Agent Templates
Infrastructure Drift Catcher Agent
IaC drift detection and remediation
Infrastructure Drift Catcher Agent
The Infrastructure Drift Catcher Agent detects and remediates drift between your Infrastructure as Code definitions and actual cloud state.
What It Does
- Detects configuration drift - Compares IaC to cloud state
- Classifies by severity - Critical, warning, or informational
- Generates remediation - Creates PRs to fix drift
- Tracks manual changes - Identifies out-of-band modifications
- Alerts on security drift - Prioritizes security-related changes
Supported Platforms
| IaC Tool | Cloud Provider | Support | |----------|----------------|---------| | Terraform | AWS, GCP, Azure | Full | | CloudFormation | AWS | Full | | Pulumi | Multi-cloud | Full | | AWS CDK | AWS | Full |
Configuration
agents:
- name: drift-catcher
template: infrastructure-drift-catcher
triggers:
schedule:
- cron: "0 */6 * * *" # Every 6 hours
config:
# IaC tool being used
iac_tool: terraform
# State file location
state_location: "s3://my-bucket/terraform.tfstate"
# Severity threshold for alerts
alert_threshold: warning
# Auto-remediate low-risk drift
auto_remediate: false
# Focus on security resources
security_focus:
- aws_security_group
- aws_iam_policy
- aws_kms_key
Drift Categories
| Category | Examples | Priority | |----------|----------|----------| | Critical | Security groups, IAM policies | Immediate | | Warning | Instance sizes, tags | Review needed | | Info | Descriptions, metadata | Low priority |
Example Report
## Infrastructure Drift Report
### Critical Drift (2 resources)
| Resource | Attribute | Expected | Actual |
|----------|-----------|----------|--------|
| aws_security_group.web | ingress.0.cidr | 10.0.0.0/8 | 0.0.0.0/0 |
| aws_iam_role.lambda | assume_role_policy | {...} | {...modified} |
### Recommendation
These security-related drifts should be remediated immediately.
PR #42 has been created to update IaC to match secure expected state.