Download the example Terraform code and execute it:
$ git clone firstname.lastname@example.org:cloudskiff/driftctl-quick-aws-tutorial.git $ cd driftctl-quick-aws-tutorial
$ export AWS_PROFILE="your-profile"
Initialize the Terraform environment:
$ terraform init [...]
$ terraform apply [...] Apply complete! Resources: 4 added, 0 changed, 0 destroyed.
For demonstration purposes, let’s create some major drifts from the Terraform code and intention:
2. Go to the IAM user details, and create a new IAM access key pair (don’t save the details, it’s for demo purposes)
3. Go to the IAM user details
Confirm that Terraform doesn’t rollback nor notify the changes we just made manually:
$ terraform apply [...] Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Now, using driftctl, execute the following:
$ driftctl scan Scanning AWS on region: us-east-1 Found unmanaged resources: aws_iam_access_key: - AKIASBXWQ3AY3RL7B2HG aws_iam_policy_attachment: - driftctl-demo-dfbvp5-arn:aws:iam::aws:policy/AdministratorAccess Found 5 resource(s) - 60% coverage - 3 covered by IaC - 2 not covered by IaC - 0 deleted on cloud provider - 0/3 drifted from IaC
Driftctl just reported you a set of manual changes that would otherwise stay in the dark!
Now that you have a basic understanding of how the CLI works, feel free to visit this advanced tutorial where you will learn how to use driftctl in a more realistic real-life environment, with multiple Terraform states and output filtering.
Get product updates and occasional news.