23.1.6. 1030 Detect Terraform Drift

23.1.6.1. Overview

  • Id: 1030

  • Time: 10 Minutes

  • Enabled: Yes

  • Difficulty: introductory

  • Tags: terraform, cloud, clusters, compliance

  • Concepts: clusters, resource brokers

Video Link

23.1.6.2. Objective

Detect when cloud resources are changed outside of Digital Rebar

Business ROI: Improved operational control and consistency of infrastructure

23.1.6.3. Prerequisites

Required Labs:

  • 1020

Addtional Checklist Items:

  • Access to your cloud provider console

23.1.6.3.1. Summary

23.1.6.3.1.1. Force drift into the lab1020 Cluster

  1. Verify that you can find the associated instances in your cloud provider console

  2. Make sure that the cluster has completed provisioning and entered Work Order mode

  3. Remove some (not all) of the provisioned resources using your cloud provider’s CLI or UX

23.1.6.3.1.2. Detect drift from the lab1020 cluster

  1. Select and apply the cloud-cluster-drift-detection blueprint

  2. Review the Alerts to see the WARNING created by Digital Rebar detecting the drift

23.1.6.3.1.3. Create a drift detection trigger

  1. Create a new trigger named lab1030

  2. Select the `cron-trigger Trigger Provider <https://portal.rackn.io/#/e/0.0.0.0/trigger_providers/cron-trigger>`__

    The options will change when you select the provider

  3. Configure the new trigger

    Select the cloud-cluster-drift-detection blueprint.

    Select clusters as the filter to regularly scan for drift.

    Set the cron-trigger/time-string to your preferred frequency.

    • Selecting Hour: 1 will create a daily scan at 1 am.

    • Selecting Minute: 1 will create an hourly scan at :01 each hour.

    Save the Trigger.

  4. Update the All Filter Machines value to true

    This ensures that the trigger runs on all active clusters.