> For the complete documentation index, see [llms.txt](https://docs.brainboard.co/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.brainboard.co/automation/drift/types-of-drift.md). # Types of drift ### Source of truth The modern cloud infrastructure is more like a living organism than static resources that are not supposed to be updated frequently. That's why IaC (Infrastructure as Code) is the most suitable way to build and manage cloud infrastructures, whatever the language you pick. It could be Terraform, Ansible, Pulumi, CloudFormation, Azure Bicep... This infrastructure is managed by different people, frequently introducing changes to it. That's why it is important to have `a unique source of truth`⁣. Otherwise, it will be challenging to track all the changes and troubleshoot errors/incidents when they occur. By having a unique source of truth, it is also important to constantly monitor if the real infrastructure (that is already provisioned in your cloud provider(s)) has not drifted from its source. This source of truth could be Brainboard, Git, local files... ### Definition A drift is when the actual state of the deployed infrastructure diverges from the desired or expected state described in the code. Usually, it occurs when changes are made directly/manually to the deployed infrastructure outside the IaC tool's control. ### Types of drift There are `2` types of drift: 1. **Between environments:** This happens when the deployed infrastructure in one environment for e.g. `staging` is different from another environment for e.g. `production` that is supposed to be part of the same lifecycle of the infrastructure. **E.g.** * When the dev environment is different from staging or QA or production. * When the disaster recovery configuration is different from the production. 2. **Between the code and the infrastructure:** This happens when the provisioned cloud infrastructure (all resources and their configurations) is different from the configuration that you have in the source of the truth (Terraform code). The root cause of the drift could be legitimate, e.g. when there is a security incident and as an emergency response, an engineer can choose to quickly do the action on the console of the cloud provider (like blocking a user) because it may take time to be done through IaC (especially if the infrastructure is big because Terraform may take hour(s) to refresh the state). --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.brainboard.co/automation/drift/types-of-drift.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.