Skip to content
Cased Documentation

Detecting Infrastructure Drift

Cased can continuously monitor your cloud infrastructure and automatically detect when the running configuration drifts from what’s defined in your infrastructure-as-code (IaC).

Drift is a common problem in modern infrastructure management. It occurs when changes are made to your infrastructure outside of your normal IaC workflow, leading to a discrepancy between what’s defined in your code and what’s actually running. This can lead to security vulnerabilities, compliance issues, and unexpected behavior.

How it Works

Cased’s drift detection works by periodically scanning your cloud environment and comparing the state of your resources to the state defined in your Terraform state file.

  1. Configuration: You configure a new InfraMetadata object in Cased, telling it where to find your Terraform state file in an S3 bucket.
  2. Periodic Scans: Cased runs a periodic background task that reads your Terraform state and compares it to the actual state of your resources in your cloud provider.
  3. Task Creation: If any drift is detected, Cased automatically creates a new task in Mission Control. This task will contain detailed information about the drift, including the resource that has drifted and the specific changes that were detected.
  4. Notification: You and your team can see the new task in Mission Control and take action to resolve the drift.

Getting Started

To enable drift detection, you need to provide Cased with read-only access to the S3 bucket where you store your Terraform state file. Once you’ve configured the integration, Cased will begin scanning your infrastructure for drift automatically.