Infrastructure Drift Detection & Self-Healing — Multi-cloud drift scanner with IaC remediation

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for autoailabs-uk from gravatar.com autoailabs-uk
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Tags devops , drift-detection , iac , infrastructure , mcp , pulumi , terraform
  • Requires: Python >=3.10
  • Provides-Extra: all , aws , azure , dev , gcp
Classifiers
Report project as malware

Project description

DriftGuard

Infrastructure Drift Detection & Self-Healing for multi-cloud environments.

DriftGuard compares your Infrastructure-as-Code (Terraform, Pulumi, CloudFormation) desired state against live cloud resources to detect unauthorized changes, security misconfigurations, and cost anomalies.

Features

  • Multi-cloud drift detection — Azure, AWS, and GCP resource state readers
  • IaC state parsing — Terraform (.tfstate v3/v4), Pulumi exports, CloudFormation templates
  • 32 security rules — Open ports, public storage, missing encryption, IAM wildcards, weak TLS, and more
  • 8 cost rules — Oversized instances, unattached volumes, missing tags, premium storage
  • 8 compliance rules — Data residency, encryption at rest, audit logging, retention periods
  • Drift classification — Automated categorization as unauthorized/intentional/emergency
  • IaC remediation — Auto-generate Terraform HCL or Pulumi Python to fix drift
  • GitHub PR generation — Create PRs with remediation code
  • Historical tracking — SQLite-backed drift history with trend analysis
  • Baseline management — Accept known deviations with optional TTL
  • MCP server — 7 tools for Claude/AI integration
  • CLIscan, watch, fix, history, report, baseline, policy commands

Quick Start

pip install autoai-driftguard

# Scan a Terraform state file
driftguard scan --state terraform.tfstate --provider azure

# Continuous monitoring
driftguard watch --state terraform.tfstate --interval 300

# View drift history
driftguard history --severity critical

# Generate remediation code
driftguard fix --scan-id scan-abc123 --format terraform

# List security policies
driftguard policy list --category security

# Generate posture report
driftguard report --days 30

Quick Start -- MCP Server

Add to your Claude Code or Cursor MCP config:

{
  "mcpServers": {
    "driftguard": {
      "command": "uvx",
      "args": ["autoai-driftguard-mcp"],
      "description": "DriftGuard — Detect infrastructure drift across Azure, AWS, and GCP"
    }
  }
}

That's it. No signup. No API key. No data leaves your machine.

Available Tools

Tool Description
drift_scan Scan for drift across cloud providers
drift_history View drift detection history
drift_classify Classify drift as unauthorized/intentional/emergency
drift_fix Generate IaC remediation code
drift_policy Manage security/cost/compliance policies
drift_baseline Manage accepted deviations
drift_report Generate drift posture report

Cloud Provider Setup

Azure

export ARM_CLIENT_ID="..."
export ARM_CLIENT_SECRET="..."
export ARM_TENANT_ID="..."
export ARM_SUBSCRIPTION_ID="..."

AWS

export AWS_ACCESS_KEY_ID="..."
export AWS_SECRET_ACCESS_KEY="..."
export AWS_DEFAULT_REGION="us-east-1"

GCP

export GOOGLE_APPLICATION_CREDENTIALS="/path/to/key.json"
export GOOGLE_CLOUD_PROJECT="my-project"

Configuration

Environment Variable Description Default
DRIFTGUARD_DB SQLite database path driftguard.db
GITHUB_TOKEN GitHub token for PR creation

Development

git clone https://github.com/autoailabadmin/driftguard.git
cd driftguard
pip install -e ".[dev]"
pytest

License

Apache 2.0 — see LICENSE.

Built by AutoAI Labs.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for autoailabs-uk from gravatar.com autoailabs-uk
Meta

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Tags devops , drift-detection , iac , infrastructure , mcp , pulumi , terraform
  • Requires: Python >=3.10
  • Provides-Extra: all , aws , azure , dev , gcp
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

autoai_driftguard-0.1.0.tar.gz (75.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

autoai_driftguard-0.1.0-py3-none-any.whl (61.9 kB view details)

Uploaded Python 3

File details

Details for the file autoai_driftguard-0.1.0.tar.gz.

File metadata

  • Download URL: autoai_driftguard-0.1.0.tar.gz
  • Upload date:
  • Size: 75.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.10.9

File hashes

Hashes for autoai_driftguard-0.1.0.tar.gz
Algorithm Hash digest
SHA256 c657a7dbe7436c2b4914b6a84c2c21f05a4fab65ef27a5a72d23702e731ca406
MD5 1ddfa1d14925b806a48aff9f552bbdd9
BLAKE2b-256 8b8acfb85f7530fd23117b9517ab8dc09f91680b840333e18bf351c460856bc1

See more details on using hashes here.

File details

Details for the file autoai_driftguard-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for autoai_driftguard-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 a4599a189d75de846d7b899aaa7d315f91c21f420dc7dec6ae2a368f9db05a2b
MD5 04e04e781c1ebd98e29d851dc895a6f0
BLAKE2b-256 f650b8eb61bf73091e72f1692a9e5d535ae899665a37a36d6d4a0a40f4553603

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page