
Terraform Best Practices as a Pull Request

Detect, Correct, and Prevent Terraform Drift
For the best cloud security and compliance posture, your cloud environment should match your Terraform configuration (and vice a versa) at all times. dragondrop brings all of your cloud resources under Terraform control, detects drift in controlled resources, and surfaces the root causes of drift.
Self-hosted for Security
Our container is self-hosted in your existing cloud environment. Recommended changes are pushed to your Version Control System via Pull Request. This means no information about your cloud posture ever leaves your existing tools.


Cost Calculation and Security Scanning – within Your Existing Tool Set
You bring your current Terraform “stack”, and dragondrop adds the enterprise-grade features you need to build securely and confidently.
What Sets Us Apart
Continuously Search for Uncontrolled and Drifted Resources
Managed chron-jobs check your cloud for resources outside of Terraform control and resources that have drifted from their Terraform configuration. When such resources are identified, open a Pull Request in your VCS with recommended changes.
Native Cloud Security Scans
Every cloud resource we scan is assessed for compliance with security best practices. If a cloud resources is not following secure practices, you’ll know about it. Powered by tfsec.
All Tiers Self-Hosted
All customers run dragondrop within their own cloud and tools – including those on our free tier! No data on your cloud or Terraform configuration ever leaves your servers.
Native Cloud Cost Estimation
Get cost estimates on what is managed by Terraform, what is outside of Terraform, and the individual levers available for lowering resource costs. Powered by Infracost.
Identify Root Causes and Prevent Drift From Re-Occurring
dragondrop surfaces the users and service principals creating cloud resources outside of your Terraform workflow so that you can take the steps necessary to prevent drift from happening again.
Generate New Resources as Terraform, With Matching Import Statements
dragondrop generates structured Terraform configuration as code along with the corresponding migration statements needed for importing those resources.