cloud-cluster-drift-detection¶

Terraform Plan checks if system has changed outside of Terraform state

Designed to be used on a cron trigger, this blueprint uses passes "Plan" into the normal Terraform-Apply task via the Cluster. When running terraform plan the task will error if the known state does match the discovered state.

This allows operators to create a regular scan for clusters to ensure that they have not been changed outside of Digital Rebar Terraform management.

This is limited to the resources that were created by Terraform. To find instances that exist OUTSIDE of Terraform, use a cloud CLI task such as aws-scan-instances

Objects that Reference cloud-cluster-drift-detection¶

Not used in current content packs

Objects used by cloud-cluster-drift-detection¶

• tasks cluster-provision
• params cluster/wait-for-members
• params terraform/plan-action