AI-Assisted Terraform Drift Detection and Repair

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-ai-coding-AI-terraform-drift-detection-creators

1. What does 'drift' mean when discussing Terraform infrastructure?

   1. A security vulnerability in cloud resources
   2. Infrastructure that has changed from what Terraform's configuration specifies
   3. A type of Terraform provider error
   4. The process of destroying and recreating infrastructure

2. An on-call engineer makes an emergency manual change to production to fix a critical outage. The next day, Terraform drift detection shows this resource as drifted. Why is it risky to let AI automatically apply the repair plan?

   1. AI cannot connect to cloud providers to make changes
   2. The automated repair would revert the engineer's emergency fix, potentially causing another outage
   3. Terraform does not support automated apply operations
   4. The emergency change was not saved in version control

3. Which of these tasks is AI well-suited to perform in a drift detection workflow?

   1. Manually reviewing every line of Terraform configuration for errors
   2. Clustering drifted resources by likely cause and drafting apply plans with rollback notes
   3. Determining whether a manual prod change was intentional emergency work
   4. Approving destructive changes to shared production infrastructure

4. What is a fundamental limitation of AI in infrastructure management?

   1. AI cannot generate summaries of any kind
   2. AI cannot distinguish between different cloud providers
   3. AI cannot parse JSON output from Terraform
   4. AI cannot know whether a manual production change was intentional emergency work

5. What does Terraform 'state' represent?

   1. A backup of cloud provider credentials
   2. A log of who ran Terraform commands
   3. The source code files defining infrastructure
   4. A record of what Terraform believes the current infrastructure looks like

6. When AI clusters drifted resources by 'likely cause,' what are two common categories it might identify?

   1. Expired SSL certificate and missing IAM permissions
   2. Manual change by a user and vendor update to a cloud service
   3. Outdated documentation and untracked temporary files
   4. Syntax error in configuration and network connectivity failure

7. Why is human approval required before applying a drift-repair plan to production infrastructure?

   1. Because the repair might revert an intentional emergency change made by on-call staff
   2. Because the cloud provider charges extra for automated changes
   3. Because Terraform cannot run without human input
   4. Because AI-generated plans always contain syntax errors

8. In Terraform, what does the 'import' operation accomplish?

   1. Bringing an existing resource under Terraform's management without recreating it
   2. Transferring ownership of cloud resources between accounts
   3. Copying configuration between workspaces
   4. Moving Terraform state files to a new directory

9. What information should be included in a draft apply plan generated by AI for drift repair?

   1. A complete history of every Terraform run ever performed
   2. The personal email addresses of all engineers who touched the resources
   3. Rollback notes explaining how to revert the changes if needed
   4. A list of all unused Terraform modules in the repository

10. Why should AI never be allowed to authorize destructive applies on shared infrastructure?

    1. Because shared infrastructure doesn't support Terraform
    2. Because Terraform blocks all destructive operations by default
    3. Because AI lacks context about other teams' work and could cause widespread outages
    4. Because authorization requires a specific database role that AI cannot obtain

11. What is 'IaC' an abbreviation for?

    1. Intelligent and Computing
    2. Internal Audit Console
    3. Infrastructure as Code
    4. Instance Allocation Controller

12. How can AI help platform teams when drift is detected?

    1. By automatically deploying changes to production without notification
    2. By billing the team for the compute time used
    3. By generating Slack summaries that explain what drifted and suggest actions
    4. By rewriting the team's Terraform configuration files

13. What could happen if an AI is allowed to auto-apply drift repairs without any human oversight?

    1. Terraform would refuse to work with the AI
    2. Intentional manual changes could be accidentally reverted, causing outages
    3. The drift detection would stop working entirely
    4. The AI might become too expensive to run

14. What is the purpose of 'rollback notes' in a Terraform apply plan?

    1. To document how to undo the changes if they cause problems
    2. To list all previous owners of the resources
    3. To provide legal justification for the changes
    4. To track how long the apply took to complete

15. What does 'state reconciliation' refer to in infrastructure management?

    1. The process of aligning Terraform's state with the actual state of infrastructure
    2. Reconciling billing statements from cloud providers
    3. Merging two different Terraform workspaces
    4. Synchronizing documentation with code