring These
- • Auto-scaling capacity changes
- • System-managed attributes
- • Temporary state changes
- • Provider-specific defaults
Monitoring Tips
- Set up regular reviews of drift alerts to catch issues early
- Use the dashboard to monitor drift trends over time
- Address critical infrastructure drift immediately
- Document any intentional changes made outside of Terraform