drift-detector

Solid

Detect infrastructure drift between Terraform state and actual cloud resources. Identifies unmanaged resources, manual changes, and configuration drift. Use when: - User asks to check for infrastructure drift - User wants to find unmanaged cloud resources - User mentions "drift detection" or "Terraform drift" - User asks to compare cloud state to IaC - User wants to audit infrastructure changes

DevOps & Infrastructure 37 stars 14 forks Updated 4 days ago Apache-2.0

Install

View on GitHub

Quality Score: 88/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# Infrastructure Drift Detector Detect, track, and resolve infrastructure drift between Terraform state and actual cloud resources to maintain Infrastructure as Code integrity. **Core Principle**: Your cloud should match your code. **Note**: This skill uses `snyk iac describe` CLI command (requires shell execution). --- ## Quick Start ```bash # Basic drift scan against a local Terraform state file snyk iac describe --from=tfstate://terraform.tfstate # Output as JSON for further analysis snyk iac describe --from=tfstate://terraform.tfstate --json > drift-report.json ``` --- ## Prerequisites - Terraform project with state file (local or remote) - Cloud provider credentials configured - `snyk` CLI installed - Network access to cloud APIs ### Supported Cloud Providers | Provider | Setup | |----------|-------| | **AWS** | AWS credentials (profile, env vars, or IAM role) | | **Azure** | Azure CLI login or service principal | | **GCP** | Application default credentials or service account | For a full list of supported resource types per provider, see `SERVICES.md`. --- ## Phase 1: Setup **Goal**: Configure drift detection environment. ### Step 1.1: Verify Terraform State Check for Terraform state: **Local state**: ```bash ls terraform.tfstate ``` **Remote state** (S3 backend): ```hcl terraform { backend "s3" { bucket = "my-terraform-state" key = "state/terraform.tfstate" region = "us-east-1" } } ``` ### Step 1.2: Verify Cloud Credentials **AW...

Details

Author: snyk
Repository: snyk/studio-recipes
Created: 4 months ago
Last Updated: 4 days ago
Language: Python
License: Apache-2.0

Integrates with

Azure · Cloud Terraform · Infrastructure

Similar Skills

Semantically similar based on skill content — not just same category

DevOps & Infrastructure Solid

terraform-skill

Use when working with Terraform or OpenTofu - creating modules, writing tests (native test framework, Terratest), setting up CI/CD pipelines, reviewing configurations, choosing between testing approaches, debugging state issues, implementing security scanning (trivy, checkov), or making infrastructure-as-code architecture decisions

1,907 Updated yesterday

antonbabenko

DevOps & Infrastructure Solid

terraform-iac-expert

Terraform and OpenTofu infrastructure as code — module design, state management, multi-environment setups, remote backends, secrets management, CI/CD integration. NOT for Pulumi, CDK, Ansible, or Kubernetes manifests.

108 Updated 3 weeks ago

curiositech

DevOps & Infrastructure Featured

terrashark

Prevent Terraform/OpenTofu hallucinations by diagnosing and fixing failure modes: identity churn, secret exposure, blast-radius mistakes, CI drift, and compliance gate gaps. Use when generating, reviewing, refactoring, or migrating IaC and when building delivery/testing pipelines.

429 Updated yesterday

LukasNiessen

Data & Documents Solid

skill-issue

Audit and review all installed agent skills. Run on-demand or via cron to get a health report: skill inventory, usage tracking, version checks, dependency health, and actionable recommendations (keep, update, review, remove). Use when asked to review skills, check for skill updates, find unused skills, or audit the skill ecosystem.

23 Updated 3 months ago

krispuckett

Testing & QA Solid

test-harness-auditor

This skill should be used when auditing a repo's test, lint, type-check, static analysis, build, and debug infrastructure for AI coding agents. Use when entering a new repo, when asked to 'audit tests', 'audit harness', 'check test infrastructure', 'lint audit', 'what testing tools are configured', or when a repo has no .claude/lint-rules.json. Generates optimized configs for the lint-on-write hook.

32 Updated yesterday

tdimino