The config drift checker with terragrunt states to detect manual changes on your infra out of the as-code stack.
In IAC universe we can seperate drift problem in two main part.Resource and Configuration drifts.
According to the daily support cases or less privileged user access or bypassed manual changes from the terraform code blocks that can cause configurational drifts.
In this example diagram at day-0 teams create their own resource on AWS.After that some of the manual changes and non-imported resources can make your code blocks too far away from the desired state of the terraform.
To check your state and code block compability in specified time periods you can use the haydarctl.
Haydarctl needs two important thing;
- python3
- terragrunt
After you installed them you can start to run it.
Haydarctl get the directory address from command line and you can run this any directory address you want.
git clone git@github.com:WoodProgrammer/haydarctl.git
pip3 install --upgrade ./haydarctl
To verify the installation run this command
haydarctl --help
haydarctl --output fix --workspace infra_repository
__ __ __ __ __
/ / / / ____ _ __ __ ____/ / ____ _ _____ _____ / /_ / /
/ /_/ / / __ `/ / / / / / __ / / __ `/ / ___/ / ___/ / __/ / /
/ __ / / /_/ / / /_/ / / /_/ / / /_/ / / / / /__ / /_ / /
/_/ /_/ \__,_/ \__, / \__,_/ \__,_/ /_/ \___/ \__/ /_/
/____/
This tools compares Terraform state and Real Resources and it generates a output file for you
Caveats: This tool is not stable yet and your feedbacks are very important for us please do not hesiate to create Issue&Pr on Github.
Configuration Drifts and Haydarctl
You can check this video
haydarctl start to fetch github repositories and checks the each terragrunt modules and compares the states built-in terragrunt commands and generates drift templates.To see the examples you can check the issues directory.
Haydar Haydar - Neşet Ertaş
