The State of Infrastructure Drift: What We Learned From 100+ DevOps Teams

50+ interviews and 150+ survey responses later, Stephane Jourdan has a pretty good idea of infrastructure drift causes, fixes, and their trade-offs.

Even as an experienced Terraform user, when your infrastructure team and codebase grows, it often becomes harder to track infrastructure drift—which includes configuration drift. Are you sure you know how well your Terraform codebase matches your actual tfstate?

Infrastructure Drift

Drift can be driven by human input, poor configuration, applications making unwanted changes, etc. It has consequences on toil and efficiency, forces teams to put in place strict controls that decrease flexibility, and can have a security impact.

Stories from the Trenches

There are a lot of juicy stories from the trenches on infrastructure drift. While we all probably do GitOps by the book, or have very strict processes in place, we have to interact with other teams. We also have to grant some level of access to our infrastructures to some services or tools that may eventually generate uncontrolled changes.

A Survey + Interviews on the State of Infra Drift

50+ teams were interviewed for this talk to collect stories and feedback about drift. Also, 150 teams of all sizes participated in a survey about drift from all maturity levels across Europe and the USA. In this talk, you will see their definition of drift and how it directly relates to their setups. See what the main causes of drift are within those teams, the direct impact, time spent to fix it, and learn about the panel of solutions they use to prevent it with, along with the advantages and limitations of those solutions.

Speaker: Stephane Jourdan

Slides available here

More resources like this one

  • 3/15/2023
  • Presentation

Advanced Terraform techniques

  • 2/3/2023
  • Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

  • 2/1/2023
  • Case Study

Should My Team Really Need to Know Terraform?

  • 1/20/2023
  • Case Study

Packaging security in Terraform modules