Skip to content

::: {.index} pair: Detect Terraform Drift; Labs :::

1030 Detect Terraform Drift

Overview

  • Id: 1030
  • Time: 10 Minutes
  • Enabled: Yes
  • Difficulty: introductory
  • Tags: terraform, cloud, clusters, compliance

* Concepts: clusters, resource brokers .. youtube:: bjlFL8Y0p3U :privacy_mode: Video Link

Objective

Detect when cloud resources are changed outside of Digital Rebar

Business ROI: Improved operational control and consistency of infrastructure

Prerequisites

Required Labs:

  • 1020

Addtional Checklist Items:

  • Access to your cloud provider console

Summary

Force drift into the lab1020 Cluster

  1. Verify that you can find the associated instances in your cloud provider console
  2. Make sure that the cluster has completed provisioning and entered Work Order mode
  3. Remove some (not all) of the provisioned resources using your cloud provider's CLI or UX

Detect drift from the lab1020 cluster

  1. Select and apply the cloud-cluster-drift-detection blueprint
  2. Review the Alerts to see the WARNING created by Digital Rebar detecting the drift

Create a drift detection trigger

  1. Create a new trigger named lab1030

  2. Select the `cron-trigger Trigger Provider \<https://portal.rackn.io/#/e/0.0.0.0/trigger_providers/cron-trigger>`__

    The options will change when you select the provider

  3. Configure the new trigger

    Select the cloud-cluster-drift-detection blueprint.

    Select clusters as the filter to regularly scan for drift.

    Set the cron-trigger/time-string to your preferred frequency.

    • Selecting Hour: 1 will create a daily scan at 1 am.
    • Selecting Minute: 1 will create an hourly scan at :01 each hour.

    Save the Trigger.

  4. Update the All Filter Machines value to true

    This ensures that the trigger runs on all active clusters.