Skip to main content
The iac command group manages Infrastructure as Code (IaC) definitions and IaC-based drift detection. Upload Terraform, CloudFormation, or Kubernetes manifests and InfraAudit will compare them against your live infrastructure to identify where reality diverges from code.

iac upload

Upload an IaC file for analysis and drift comparison. Synopsis: 
infraudit iac upload --file <path> --type <type>
FlagValuesDescription
--filefile pathPath to the IaC file to upload
--typeterraform, cloudformation, kubernetesIaC file type
Examples: 
# Upload a Terraform file
infraudit iac upload --file main.tf --type terraform

# Upload a CloudFormation template
infraudit iac upload --file cloudformation.yaml --type cloudformation

# Upload a Kubernetes manifest
infraudit iac upload --file k8s-deployment.yaml --type kubernetes

iac list

List all uploaded IaC definitions: 
infraudit iac list
Example output: 
ID  FILE                    TYPE              UPLOADED
--  ----                    ----              --------
1   main.tf                 terraform         2 hours ago
2   cloudformation.yaml     cloudformation    1 day ago
3   k8s-deployment.yaml     kubernetes        3 days ago

iac diff

Show IaC drift results for a specific uploaded definition — the differences between what the IaC file defines and what is currently deployed: Synopsis: 
infraudit iac diff <definition-id>
Example: 
infraudit iac diff 1

iac detect-drift

Trigger a full IaC drift detection run, comparing all uploaded definitions against live infrastructure: 
infraudit iac detect-drift

iac drifts

List all IaC drift findings: 
infraudit iac drifts

iac drift-summary

Show an aggregate summary of IaC drift findings by severity: 
infraudit iac drift-summary
IaC drift detection runs on top of resources that have already been synced from connected providers. Run infraudit provider sync <id> before iac detect-drift to ensure you’re comparing against the current live state.