We are opening 30 min slots for 1:1 tech discussions to help you get started
Here’s your monthly update about driftctl, with highlights from the latest releases, project life and community.
Tl;dr :
That was a highly anticipated feature for many of you, driftctl now supports reading all Terraform states from a bucket or a directory, so you don’t need to list them all on the command line anymore, especially if you have hundreds of them!
Just run $ driftctl scan --from tfstate+s3://bucket-full-of-tfstates/
for your states stored on an S3 bucket, or *.tfstate
to use a whole local directory as your IaC source.
driftctl now supports the GitHub provider, which means that if you manage your GitHub account with Terraform, you can now track any drift related to it. Currently, the resources covered by driftctl include repositories, branches protection, as well as teams and membership within teams. So basically, if anyone adds a new user by hand within your organization or changes his permissions, driftctl will spot it immediately.
We recently added several new resources to the existing ones making the AWS support even more comprehensive. driftctl now also spots drift from :
As a happy consequence of Go 1.16 release, driftctl now natively supports builds for the new apple silicon M1 chip.
So far, our doc was displayed directly on GitHub, partly on the README, partly in other places. As the project grew, it was getting less and less readable so we decided to change it. We’re particularly happy to release our dedicated documentation website.
driftctl now alerts users when the minimal policies from previous versions do not match the abilities of the version you are using and points you to the latest minimal policy you can use. Additionally, driftctl now warns users on potential false positive drifts from security groups rules. We also improved the IAM access key output and now return both the ID and the user for the resource. |
Thank you user from Belgium who reported on discord a bug on driftctl related to the eu-west-1 region for older S3 buckets randomly returning “either eu-west-1” or just “EU”.
As you now know, we are now multi providers as we support the GitHub Terraform provider on top of the AWS provider. There’s a lot of work under the hood going on right now to be able to support any provider version soon, and open up the tool to new cloud providers. Stay tuned!
We are also about to release a bunch of ready to use CI integrations like Circle CI orbs or GitHub Actions for easy integration in your pipelines.
We recently were lucky enough to speak about infrastructure drift at the 2021 Fosdem and Hashitalk editions. We’ll be speaking at Blueprint London on March, 10th and the Lyon CNCF Meetup in April. You can find replays of our latest talks at driftctl.com/replays.
Thank you @lamienois for opening a GitHub issue about adding Gitlab and Azure blob as IaC Sources. Very interesting point you’ve raised: so far we support only local and S3 IaC sources, but there’s a workaround to answer your needs by using terraform state pull
to retrieve your state using Terraform and output it to a file using terraform state pull > my-state.tfstate
and then simply run driftctl scan --tfstate://my-state.tfstate
from there.
There might be more coming on this topic soon, so stay tuned…
Did you know that we are doing live release demos on twitch and youtube twice a month? Our engineering team also frequently opens up live coding sessions on twitch. Just follow us on twitter to get the notifications when we go live.
We published a series of short demo videos that will show you around in no time! Go ahead and check them out.
Looking forward to further contacts!
Feel free to reach out on GitHub or join our discord and in the meantime…
Get product updates and occasional news.