Drift

Home /
Drift

Table of Contents

Overview

Drift is Ataiva’s next-generation Infrastructure-as-Code platform that solves the common pain points of existing IaC tools — brittle state files, drift surprises, and complex multi-cloud orchestration — by offering a stateless, DAG-driven execution engine with real-time reconciliation and human-friendly CLI workflows.

Key Features

Stateless Execution: No centralized state files - infrastructure state is inferred from cloud provider APIs
Real-time Drift Detection: Continuous reconciliation with optional auto-healing
DAG-based Orchestration: Parallel execution with intelligent dependency resolution
Human-centric CLI: Clean, readable output with comprehensive change summaries
Expression Language: Support for loops, conditionals, and variables in YAML
Policy-as-Code: Built-in security and governance policy enforcement
Module System: Reusable infrastructure components with local module support
Multi-cloud Ready: Extensible provider system (AWS production-ready, Kubernetes planned)

Production Ready

Drift is production-ready for AWS infrastructure management with:

Core Infrastructure Engine

Complete stateless execution with AWS API integration
Real-time drift detection and auto-healing
DAG-based parallel execution with dependency resolution
Comprehensive error handling and retry logic

AWS Provider (Production Ready)

S3 Buckets: Full lifecycle management with versioning and tagging
EC2 Instances: Complete instance management with state tracking
VPC Networking: VPC, subnet, internet gateway, and security group management
Lambda Functions: Serverless function deployment and management
Database Services: RDS instances and DynamoDB tables with full configuration
API Gateway: REST API management for serverless architectures
IAM Resources: Complete IAM user, role, and policy management with tagging
Resource Validation: Comprehensive validation for all resource types

Policy-as-Code (Production Ready)

Built-in security policies (S3 versioning, resource tagging)
Governance policies (environment tagging, cost optimization)
Severity-based enforcement (errors, warnings, info)
Real-time policy evaluation during bootstrap

Enterprise Features

Module system for reusable infrastructure components
Expression language with conditionals and loops
Comprehensive CLI with human-readable output
Full test coverage with integration testing

Installation

Download Binary (Recommended)

Download the latest release for your platform:

Linux (x64): drift-linux-amd64
Linux (ARM64): drift-linux-arm64
macOS (Intel): drift-darwin-amd64
macOS (Apple Silicon): drift-darwin-arm64
Windows (x64): drift-windows-amd64.exe

After downloading, make the binary executable and move it to your PATH:

# Linux/macOS
chmod +x drift-*
sudo mv drift-* /usr/local/bin/drift

# Verify installation
drift --version

Build from Source

# Clone the repository
git clone https://github.com/ataiva-software/drift.git
cd drift

# Build the binary
go build -o drift .

# Install globally (optional)
go install .

Quick Start

1. Create a configuration file (`infra.yaml`)

project: my-app
environment: dev
variables:
  region: us-east-1
  tags:
    owner: platform-team
    purpose: demo
    Environment: dev  # Required by policy

providers:
  aws:
    region: "${region}"
    profile: default

resources:
  # S3 bucket with versioning (policy compliant)
  - kind: aws:s3:bucket
    name: my-app-logs
    properties:
      versioning: true  # Required by policy
      tags:
        owner: platform-team
        purpose: demo
        Environment: dev  # Required by policy
    driftPolicy:
      autoHeal: true
      notifyOnly: false

  # RDS database
  - kind: aws:rds:instance
    name: my-app-db
    properties:
      db_instance_class: db.t3.micro
      engine: mysql
      engine_version: "8.0"
      db_name: myapp
      master_username: admin
      master_user_password: "ChangeMe123!"
      allocated_storage: 20
      backup_retention_period: 1
      tags:
        owner: platform-team
        purpose: demo
        Environment: dev  # Required by policy
    driftPolicy:
      autoHeal: true
      notifyOnly: false

  # Multiple EC2 instances using count
  - kind: aws:ec2:instance
    name: web-${index}
    count: 2
    properties:
      instance_type: t3.micro
      ami: ami-0abcdef1234567890
      tags:
        Name: "web-${index}"
        Environment: "${environment}"
        owner: "${tags.owner}"
    driftPolicy:
      autoHeal: true
      notifyOnly: false
    depends_on:
      - "aws:rds:instance.my-app-db"

  # IAM user for application access
  - kind: aws:iam:user
    name: app-service-user
    properties:
      path: "/applications/"
      tags:
        owner: platform-team
        purpose: application-access
        Environment: dev  # Required by policy
    driftPolicy:
      autoHeal: true
      notifyOnly: false

2. Bootstrap your environment

drift bootstrap

3. Preview changes

drift preview

4. Apply changes

drift commit

5. Monitor and align drift

drift align --once

CLI Commands

Command	Description
`bootstrap`	Install providers, pull modules, and validate configuration
`preview`	Preview changes and detect drift (dry-run)
`commit`	Apply infrastructure changes
`align`	Continuously reconcile drift
`dismantle`	Destroy infrastructure resources

Command Options

# Bootstrap
drift bootstrap --config infra.yaml

# Preview with JSON output
drift preview --output json

# Commit with DAG visualization
drift commit --graph --auto-approve

# Continuous alignment
drift align --interval 10m

# One-time alignment
drift align --once

# Destroy infrastructure
drift dismantle --auto-approve

Supported Resources

AWS Provider (13 Resource Types)

Resource Type	Kind	Properties
Storage
S3 Bucket	`aws:s3:bucket`	`versioning`, `tags`
Compute
EC2 Instance	`aws:ec2:instance`	`instance_type`, `ami`, `tags`
Lambda Function	`aws:lambda:function`	`runtime`, `handler`, `role`, `code_content`, `timeout`, `memory_size`, `tags`
Networking
VPC	`aws:ec2:vpc`	`cidr_block`, `tags`
Subnet	`aws:ec2:subnet`	`vpc_id`, `cidr_block`, `availability_zone`, `tags`
Internet Gateway	`aws:ec2:internet_gateway`	`tags`
Security Group	`aws:ec2:security_group`	`description`, `vpc_id`, `ingress`, `egress`, `tags`
Database
RDS Instance	`aws:rds:instance`	`db_instance_class`, `engine`, `engine_version`, `db_name`, `master_username`, `master_user_password`, `allocated_storage`, `backup_retention_period`, `tags`
DynamoDB Table	`aws:dynamodb:table`	`hash_key`, `range_key`, `attributes`, `tags`
API & Integration
API Gateway	`aws:apigateway:rest_api`	`description`, `tags`
Security & Identity
IAM User	`aws:iam:user`	`path`, `tags`
IAM Role	`aws:iam:role`	`assume_role_policy`, `path`, `description`, `tags`
IAM Policy	`aws:iam:policy`	`policy`, `path`, `description`, `tags`

Why Drift?

Traditional IaC Problems

State File Hell: Brittle state files that get corrupted or out of sync
Locking Issues: Teams blocked by state locks
Drift Surprises: Manual changes go undetected until next deployment
Complex Setup: Remote state backends, locking mechanisms, team coordination

Drift Solutions

Stateless Design: No state files to manage or corrupt
Real-time Detection: Continuous monitoring of infrastructure drift
Auto-healing: Automatically fix drift when detected
Team-friendly: Multiple users can run simultaneously without conflicts
Human-centric: Clear, readable output and intuitive commands

Documentation

GitHub Repository - Source code and issues
Getting Started Guide - Step-by-step tutorial
API Reference - Complete CLI command reference
Configuration Reference - YAML configuration guide
Examples - Real-world use cases and patterns

License

Drift is open source software licensed under the MIT License.

Built with ❤️ by Ataiva Software