Skip to content

Monitor and report drift or manually modified infrastructure components

Created by: filiphaftek

Feature request description

As we have all infrastructure in terraform, we should monitor and report any changes to infrastructure not done via terraform.

Is your feature request related to a problem? If so, please describe.

We have some components added via web console or modified manually, which should not happen, as our CI has plugged in Checkov to ensure security. We also cannot afford to have unused i.e. databases running.

Describe alternatives you've considered.

The proposal is to schedule daily job to verify if all infrastructure is in terraform. If not, send an alert. We could try to use terraform for that.

Additional context

We could either use buildkite or Github action on infrastructure repo.