Drift Detector
Project Overview
This Go application detects configuration drift between AWS EC2 instances and their corresponding Terraform configurations. It compares the actual state of an instance in AWS against its definition in a Terraform state file or HCL configuration, identifying discrepancies in specified attributes.
Setup and Installation
- Ensure Go 1.19+ is installed: https://go.dev/doc/install
- Configure AWS credentials (e.g., via environment variables
AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY,AWS_REGION, or shared credentials file~/.aws/credentials): https://docs.aws.amazon.com/sdk-for-go/v2/developer-guide/configure-gosdk.html,aws configurecommand can also be used to set up credentials. - Clone the repository:
git clone <repository-url>(Replace<repository-url>with the actual URL once available) - Navigate to the project directory:
cd driftdetector - Build the application:
go build ./cmd/driftdetector
Running the Application
The application can be run in various ways depending on your requirements:
# Basic usage: Check drift for a specific instance using HCL config
./driftdetector --instance-ids i-xxxxxxxxxxxxxxxxx --config-path ./configs/sample.tf
# Check drift for multiple instances
./driftdetector --instance-ids i-xxxxxxxxxxxxxxxxx,i-yyyyyyyyyyyyyyyyy --config-path ./configs/sample.tf
# Check drift with controlled concurrency (limit to 2 instances at a time)
./driftdetector --instance-ids i-xxxxxxxxx,i-yyyyyyyyy,i-zzzzzzzzz --config-path ./configs/sample.tf --concurrency 2
# Output results in JSON format
./driftdetector --instance-ids i-xxxxxxxxxxxxxxxxx --config-path ./configs/sample.tf --output json
# Specify attributes to check
./driftdetector --instance-ids i-xxxxxxxxxxxxxxxxx --config-path ./configs/sample.tf --attributes instance_type,tags,security_groups
# Run in verbose mode
./driftdetector --instance-ids i-xxxxxxxxxxxxxxxxx --config-path ./configs/sample.tf --verbose